The transition from PSD2 to PSD3, accompanied by the directly applicable Payment Services Regulation, represents more than a legislative update, it reflects a strategic shift in the EU’s approach to payments regulation. The new EU payments rulebook requires existing payment and e‑money institutions to prepare for enhanced fraud‑prevention obligations, and a tougher supervisory and sanctions environment.

Introduction

A fundamental reform of the EU payments framework is underway through the introduction of the Payment Services Regulation (PSR) and the Third Payment Services Directive (PSD3). Together, they aim to strengthen harmonisation, reinforce compliance across Member States, and reduce regulatory fragmentation in the European payments market. Under the new regime, PSD3 will replace the existing Second Payment Services Directive (PSD2) and Second E-Money Directive (EMD2). PSR will be the first payment services regulation to complement the PSD3 regime and will establish a harmonised approach in such aspects as prevention of fraud, administrative fines and sanctions. Combined, they aim to create a unified regulatory framework covering both payment services and e‑money services.

In November 2025, negotiators from the European Parliament and the Council of the European Union reached a political agreement. The Council has published an ‘I’ Item Note dated 17 April 2026, together with the compromise draft texts of the Directive and the Regulation. It shows that the new PSD3/PSR package will be formally adopted and published any time soon. This note is based on the updated draft texts and reflects the latest changes.

Timeline and territorial scope

As a regulation, PSR will apply directly in all Member States without requiring national transposition, thereby harmonising conduct‑of‑business rules. The regulation will enter into force on the twentieth day following that of its publication and will be applicable 21 months later.1 Its territorial scope covers payment services provided within the EU. Full obligations apply where both payment service providers (PSPs) are located within the EU. For one-leg transactions (where only one PSP is EU-located), the PSR applies, with certain carve-outs, to the parts of the transaction carried out in the EU2.

PSD3, by contrast, will amend PSD2 and must be transposed into national law within 21 months of publication.3 PSD3 will govern the authorisation and supervision of payment institutions providing payment services within the EU.4

In Germany, PSD3 will be transposed into the German Payment Services Oversight Act (Zahlungsdiensteaufsichtsgesetz, ZAG) and in Spain primarily into the Spanish Payment Services Royal Decree-law 19/2018 (Real Decreto-ley 19/2018, de 23 de noviembre, de servicios de pago y otras medidas urgentes en materia financiera) and its implementing regulation, Royal Decree 736/2019. Given that PSD3 also repeals EMD2, the Spanish e-money framework, currently set out in Law 21/2011 and Royal Decree 778/2012, will also need to be amended, recast or integrated into the new payment institution framework.5 In France, PSD3 will be transposed into the Code monétaire et financier (CMF). As was the case for PSD2, which was transposed by ordonnance n° 2017‑1252 of 9 August 2017 on the basis of the legislative delegation granted by the loi Sapin 2 of 9 December 2016, it is anticipated that a similar legal instrument will be used for the transposition of PSD3. The French e‑money framework, currently set out in Articles L. 526‑1 et seq. of the CMF, will therefore need to be amended or integrated into the new payment institution framework. The competent supervisory authority for payment institutions in France is the Autorité de contrôle prudentiel et de résolution (ACPR), which is expected to update its authorisation procedures and supervisory guidance accordingly during the transposition period.

Transitional grandfathering measures will allow existing PSD2 authorisations to remain valid, provided that the relevant institution submits documentation demonstrating that it complies with the new obligations under PSD3 (for example, evidence that the applicant complies with the initial capital requirement as set out in PSD3) within 27 months since entry into force of PSD3.6

Single rule book

As mentioned above, PSD3 and PSR will create a unified regulatory framework covering both payment services and e‑money services. Technically speaking, issuance of e-money is now a subcategory of the payment services covered in Annex I of PSD3.

In Germany, however, the ZAG already governs payment services and e‑money services under a single supervisory regime. Therefore, PSD3’s equal treatment of both will not require structural changes to the ZAG. Nevertheless, the expanded definitions, new thresholds and new requirements would still need to be transposed into the national legislation.

