The only constant is change – and so we are currently experiencing how the EU is modernising and supplementing existing regulations and launching new initiatives. Three projects are acting as the main drivers for the transformation of payment transactions within the EU: the Instant Payment Regulation (IPR), the Payment Services Regulation (PSR) and the Payment Services Directive 3 (PSD3): The IPR makes SEPA real-time credit transfers the standard. PSD3 and PSR, part of a broader initiative, are aimed at improvements and standardisation. All of these regulations will have a significant impact on banks, payment service providers and consumers and fundamentally change the way payments are processed.
The important three: IPR, PSD3 and PSR
While PSD3 has yet to be transposed into national law as a directive, the PSR will apply directly in all EU member states as a regulation. This division into two parts is intended to ensure standardised implementation within the EU and limit the scope for interpretation, especially for the PSR. The IPR, which came into force on 8 April 2024, obliges payment service providers to offer SEPA real-time credit transfers as standard. This means that in the future, money transfers must be processed within seconds – around the clock, all year round. Let’s take a closer look at what the individual regulations mean for banks and payment providers.
IPR: Instant payments as the new standard
The Instant Payments Regulation (IPR) is the only regulation (of the mentioned three) that has been in force since 8 April 2024. It obliges payment service providers (PSPs) to process instant payments of up to 100,000 euros within 10 seconds, whereby the fees may not be higher than for standard SEPA transfers. The regulation applies across the EU, including non-euro countries, and requires to offer verification of the payee free of charge to improve security.
The Instant Payments Regulation is being implemented gradually with clearly defined deadlines. From 9 January 2025, all bank PSPs in the EU must be able to receive instant payments. On 9 October 2025, this requirement will be extended for bank PSPs in the eurozone, which must then also be able to send instant payments. For non-bank PSPs, such as e-money institutions, a longer transition period applies: they have until 9 April 2027 to implement both receiving and sending instant payments. This staggered introduction allows the various players in the payments sector to gradually adapt their systems and processes and make the necessary technological changes.
PSR: Focus on consumer protection
The Payment Services Regulation (PSR) introduces a standardised legal framework for payment service providers in the European Economic Area, reducing uncertainties and national differences in legislation. It lays down rules for transparency and information requirements for payment services, defining clear rights and obligations for both providers and users of these services. In addition, the PSR contains provisions on open banking, such as the harmonisation of API standards, which aim to further promote and drive innovation in the financial sector.
PSD3: Evolution of open banking
The third Payment Services Directive (PSD3) builds on the foundations of PSD2 and aims to further harmonise and modernise payment transactions in the EU. PSD3 is expected to be published and enter into force in the first half of 2026. The directive improves consumer protection, optimises open banking through new API benchmarks and extends the liability of payment service providers in the event of fraud.
PSD3 thus represents a significant development of the open banking concept. Third-party providers will be given extended access to bank and payment account data. This is expected to promote the development of innovative financial services, such as spending overviews, budgeting tools and customised financial products. The new directive also tightens the conditions for commercial agent exemptions. PSD3 has significantly restricted the scope for platforms and marketplaces to declare themselves as commercial agents and thus circumvent regulatory requirements. This will lead to increased regulation and potentially to changes in the business models of many digital platforms.
Another key aspect of PSD3 is the improvement of API performance: account-holding payment service providers must now guarantee unrestricted API access around the clock, regardless of the user’s active presence. This increases user-friendliness and makes it easier for third-party providers to comply with regulatory requirements.
Challenges and opportunities
So what are the challenges and opportunities arising from the introduction of instant payments and the associated regulations PSD3 and PSR for banks, payment service providers and companies? Let’s start with the challenges.
The IPR requires banks and payment service providers to be liable for spoofing cases in terms of liability and consumer protection. There is also the obligation to block payment instruments in the event of suspected misuse. Extensive technical adjustments are required, such as the introduction of Verification of Payee (VoP) from October 2025 for all SEPA credit transfers and instant payments. This will require significant adjustments to IT systems in order to carry out name checks within three seconds and implement flexible solutions for individual and bulk payments.
