PSD3 News Today: What You Need to Know in 2026
framework, primarily governed by the Payment Services Directive 2 (PSD2) and the Electronic Money Directive (EMD), has been instrumental in fostering competition and innovation in the EU’s payment sector. However, the rapid pace of digital transformation and the rise of sophisticated online fraud have necessitated a review and update.
PSD3 news today highlights that the EU legislators have agreed on a compromise to replace PSD2 and EMD with two distinct legal instruments: a new directive (PSD3) and a regulation (PSR). This split aims for better harmonization and more direct applicability of rules. The PSR will focus on licensing and operational requirements for PSPs, while PSD3 will concentrate on consumer protection and fraud prevention measures.
A key driver for this reform is the persistent issue of online payment fraud. According to a report cited by BioCatch (2025), a significant percentage of payment fraud originates online, underscoring the need for stronger safeguards.

Combating Online Fraud and Improving Security
One of the most significant thrusts behind the PSD3 news today revolves around an intensified effort to combat online payment fraud. The EU has recognized that while PSD2 brought benefits, it also presented new avenues for illicit activities, particularly through social engineering and account takeovers.
The new framework proposes several measures. Strong Customer Authentication (SCA) requirements, already part of PSD2, will likely be refined and potentially extended. There’s also a focus on enhancing the capabilities of PSPs to detect and report fraudulent transactions more effectively. This includes better data sharing between PSPs and law enforcement, albeit with strict data protection protocols in place.
And, the reforms aim to clarify the responsibilities of PSPs regarding fraud liability. While consumers are generally protected under PSD2, the upcoming PSD3 seeks to provide clearer guidelines on when PSPs are liable for unauthorized transactions, encouraging them to invest further in strong fraud prevention technologies. This is a critical area, as BioCatch data from 2025 indicated that around 76% of payment fraud attempts were detected online, a figure the EU aims to significantly reduce.
Enhanced Consumer Protection and Rights
Consumer protection remains a cornerstone of the PSD3 and PSR reforms. As of May 2026, legislative bodies are finalizing details that will offer individuals greater assurances when making digital payments.
This includes clearer information requirements regarding fees, exchange rates, and transaction terms. Consumers will have a right to receive complete details before authorizing a payment. In cases of unauthorized transactions or errors, the process for refunds and dispute resolution is expected to become more streamlined and favorable to the consumer.
The proposed legislation also addresses concerns related to account takeovers and identity theft. PSPs will be mandated to implement more sophisticated identity verification processes. For instance, new phishing and scam detection tools are likely to become standard practice, moving beyond basic authentication methods. This is particularly relevant given the rise in sophisticated scams, a trend that has kept consumer protection agencies vigilant.
The Inflaters analysis notes that these enhanced consumer rights, alongside tighter harmonization, are key features of the legislative breakthrough.
Impact on Payment Service Providers and Financial Institutions
The PSD3 news today signals a period of adaptation for PSPs and financial institutions. The revised regulatory landscape will necessitate a thorough review of existing systems, policies, and procedures to ensure compliance with the new directive and regulation.
Key areas of focus will include:
- Licensing and authorization: Under the new PSR, PSPs may face updated licensing requirements or need to re-authorise their operations.
- Data access and sharing: While promoting open banking principles, PSD3 might introduce new rules for data access, requiring PSPs to provide specific data to third parties under certain conditions, potentially with stronger consent mechanisms.
- Fraud prevention technology: Significant investment in advanced fraud detection and prevention tools will likely be essential. This could involve implementing AI-driven behavioral analysis, enhanced biometric authentication, and more strong transaction monitoring systems.
- Reporting obligations: PSPs will likely face increased reporting requirements related to fraud incidents, transaction volumes, and compliance metrics.
For instance, a small fintech startup, ‘Swift Pay Solutions,’ might need to reassess its current customer onboarding process to incorporate more rigorous identity verification steps mandated by PSD3, a process that could add to operational costs.
According to the EU’s own projections, mentioned in various reports around May 2026, the transition will require substantial preparation, with full implementation expected to take several years, potentially impacting systems from 2027-2028.

