Blog/ Company Updates

Your Guide to PSD2 - Upcoming Compliance Requirements

Artboard Copy 25

With the impending changes to the Payment Service Directive (PSD2) legislation, ROLLER would like to issue this alert to our clients. 

Introduction to the PSD2

The first Payment Service Directive (PSD) was created in 2007 to establish safer, and secure payment transactions across the European Union (EU) by allowing ‘non-bank’ payment firms to operate within the EU. 

The legislation brought substantial benefits to the European economy and gave consumers more choice, allowing financial businesses to grow and also leading to the development of the Single Euro Payment Area (SEPA) to facilitate the execution of payments. 

Following The Payment Service Directive, PSD2 came into effect in January 2018 to address the changing financial technology landscape and to refine the issues prevalent in the previous directive. The new legislation aims to contribute to a more integrated and efficient European payments market, strengthen consumer security, update EEA payment standards for the digital age and also improve the level playing field for payment service providers (including new players).

What does the PSD 2 entail?

The primary goal of PSD2 is to create a single integrated market for payment services by treating banks and other payment services as one entity.  

PSD2 opens up the EU payments market to third-party payment service providers which will allow merchants like Braintree to directly access customer bank accounts and make a payment for them, without the need for a service like VISA. 

PSD2 also updates transactions made through a telecom operator except for micro-payments and includes transactions with third countries (cross-border payment services).  It also enhances communication between different country authorities to reduce regulatory arbitrage and legal uncertainty. 

While the new directive includes extensive regulations; here is how PSD2 will come into effect:

Strong customer authentication (SCA): Payment service providers are required to implement SCA whenever a payer initiates an electronic transaction. SCA is a form of two-factor authentication where consumers will be required to provide two independent authentication factors to complete the transaction. 

These factors are:

  • Knowledge - typically a password or PIN
  • Ownership - something that customers own (such as a mobile device or smart card) and
  • Inherence - something customers are, typically a fingerprint.

If SCA is not in use, credit and debit card issuers will likely decline the transaction.

Account Information Service Provider: These service providers have access to the bank account of customers, including balances and transactions, for one or more accounts or banks. It allows consumers to have a view on their financial situation and categorize their spending behaviour. 

Payment Initiation Service Provider: These service providers initiate payments on behalf of the customer and allow them to make online payments which acts as an alternative to credit card payments.  

Who does this impact?

This mandate mostly affects payment firms who handle funds between the buyer and the service provider. According to the legislation, all payment institutions in the EU have to be re-authorized or re-registered with their national regulators. The other major effect will be on consumers who will experience a greater degree of security regarding their payments and personal information. Removing bank monopolies will only make information access more transparent and reduce frauds. 

For more information visit Payment Service Directive Europe 

What is ROLLER doing about this?

ROLLER is working hard on your behalf to update our payment integrations in line with their updates so that you’re fully protected with minimal impact on your business. There will be no direct downtime for us to complete the updates.

What do you need to do?

As a business owner, you need to take no action at this stage. Depending on which payment gateway provider your business works with, there may be some settings to configure. If this applies to you, a representative from ROLLER will be in touch to discuss this with you.

If you have any further questions, please speak to your ROLLER Account Manager or contact us through our Support Platform at


This legal information is not the same as legal advice, where an attorney applies the law to your specific circumstances, so we insist that you consult an attorney if you’d like advice on your interpretation of this information or its accuracy. In a nutshell, you may not rely on this paper as legal advice, nor as a recommendation of any particular legal understanding.