What is a PSD2?
PSD2, which stands for the 2nd Payment Services Directive, is an EU directive that regulates payment services and payment service providers within the EEA. PSD2 was introduced in 2018 to promote competition, innovation, and security in the payment services industry. It largely superseded the original Payment Services Directive (PSD) and brought about several key changes, one of which is the requirement for certain payment service providers to obtain a PSD2 license.
A PSD2 license is actually divided into the following types of licenses:
- Payment Institution (PI) License
- Electronic Money Institution (EMI) License
Both, a PI licensee and an EMI license can engage in a wide range of activities:
- Execute various payment transactions, including credit transfers, direct debits, and card payments
- Offer money remittance services, enabling the transfer of funds domestically and cross-border
- Be a payment initiation service provider (PISP) and initiate payment orders on behalf of customers, facilitating online payments without the need for a credit or debit card
- Be an account information service provider (AISP) that offers customers a consolidated view of their account information from multiple financial institutions
- Offer currency exchange services
- Issue payment instruments, such as prepaid cards and digital wallets
- Accept and process payment transactions for merchants and e-commerce businesses, facilitating card payments and other forms of electronic payments
- Facilitate mobile payment services
- Offer peer-to-peer payment services (i.e., enable individuals to transfer funds to each other)
The main difference between a PI and an EMI license is that in addition to the above activities, EMI licensees can issue electronic money, including digital currency, prepaid cards, or electronic account balances which is their main function. They can also store electronic money on behalf of their customers and provide electronic wallets or accounts for users to access and manage their funds.
Advantages of Holding a PSD2
Holding one of the PSD2 licenses boasts several significant advantages that you should take into account if your goal is to offer payment services to EU customers. These licenses can provide access to a vast and diverse market and position your business as a trusted and compliant company in a highly regulated industry, setting the stage for growth, innovation, and long-term success within the European financial industry.
By obtaining a PSD2 license, you can benefit from several key advantages:
- A PSD2 license can build trust and credibility in the eyes of customers and business partners as it signals that your company has met the rigorous requirements necessary to operate as a legitimate and trustworthy payment service provider
- Thanks to the passporting principle, by holding one license you would be able to offer your payment services throughout the EEA, which includes the EU member states, Norway, Iceland, and Liechtenstein (this vast and lucrative market consists of over 500 million consumers)
- PSD2 encourages innovation by promoting open banking and facilitating third-party access to customer account information, and therefore license holders are effectively supported in the development of innovative financial products and services
- PSD2 licensees have access to customer account information, which can be valuable for developing personalized financial products and services
- Licensed payment service providers can access payment settlement systems, enabling them to process and settle transactions more efficiently
- Operating with a PSD2 license provides clarity regarding regulatory compliance which reduces uncertainty and potential legal risks
- A PSD2 license can serve as a stepping stone for global expansion, as EU regulations and standards are recognized and valued worldwide
Payment Services Regulations in the EU
As the name of the license suggests, PSD2 licensees are essentially regulated by the PSD2. Of course, it was built upon the PSD which is also worth taking into account as not everything was superseded by the PSD2. These directives and other applicable regulations create a unified EU framework that promotes secure, innovative, and competitive financial services within the member countries. This framework has simplified and standardized cross-border payments within the EU, making it more cost-effective for consumers and businesses to conduct transactions across member countries.
