Mark Taylor
Senior Editorial Manager
A slew of regulatory reforms is set to transform the European Union’s digital payments landscape, but uncertainty hangs over how ready financial services providers are to deal with changes that may require significant upgrades to their compliance functions.
In the coming years, and alongside tightening money laundering and liquidity requirements, businesses must grapple with the third Payment Services Directive (PSD3), and the accompanying Payment Services Regulation (PSR); the Single Euro Payments Area (SEPA) Instant Credit Transfer (SCT Inst); and the Financial Data Access regulation (FiDA).
Plans to introduce a digital Euro are also underway, presenting more challenges for the banks, payment providers, and processors serving the bloc’s 27 member states.
Such is the scale of transformation, experts believe the regulations demand a level of regulatory change management, analysis, and reporting that is virtually impossible to achieve manually.
Horizon scanning and the compliance knowledge gap
Recent research by consultancy experts EY, including a survey of 26 leading banks and payment service providers (PSPs) within the EU, found that nearly two-thirds (63%) expect regulations will require upgrades to their infrastructure.
PSR, FiDA, and the digital euro are likely to “significantly” reshape business models, EY said.
Greater competition, customers’ demands for a better user experience, and increased use of digital payments will present the need for banks to invest heavily in more advanced compliance solutions, they said.
Whilst awareness of the initiatives amongst senior leaders is modest, the survey found that compliance functions inside many major financial institutions believe their organisations have underestimated the scale of change these updates will bring.
More worryingly, some 70% of those surveyed said they are struggling to define the necessary changes required, most likely due to a lack of regulatory clarity.
Nearly half of the big banks said they expect the resources and budget spend for the compliance changes to be a top ten investment item.
“Banks and PSPs face significant challenges as they navigate the regulatory changes in Europe’s financial landscape,” said Susan M. Barton, EY Advisory financial services director. “These reforms mandate greater data sharing, streamlined compliance processes, and the adoption of faster and more affordable payment methods.”
Where PSD3 and PSR are primarily focused on payment accounts and payment initiation services, FiDA is essentially an expansion of the open banking concept to encompass more than just payment accounts.
The SCT Inst is a crucial instrument within the SEPA framework, often mentioned alongside payment regulations.
It enables the transfer of up to €15,000 in under ten seconds. Instant payments rules will apply to business and consumer transactions, marking a significant leap towards real-time banking.
For experts such as Sanela Dulic, who heads the unit responsible for Open Banking at Nordea, getting ahead of regulatory change is one of the most crucial aspects of compliance.
“I think good advice to all those impacted by PSD3 is to start the implementation as soon as possible, even when the legislation is still at the proposal level,” she said. “Starting early is one of our main learnings from the PDS2 implementation. If we could turn back time, we would have started even earlier.”
How extensive are the regulatory changes and what impact are they expected to have?
The suite of overlapping regulations promises to substantially alter Europe’s payment and banking ecosystem.
The new rules will open client data held by financial institutions and make it easier for PSPs to access European payment systems and retrieve customer data, consent willing. Regulators want to tear down infrastructure barriers for new entrants and improve the competitive landscape for new entrants.
FiDA is predicted to have particularly far-reaching consequences, given the scope of the changes it is ushering in.
As banks and other financial institutions are forced to share customers’ financial data, subject to their consent, it has been viewed as taking the concept of open banking and broadening it to open finance. Beyond banks, investment and insurance firms will also be bound by the regulations.
According to EY, two-thirds of respondents expect new challengers to emerge, which will eat into traditional financial services institutions’ fee-based revenue, whilst raising consumer expectations for service levels and greater personalisation.
Downstream, these changes will impact compliance and IT functions, and in many cases will necessitate a major shift in business models.
From Cyber to Operations, Legal, Treasury, and Anti-Money Laundering departments, the emphasis on new regulatory compliance demands promises to have a profound impact on businesses internally.
“EU customers will also benefit from greater data control, faster and less costly payments, clearer fee structures and tailored financial solutions,” Barton said.
“On the commercial side, the biggest beneficiaries are likely to be legacy financial services providers which can rise to the digital challenge and FinTechs that can navigate the new compliance challenges.”
What is the timeline for the EU’s payment reforms?
The updated version of the SCT Inst scheme rulebook will be published in November 2024 for implementation one year later, giving payment service providers and their suppliers a 12-month lead time to address scheme rulebook updates prior to such updates taking effect.
PSD3 and PSR proposals are currently under review by the European Parliament and Council and their finalised timelines are unknown. Final versions are expected to appear by the end of this year or the start of next, given the standard legislative procedure.
EU states will have an 18-month transition period to implement the regulations.
Similarly, FiDA should apply 24 months after its entry into force, which is expected to be early 2027.
CUBE comment
Compliance teams are at the heart of ensuring their organisations adapt to the new payments landscape, and staying ahead of the regulatory curve has never been more vital.
As the research shows, the sheer volume of data, the complexity of the rules, and the rapid pace of change are proving tough to manage for compliance functions inside large European banks. Many of these banks still rely heavily on manual processes, most likely spreadsheets, to handle governance, risk, and compliance tasks.
Implementing advanced technologies such as Automated Regulatory Intelligence, machine learning, and Robotic Process Automation (RPA), can help financial institutions adapt faster and reduce risks stemming from such a considerable regulatory change process.
By investing in automation, compliance teams can meet the challenges posed by the incoming payment reforms, and gain a competitive advantage by improving operational efficiency and mitigating risks as the regulatory environment intensifies.
Talk to CUBE today to learn more about how Automated Regulatory Intelligence can help your business prepare for regulatory change.