Spain currently has an integrated supervisory authority for payment institutions and e-money institutions, the Banco de España, but not a fully integrated legislative framework, as described in point 2 (Timeline) above. Although the two regimes already cross-reference in several areas, PSD3 and PSR will likely have a more structural effect in Spain than in Germany. The Spanish regime will need to move from parallel payment and e-money statutes to a single payment institution framework7.

In France, the category of PSPs (prestataires de services de paiement) encompasses credit institutions, payment institutions and e‑money institutions pursuant to Article L. 521‑1 of the CMF. However, the authorisation and prudential frameworks applicable to payment institutions and e‑money institutions remain governed by separate chapters of the CMF, respectively Articles L. 522‑1 et seq. and Articles L. 526‑1 et seq., even after the transposition of PSD2 by ordonnance n° 2017‑1252 of 9 August 2017. France’s position is therefore intermediate: while the ACPR acts as a single supervisory authority for both categories and the operational rules governing payment transactions are harmonised, the legislative frameworks applicable to payment institutions and e‑money institutions have not yet been fully integrated. PSD3’s treatment of e‑money issuance as a sub‑category of payment services may therefore require structural amendments to the CMF.

Changes to authorisation requirements

PSD3 does not substantially change the authorisation process from the one already laid down in PSD2. However, the list of documents required for the application will be extended: pursuant to Article 3 of PSD3, applicants (except those that only intend to provide account information services and/or payment initiation services) must also submit a winding‑up plan.8 The winding-up plan should be adapted to the envisaged size and business model of the applicant and tailored to the specificities of applicable national law. It shall also address continuity or recovery of any critical activities performed by outsourced service providers, agents or distributors.9

In addition, applicants must provide an overview of all EU jurisdictions in which they are already authorised or intend to apply in the future, or where other entities belonging to the same group as the applicant have submitted such an application in the past three years.10 These documentation requirements appear to strengthen supervisory insight and promote greater alignment in authorisation processes.

PSD3 also amends the initial capital requirements for specific payment services.11 For example, in the case of the payment institutions providing only money remittance services, the capital requirements will increase up to 40 000 EUR in order to reflect inflation and to ensure a proportionate alignment with other payment institutions. Also, it is noteworthy that the initial capital requirements will be applied cumulatively if the PSP provides more than one payment service (other than money remittance).12

Although the authorisation regimes in Germany, Spain and France (in accordance with the provisions of PSD2) already require extensive documentation, adjustments will be necessary to meet PSD3’s new requirements (like the submission of the winding-up plan).

From a regulatory perspective, the incremental impact of PSD3 will therefore not be a wholesale redesign of the authorisation process, but rather the inclusion of additional, more specific supervisory material.

For Spanish applicants forming part of international fintech groups, this will make group authorisation strategy and consistency of regulatory narrative across Member States more important.

In France, as regards the overview of other EU jurisdictions, the ACPR’s current authorisation file is limited to asking whether the applicant intends to passport its services into other EEA states. As mentioned above, PSD3 goes substantially further by requiring disclosure of all EU jurisdictions in which the applicant or any other entity within the same group has sought authorisation during the preceding three years. The ACPR is therefore expected to update Instruction n° 2019‑I‑22 accordingly.

Safeguarding account

The general safeguarding rules remain unchanged. However, PSD3 introduces a new optional safeguarding method: funds may be safeguarded in an account with a central bank (although central banks are not required to offer such accounts).13 The measure is intended to address practical difficulties that some payment institutions have experienced in opening and maintaining payment accounts with credit institutions.14 This change might give firms more flexibility in how they keep customer money safe. In practical terms, it could mean that payment institutions could have more, and better, ways to securely look after their customers’ funds. Although we consider this to be a positive development, the European Central Bank (ECB) reacted quite sceptically in its decision of 27 January 2025 (ECB/2025/2) regarding a similar provision contained in the Regulation (EU) 2024/886 (in the following referred to as Instant Payments Regulation), and is of the opinion that "offering of safeguarding accounts by central banks may impact the overall safety and soundness of the monetary policy transmission mechanism and the financial system at large".15 Notwithstanding the ECB's position, it remains to be seen whether national central banks will offer this safeguarding method under PSD3.

