We have three major legislative initiatives aiming to reshape the EU's future of payments and financial data access. Those are PSD3 (Payment Services Directive 3), PSR (Payment Services Regulation), and FiDA (The Financial Data Access). All three of these measures promise to improve consumer protection, strengthen Open Banking, and pave the way for Open Finance.
Payment Services Directive 3 (PSD3) updates licensing and authorization for Payments and Electronic Money Institutions. It also addresses weaknesses of PSD2, and promotes greater security and consumer protection.
Payment Services Regulation (PSR) aims to strengthen Open Banking rules by harmonizing implementation across the EU and boost consumer rights and protection.
The Financial Data Access (FiDA) framework transforms Open Banking to Open Finance by extending data sharing to insurance, investments, and other financial data.
So, as with all major changes, these new legislations bring their own and unique set of challenges. However, there are also plenty of opportunities. Here's what you need to know.
We have yet to find out about the official implementation timeline of PSD3, as we are still working with drafts of the regulation. However, both PSD3 and PSR are under review by the European Parliament and Council. The final versions are expected by the end of 2025. This is followed by the standard 18- month transition period, meaning that the regulation will be fully applied across the EU during 2027.
Entities impacted by PSD2 will be accompanied by a few other players in terms of PSD3, which broadens its scope to digital wallets, P2P platforms, as well as crypto service providers.
Also, PSD3 highlights the importance of Open banking integrations and data sharing. It aims to make them more secure and simplified through standardized APIs.
Lastly, heightened security measures, such as Strong Customer Authentication (SCA), and more reliable fraud prevention will follow the principles of accessibility and inclusivity.
As mentioned, the scope of stakeholders impacted by PSD3 is broader than the one within PSD2. This is also influenced by the FiDA framework which puts effort into making a leap from Open Banking to Open Finance. Here's who's impacted and how they are impacted:
Some of the measures introduced by PSD3 include the following:
Here's an example: PSD2's form of strengthened security mandated SCA accompanied by two-factor authentication for online transactions. PSD3 might go a step further by introducing advanced monitoring and ML to automatically detect and prevent fraud in real-time. This will offer users a greater level of confidence when it comes to identity theft and unauthorized account access.
Both PSD3 and PSR aim to provide customers more control over their data. This means they will be more transparency over who has acces to their data and for what purposes.
To promote innovation and competition, PSD3 will standardize electronic payment regulation and promises to improve access to all EU payment systems for non-bank PSPs.
This goal is going to be achieved by removing remaining obstacles to open banking services, which will in turn, streamline cross-border payments, all in an effort to improve parity in efficiency and security between domestic and cross-border transactions.
PSD3 will allow retailers to provide cash services to customers without making a purchase at their physical store. Also, PSD3 will provide a clear set of rules concerning independent ATM operators.
The Payment Services Regulation (PSR) is the EU's way of making payment rules simpler, clearer, and more consistent for everyone. The big difference? Unlike PSD2 and PSD3, the PSR doesn't need to be written into each country's local laws. Once it's approved, it will apply the same way across all EU member states.
Here's how it makes things better for consumers:
For businesses, this consistency is a win as well. Banks, fintechs, and PSPs won't have to juggle different rules in each country, making it much easier to scale services across Europe. As far as the consumers are concerned, this would mean more trust, more transparency, and safer payments wherever they go.
At the heart of the Financial Data Access (FiDA) framework is a simple but powerful idea: the customers own their data, not banks. That means you should have the right to share your data with whoever you choose – whether that's a payment app, financial advisor, insurer, or mortgage broker.
The thing is, until now, data sharing in finance has been messy and inconsistent. The rules have been unclear, bank's haven't always been required to share data, and the tools to make it run smooth haven't been standardized. With high cost and low trust, it is no surprise that customers and businesses have been slow to embrace it.
With FiDA, consumers get more control and transparency. You'll be able to control who has access to your data and for how long, with simple steps to revoke access. For fintech and other financial service providers, FiDA creates a level playing field. Instead of banks holding all the cards, data will flow more freely, making it easier to develop new products to compete.
Think of FiDA as the start of Open Finance. Soon, you could see personal dashboards that bring all your financial accounts together in one place, or loan applications that pull in your data instantly so you don’t have to hunt down paperwork. Banks may still charge for sharing data, but they won’t be able to lock it away anymore.
The details are still being debated, but one thing is clear: FiDA is set to make financial services in Europe more open, competitive, and customer-focused.
PSD3, PSR, and FiDA are not just new rules on paper, they’re a sign of where Europe’s financial world is heading: safer payments, stronger customer rights, and way more possibilities with Open Banking and Open Finance.
Sure, there will be hoops to jump through. Compliance won’t be easy. But for banks, fintechs, and payment providers, this is also a chance to rethink how things are done and build better, smarter services.
Those who start preparing early, updating systems, boosting security, and making the most of data, won’t just keep up - they’ll lead the way.
