Skip to main content

The PISP license

What is the PISP license?

Regulated by the Bank of Spain, a PISP (Payment Initiation Service Provider), is considered a kind of intermediary between users and banks. Once the license has been granted, all those companies that provide the payment initiation service will be able to manage customer transactions, moving funds, making payments to third parties, etc. To provide this type of services, the license granted by the Bank of Spain is necessary, which we will explain later.

All this works with the prior consent of the users, the external provider, which in this case would be the platform that has the PISP license, connects with the bank account of the respective client. Thus, being able to initiate payments from third parties.

Given the growing demand by users for a more digital and dynamic banking infrastructure, payment initiation service providers have made it possible to streamline and make payments, online purchases, etc. more user-friendly, visual, and convenient. This fact has generated a considerable opportunity in the market.

To understand what the PISP is, it is necessary to refer to the PSD2 (Payment Service Directive 2) directive that we will detail later. Roughly speaking, the PSD2 directive, with its publication in 2015 and its subsequent entry into force in 2018, allowed “protected” access to customer data in order to operate more directly; thus, generating a wave of new Fintech companies that provide financial services.

In addition, it meant a very big change of mentality in the banking ecosystem by determining that bank data became the property of the client, and not of the bank. In this way, users were given the power to authorise access to their data from any application and platform, completely changing the paradigm of the banking ecosystem, and gave rise to the opening of the ecosystem, resulting in the phenomenon called Open Banking or Open Finance, for that reference to the opening of consumer data.

Origin of open banking regulation

In line with what was mentioned in the previous point, the origin of Open Banking cannot be traced back to a specific moment in time, but rather it has been a process in constant evolution and is still in that process. Initially, Open Banking was born via “Scrapping”, that is, applications that automatically scanned different web pages and extracted the information sought. However, Open Banking has begun to be known, especially in Europe as a result of the European Union regulation PSD1 and PSD2. These have partially formalized and regulated Open Banking. In the United States, however, this process arose naturally because of the collaboration between large banking institutions and emerging companies in the Fintech sector, without the need for any imposed regulation. Companies like Plaid, or Envestnet Yodlee have been pioneers and success stories in the sector in the United States.

We have already mentioned that the PSD2 directive has been key to the emergence of Open Banking, and everything related to it. But what is PSD2? The directive, which was announced as an evolution of the PSD1 directive, developed the existing regulation and further served to force the opening of customer banking information. This directive changed the European banking paradigm since banks were forced for the first time to open and offer their customers’ information publicly via API (Application Programming Interface). In other words, until then, customer information had been exclusive to banks, and from that moment on, the information became the property of the customer. This means that by passing ownership of the information from the bank to the customer, the customer can authorize other companies or applications to use that information to provide innovative personalized financial services. This PSD2 regulation has been a big game changer for the sector, and the results of the regulation are still in their early stages.

Because of PSD2, as we have previously mentioned, new formats for regulated entities and AISP and PISP licenses also emerged, which allow non-banking institutions to offer account aggregation and bank information.

Brief description of open banking and the PISP

Although we have mentioned during the article what PISP and Open Banking mean, we will refresh the terms briefly. A PISP (Payment Initiation Service Provider) makes it easier for third parties to initiate payments by a client/user. This is largely due to PSD2 which allows payments to be initiated outside of bank interfaces and allows non-bank applications or platforms to access account information and initiate payments on behalf of a third party, with your prior authorization.

Open Banking, on the other hand, is a term that defines the opening of banking information and making it available in favor of third parties (third party providers) via APIs for the development of financial applications, generally, the banking institution will allow access via API of the information of a bank client, their bank balance, their movements, details of their transactions, etc. In fact, due to the PSD2 regulation, all European banks were forced by law to create and open their APIS to third parties and provide the same services that they provide in their banking interfaces. However, this obligation, being quite abstract and not exhaustive, has caused each bank to decide to open their APIs according to their own interpretation of the standard and, in many cases, banks still do not offer all the services they should, delaying in greatly the evolution of open banking. It seems that many of the banks, seeing that this opening of the APIs can harm them in favor of third-party platforms capable of providing certain services in a better way, are putting up barriers to the opening.

How do you get the license?

In Spain, to operate as an entity that offers payment services and, therefore, to become a payment entity, an authorization is required. These licenses are granted by the Bank of Spain in Spain or by the Central Bank of the country in which it is requested. One of the first steps to obtain the license is to define the business model, that is, what kind of payment institutions do we want to be?

It should be noted that EU member countries can operate within these countries. As regards operating in Spain, the member countries must notify their intentions to the Bank of Spain by the supervisory authority of the country of origin, and it will be the Bank of Spain who orders the start date of the activity.

There are payment entities that are attached to the “Registry of entities with low payment volume“. These are all those entities that do not offer account initiation and information services but do provide payment services. However, the total monthly value of the operations may not exceed 3 million euros.

All those entities that consider that their payment services can be used in a limited way to carry out certain specific operations or because they themselves are providers of communication networks that offer payment services to their subscribers must apply to the “Registration of exclusion by limited network or by telecommunication operators”.

Once the business model has been defined and the type of registration defined, the Bank of Spain recommends a step prior to the official request. Hold a meeting requested with the “authorization or registration pre-application form”. In this way, it will be possible to better expose the exact activity that you want to carry out as a payment entity just before the formal processing.

The procedure can be carried out in 3 different ways, but all of them lead to the same purpose:

Electronically through the Electronic Registry of the Bank of Spain:

These are the steps that the Bank of Spain recommends:

1.-Access the Electronic Registry using one of the authentication systems accepted by the Bank of Spain.

2.-Select the option “Fill in the form” and then choose the option according to the applicant.

3.-Complete the requested data and, when appropriate, attach the necessary documentation.

4.-Once all the data has been filled in and the necessary documentation attached, press the “Send” button.

5.-The Electronic Registry shows a screen informing about the status of the request. If the shipment is completed successfully, the “Acknowledgment of receipt” document can be consulted. Optionally, it can be saved and/or printed as proof of the operation carried out.

6.-At any time, from the option “Consult my writings submitted by the Electronic Registry”, you can consult the successfully completed submissions.

In presence at any of the Bank of Spain branches:

*The available branches can be found in the “other information of interest” section of the Bank of Spain website.

By postal mail:

The way to do it this way is by sending the mail to the official headquarters of the General Vice-secretariat of the Bank of Spain at Calle Alcalá 48, 28014 Madrid.

In the “Processing” section of the following link you will find all the mandatory documentation to present and that can be consulted in the “Informative guide for applicants“: https://sedeelectronica.bde.es/sede/es/menu/institucionesfin/autorizacion-al-/autorizacion_de_aa6f1da00495961.html

The resolution body for these cases is the responsibility of the Executive Commission of the Bank of Spain, which has 3 months from when all the required documentation is considered complete and sent. If the request takes more than 3 months, it is understood that it has been rejected.

How can Snab help you as a result of PSD2 and through Open Banking?

Thanks to PSD2, and as a consequence of Open Banking, Snab has been able to create a non-banking platform that allows our clients to access their information and bank movements from one place, centralizing all banking and treasury management in Snab, safely, and complying with all PSD2 regulatory standards.

%d