PSD3 – Next-Generation Payment Services Regulation

Proposal for a Regulation on payment services in the internal market (Payment Services Regulation / PSD3)

Draft EU-wide

Overview

PSD3 (Payment Services Directive 3) is the planned overhaul of EU payment services regulation. The European Commission’s proposal envisages a directly applicable regulation (Payment Services Regulation, PSR) and a complementary directive for authorisation. Its aims are to modernise payment services, strengthen fraud prevention, and advance open banking.

Who Is Affected?

PSD3/PSR will affect the entire payments market:

  • Banks and payment service providers
  • Fintechs and e-money institutions
  • Account information service providers (AISPs) and payment initiation service providers (PISPs)
  • Online retailers and e-commerce platforms
  • Technology providers for payment solutions

Expected Core Obligations

  1. IBAN-name verification (CoP): Mandatory matching of IBAN and payee name for fraud prevention
  2. Enhanced open banking: Standardised APIs and improved data access rights
  3. Stronger customer authentication: Evolution of SCA rules
  4. Fraud protection: Extended liability and reimbursement rights in fraud cases
  5. Non-bank payment service providers: New requirements for authorisation and own funds
  6. Access to payment systems: Equal access for all authorised payment service providers

National Transposition

PSD3 is still in the EU legislative process:

  • Germany: Amendment of the ZAG (Payment Services Supervision Act) will be required
  • Austria: Amendment of the ZaDiG (Payment Services Act) will be required
  • Switzerland: Own regulatory framework; monitoring EU developments for interoperability

PSD3: Does it affect you?

Find out if and how this regulation affects your company – we're happy to advise you.

Frequently Asked Questions

What is PSD3?

PSD3 is the third generation of the EU payment services framework. It consists of a directly applicable regulation (PSR) and a complementary directive (PSD3) for the authorisation of payment service providers.

When is PSD3 expected to enter into force?

The legislative process is ongoing. Adoption is expected in 2025–2026, with application likely from 2026–2027 at the earliest.

What are the key changes?

Stronger fraud protection (IBAN-name verification), enhanced open banking rules with standardised APIs, improved consumer rights for unauthorised payments, and new requirements for non-bank payment service providers.