Well, it depends!
If you provide a payment account, either directly under your own license or in partnership with a regulated provider, then you do indeed need to have a dedicated interface.
What is a payment account?
Article 4(12) of PSD2 describes a payment account as
an account held in the name of one or more payment service users which is used for the execution of payment transactions
The regs then go on to provide a series of examples of "payment transactions"
"payment transactions executed through a payment card or a similar device"
"execution of direct debits, including one-off direct debits"
"execution of credit transfers, including standing orders"
As you can see, the definitions are broad and include any product that supports any of a wide number of payment types including bank transfers, debit cards, prepaid card, credit cards, and much more.
If you're still unsure, use our handy self-checking tool, which guides you through a short series of questions in order to determine if you are indeed in scope. Why not give it a try.
Do I need this if it won't be used?
We're often asked if this is really needed when an account provider believes that none of it's users will want to connect through a third-party provider. This way of thinking is problematic for two reasons.
The PSD2 legislation doesn't define a risk-based approach. It is not the decision of an individual organisation to decide if it wishes to implement a requirement based on where or not, in its own judgement, it will be used. The rules are very clear. This is a firm requirement, and failure to adhere, regardless of reason, is a breach.
Even if the account provider doesn't believe its users will choose to access their account or initiate payments via a third-party provider, those users nonetheless have the right to do so. The beauty of open banking is the rich and constantly evolving landscape, and there are new and exciting services popping up all the time, many of which may be attractive to an account provider's users, even if that account provider doesn't know it yet. Unfortunately, this isn't an account provider's decision to make.
Who is actually on the hook?
Another common question we're asked is "I am working with a payment provider / e-money issuer and they're telling me that I need to do this - but isn't it their responsibility?".
It's an interesting question. It is the regulated entity that is responsible for ensuring that a dedicated interface is available, and that all regulatory requirements are met (including reporting). However, in most cases, that regulated provider passes the responsibility on to its client. There are many good reasons for this, including;
It's often technically impossibly for a regulated provider to deliver this service since it require interaction with the user interface, which is typically controlled by the brand owner / programme manager
A regulated entity will often outsource this responsibility to it's agent/client in the same way that it may do so with other requirements such as customer due diligence / SCA, user interface management, customer services etc. This is no different
Many brand owners / programme managers have more than one "source of data", for example they may offer IBANs through one account provider and cards through another. As such, it is the brand owner that is ultimately the only one able to deliver a full dedicated interface experience
But it's not all doom and gloom!
Firstly, remember that will tell.money, you can spin up your dedicated interface instantly and integrate in a matter of days. From then on, we take the strain for you.
Secondly, there are a plethora of benefits to hosting a dedicated interface. To find out more, take a look at All the benefits, none of the risk.
Do you have any questions?
We've got you covered. Take a look at our FAQs or get in touch with the team at info@tell.money
Kommentarer