From a German regulatory perspective, this is not a novel concept. Pursuant to section 17 of the ZAG, safeguarding customer funds in a separate account with Deutsche Bundesbank or with another central bank of a Member State of the EU is already possible. Under German law as well, it remains at the discretion of the central bank whether to offer this safeguarding mechanism.

Spanish law does not currently provide for safeguarding in an account with the Banco de España as a standalone method. Hence, this would be a new development. Its practical relevance will therefore depend on whether the Banco de España makes such accounts available.

As in Germany, French law already provides for the possibility of safeguarding customer funds with a central bank (see under Article L. 522‑17, 1° of the CMF). Alternatively, customer funds may be invested in financial instruments held in specially opened accounts. A further safeguarding method consists in covering the funds by an insurance policy or a comparable guarantee issued by an insurance undertaking, a financing company or a credit institution not belonging to the same group.

Ongoing own funds

Ongoing own funds must always be at least the higher of the initial capital requirement 16 and the amount calculated under the applicable method17. The applicable methods for payment institutions18 are the same as under PSD2. However, Method B (payment volume multiplied factor k) is now the default; competent authorities may require Method A (fixed overheads) or Method C (relevant indicator19) where the business model warrants it, and may adjust the resulting figure by up to 20% up or down based on a risk management assessment.20

For e-money issuers, Method D applies, requiring own funds of at least 2% of average outstanding e-money; institutions combining e-money issuance with other payment services combine the requirements for those services with Method D for issuance.21

In Spain, the ongoing own funds framework for payment institutions is currently set out in Article 19 of Royal Decree-law 19/2018, which requires maintenance at all times of the higher of the applicable initial capital floor and a sufficient volume of own funds calculated in accordance with a method chosen from those established by implementing regulation - namely Royal Decree 736/2019, which transposes Methods A, B and C in detail.22 On the other hand, for e-money institutions this framework is set forth in Royal Decree 778/2012.23 Thus, the potential impact is that the new calculations methods of PSD3 will be set forth within only one regulation.

As in Spain, German law requires that own funds be maintained at all times at least at the higher of the initial capital requirement under section 12 ZAG and the amount calculated under the applicable method. However, unlike Spanish law, the calculation methods are already consolidated within a single regulation, namely, the German Capital Regulation for Institutions subject to the Payment Services Oversight Act (ZAG-Instituts-Eigenmittelverordnung).

In France, the ongoing own funds framework for payment institutions is set out in Article L.522-14 of the CMF, which imposes a general obligation on payment institutions to comply with solvency management standards and to maintain an adequate level of own funds at all times. The detailed calculation rules transposing Methods A, B and C of PSD2 are set out at the regulatory level.

For e-money institutions, Article L.526-27 of the CMF mirrors this structure identically, requiring compliance with solvency management standards, maintenance of an adequate level of own funds, and similarly delegating the specific calculation terms and methods to implementing regulations.

‘Forum shopping’

One of the objectives of PSD3 is also to prevent ‘forum shopping’ by ensuring consistent regulatory standards and supervisory expectations across the EU. According to recital 4 of PSD3, ‘forum shopping’ occurs when PSPs choose a Member State with more lenient interpretations or enforcement of EU rules as their home country and then provide cross‑border services into jurisdictions with stricter approaches. The EU legislators consider this a distortion of competition.

