CBI Globe

The 2015/2366/EU Directive, better known as the Payment Services Directive – PSD2, is intended to establish a common legal framework for the payments market in the European economic area in order to expand the level of integration, efficiency and competition in the market, and to promote innovation in the electronic payments industry and increase consumer protection levels through the use of new authentication principles ( Strong Customer Authentication – SCA).


From an operational point of view, the entry into force of the Directive introduces important innovations in the banking sector. Users of online accounts will for example have the opportunity to arrange payments or get information on their current account also through the use of applications by third party providers (TPP) – in fact regulated by PSD2 – who will be entitled to open access to the systems of the banks where the account is rooted.


For the impacted areas, PSD2 establishes rules of principal and gives the European Banking Authority (EBA) the task of defining detailed legislation. The standardisation process involves four strands:



The EBA rules, in particular those on strong authentication and secure communication, establish minimum requirements that service providers must meet, but let the providers themselves choose which standards and technical solutions to adopt in order to be in compliance with the legislation. In some cases, such as the adoption of interfaces for open and secure communication between banks and third parties, convergence towards common standards (through Application Programming Interfaces – API) is essential in order to avoid the inefficiencies and fragmentation of markets. Different national communities and groups of European operators (such as the Berlin Group and Open Banking UK, under ISO20022) are moving their actions towards shared standards between banks and third parties, allowing investments to be optimised at system level.


In this regard it should be noted that Directive 2015/2366/EU, together with the increasing digitalisation of services and customers, will involve:


  • substantial investment in technical adjustments to the requirements imposed by PSD2. Financial institutions where the account is rooted (Account Servicing Payment Service Providers – ASPSP) must create the technical interfaces needed for dialogue with third parties and for management of the implementing operations ( Payment initiation services - PIS) and informative operations ( Account initiation services - AIS) initialised by users through these entities; a third macro area refers to online fund confirmation services ( Card initiated services - CIS);
  • high organisational impact arising from PSD2-compliant adjustment of operating systems and banking management processes;
  • business opportunities related to the implementation of PSD2, which could be seized by banking companies offering new services;
  • entry into the market of payment services by new non-banking operators.


In view of these significant developments and in order to strengthen its role as an industry utility within the banking sector, the ex Consorzio CBI, now CBI S.c.p.a. has analysed the relevant competitive and regulatory environment, developing a strategic plan able to attenuate the technical and operational impact of PSD2, while also seizing the business opportunities enabled by new regulatory scenario. In particular, the Consortium has been entrusted with the task of defining the reference technical specifications for the domestic market, following on from the international initiatives already launched in the sector.



CBI S.c.p.a. - Fiscal Code 97249640588 - R.E.A. N. 1205568

Registered Capital 920.474 € i.v. - VAT Id  08992631005 - LEI Code 52670099B6D3C3176A75