The main provisions of the PSD:
- PSD established two main categories of payment service providers – Payment Institutions (PIs) and Electronic Money Institutions (EMIs) which must be licensed and registered with an appropriate national authority of an EU country to operate within the EU
- PSD introduced strong consumer protection measures, including rules for secure and transparent payment processes, provision of relevant information to customers, and limiting liability in the event of unauthorized or fraudulent transactions
- Payment service providers were required to implement robust security measures to protect customer data and transaction information, including the use of strong customer authentication (SCA) methods for online transactions
- PSD outlined the respective rights and obligations of both payment service users and providers, establishing a clear regulatory framework for disputes and responsibilities
The main provisions of the PSD2:
- PSD2 covers a broader range of payment services by acknowledging emerging payment services, such as mobile payments and virtual currencies, and brings them under the regulatory framework
- PSD2 enables licensed Third-Party Providers (TPPs), including AISPs and PISPs, to access customer account information with explicit customer consent which encourages open banking and the development of new financial services
- PSD2 strengthens consumer protection measures by reducing the liability of customers in cases of unauthorized or fraudulent transactions
- The European Banking Authority (EBA) developed Regulatory Technical Standards that specify detailed requirements for certain aspects of PSD2, including SCA and secure communication between TPPs and banks
- PSD2 requires payment service providers to monitor transactions for fraudulent activities and report them to the authorities
All PSD2 licensees are also obligated to have deep knowledge of and adhere to the standards of 1-6th EU Anti-Money Laundering Directives (AMLDs) which include the following provisions:
- PSD2 licensees must conduct customer due diligence and where needed enhanced customer due diligence, including identification and verification of customers and reporting suspicious transactions
- It’s also essential to maintain accurate records of customer transactions and communications for a minimum period of at least five years after the end of a business relationship or after the completion of a transaction
- Identifying and monitoring politically exposed persons (PEPs) is a must for every PSD2 licensee
- PSD2 license holders must provide training and awareness programs to their employees to help them identify and report suspicious activities
- It’s equally important to conduct ongoing risk assessments to identify and manage money laundering and terrorist financing risks within the licensed operations
Top Jurisdictions for a PSD2 License
Lithuania has emerged as an attractive destination for payment service providers seeking to obtain a PSD2 license within the EU. Compared to other EU countries, the Bank of Lithuania, the regulator of the Lithuanian financial industry, granted the highest number of fintech licenses between 2017-2021. Today, the country remains at the forefront of serving innovative businesses due to such reasons as modern business infrastructure, talented and multilingual workforce, streamlined business formation and licensing processes, and competitive regulatory fees. To obtain a PSD2 license in Lithuania, you should prepare 20,000-25,000 EUR for the minimum required capital, and 898 EUR as the state fee for your application review.
The Netherlands has also been generous in granting fintech licenses, including PSD2 license. The Dutch Central Bank, which is the regulator for financial institutions, strives to promote innovative businesses just as much as to ensure the stability, integrity, and safety of the Dutch financial system. Against the backdrop of the economic crisis, it’s crucial to emphasize that the Netherlands has a resilient and highly developed financial services industry, and its strong economy, strategic location, and open business culture make it an attractive hub for international financial activities. To obtain a Dutch PSD2 license, you have to possess roughly around 125,000 EUR for the minimum capital, and 5,000-10,000 EUR for the application fee. Of course, the exact amounts will be determined based on the complexities of your business.
Estonia is also considered a favorable jurisdiction for obtaining a PSD2 license. Estonia’s regulatory authority, the Estonian Financial Supervision Authority, has a reputation for efficiency and responsiveness which means you can expect a straightforward and quick licensing process. Estonia is known for its advanced e-government infrastructure and the widespread use of digital identity which is essential for complying with SCA requirements. Due to the considerable advantages, the country is already a vibrant fintech hub, and the presence of numerous fintech startups and innovation centers offers opportunities for networking, collaboration, and knowledge sharing. The required minimum capital starts from 20,000 EUR but can increase significantly for a wider scope of activities. The application fee is 3,300 EUR.
Germany, with its robust financial services industry and well-structured regulatory framework, is known as an influential jurisdiction for financial institutions, including those seeking a PSD2 license. The country’s reputation for financial stability, supportive business environment, and active promotion of innovation make it an attractive choice for businesses entering the payment services industry. The Federal Financial Supervisory Authority (BaFin) is dedicated to maintaining Germany’s reputation and ensuring that licensees operate with integrity which in turn builds trust among customers and business partners. The required minimum capital amount and the application fee heavily depend on the specific business scale and are determined on a case-by-case basis but on average they are around 125,000 EUR and 5,000-10,000 EUR respectively.
Requirements for Applicants for a PSD2 License
While exact requirements can vary from one jurisdiction to another and we can advise you on this in a personalized consultation, there are several general but equally important legal requirements that are prevalent in most of the EU countries. Most likely, you’ll have to start with establishing a local company in a jurisdiction where you intend to apply for a PSD2 license. Usually, you’ll be required to choose a very specific legal form, such as a Private Limited Liability Company (UAB) in Lithuania, have a local registered office, and meet appropriate minimum capital requirements.
