The third in my trilogy of PSD2 blogs from ‘Inside the Regulator’. However, as we are now entering uncertain and uncharted territory, in terms of firms that failed to submit applications for re-authorisation in time, my insights are more presumptive than previously.
GDPR Fines! GDPR Fines! GDPR Fines! The war cry of solicitors and tech consultants across Europe for the past year has become so loud that it’s almost impossible to distinguish it from all the other noise on social media and in the news.
Drawing on my experience of heading up the Payment Services Authorisations Team at the FCA for many years, I spoke last week (http://blog.fscom.co.uk/psd2-a-glimpse-inside-the-regulator) about the FCA’s expectations for authorisations and re-authorisations, and offered some insight into how they might approach the challenges brought about by PSD2. I now explore the risks inherent in firms wishing to ‘upgrade’ their licences, the new entrants under PSD2 and the FCA’s approach to supervision.
Much of our time is, and seems always to have been, spent trying to interpret exactly what the regulations or, more importantly, the Regulator is expecting. A leading question asked by many compliance officers is, 'what do they expect of my company?'. This is often where the compliance consultant comes in.
It’s been five months since the FCA’s doors opened to applications from the new payment service providers, often referred to as third party providers (TPPs), and two months since they could appear on the Register so it’s a good time to ask how many have seized the opportunity presented by the second payment services directive (PSD2).
The answer is: ‘not so many’.
‘Compliance’ is the watchword in financial services, perhaps more now than ever. With new rules and regulations being introduced across Europe, most notably 4MLD, MiFID II, PSD2 and GDPR, Heads of Compliance across multiple industry verticals are now under major pressure to ensure their processes and procedures are up to date, adequate and compliant.
To some, 13 January and the implementation of the second Payment Services Directive (PSD2) will be a significant milestone in their business’s path. They will be joining the community of the regulated financial services sector, which means that their owners and managers take on significant additional liability and are subject to a new level of scrutiny. They will have to meet certain standards and requirements ranging from the information they must give their customers to the type of insurance they must hold (in the case of the payment initiation and account information service providers) to how they treat client money (for authorised payment and e-money institutions and small e-money institutions).
When does a great deal turn out to be not such a great deal? When a credit card surcharge is added right at the end. Such hidden surcharges will be a thing of the past, mostly, come mid-January when the second Payment Services Directive (PSD2) is implemented.
Following on from my previous blog post, where I looked at the UK’s current and future payments architecture, one of the most interesting developments identified at the Project Regulator event that could be a game changer for payment and e-money institutions concerns the UK’s interbank real time gross settlement (RTGS) system.