By: Sakshi Khurana, Business Consultant – BFS, LTI

The EU is facing drastic changes in the payments industry, with PSD2, SCTinst and other regulations making their way towards realization. These regulations mark a new beginning of an era for the payment industry. In these turbulent times, it is essential to outline the changes that incumbent financial institutions, new entrants and customers are going to face. Banks need to bring innovation in the fabric of their organizations.

The Second Payment Services directive PSD2 – 2015/2366 presents a wide spectrum of rules and regulations for account servicing payment service providers (ASPSPs), Payment Initiation Service Providers (PISPs), Account information Service Providers (AISPs) and Payment servicing users covered in detail, under 117 articles of the directive.

This directive poses a specific challenge for incumbent players to utilize and modify their existing systems, and introduce new resources and methods to comply with the requirements. Under PSD2, one of the most impacted parts of any banking institution, is its Core Banking System (CBS). With the emergence of Third Party Providers (TPPs) such as PISPs and AISPs in the payment industry, CBS systems, which are bank’s information systems, have to open up their services to these TPPs.

Few rules and regulations highlighted in the directive, which have impact on Core banking systems of ASPSPs, are:

This directive specifies “the obligations on payment service providers regarding provision of clear information to payment service users regarding payment service contracts and payment transactions”. For a core banking system, it implies that module must be able to generate a reference enabling the payer and the beneficiary to identify payment transactions. It will also enable them to identify any information communicated during payment transaction.

If exchanges are managed by CBS, by interfacing the front office before transactions, then “CBS module must be able to provide reference to interest and exchange rates, methods and bases for calculating these interest and exchange rates”.

Also, if CBS interfaces the front office before transactions, and payment service provider or another party involved in transaction, requests a charge or offers a reduction, “a provision should be made in the CBS module to inform payment service user prior to initiation of payment transaction”.

Under rules to access payment accounts in case of payments and account initiation services, “a provision has to be made in core banking systems to provide Account servicing payment services providers (ASPSP) information on account linkage”.

Under rules related to refusal of access to account information or payments, “the CBS systems of ASPSPs have to identify the fraudulent and unauthorised accesses and provide proper reasoning documented replies to AISPs and PISPs”.

Under rules related to management of operational and security risks, ASPSPs should maintain effective and efficient incident management procedures in their CBS systems, including detection and classification of major operational and security incidents.

Conclusion

PSD2 brings a new facet of financial industry by creating a level playing field for Third Party Providers (TPPs) and Account Servicing Payment Service Providers (ASPSPs). Meeting the demands of these regulatory requirements and directives does not come as an option for Incumbents and hence, they need to evolve their existing systems to compete with the tech- savvy TPPs. The legacy core banking systems cannot be replaced in a single stroke, and hence, there are APIs for rescue in such situations, however there can be no one-size-fits-all solution for all the banks.

Innovation is the key to success and there is no single method to achieve innovation. Many incumbents are now being seen forming association with TPPs and other IT service providers to up their game and hold their share of the pie. Banks need to determine their short and long-term strategies to achieve a required level of digitalization in their core banking systems. These strategies should consider the compliance requirements, as well as should help banks compete in the fierce competition of technology.