Therefore, the new framework aims to prevent cases where a payment institution establishes itself in a Member State without intending to carry out any activity there. A payment institution applying for authorisation in a Member State must provide at least part (not necessarily the majority of the institution's activities) of its payment services activities in that Member State.24 The obligation for an institution to carry out a part of its business in its home country was already imposed by PSD225, but has been interpreted very differently by the Member States. PSD3 clarifies that a ‘part’ does not require the institution to carry out the majority of its business in its home member state. Otherwise, the “effet utile” of the payment institution’s freedom to provide cross-border services could be compromised. With this clarification PSD3 aims to guarantee a level playing field across the EU as well as a harmonised process for granting authorisation to institutions applying for a licence.

In accordance with PSD2, German, Spanish and French law already require payment institutions to have their registered office, central administration and part of their payment services activity in the relevant jurisdiction. It remains to be seen whether following PSD3 there will be an aligned approach for granting authorisation within the EU and thus the issue of forum shopping will be mitigated.

IBAN discrimination

Despite the market’s expectations, PSD3/PSR do not expressly address the problem of IBAN discrimination, situations where individuals cannot make or receive SEPA credit transfers or pay via SEPA direct debit from a bank account located in another Member State. IBAN discrimination is already illegal under EU law: the Regulation EU 260/2012 (SEPA Regulation) provides that all IBANs from SEPA countries must be treated equally for euro payments.26 However, mostly because of a lack of stringent enforcement of SEPA rules, the problem persists and is widespread across the EU.

According to German case law27, IBAN discrimination can lead to a violation of competition law under certain circumstances.

In Spain, IBAN discrimination remains a live practical issue, particularly for fintechs and users relying on non-Spanish EU IBANs for payroll, direct debits, subscriptions or public-sector payments. The Banco de España has expressly described the refusal to accept a non-domestic EU IBAN for SEPA credit transfers or direct debit as illegal and contrary to Article 9 of the SEPA Regulation.28

The Spanish European Consumer Centre has also stated that European bank accounts must be accepted across the EU and that companies refusing them may face sanctions.29

In France, pursuant to Article L. 362‑1 of the CMF and in accordance with SEPA Regulation, the Direction générale de la concurrence, de la consommation et de la répression des fraudes (DGCCRF) may impose fines of up to 75,000 EUR on individuals and 375,000 EUR on legal entities in cases of discrimination relating to EU IBANs.

Whether the enhanced consumer protection provisions of PSD3/PSR and their stricter fines and sanctions regime will effectively address this issue remains to be seen.

Prevention of ‘spoofing fraud’

PSR expressly aims to prevent ‘spoofing’ fraud (also impersonation fraud). This occurs where fraudsters pretend to be the customer's PSP and misuse the PSP’s domain name or communication channels, for example e-mail address or telephone number,30 to gain the customers’ trust and trick them into carrying out specific actions.

Under Article 59 PSR, victims of impersonation fraud are entitled to full reimbursement of the fraudulent transaction amount, provided they report the fraud to the police and notify their PSP without undue delay after becoming aware of the fraud. The PSP shall refund the consumer within 15 business days of being notified and provided with the police report.

In addition, PSR requires PSPs to strengthen transaction monitoring measures31 and thoroughly train their staff and customers on payment fraud prevention.32

In Germany, spoofing fraud most commonly occurs via telephone calls in which fraudsters use manipulated caller IDs to impersonate banks, PSPs, or public authorities. The German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht, BaFin) regularly publishes on its website warnings about fraudsters with a description of a mechanism that is used in particular cases.33 Although the German telecommunications regulator has already introduced some measures against spoofing fraud34, Article 59 PSR would mark a significant change for Germany by explicitly qualifying impersonation fraud as reimbursable.

From a Spanish perspective, spoofing fraud is already relevant in practice, and the Banco de España has published consumer-facing guidance on phishing, vishing and caller-ID or SMS spoofing.35 Under Articles 43 and 45 of Royal Decree-law 19/2018, Spanish law already provides for reimbursement of unauthorised payment transactions, subject to statutory exceptions. Article 59 would nevertheless be a significant development likewise for Spain, as it introduces a specific reimbursement rule for impersonation fraud and will require Spanish PSPs to review their fraud monitoring, customer education and reimbursement procedures.