Timeline and Implementation: What to Expect in 2026 and Beyond
While the political agreement on PSD3 and PSR was reached, the journey to full implementation is ongoing. As of May 2026, the European Parliament and Council still need to formally adopt the texts. Following adoption, member states will have a specified period to transpose the directive into national law, and regulations will become directly applicable.
Industry observers, such as those at WH Partners, anticipate that the full impact of these reforms will be felt starting in 2027 and extending into 2028. This phased approach allows businesses time to adapt their systems and processes.
The proposed timeline indicates that PSPs should use the period between now and full implementation to:
- Conduct thorough gap analyses of their current compliance frameworks against the proposed PSD3 and PSR requirements.
- Invest in upgrading or replacing legacy systems that may not support the new security and data-sharing mandates.
- Train staff on the new regulations, fraud detection protocols, and enhanced customer support procedures.
- Engage with regulatory bodies and industry associations to stay abreast of evolving guidance and best practices.
Navigating Cryptocurrency and New Payment Methods Under PSD3
The evolving digital economy includes a burgeoning interest in cryptocurrencies and other novel payment methods. PSD3 news today indicates that these reforms also seek to address how such innovations fit within the regulatory perimeter.
While the primary focus remains on traditional payment services, the new framework is expected to provide clearer guidelines on the treatment of crypto-assets and related services. This could involve bringing certain crypto-asset service providers under regulatory oversight, similar to how PSPs operate, though specific details are still being refined. The goal is to ensure that innovation doesn’t outpace regulatory capacity to protect consumers and maintain financial stability.
The interconnectedness of traditional finance and digital assets means that PSPs may find themselves facilitating transactions that involve crypto elements, requiring them to understand the associated risks and regulatory nuances. The inclusion of crypto-asset considerations within PSD3 reflects a proactive approach to the future of payments.
Practical Tips for Compliance and Preparation
For businesses operating in the payments sector, proactive preparation is key. Understanding the nuances of PSD3 news today can prevent costly disruptions and reputational damage.
Here are actionable steps:
- Stay Informed: Regularly monitor official EU publications and legal advisories for the final text and implementation guidance.
- Conduct Risk Assessments: Identify key areas of your operations that will be most affected by new fraud prevention, data sharing, and authentication mandates.
- Invest in Technology: Evaluate and invest in modern payment processing and security infrastructure. Solutions that use AI and machine learning for fraud detection are becoming essential, as highlighted by industry reports.
- Review Contracts and Agreements: Ensure all contracts with customers and third-party providers align with the enhanced consumer protection and liability rules under PSD3.
- Train Your Teams: Equip your compliance, security, and customer service teams with the knowledge and tools needed to handle the new regulatory environment.
For a company like ‘Global Payments Inc.’, this might involve updating their risk management framework to include specific scenarios related to account takeovers and implementing a more strong customer due diligence process for new account openings.
A significant challenge often overlooked is the integration of these new requirements with existing data protection regulations, such as GDPR. Ensuring compliance across multiple legal frameworks requires careful planning and legal counsel.

FAQ: Frequently Asked Questions About PSD3 News Today
When will PSD3 and PSR officially come into effect?
While the legislative process is underway, formal adoption is expected soon. Member states will then have a transposition period, with full implementation likely to be felt from 2027 onwards, as indicated by industry analyses.
What is the main difference between PSD3 and PSR?
PSR will focus on the operational and licensing requirements for payment service providers, while PSD3 will concentrate on consumer protection, fraud prevention, and the harmonization of rules related to payment transactions.
How will PSD3 affect consumers directly?
Consumers can expect enhanced protection against online fraud, clearer information on fees and terms, and a more streamlined process for resolving disputes or unauthorized transactions.
Do these regulations apply to all payment methods, including crypto?
While primarily focused on traditional payment services, PSD3 and PSR aim to clarify the regulatory treatment of crypto-assets and related services, bringing some under a more defined oversight.
What are the implications for non-EU payment providers operating in the EU?
Non-EU providers servicing EU customers will need to ensure their operations comply with the new PSD3 and PSR requirements to continue operating within the EU market.
Are there any specific cost implications for businesses?
Yes, businesses will likely incur costs related to upgrading technology, implementing new compliance procedures, and potentially seeking legal and expert advice to handle the new regulatory landscape.
Conclusion
The evolution of payment services regulation in the EU, marked by PSD3 news today, signifies a strong effort to create a safer, more secure, and consumer-centric digital payment environment. As of May 2026, the groundwork is being laid for a significant overhaul that will impact every stakeholder in the payment ecosystem.
The most critical takeaway for businesses is the imperative to prepare proactively. Understanding these forthcoming changes and beginning the compliance process now will be instrumental in navigating the transition smoothly and capitalizing on the opportunities within a more regulated yet innovative payment landscape.
Last reviewed: May 2026. Information current as of publication; pricing and product details may change.
Editorial Note: This article was researched and written by the CN Law Blog editorial team. We fact-check our content and update it regularly. For questions or corrections, contact us. Knowing how to address psd3 news today early makes the rest of your plan easier to keep on track.
Related read: Leakzone Breach 2026: What 22 Million Users' Exposed Data Means.