New payment services introduced to consumers in stages

In the future, consumers can use other service providers in addition to their bank to access their bank account information and make payments. This reform will take place as third parties gain access to the payment accounts serviced by banks. The reform will also decrease consumer responsibility in unauthorised transactions. The new legislation took effect on 13 January and is based on the EU’s Payment Services Directive (PSD2). The changes will be implemented gradually.

Banks and other account providers must allow customers access to their payment accounts also through other authorised service providers. The requirements for the authorisation are laid down in the amended Finnish Payment Institutions Act.

The new services are not yet available, but when they will be launched, customers can, for example, initiate a transaction from their account or review their account information also through other service providers than their bank.

”The most important thing is to ensure that these new services are safe for consumers to use. For this reason, the Finnish Financial Supervisory Authority demands that external service providers and banks have a dedicated interface to initiate payment services and access account information. This interface would require external service providers to identify themselves to the bank for each transaction a customer makes, and allow them to only review information relevant to the transaction”, explains Inkeri Tolvanen, head of payment systems at Finance Finland.

Although the legislation entered into force on 13 January, the technical standards and more specific technical descriptions will not be provided until later. Before these standards are published, new services cannot be created.

At this stage, a proposed alternative to the dedicated interface between banks and third parties is screen scraping, which makes use of the customer interface. In screen scraping, the payment service or account information provider asks customers to give their online banking credentials on their own website rather than identify through their bank, and then uses the credentials to log in to the customer’s online bank. According to the European Banking Authority, the screen scraping method does not have to be accepted if it is banned by national legislation. In Finland, the Financial Supervisory Authority barred the use of screen scraping in its statement on 10 January.

”Changing banking systems takes time. If the regulation governing the technical standards proceeds according to schedule, the reform will be complete by autumn 2019”, explains Tolvanen.

The costs incurred by the financial sector from these changes are substantial, because current online banking services are not intended for third-party use and thus require major redesign.

Consumer responsibility decreased immediately

Consumers’ monetary responsibility for any unauthorised use of payment services, including payment cards, decreased with the reform. If a payment instrument has been used unlawfully, consumers have thus far had to pay up to 150 euros. From now on, the consumer’s responsibility is limited to 50 euros. If a consumer has been grossly negligent in using the payment instrument, however, he or she continues to be responsible for the entire sum lost.

In future, payees cannot charge extra fees for using the most common payment cards. Shops can therefore no longer charge extra for a customer choosing to pay with a common card.

These changes took effect on 13 January.

Additional information:

The Finnish Financial Supervisory Authority on the new Payment Services Directive

Still have questions?


Contact FFI experts

Infrastructure and Security

Inkeri Tolvanen

Head of Payment Systems


Teija Kaarlela

Head of E-Services, Payments and Banking Regulation

Infrastructure and Security

Peter Jansson

Head of Authentication and Mobile Payments