The European Commission's proposal for a revised Payment Services Directive — informally referred to as PSD3 — was published in June 2023. As of this writing, the proposal is progressing through European Parliament and Council legislative review, with the regulation expected to enter into force in a timeframe that most industry observers estimate between 2025 and 2027 for implementation. PSD3 is not yet enacted law, and the provisions discussed in this article reflect the draft as published and as amended through legislative review — they are subject to change before final adoption.
What compliance and reporting teams should be doing now is horizon-scanning: identifying which provisions in the PSD3 draft are likely to affect their reporting obligations, and building readiness to absorb those changes when they arrive. This article focuses specifically on the provisions in the PSD3 draft that are relevant to NCA transaction reporting — the obligations managed by heads of regulatory reporting at PSPs and EMIs.
What PSD3 Changes About the Regulatory Reporting Framework
PSD2's Article 96 established the framework for statistical reporting to NCAs, requiring payment service providers to submit periodic data on their transaction volumes, values, and instrument types. The EBA's guidelines and RTS built the technical framework on top of this statutory obligation. PSD3 is expected to revise Article 96's successor provision in several ways that matter for reporting operations.
Expanded Scope of Reportable Transactions
The PSD3 draft provisions under review include proposals to expand the scope of transactions that must be reported to NCAs. The expansion under discussion in the draft covers a broader range of payment service categories, including certain open banking payment initiation transactions and account information service activities that were not comprehensively captured under PSD2's reporting scope.
For compliance teams, an expanded reporting scope means that data extraction processes must be reviewed and potentially extended to capture transaction categories not currently included in quarterly submissions. If the institution operates payment initiation services or provides account information services, transactions in these categories may fall into scope under PSD3 reporting requirements that were not required under PSD2.
Changes to Reporting Timelines
The PSD3 draft has included provisions related to reporting frequency and timing that are more prescriptive than PSD2's framework. While PSD2 established the obligation and left reporting frequency largely to EBA guidelines and NCA implementation, PSD3 draft provisions have included more explicit specification of reporting period requirements.
Industry commentary on the draft has noted that certain provisions would, if adopted as written, require some categories of reporting to be provided on a more frequent basis than the current quarterly cycle — potentially monthly reporting for specific transaction categories or institution types above certain volume thresholds. These provisions are among the more contested in legislative review, and their final form may differ materially from the draft text.
Harmonisation of NCA Technical Requirements
One of the consistent criticisms of PSD2's implementation across EU member states has been the divergence in NCA reporting technical requirements — the very divergence documented elsewhere in this blog's coverage of per-NCA requirements. The PSD3 draft includes provisions that would give the EBA broader authority to specify more uniform technical standards for NCA reporting submissions, with the goal of reducing the compliance burden on multi-jurisdictional PSPs.
If these harmonisation provisions are enacted and the EBA develops more prescriptive technical standards for submission formats and schema requirements, they could substantially reduce the per-NCA schema version management burden that is the focus of Fynrex's product. We are not saying this would make schema monitoring unnecessary — even within a harmonised framework, NCAs would still implement EBA technical standards on their own schedules and with their own national implementation details. What it might do is narrow the degree of divergence between NCAs, which would reduce the frequency and severity of multi-NCA schema management issues.
Strengthened Data Quality Requirements
The PSD3 draft includes provisions strengthening NCA authority to require corrections and resubmissions when data quality concerns are identified in submitted reports. Under PSD2, NCA authority to require corrections varied across member states. PSD3 draft provisions would establish clearer obligations on PSPs to maintain submission records and respond to NCA data quality queries within specified timeframes.
For compliance operations, this means that the audit trail for quarterly submissions — the records of what was submitted, when, against which schema version, and with what correction history — becomes more formally important. Institutions that currently maintain minimal post-submission records would need to improve their archiving practices.
What PSD3 Does Not Change
The fundamental obligation to report transaction data to NCAs periodically is not under revision in PSD3 — it is being reinforced and in some respects expanded. The technical challenge of producing compliant XML submissions against NCA schemas is not going away; in the short term it is likely to increase as NCAs update their schema requirements to reflect PSD3 implementation guidance.
The ISO 20022 message format ecosystem that underpins NCA reporting schemas is also not being replaced under PSD3. The harmonisation provisions in the draft would build on the existing ISO 20022 infrastructure rather than replace it, which means PAIN.001 and PAIN.002 family schemas remain relevant for the foreseeable future.
PSD3 and PSR: The Parallel Regulation
The European Commission published PSD3 alongside a proposed Payment Services Regulation (PSR), which would implement some PSD2 provisions as directly applicable EU regulation rather than a directive requiring national transposition. The PSR is intended to reduce the national implementation divergence that contributed to the per-NCA reporting inconsistencies under PSD2.
The PSR's reporting provisions are closely linked to PSD3, and the interaction between the two instruments is an area of active legislative discussion. Compliance teams monitoring PSD3 developments should track PSR developments in parallel — the final allocation of reporting provisions between PSD3 and PSR will determine which obligations are set at EU level and which remain subject to NCA implementation discretion.
Practical Preparation Steps
We are not recommending that compliance teams begin rebuilding their reporting processes for PSD3 now. The draft is not final, the implementation timeline remains uncertain, and spending significant resources on a provision that changes materially in final adoption is poor use of compliance capacity. What is appropriate now is a structured horizon-scanning approach.
- Maintain awareness of PSD3/PSR legislative progress. Track European Parliament and Council amendments to the draft. EBA's technical standard development work under the existing PSD2 framework often provides early signals about the direction of PSD3 technical requirements.
- Identify your highest-risk provisions. If the expanded reporting scope provisions in the draft would capture transaction categories from your product that are not currently reported, that is a future gap to plan for. If your institution operates across multiple EU member states and would benefit materially from harmonised NCA technical standards, monitor the harmonisation provisions specifically.
- Assess the maturity of your current reporting infrastructure. PSD3's data quality and audit trail provisions, if enacted, will require more formal submission records than many institutions currently maintain. Improving audit trail completeness under the current PSD2 framework is both good practice and PSD3 readiness work.
- Do not assume NCA schema stability during the transition period. In the period between PSD3 adoption and its implementation deadline, NCAs may begin making transitional updates to their reporting frameworks to prepare for PSD3 compliance. This is likely to be a period of elevated schema update activity, not reduced activity.
The Long View
PSD3 represents the European Commission's response to a decade of PSD2 implementation experience, including the known weaknesses in the reporting framework. The direction of travel — toward expanded scope, more harmonised technical standards, and stronger data quality requirements — is consistent across the legislative discussion, even if the specific provisions change before adoption.
Institutions that have invested in building resilient, automated PSD2 reporting operations are better positioned to absorb PSD3 changes than those operating manual, brittle reporting processes. The infrastructure cost of adding new transaction categories or updating to a new schema generation is dramatically lower when the reporting pipeline is automated than when it requires manual rebuilding for each change. That calculus holds regardless of which specific PSD3 provisions are finally enacted.