Selected Topics

Open Banking and PSDII

The Payment Services Directive 2015/2366 (PSD II) constitutes EU’s deliberate attempt to unify and expand the scope of the internal payments market, providing the legal basis for more effective, secure, innovative, transparent, and efficient payments. Consistent with a vision for innovation, efficiency, and growth in payments and payment services, the Directive introduces the notion of open banking, requiring commercial banks to provide authorised Third Party Providers (TPPs) open access to bank-clients’ data through open APIs, to build applications and services on financial services and payments. As per the relevant Directive, TPPs may be Payment Initiation Service Providers or Account Information Service Providers, following the addition of Payment Initiation and Account Information as regulated services under PSD II.

Open banking is a truly transformative business, data-sharing model, which unlocks the power of customers’ financial data to application developers for the ultimate benefit of customers. The prospect of open banking is, simply put, extraordinary; application developers draw on, and analyse, real data to offer innovative solutions to customers. Following the rise of customer expectations and the increasing drive to accommodate customers’ banking needs in the most efficient, easy, and novel way, open banking, as implemented by PSD II, constitutes an obvious tool materializing customer expectation.

PSD II is instrumental in this regard. Moving beyond the objective of enhancing the payments market, the directive lays the legal conditions that level the playing field for payment service providers and the open banking new market entrants. The Directive regulates the operation of TPPs, ensuring that open access to customer data is granted to authorized parties abiding by certain and consistent rules. At the same time, PSD II is aligned with the GDPR, requiring explicit customer consent for data processing by TPPs; customers are empowered in the way they choose to share their personal data signaling the shift towards enhancing customer agency and control over their valuable data.

In Cyprus, developments in open banking have been slow-paced but are expected to pick up, based on the sandbox endeavors of the largest commercial banks. As lawtech professionals with international outlook and perspective, we have deep knowledge in the area and may assist the digital transformation of domestic banks as well as the growth of new market players through open banking. We can consult and advise on the proper deployment of APIs, considering their technology-neutral nature, as per PSD II, on compliance with the PSD II conditions, GDPR and security requirements. We are well-versed to lead authorisation processes for TPPs, drawing on our general past practice with competent authorities, and our deep understanding of the PSD II conditions and prescribed processes. Our customers may rely on our technologically savvy practice and our acute business awareness to guide them through the legal and regulatory demands of open banking integration, use, and development. As experts in digital transformation, we make sure to deliver services that are conducive to the vision of seamlessly moving towards data-driven efficiency, innovation, and digitization.