PSD3

Definition

Payment Services Directive 3 (PSD3) and the companion Payment Services Regulation (PSR) — the European Union's successor framework to PSD2 and EMD2. Proposed by the European Commission in June 2023 (COM(2023) 366/367), PSD3 modernises payment services regulation across the single market. Key changes vs PSD2: (1) enhanced Strong Customer Authentication (SCA) framework with new exemptions for low-risk transactions; (2) Open Finance — extending data access beyond payment accounts to investment, savings, and pension data via Financial Data Access (FIDA); (3) anti-fraud measures including mandatory IBAN-name matching for credit transfers; (4) tighter rules on instant-payment fraud liability; (5) merger of EMD2 into the unified framework so e-money and payment institutions sit under one regime; (6) explicit cash-withdrawal services scope. Islamic Open Finance™ carries PSD3 as a first-class regulatory regime alongside the 12 others — the rail-api enforces SCA at the edge, OBP gateway emits IBAN-name verification (VOP) flags, and the consent-management primitives extend to Open Finance scopes via the FIDA-aligned scope vocabulary. The platform's PSD3 readiness toolkit ships with every tenant: SCA evidence packs, Open Finance scope registry, IBAN-name match attestations, and an instant-payment fraud-monitoring rail. Note: PSD3 has not yet entered into force (expected 2025–2026 EU adoption); IOF's compliance posture is 'designed-for PSD3 / aligned with proposed text', and customers receive an explicit advisory until the directive transposes into national law per member state.

Primary Sources & Standards

• officialProposal for PSD3 — COM(2023) 366
• companionProposal for PSR — COM(2023) 367
• predecessorPSD2 (predecessor)