Blog: PSD3 and PSR Implications

More than 90% of Danish consumers are utilising the convenience and speed of online payments. This level of widespread adoption confirms Denmark’s place at the forefront of the digital payments space. This statistic also illustrates how strong cooperation between the country’s regulatory bodies, banks and payment service providers (PSPs) sets the foundation from which Denmark’s seamless and secure digital payments ecosystem is flourishing.

Collaboration and cooperation are top of mind for many EU payments players evaluating their readiness for the Payment Services Directive 3 (PSD3) and learnings from Payment Services Regulation (PSR). What are the biggest impacts ahead? How can you adjust your current approach to improve future alignment? Read on for top PSD3 and PSR considerations from a recent discussion at Risk Ready Copenhagen featuring cross-functional perspectives from leaders in Denmark’s regulatory, banking and fintech sectors.

Regulatory readiness begins now

It is time to begin evaluating existing policies, protocols and systems against the anticipated PSD3 requirements and plan for any needed updates. PSD3 introduces an expectation for financial institutions to demonstrate stronger fraud mitigation strategies, including a requirement for real-time transaction monitoring and an expansion of Secure Customer Authentication (SCA) to cover more channels. Tobias Thygesen, director, Fintech, Payment Services and Governance at Finanstilsynet (Danish FSA) observed that, “Fighting financial crimes and fraud is a very dynamic and complex challenge,” as he discussed the probable specifics in the final regulations. The arrival of PSD3 means a highly responsive fraud mitigation strategy supporting real-time decisions is becoming a competitive differentiator for banks, PSPs and fintechs alike. Operating from a stronger and more advanced fraud prevention position benefits your business, your customers and the overall security of the digital payments ecosystem.

Shifts in liability spotlight the importance of data sharing

Expected changes in PSD3 and learnings from PSR shift the liability over to banks and PSPs for fraud losses tied to social engineering and scams. These requirements mean banks and PSPs need to implement up-front fraud prevention processes and be able to demonstrate their effectiveness. These new expectations also emphasise a security-first fraud strategy that proactively protects and educates customers about changing fraud and scam typologies.

There is a silver lining in these increased obligations: PSD3 and PSR also create a legal framework that fosters and simplifies identity-agnostic data sharing across the EU payments ecosystem. Reflecting on the upcoming positives in PSD3, Niels Halse, head of fraud prevention and analytics, Danke Bank, offers his thoughts on the value and importance of data sharing, “Many of the data points are super relevant for so many use cases within banks, within fraud and within the wider financial crime landscape.” Collaborating at a consortium level to share data and transaction details tied to location, payment time, device and merchant details increases risk transparency for all participants. This level of cooperation improves the payment industry’s ability to identify emerging patterns and fraud trends and isolate and immobilise fraudulent networks and bad actors.

Industry collaboration is at the center of customer trust and conversion

PSD3 and PSR provides clear parameters to help strengthen the balance between seamless transactions and secure payments. The more formalised guidance for collaboratively sharing fraud intelligence and risk signals across the EU payments industry presents a clear opportunity to optimise customer protections against scams and money mule schemes. Reflecting on the beneficial impacts PSD3 and PSR can have on customer adoption rates Marcus Molleskov, chief risk and compliance officer, Januar, shares, “95 - 99% of the fraud recalls we get are people who are subject to investment scams… this underscores why consumer protection and education is so very important.” The instant payments environment relies on sustained high levels of consumer trust to optimally perform. Better fraud prevention protocols create the indirect benefit of boosting consumer confidence which leads to greater affinity, more interactions and eventually, higher conversion rates.

Proactive preparation pays off

Real-time payments introduce the downside of real-time fraud — constantly evolving. and highly complex threats that universally challenge regulators, banks and PSPs. The advent of PSD3 and PSR shows promise in further empowering the industry with a clearer framework to measurably improve the security of the digital payments ecosystem while also enhancing customer trust and experience.

Taking time now to understand how the new expectations impact your existing strategy is an essential next step. Identifying a plan and the tools to support multi-layered/multi-channel risk assessment, strengthen transaction monitoring and streamline collaboration capabilities can simplify the transition to PSD3. Staying responsive as the real-time payments environment and regulatory outlook evolves can translate into a more solid competitive position and stronger customer outcomes for the long run.

Watch the complete conversation here for a deeper dive into PSD3 and PSR perspectives from our panel of experts at Risk Ready Copenhagen.

Watch the full panel discussion below