PSD2 (Payment Services Directive 2)
aka Payment Services Directive 2, PSD II, Directive (EU) 2015/2366
The EU directive governing payment services and payment service providers across the EEA. Transposed into Irish law by SI 6/2018 (European Union (Payment Services) Regulations 2018). Created the open banking and Strong Customer Authentication regimes.
Last reviewed May 2026
Definition
PSD2 is Directive (EU) 2015/2366 of the European Parliament and Council, the second EU Payment Services Directive. It replaced PSD1 (2007) and was transposed into Irish law by the European Union (Payment Services) Regulations 2018 (SI 6/2018), made by the Minister for Finance and effective from 13 January 2018. PSD2 does several things at once. It defines who can provide payment services in the EEA and creates the Payment Institution (PI) and Account Information Service Provider (AISP) and Payment Initiation Service Provider (PISP) authorisation categories. It mandates Strong Customer Authentication (SCA) for electronic payments, requiring at least two of three independent factors. It opens up bank account data: under the open banking regime, a customer can authorise an AISP to read transactions or a PISP to initiate a payment from their bank account, and the bank must support that access through a regulated API. It harmonises consumer protections across member states: liability caps on unauthorised transactions, refund rights on direct debits, and surcharging bans for SEPA payments. Implementation detail lives in Regulatory Technical Standards (RTS) drafted by the European Banking Authority (EBA), particularly the SCA and Common and Secure Communication RTS. PSD3, currently in EU legislative process, will replace PSD2 once adopted and transposed.
Why it matters for software choice
PSD2 is the legal floor for every fintech, accounting tool and acquirer that moves Irish money. Its mandates - SCA on online card payments, regulated AISP/PISP access to bank accounts, harmonised refund rights - dictate what 'connected banking' actually means in software. When a vendor advertises 'real-time bank feeds' or 'open banking integration', they are operating inside the PSD2 framework, and the quality of the integration depends on the regulator's RTS being implemented correctly.
Authority sources
- European Commission (DG FISMA): Payment Services Directive (finance.ec.europa.eu)
- Irish Statute Book: European Union (Payment Services) Regulations 2018 (SI 6/2018) (www.irishstatutebook.ie)
- Central Bank of Ireland: PSD2 FAQ (www.centralbank.ie)
- European Banking Authority: Payment Services and Electronic Money (www.eba.europa.eu)
Software categories this affects
Vendors covered by this term
Stripe
Dublin-headquartered EU payments platform with native EUR processing, SEPA, and Irish IBAN payouts
Revolut Business
EU-licensed business banking with Irish IBANs, SEPA Instant, and multi-currency accounts
Fire Business Account
Irish-founded, Central-Bank-of-Ireland-regulated business payments account with Irish IBANs, UK Faster Payments, and a payments API for Irish SMEs
Xero
Cloud accounting with direct AIB, BOI, and PTSB bank feeds for Irish SMEs
QuickBooks Online
Affordable cloud accounting with Irish bank feeds and a strong mobile app
Related terms
Open Banking in Ireland
The PSD2-mandated regime under which Irish banks expose regulated APIs that authorised third-party providers (TPPs) can use to read account data (AIS) or initiate payments (PIS) on a customer's consent.
Open Banking (PSD2)
EU regulatory framework that lets authorised third parties access bank account data (AIS) and initiate payments (PIS) on the customer's behalf. The basis for live bank feeds and payment-initiation tools.
Strong Customer Authentication
PSD2 requirement that electronic payments use two of three authentication factors: knowledge (PIN), possession (phone or token) and inherence (biometric). Applies to Irish card and bank payments.
Payment Institution (PI)
A Central Bank of Ireland authorisation that permits a firm to provide one or more payment services under PSD2 - account services, payment execution, card acquiring, money remittance, AISP, PISP - without being an EMI or credit institution.
Electronic Money Institution (EMI)
A specific Central Bank of Ireland authorisation that permits a firm to issue electronic money (prepaid balances, e-wallets, cards) and provide payment services. EMIs cannot take deposits and customer funds are safeguarded, not insured.
Central Bank of Ireland (CBI)
Ireland's financial regulator and gatekeeper for banks, payment firms, e-money issuers, MiFID investment firms and insurance providers. Maintains the public CBI register and operates the Fitness and Probity regime for senior staff at regulated firms.