EBA: Central-Bank Accounts Don't Meet PSD2 Safeguarding Rules
Europe's banking regulator has ruled that holding client funds in central-bank accounts isn't enough to satisfy PSD2 safeguarding requirements.
If you've been following the world of European payments regulation, here's a ruling that might raise a few eyebrows. The European Banking Authority (EBA) — basically the EU's top banking watchdog — has determined that payment institutions can't use central-bank accounts to tick the box on safeguarding requirements under PSD2, the bloc's second Payment Services Directive.
PSD2 safeguarding rules exist to protect your money when you use a non-bank payment service. The idea is simple: if a fintech or payment firm goes bust, your funds should be ring-fenced and recoverable. The EBA's position essentially means that even parking money at a central bank — which most people would assume is about as safe as it gets — doesn't automatically satisfy those legal obligations as written under PSD2.
Read more ACA Enrollment Drops 3 Million: Fraud Fixes or Rising Costs? →
This matters because a growing number of payment institutions have sought access to central-bank accounts precisely because they view it as a gold-standard way to protect customer funds. The EBA's clarification throws a wrench into that strategy, signaling that compliance is about more than just where the money sits — it's also about how the regulatory framework formally recognizes that arrangement.
For fintechs and payment firms operating across the EU, this ruling is a prompt to revisit their safeguarding setups and get proper legal advice sooner rather than later. Regulators across Europe are tightening scrutiny on how customer money is protected, and firms that assumed central-bank access was a shortcut to compliance may now need to rethink their approach entirely.
Continue reading at thefintechtimes for the full regulatory breakdown and expert commentary.