Under French law, unauthorised payment transactions must in principle be immediately reimbursed by the bank, unless it proves fraud or gross negligence by the client. Recent Cour de cassation case law is clearly favourable to victims of spoofing (“faux conseiller”), holding that such sophisticated impersonation frauds generally preclude a finding of gross negligence, even where the client validated transactions via Strong Customer Authentication (SCA). The burden of proof remains entirely on the bank, and proof of authentication alone is insufficient to establish authorisation or fault.

In practice, litigation increasingly turns on a fact-specific assessment of the fraud scenario and the bank’s ability to demonstrate both proper authentication and a genuine client fault. This suggests that French case law, already protective, is likely to converge further towards automatic reimbursement in spoofing cases, subject to very limited exceptions.

Looking forward, the upcoming PSD3/PSR framework will further strengthen consumer protection and harmonisation across the EU. Overall, the regulatory trend is shifting towards a reallocation of fraud risk onto PSPs, especially in social engineering scenarios.

Verification of Payee

The PSR extends the verification of payee (VoP) regime, introduced for euro instant credit transfers under SEPA Regulation (as amended by the Instant Payments Regulation, in the following referred to as Amended SEPA Regulation), to all credit transfers, including those outside the scope of that Regulation. Therefore, under PSR, VoP obligations are extended to close remaining gaps. PSPs must verify that the payee’s name matches the account identifier provided by the payer.36 Where a PSP fails to comply and this results in a defectively executed payment transaction, the payer's PSP must without delay refund the payer the amount transferred; where the failure is attributable to the payee's PSP or a payment initiation service provider (PISP), that entity must compensate the payer's PSP accordingly.37

Although no equivalent statutory VoP mechanism currently exists in Germany, Spain or France, a VoP regime must nonetheless be introduced, given that both the PSR and the Instant Payment Regulation are directly applicable across all jurisdictions. It is unclear, however, whether the PSR will ultimately close the gaps left by the Instant Payment Regulation.

Administrative fines and sanctions, notably Periodic Penalty Payments

Whereas PSD2 rather generically provided that Member States must introduce penalties that are effective, proportionate and dissuasive38, PSR provides for a detailed list of administrative fines and sanctions.39

Most importantly, under PSR, national competent authorities (NCAs) will be empowered to impose periodic penalty payments on natural or legal persons for ongoing breaches of PSR or breaches of any decisions issued by a competent authority in accordance with PSR.40 The daily penalty payments will be imposed up until the compliance is restored, however, for no longer than six months from the date indicated in the decision imposing the penalty payment.

NCAs shall be empowered to impose maximum periodic penalty payments of (i) 3% of the average daily turnover in the case of a legal person and/or (ii) 30,000 EUR in the case of a natural person. Member States may provide for higher amounts of pecuniary penalty payments than those set out in PSR.41

As the PSR’s sanctions framework will apply directly, the future amendments to the national laws are likely to focus on procedural coordination with the PSR, the delineation of supervisory competences, and the adjustment of existing penalty mechanisms.

National laws in Germany, Spain and France, currently set out a graduated sanctions regimes encompassing criminal, administrative and procedural measures. They do not, however, provide for a harmonised mechanism for the imposition of daily periodic penalty payments.

In our view, the introduction of periodic penalty payments constitutes an important additional enforcement tool and significantly increases NCAs’ enforcement powers and underlines the seriousness of the new rules.42

Open Banking and Third-Party Providers (TPPs.)

