PSD3/PSR is politically agreed (27 Nov 2025) with final compromise texts published (23 Apr 2026), but it is not adopted or in force yet. It awaits the final vote and Official Journal publication (expected H2 2026). Most rules are expected to apply ~21 months later (≈2028); Verification of Payee provisions at ~27 months.
The EU is replacing PSD2 with a two-part package: the PSR (a directly-applicable Regulation carrying the open-banking, SCA, fraud and Verification-of-Payee rules) and PSD3 (a Directive on licensing and supervision that merges the payment-institution and e-money regimes). This is the "what it means for your integration" companion to our PSD3 regulation entry.
Legislative timeline
The European Commission proposes the PSD3 + PSR package, splitting PSD2 into a Directive and a Regulation.
Parliament and Council reach a provisional political agreement after the final trilogue.
The Council publishes the final compromise texts of PSD3 and the PSR.
The European Parliament's ECON committee approves the agreed text.
Pending: formal plenary vote, Council adoption, signature and publication in the Official Journal. Entry into force is 20 days after publication.
Most PSR rules apply ~21 months after entry into force; Member States transpose PSD3 on the same ~21-month clock.
PSR's payee name/IBAN verification provisions apply ~27 months after entry into force — 6 months after the rest.
What changes for developers
API performance becomes a hard requirement
The PSR requires banks (ASPSPs) to provide a data-access interface for AISPs/PISPs that performs at least as well as the bank's own app/website, measured against harmonised KPIs (uptime, latency, error rate). Specific thresholds will come via EBA Regulatory Technical Standards (RTS) not yet published.
The PSD2 "fallback interface" is replaced
The standing fallback-interface obligation and its exemption regime go away. They are replaced by a supervisory contingency mechanism driven by competent authorities — not a permanent parallel interface you must build.
Mandatory consumer permission dashboards
Banks must give customers a dashboard to view and revoke third-party data-access permissions, kept in sync between the bank and the TPP. Build for permissions being revoked out-of-band.
SCA simplified for account information
For AIS, strong customer authentication is required at first access, then an AISP can apply its own SCA on subsequent accesses within a ~180-day window — extending today's re-authentication pattern.
Verification of Payee, generalised
A payee name vs IBAN check becomes a permanent obligation across credit transfers, with a pre-authorisation warning on a mismatch and a liability shift to the payer's PSP if it fails to warn. (Note: VoP is already mandated separately by the Instant Payments Regulation — see below.)
Fraud & liability rebalanced
New full-refund right where a fraudster spoofs the bank's identity (with prompt reporting), the burden of proof shifts to the PSP to show customer fraud/gross negligence, and PSPs can share IBAN fraud data. Expect transaction-monitoring expectations to rise.
Verification of Payee: PSR vs the Instant Payments Regulation
A common mix-up: the IBAN/name check is already mandatory under the separate Instant Payments Regulation — euro-area PSPs have had to offer Verification of Payee since 9 October 2025 (non-euro-area PSPs by July 2027). PSD3/PSR did not create it; the PSR generalises payee name/IBAN matching across all credit transfers and bakes in the liability shift. If you are building payment flows today, VoP is a present-tense requirement, not a future one.
Frequently asked questions
No. As of mid-2026 the package is politically agreed (27 November 2025) and the final compromise texts are published (23 April 2026), but it is not yet formally adopted or in force. It still needs the final Parliament vote, Council adoption, and publication in the Official Journal — expected in the second half of 2026.
Sources
- European Parliament — Legislative Train: Revision of EU rules on payment services (PSR)
- Hogan Lovells — Provisional agreement on PSD3/PSR
- Arthur Cox — PSD3 and PSR final compromise texts published
- Norton Rose Fulbright — PSD3/PSR: from provisional agreement to 2026 readiness
- PwC Legal — Verification of Payee under the Instant Payments Regulation