Deep Dive: Social Media Sites, Tech Firms And PSD2, GDPR

PSD2 and GDPR are changing all the rules when it comes to payments, presenting a unique opportunity for social media and technology companies to access customers’ information, data and money. These new regulations require banks to share their data with third parties, which have moved quickly in response.

Both Google and Facebook have already received payment licenses from EU regulators, with the Central Bank of Ireland approving the former and the Bank of Lithuania issuing the latter an eMoney license. Apple, Microsoft and Amazon have made similar moves to secure their positions in the market. Social media and technology firms already have large, engaged user bases, mobile-enabled or mobile-first platforms and collections of personal data on customer preferences, meaning they could become significant rivals to traditional financial players — if they can overcome a few challenges.

PSD2 and GDPR are challenges themselves as remaining compliant could profoundly change how these firms view and interact with collected user data. Companies looking to provide financial services will also need to comply with additional regulatory requirements for banking and payments, which could prove to be expensive. These firms must also be prepared to compete with not just legacy players, but each other as well.

Compliance, payments and GDPR

Third-party providers can connect with FIs under PSD2 while still offering payments services on their own platforms. This is something that is crucial for firms that already offer payments features, like Google and Apple, but also for Facebook, which is building out payments within its messaging portals. Third parties can join this ecosystem and take on larger payments roles as long as they remain compliant and aware of how they’re collecting essential user data.

Amazon, Apple, Facebook, Google, and Microsoft have all tussled with EU regulatory bodies over GDPR compliance. Several of Microsoft’s software deals with European companies are currently under scrutiny to ensure their compliance, while Facebook is contending with more than 10 separate inquiries into how it collects European citizens’ data. These issues show that social and technology companies need to reconsider how they treat data if they want to become a part of the EU’s financial ecosystem.

Traditional FIs and payment providers have established, compliant infrastructure for handling digital payments and financial data — something that Google and Facebook lack. As these new players gain bank and money licenses, they’ll still need to partner with legacy players to ensure their services are in line with all current regulations.

Social media, PSD2 and the future of payments

Social media and technology companies looking to become active in the financial landscape will need to utilize their active users, who are already interacting with each other on their platforms, making payments less disruptive than they might be on other platforms. These companies aren’t focused on bringing in new users, but rather on providing payments to their preexisting ones. They will still have to rely on new banking partnerships and change their data collection and usage strategies if they want to become critical parts of open banking under PSD2, however.

The number of businesses wanting to participate in this ecosystem is expanding as PSD2 becomes more established and prompts non-European countries to debate their own banking offerings and data laws. How this growth will change the future of payments, banking infrastructure and the platforms that facilitate users’ transactions outside the EU remains to be seen, but changes are certainly on their way.