Under the PSR, account servicing payment service providers (ASPSPs) offering online-accessible payment accounts must maintain at least one dedicated Application Programming Interface (API), provide technical documentation to TPPs (including applicants), and ensure business continuity of TPP access.43 Dedicated interfaces must match the availability, performance and data parity of the customer-facing interface.44 ASPSPs may not make TPP access conditional on a contractual relationship45 and must provide a permission dashboard through which users can view all active consents (provider, account, purpose, validity, data categories, access dates) and withdraw consent at any time, with re-establishment within 48 hours. 46 Following withdrawal, the account information service providers (AISPs) or PISPs must cease access and delete data without undue delay, subject to the aforementioned 48-hour period.47

The PSR sets out a non-exhaustive list of prohibited obstacles to TPP access, including requiring additional registrations, forcing manual entry of identifiers, restricting PISPs to pre-approved beneficiary lists, applying stricter SCA than on the direct channel, and limiting access to domestic identifiers.48

In Spain, Germany and France PSD2's open banking framework was properly transposed, covering AISP and PISP access rights, the prohibition on conditioning access on a contractual relationship, and a general non-obstacle obligation. However, the PSR will go materially further.

As such, open banking via API in France currently remains limited to the two payment services where open banking is mandatory under PSD2: account information services and payment initiation services, with the former being by far the most developed, while the prevalence of the latter remains more modest.

In our view, the PSR provisions will help harmonise inter alia the rules on API interfaces, prohibited obstacles to TPP access and permission dashboards across the Member States.

Conclusion

The new framework signals a more demanding supervisory and enforcement environment for payment institutions, conceptually already including e-money institutions. Against this backdrop, payment institutions should map gaps and prioritise remediation so that compliance readiness keeps pace with the new framework’s implementation timetable.

From a German perspective, the PSD3/PSR package is less about reinventing the supervisory architecture and more about tightening the screws on a framework that is already comparatively consolidated under the ZAG. Some concepts, e.g., the possibility to safeguard funds via a Bundesbank (or other EU central bank) account, are not new in Germany. For existing payment and e‑money institutions supervised by BaFin, the practical takeaway is: even where German law already “knows” the concepts, firms should not underestimate the implementation effort and pay closer attention to the PSR requirements as they are directly applicable.

For Spain, the PSD3/PSR package is likely to have a more structural impact, as the current framework still separates payment institutions and electronic money institutions into different, albeit connected, regimes. Existing Spanish payment and e-money institutions supervised by the Banco de España should therefore focus on early gap mapping.

From a French perspective, French payment and e‑money institutions, while operating within a familiar regulatory structure, will still need to carefully review the new provisions, adapt internal processes, and ensure full compliance with the directly binding rules.

Footnotes

  1. PSR, Art. 112.

  2. PSR, Art. 2(5).

  3. PSD3, Art. 49.

  4. PSD3, Art. 1(1).

  5. Real Decreto-ley 19/2018, de 23 de noviembre, de servicios de pago y otras medidas urgentes en materia financiera; Real Decreto 736/2019, de 20 de diciembre, de régimen jurídico de los servicios de pago y de las entidades de pago; Ley 21/2011, de 26 de julio, de dinero electrónico; Real Decreto 778/2012, de 4 de mayo, de régimen jurídico de las entidades de dinero electrónico.

  6. PSD3, Art. 44; Please note that according to the Explanatory Memorandum (page 8) included in the draft Proposal of the PSD3 from 28 June 2023, existing authorisations for payment institutions and e-money institutions are prolonged in validity (‘grandfathered’) until 30 months after entry into force.

  7. PSD3, recital 6 and Annex I, point 8; PSR, recitals 5 to 7; Royal Decree-law 19/2018; Royal Decree 736/2019: Law 21/2011; Royal Decree 778/2012.

  8. PSD3, Art. 3(3)(s) in conjunction with Annex I of PSD3.

  9. PSD3, Art. 3(3)(s), recital 17.

  10. PSD3, Art. 3(3)(r).

  11. PSD3, recital 26. The requirements for initial capital are updated, however, with an exception for payment initiation service providers due to the fact that they have been in operation for relatively short time.