Operational requirements demanded by PSD3 and PSR include the provision of barrier-free Strong Customer Authentication solutions and the establishment of real-time communication with third-party service providers. In addition, institutions must increasingly fulfil reporting and transparency obligations, for example with regard to the availability of dedicated interfaces. The implementation of VoP demanded by IPR on all customer channels, including telephone banking and branches, as well as the development of customised solutions for corporate customers with bulk payments add to the complexity. All these innovations are forcing players to rethink their business models and invest in technology, processes and compliance. At the same time, improved fraud prevention offers the opportunity to strengthen customer confidence and differentiate themselves from the competition.
The new PSD3 and PSR regulations also pose numerous challenges for banks and payment service providers, which require both technical and organisational adjustments. In the area of security, advanced authentication technologies must be introduced and security mechanisms such as Strong Customer Authentication (SCA) must be further developed. In addition, fraud detection and prevention measures must be taken and optimised, including the verification of payment recipients by the introduction of the IBAN name check.
- Technically, banks need to standardise their API systems to provide better access for third-party providers and provide intuitive dashboards to manage data access rights for customers. At the same time, real-time data exchange between banks and third-party providers is required in the event of changes to access authorisation. Reporting requirements, such as the availability of dedicated interfaces and fraud prevention, are also increasing.
- Operationally, payment service providers must ensure that their systems fulfil the extended requirements, for example by checking customer data against sanctions lists on a daily basis. The stricter liability regulations, such as the reversal of the burden of proof for incorrectly executed transactions, increase the pressure on compliance departments.
- On the competitive side, PSD3 will lead to a further opening of the market for FinTechs, which will increase the competitive pressure on traditional banks. At the same time, open banking is being promoted through harmonised standards, although this requires considerable investment in IT infrastructure and process adjustments. Compliance with the price parity requirement for instant payments and the implementation of the new regulations by 2026 at the latest represent additional financial burdens.
Opportunities and potential of the new regulations
Where there is talk of challenges, there are of course also opportunities.
The introduction of instant payments opens up numerous opportunities. Companies benefit from faster receipt of payments and improved liquidity, which in turn optimises their cash management. At the same time, the immediate availability of funds and faster transactions increase customer satisfaction. In addition, real-time processing enables innovative business models and new payment solutions. Automation and real-time processing increase operational efficiency and reduce costs. Instant payments also offer an attractive alternative to cash, which could reduce its use in the long term.
PSD3 and PSR also offer numerous opportunities for banks, payment service providers and, last but not least, consumers. By optimising open banking services, innovative financial services and payment solutions can be developed that increase customer benefits and enable new business models. The improved harmonisation of the EU payments market creates a level playing field for market participants and promotes innovation. Banks in particular have the opportunity to evolve from pure infrastructure providers into financial ecosystem designers and thus offer value-added services at the customer interface.
Recommendations for banks and payment service providers
The new regulations in European payment transactions – IPR, PSD3 and PSR – require comprehensive adjustments on the part of banks and payment service providers. In order to meet the challenges, these institutions should take a number of measures.
In terms of technological customisation, systems and processes need to be upgraded to process transactions within 10 seconds and ensure 24/7 availability. Seamless integration of instant payments into existing ERP and financial systems is just as important as the implementation of robust screening systems to reduce false positives in sanctions checks.
In terms of compliance and security, daily checks of the customer list for sanctions violations should be introduced. Fraud detection and money laundering prevention must be optimised for real-time transactions. In addition, the Verification of Payee (VoP) service must be implemented across all customer-bank interfaces.
The employees of banks and payment service providers require comprehensive training on the effective use of new systems and processes. At the same time, there should be transparent communication with customers about upcoming changes and the benefits of instant payments.
Finally, transparent and fair fee models must be developed that take into account cost parity with standard SEPA transfers. The implementation of detailed reporting systems for real-time transactions is also necessary.
By consistently implementing these recommendations, banks and payment providers can overcome the challenges of the new regulations and make the most of the opportunities presented by instant payments, PSD3 and PSR.
Conclusion
The future of payment transactions will be characterised by a combination of technological innovations, regulatory changes and changing customer needs. Banks, payment service providers and FinTechs are faced with the task of actively shaping this change in order to remain competitive and meet the requirements of the market.
Fancy more in-depth information on PSD3, IPR & PSR?
Then simply click here
