Just Settled MiCA? Now Comes PSD3

While the market is still adapting to Markets in Crypto-Assets Regulation (MiCA), the European Union (EU) has moved quickly to reshape the payments landscape by agreeing on a major overhaul of its payment rulebook, introducing a new framework designed to strengthen consumer protection, reduce fraud, and modernise the digital payments landscape. The package, anchored by the Third Payment Services Directive (PSD3) and the new Payment Services Regulation (PSR), aims to harmonise operational rules across the EU, close regulatory gaps, and create a more coherent environment for banks, fintechs, and e-money issuers and certain crypto-asset firms operating across the EU.

What's changing: Key measures

1. Fraud liability shifts to Payment Service Providers (PSPs)

PSPs will face significantly greater responsibility for preventing fraud. Under the new rules:

• Mandatory name-to-IBAN checks must be performed before a transfer, with mismatches automatically blocked. PSPs must also offer customer-configurable transaction limits and real-time, instant payment-blocking controls.
• Ensure receiving PSPs freeze suspicious transaction funds immediately when fraud risk is detected.
• Refund customers in eligible cases of fraud or payment scams once incidents are reported to authorities, with PSP liability applying where required prevention safeguards have failed.
• Meet a higher evidentiary standard when alleging consumer gross negligence in fraud-related losses.

These measures transfer fraud risk from consumers to providers, raising the bar for security across the ecosystem.

2. Greater transparency on pricing and customer support

PSPs must disclose all fees, including ATM charges and FX costs, upfront. The framework also facilitates broader cash access, allowing retailers to offer withdrawals of €100-€150 without requiring a linked purchase, which is an important measure for rural or underserved areas. Providers must additionally ensure that human customer support is available, moving away from reliance on automated tools as the sole support channel.

3. Enhancing competition, innovation and open banking

PSD3 and the PSR strengthen the competitive landscape by expanding data access rights and clarifying operational requirements for both bank and non-bank PSPs. Payment initiation service providers, e-money institutions and other non-bank actors will benefit from more standardised rules and more consistent supervision. The EU's objective is a level playing field in which fintechs can compete effectively with incumbents while maintaining robust consumer safeguards.

Part of a larger digital finance push

These reforms complement the 2024 Instant Payments Regulation, which requires euro-denominated transfers to clear within seconds at no extra cost. Combined with data-access and cyber-resilience initiatives, the EU is positioning its payments market for a more integrated, innovative, and secure digital future.

Crypto firms gain a streamlined – but limited – pathway

In a significant development for the digital-asset sector, PSD3 and the PSR establish a unified framework under which all providers offering payment services, whether they are banks, payment institutions, e-money institutions, or certain crypto-asset service providers (CASPs), must operate. Any entity executing payments, safeguarding funds, or issuing e-money must meet the same core standards on fraud prevention, payee verification, transaction limits, and refund liability.

A key update is the streamlined licensing path for crypto firms. CASPs authorised under MiCA can access a simplified route when offering certain payment services. This reduces regulatory friction and supports convergence between crypto and traditional payments. However, the shortcut is not absolute. When a CASP uses e-money tokens (EMTs) to provide payment-type services, those activities fall squarely under PSD3/PSR requirements, meaning that the MiCA authorisation alone is not sufficient. In fact, firms offering EMT-based payments must still obtain a PSP licence or partner with a licensed provider, though transitional measures temporarily ease this burden.

Challenges and what to watch for