Once you’ve established a company, you’ll have to meet at least the following requirements:
- Demonstrate the ability to implement SCA to reduce the risk of fraud
- Have robust AML/CFT policies and procedures in place to effectively prevent financial crime
- If you intend to hold customer funds, you must demonstrate appropriate safeguarding arrangements to ensure the protection of customer funds in the event of insolvency
- Establish effective internal control systems and risk management procedures to ensure operational and financial stability
- Demonstrate the capacity to keep records and report relevant financial and operational data to the regulatory authority
- Establish effective security measures and IT infrastructure to safeguard customer data, ensure secure payment transactions, and guarantee cybersecurity
As an applicant for a PSD2 license, you’ll have to prepare various documents:
- Company registration certificate
- Articles of Association
- A thoroughly written business plan detailing the nature and scope of the payment services to be provided, including the types of transactions and customers served
- Financial statements, including balance sheets, income statements, and cash flow statements
- Proof of paid application fee
- A business continuity plan detailing how your company will manage and recover from disruptions, such as system failures or cyberattacks
- Documentation of the company’s corporate structure, including the ownership structure, board of directors, and key personnel
- Documentation of internal AML/CFT policies and procedures
- A detailed risk management framework, including the identification and mitigation of operational and compliance risks
- Proof of professional indemnity insurance
- CVs of company directors and other key personnel, along with evidence of their financial qualifications and relevant experience
- Copies of passports of the key personnel and shareholders
How to Apply for a PSD2 License?
The application process can take anywhere from three months to a year, depending on your chosen jurisdiction, the quality of your application, and the responsiveness of regulatory authorities. The specific application stages and milestones also vary, although there are certain general steps that you will have to take almost in any jurisdiction.
Applying for a PSD2 license involves the following key steps:
- Gathering and drafting the required documentation, and filling out a formal application form provided by the regulatory authority
- Paying the required application fee
- Submitting the application form along with the documents to the regulatory authority
- The company’s management team and shareholders should pass a fit and proper assessment, demonstrating their integrity, competence, and experience in the financial services industry
- If requested by the authority, provide additional information, clarifications, or modifications to your application during the review process
- You may also have to allow the conduct of an onsite inspection of your operations where the regulatory authority will assess your compliance and risk management practices
Ongoing Requirements for PSD2 License Holders
Once you’re a PSD2 license holder, there will be a myriad of requirements and standards you’ll have to adhere to. With our continuous help, you can rest assured that your payment services company will always remain compliant with the ever-evolving EU regulatory framework and relevant national regulations which is crucial in avoiding associated risks and ensuring uninterrupted operations.
For now, know that maintaining a PSD2 license entails adherence to such requirements as:
- Preparing and submitting regular reports to the regulatory authority, covering such aspects of your business as transaction data, security incidents, and compliance with SCA requirements
- Complying with the GDPR and national data protection regulations
- Maintaining safeguarding arrangements to protect customer funds in the event of insolvency
- Continuously monitoring and enforcing internal controls to ensure the proper functioning of your payment services and adherence to regulatory standards
- Maintaining effective procedures for handling customer complaints, including timely resolution and compliance with dispute resolution mechanisms
If you wish to obtain a PSD2 license, our team here at Regulated United Europe will be delighted to support you in incorporating a company and applying for a license in an EU jurisdiction that suits your business goals. Our dedicated specialists can also guide you through the acquisition of a ready-made company with an existing PSD2 license. With experienced lawyers, business development professionals, and financial accountants at your side, you will find the processes of starting a PSD2 business easy, seamless, and transparent. Contact us now to schedule a personalized consultation and set the stage for sustainable success.
FREQUENTLY ASKED QUESTIONS
What is PSD2?
PSD2 stands for the 2nd Payment Services Directive, an EU directive introduced in 2018 to regulate payment services and providers within the European Economic Area (EEA). Its primary goals are to promote competition, innovation, and security in the payment services industry.
What does a PSD2 license entail?
A PSD2 license is a regulatory authorization that allows businesses to offer electronic payment services within the EU. It is granted under the framework of the Payment Services Directive and is often required for entities engaging in payment transactions, money remittance, payment initiation, and account information services.
What types of licenses are available under PSD2?
PSD2 licenses are divided into two main types:
- Payment Institution (PI) License
- Electronic Money Institution (EMI) License
What activities can a Payment Institution (PI) engage in under a PSD2 license?
A PI with a PSD2 license can engage in various activities, including:
- Executing payment transactions (credit transfers, direct debits, card payments);
- Offering money remittance services;
- Acting as a payment initiation service provider (PISP);
- Providing account information services (AISP);
- Offering currency exchange services;
- Issuing payment instruments;
- Facilitating mobile payment services, and more.
What activities can an Electronic Money Institution (EMI) engage in under a PSD2 license?
An EMI with a PSD2 license can perform all activities allowed for a PI license, plus:
- Issue electronic money;
- Store electronic money on behalf of customers;
- Provide electronic wallets or accounts for users to access and manage their funds.
What are the advantages of holding a PSD2 license?
Holding a PSD2 license offers several advantages, including:
- Building trust and credibility;
- Accessing a vast market through the passporting principle;
- Encouraging innovation in financial products and services;
- Gaining access to customer account information;
- Efficient transaction processing through payment settlement systems;
- Regulatory clarity;
- Serving as a foundation for global expansion.
