Volume: 11 Issue: 2
The UK’s HM Treasury (‘HMT’) published Draft Regulations alongside a Consultation on 2 February 2017 on the implementation of the PSD2, with the Draft Regulations to replace the Payment Services Regulations 2009; while much of the implementation will follow a ‘copy-out’ approach, HMT’s proposed approach to derogations within the PSD2 is noteworthy.
Under the PSD2 operators of payment accounts must open up access to Account Information Service Providers (‘AISPs’) and Payment Initiation Service Providers (‘PISPs’) to accounts that are ‘accessible online.’ Angus McFadyen, Partner at Pinsent Masons LLP, notes the “potential mismatch between the UK’s wide interpretation of who could be/what is an account information service, and the tight literal interpretation that is likely to be taken in other Member States.”
“AISPs will be looking for opportunities to derive revenue from the customer’s data and it will be interesting to see how they define the services which they will provide (which they will then obtain consent to from the user),” said Richard Evetts, Legal Director at Addleshaw Goddard LLP. “Would it include the provision of marketing offers from third parties, for example? These approaches would appear to be permissible within the Draft Regulations, which simply copy out the Directive. It is unclear how these provisions are expected to interface with the data protection requirements.”