Skip to main content
Contact
Submit RFP

      With PSD3 (Payment Services Directive 3) and PSR (Payment Services Regulation), the European Union is launching a comprehensive reform of payment transactions. The aim is to create a harmonized, secure, and transparent financial ecosystem. For payment service providers, this means stricter requirements for fraud prevention, data management, and interfaces. 

      In addition to the expansion of "Verification of Payee" (VoP) and strong customer authentication (SCA), the new rules require the exchange of fraud-related data and the implementation of open banking standards. Add the following disclaimer: 'The views and opinions expressed in guest contributions are those of the interviewee/study participant/author and do not necessarily reflect the views and opinions of [name of KPMG member firm and applicable jurisdiction; for KPMG, Germany, for example: KPMG AG Wirtschaftsprüfungsgesellschaft, a stock corporation under German law].', how companies can efficiently comply with regulatory requirements while at the same time using them as an opportunity for new business models. Our experts provide background information and practical PSD3 and PSR recommendations for action to accelerate the implementation processes.

      Ready to talk? Contact us
      auto_stories

      Harmonization, fraud prevention, and open banking – what financial institutions need to know now.

      Download now

      Key points of the white paper

      What financial service providers should know now about PSD3 and PSR

      • New obligations for fraud prevention and data sharing

        Payment service providers will in future be required to exchange fraud-related data and optimize their systems for real-time detection.

      • Liability rules in cases of authorized fraud

        The PSR introduces a stricter liability regime: payment service providers bear full responsibility in the event of a lack of authorization or insufficient recipient verification.

      • Technical requirements for VoP and SCA

        Mandatory recipient verification and strong customer authentication will apply to all Single Euro Payments Area (SEPA) transfers in the future and require scalable, high-performance systems.

      • Open Banking and Open Finance: Application Programming Interface (API) Standards and Security

        New interface standards and security protocols such as OAuth 2.0 and Financial-grade API (FAPI) are mandatory to ensure secure and transparent data access.

      • Handlungsempfehlungen für Compliance und IT-Architektur

        Recommendations for action regarding compliance and IT architecture.

      • Anticipating technological developments

        Particularly in the area of cyber risks, ongoing and up-to-date analysis of threats and countermeasures is of considerable importance.

      Your Contact

      Volker Smielick
      Volker Smielick

      Director, Financial Services

      KPMG AG Wirtschaftsprüfungsgesellschaft