What is the passporting principle, and how does it benefit license holders?
The passporting principle allows a business holding a PSD2 license in one EU member state to offer its payment services throughout the entire European Economic Area (EEA), which includes EU member states, Norway, Iceland, and Liechtenstein.
This provides license holders access to a market of over 500 million consumers without needing separate licenses for each member state.
How do PSD2 licensees access customer account information?
PSD2 promotes open banking by enabling licensed Third-Party Providers (TPPs), including Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) to access customer account information with explicit customer consent. This facilitates the development of new financial services and encourages innovation in the industry.
How does a PSD2 license contribute to regulatory compliance?
Obtaining a PSD2 license ensures that a company has met the rigorous regulatory requirements necessary to operate as a legitimate and trustworthy payment service provider. It provides clarity regarding regulatory compliance, reduces uncertainty and legal risks, and establishes a framework for adherence to Anti-Money Laundering Directives (AMLDs) and other relevant regulations.
What are the main provisions of the PSD and PSD2?
The main provisions of the original Payment Services Directive (PSD) established two main categories of payment service providers – Payment Institutions (PIs) and Electronic Money Institutions (EMIs). PSD2, building upon PSD, covers a broader range of payment services, acknowledges emerging payment services like mobile payments and virtual currencies, and strengthens consumer protection measures.
What are the responsibilities of PSD2 license holders regarding Anti-Money Laundering Directives (AMLDs)?
PSD2 license holders are obligated to comply with the standards of the 1st to 6th EU Anti-Money Laundering Directives (AMLDs).
This includes conducting customer due diligence, identifying and monitoring politically exposed persons (PEPs), maintaining accurate records of transactions, providing training and awareness programs for employees, and conducting ongoing risk assessments to identify and manage money laundering and terrorist financing risks.
Which jurisdictions are considered top choices for obtaining a PSD2 license?
Top jurisdictions for obtaining a PSD2 license include Lithuania, the Netherlands, Estonia, and Germany.
These countries are recognized for their regulatory efficiency, financial stability, supportive business environments, and active promotion of innovation in the financial services industry.
What are the requirements for applicants seeking a PSD2 license?
While requirements can vary, applicants typically need to establish a local company in the jurisdiction where they apply for a PSD2 license. Specific legal forms, such as a Private Limited Liability Company (UAB) in Lithuania, may be required.
Applicants must also demonstrate the ability to implement Strong Customer Authentication (SCA), have robust Anti-Money Laundering/Counter Financing of Terrorism (AML/CFT) policies, and meet minimum capital requirements.
How long does the application process for a PSD2 license typically take?
The application process for a PSD2 license may take anywhere from three months to a year. The duration depends on the chosen jurisdiction, the quality of the application, and the responsiveness of regulatory authorities.
Specific stages in the application process include:
- Gathering and drafting required documentation;
- Paying the application fee;
- Submitting documents to the regulatory authority;
- Passing fit and proper assessments and potential onsite inspections.
RUE customer support team
“Hi, if you are looking to start your project, or you still have some concerns, you can definitely reach out to me for comprehensive assistance. Contact me and let’s start your business venture.”
“Hello, I’m Sheyla, ready to help with your business ventures in Europe and beyond. Whether in international markets or exploring opportunities abroad, I offer guidance and support. Feel free to contact me!”
“Hello, my name is Diana and I specialise in assisting clients in many questions. Contact me and I will be able to provide you efficient support in your request.”
“Hello, my name is Polina. I will be happy to provide you with the necessary information to launch your project in the chosen jurisdiction – contact me for more information!”
CONTACT US
At the moment, the main services of our company are legal and compliance solutions for FinTech projects. Our offices are located in Vilnius, Prague, and Warsaw. The legal team can assist with legal analysis, project structuring, and legal regulation.
Registration number: 08620563
Anno: 21.10.2019
Phone: +420 775 524 175
Email: [email protected]
Address: Na Perštýně 342/1, Staré Město, 110 00 Prague
Registration number: 304377400
Anno: 30.08.2016
Phone: +370 6949 5456
Email: [email protected]
Address: Lvovo g. 25 – 702, 7th floor, Vilnius,
09320, Lithuania
Sp. z o.o
Registration number: 38421992700000
Anno: 28.08.2019
Email: [email protected]
Address: Twarda 18, 15th floor, Warsaw, 00-824, Poland
Europe OÜ
Registration number: 14153440
Anno: 16.11.2016
Phone: +372 56 966 260
Email: [email protected]
Address: Laeva 2, Tallinn, 10111, Estonia