PDS2 Compliance – are you ready and what you need to know?

1st May 2019 3540 - Blog Posts

PDS2 is having a big impact on the Financial Services industry as its various iterations come into force.

What does PDS2 entail?

The second iteration of the Payment Services Directive was introduced in 2015, although the latest deadline for compliance, which will have applied to most banks has just passed on March 14th. The deadline for the implementation of dedicated APIs for third parties is not until September but by March 14th, all banks were required to implement facilities for these third parties to test their functionality in a simulated banking environment. Recent reports, however, suggest that thousands of banks are struggling to meet either deadline – in fact according to a recent survey of 442 European banks, 41% actually failed to meet the March requirements.

The PDS2 legislation, which was introduced by regulators at the European Banking Authority, was intended to boost competition in the name of open banking, by forcing banks to share the data of customers who authorise it with third parties. It was also intended to enhance regulation among Fintech groups, boosting confidence in reliability and legitimacy.

How does PDS2 fit with Open Banking?

Open banking is the directive which has been set up in the UK to force banks to release their information in a secure, standardised form to ensure it can be shared more easily between authorised organisations online. The directive is enforced by the Competition and Markets Authority, and while PDS2 requires banks to open up their data to third parties, open banking dictates it must be done in a standard format.

Opposition to PDS2

PDS2 has met with extensive opposition since its inception, particularly from the large banks who claim the legislation is unfair because it enables tech groups to combine banks data with their own, while it doesn’t allow banks to access other groups data in the same way. A report from Citigroup backed up some of these claims, saying that European banks could lose more than a third of their revenues to disruptive models by 2025.

Opportunities from PDS2

While PDS2 compliance is causing an increased regulatory burden for many financial institutions, it could also present opportunities, especially for smaller banks, private banking and wealth managers. As PSD2 compliance is mandatory anyway, many firms are seeing the opportunity to maximise client segmentation or develop a USP for their brand, for example. Many private banks or wealth managers have an ageing client base and PSD2 may make it easier to attract new customers.

Next compliance steps

For the 41% of banks who missed the testing deadline, the pressure is on to catch up so that they can meet the September implementation deadline. If third party providers can’t start testing open access APIs then there will be significant delays before they can start using them, which is the mandatory compliance requirement by September 14.

It’s important that firms understand exactly what is expected from the regulators from PDS2 compliance. Earlier this month, the European Banking Authority published clarifications on PDS2, based on concerns that were raised by a working group. It’s imperative that banks understand the clarifications to gain a full picture of the expectations imposed by PDS2. Compliance consulting can also clarify the regulatory requirements, opportunities and steps to take to adhere to the latest deadlines. At Lawson Conner, we can provide expert compliance consulting on all aspects of the regulatory framework, including open banking and PDS2 compliance.

Joe Woodbury
Director, Investment Management Solutions

E: jwoodbury@lawsonconner.com
D: +44 (0) 203 696 2560