  12. PSD3, Art. 5.

  13. PSD3, Art. 9, recital 31.

  14. PSD3, recital 31.

  15. Decision of the ECB of 27 January 2025 on access by non-bank PSPs to Eurosystem central bank operated payment systems and central bank accounts (ECB/2025/2), Art. 3.

  16. PSD3, Art. 5.

  17. PSD3, Art. 7.

  18. Note that this applies to payment institutions other than payment initiation services-only or account information services-only institutions.

  19. In essence, the sum of interest income, interest expenses, commissions and fees received and other operating income, see PSD3, Art. 7(2)(c).

  20. PSD3, Art. 7(5).

  21. PSD3, Art. 8.

  22. Royal Decree 736/2019, Arts. 17-20.

  23. Royal Decree 778/2012, Art. 18.

  24. PSD3, recital 38.

  25. PSD2, Art. 11(3).

  26. SEPA Regulation, Art. 9.

  27. District Court of Hamburg (Landgericht Hamburg), judgement dated 10 October 2023 - 406 HKO 88/22; German Federal Court of Justice (Bundesgerichtshof), judgement dated 6 February 2020 - I ZR 93/18.

  28. Banco de España (30 April 2025), “Discriminación de IBAN: ¿Qué es y cómo actuar si me ocurre?”. See here.

  29. European Consumer Centre Spain (4 June 2025), “Las cuentas bancarias europeas son válidas para toda Europa”. See here.

  30. PSR, recital 80a.

  31. PSR, Art. 83.

  32. PSR, Art. 84.

  33. Please see for an example: BaFin, Identity fraud: BaFin warns against the FPM MIN app and offers in WhatsApp groups, available at: https://www.bafin.de/SharedDocs/Veroeffentlichungen/EN/Verbrauchermitteilung/unerlaubte/2026/meldung_2026_04_07_fpm_min_en.html.

  34. Section 120 of the German Telecommunications Act includes measures such as requiring telecom providers to block or anonymise certain spoofed numbers.

  35. Banco de España (24 March 2020), “Vishing: llamada telefónica no deseada”. See here; Banco de España, “Protégete contra el fraude”. See here.

  36. PSR, Art. 50. Note that it applies Articles 5c(1), (7) and 5b(2) of Regulation (EU) 260/2012 mutatis mutandis.

  37. PSR, Art. 57. Note that, Arts. 50 and 57 apply from 27 months after entry into force of the PSR, six (6) months later than its general application date, see PSR, Art. 112.

  38. PSD2, Art. 103(1).

  39. PSR, Art. 96, 98.

  40. PSR, Art. 98.

  41. PSR, Art. 98(2).

  42. Deutsche Bundesbank regarding periodic penalty payments introduced by CRD VI and transposed into German law; see BRUBEG, cutting red tape and setting new prudential standards for banks | Deutsche Bundesbank.

  43. PSR, Art. 35.

  44. PSR, Art. 37.

  45. PSR, Art. 34.

  46. PSR, Art. 43(2).

  47. PSR, Art. 43(2b).

  48. PSR, Art. 44.

Related categories

Banking Regulatory Prudential Markets FinTech Complaints UK Corporate Governance

Key contacts

Carina Junker photo

Carina Junker

Associate, Germany

View profile
Dr. Timo Bühler photo

Dr. Timo Bühler

Partner, Germany

View profile
Sara Piñero Mosquera photo

Sara Piñero Mosquera

Associate, Madrid

View profile
Jaime Bofill photo

Jaime Bofill

Partner, Madrid

View profile
Sonia Rogez photo

Sonia Rogez

Of Counsel, Paris

View profile
Régis Oréal photo

Régis Oréal

Managing Partner, Paris Office, Paris

View profile
Vincent Hatton photo

Vincent Hatton

Partner, Paris

View profile

Disclaimer

The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.

Carina Junker Dr Timo Bühler Sara Piñero Mosquera Jaime Bofill Sonia Rogez Régis Oréal Vincent Hatton