Konsentus Powering Trust in Open Ecosystems

PSD2 Open Banking

What is PSD2?

The second Payment Services Directive (PSD2) is a European directive which aims to promote competition, innovation, and security in the payments industry. It replaces the Payment Services Directive (PSD) of 2007, which created a single market for payments in the European Union.

PSD2 came into force in January 2016, after an amendment proposed by the European Commission in 2013. Member states had two years to transpose the directive into national law. There was a further deadline in September 2019 to comply with the Regulatory Technical Standard (RTS), at which point PSD2 open banking became operational in Europe.

PSD2 in Open Banking

PSD2 developed the original PSD with further regulation around authentication processes and third parties, focusing on increasing customer rights and security. Specifically, PSD2 established the regulatory framework for open banking in Europe. It introduced new regulated players called third party providers (TPPs), which have the legal right to access bank account information on behalf of their customers.

TPPs – or open banking fintechs – had been around for years before PSD2. However, without regulation, the companies struggled to compete against established financial institutions and offer large-scale, disruptive solutions with compatibility across all banks. With PSD2, banks are legally required to open their systems to third parties via Application Programming Interfaces (APIs).

As a result, there has been an explosion in newly regulated TPPs and innovative products and services. In addition, TPPs are now authorised and supervised by National Competent Authorities (NCAs), increasing the transparency and security of the ecosystem. There are now over 338 TPPs in the EEA alone, with a further 221 TPPs based in the UK.

PSD2 focused on two types of TPPs: Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs).

  • AISPs are authorised to aggregate financial data, providing insights into the holistic economic life of the customer.
  • PISPs are authorised to initiate push payments on behalf of the customer, transferring funds directly from the customer’s bank account to a third party.

Beyond Regulation: What are the Problems with PSD2 Open Banking?

PSD2 requires financial institutions to give TPPs instant and reliable access to customer data. This introduced a great deal of risk: financial institutions were now in need of a process to vet these third parties to ensure that their customers’ data and funds were not falling into the wrong hands. PSD2 makes it clear that banks are fully liable for any unauthorised or fraudulent open banking transactions.

In 2019, when transaction volumes were still small, banks could get away with makeshift solutions or minimal security measures. But as the ecosystem has grown, the risk has also increased. Monthly open banking transactions in the UK alone have more than doubled from 410 million in May 2020 to over 1 billion in May 2022. In addition to TPPs, there are hundreds of entities, known as  ‘agents’ that rent TPP licences to provide services, thousands of financial institutions using their own open banking permissions, and TPPs passporting their services across Europe. The complexity of the ecosystem has created new problems for financial institutions.


Compliance with PSD2 Open Banking

To remain compliant with financial regulation and protect customers’ data and funds, financial institutions require a solution which can validate the identity and authorisation status of a third party in real-time.

Konsentus already provides this capability to over 500 Financial Institutions in Europe. With a proven, cutting-edge suite of products, Konsentus helps financial institutions secure their open banking transactions enabling the full benefits of the open ecosystem to be enjoyed. By consolidating the latest available source data on a TPP and providing it back to a Financial Institution through a single API in real-time, Konsentus removes complexity and shields customers from any unnecessary risk.

To learn more about liability under PSD2, read our whitepaper here.

Why Partner With Us?

What We Offer You

we can do it together

Konsentus Rebrand Button - Konsentus Dot-23-23

Find out how our technology can protect your customers within open ecosystems.



On completion of this form you will be sharing your personal data with Konsentus Ltd (company number 1115059) (“Konsentus”/”we”/”us”). We will process such information for the purposes of sending you the requested information. We may also send you marketing communications and information which we consider may be of interest to you from time to time. This may include sending information by email, or us contacting you by telephone, where relevant details are provided. We rely on our legitimate interests as the lawful basis for processing your data in this way. Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to receive a copy of the data we hold about you. You also have the right to opt out of marketing communications at any time using the details in an email sent to you or by contacting us at insights@konsentus.com.

This field is for validation purposes and should be left unchanged.

Login to your account