Directive (EU) 2015/2366 of the European Parliament and Council from the 25 November 2015 on payment services in the internal market, amending Directives 2002/65 / EC, 2009/110 / EC and 2013/36 / EU and Regulation (EU) No. 1093/2010 and repealing Directive 2007/64 / EC, also called the Payment Services Directive 2 or revised Payment Services Directive, replaces the first Payment Services Directive – Directive (EC) 64/2007, being transposed into Romanian legislation by Law 209/2019 on payment services.

This Directive extends the scope and area of the Directive (EC) 64/2007 to payments made within the European Economic Area (EEA) and to payments to and from countries outside that area in any currency.

The Directive contains provisions to better protect consumers against fraud and incidents. Also, increased consumer rights are provided for transfers and remittances outside Europe or payments in other countries currencies. The new regulation encourages the emergence of new service providers and the development of innovative payment methods through mobile devices and Internet in Europe, to boost the European Union’s global competitiveness.

Directive (EU) 2015/2366 extends the category of Payment Institutions to new types of players by providing access to the bank account of external entities that can provide clients with information on payment initiation accounts and services. These providers will have to comply with the same regulatory and supervisory standards as all other payment institutions. Credit institutions and all payment service providers will need to increase the security level of on-line transactions by including a stricter authentication protocol for the customer to make the payment. The European Banking Authority (EBA) has developed regulatory technical standards for customer authentication requirements and secure communications in the context of the provisions of EU Directive 2366/2015, which are included in the EU Delegate Regulation no. 389/2018 of the European Commission.

The credit Institutions members of the Romanian Association of Banks have agreed to use the European standard developed by the Berlin Group – NextGenPSD2 for the development of the API (Application Programming Interface) in relation to Third Party Providers (TPPs) meeting the requirements of EU Directive 2366/2015.

The NextGenPSD2 initiative offers a modern, open, harmonized and interoperable set of operational and technical specifications.

The Romanian Association of Banks, a member of the NextGenPSD2 Task Force of the Berlin Group, believes that the open and harmonized standards of the PSD2 XS2A (access to account) interface for processes, data and infrastructures are the components needed for an open, interoperable market. Real interoperability is an essential component of competitive pan-European services that will contribute to the progress of the European single market and will benefit the payment industry.

Berlin Group documentation and details of the European standard and its evolution can be found at www.berlin-group.org/psd2-access-to-bank-accounts