Core Tools
Infrastructure
Product previews
From zero to regulator-ready
See how ComplyBridge walks you through a full MiCA CASP application — from entity setup to final submission package.
See how it works →The only AI that knows your firm
Reasons across the live EU rulebook and your own policies, KYB data, UBOs, and integrations.
Explore capabilities →PSD2 / PSD3
Payment services, supervised properly.
From PI and EMI authorisation to SCA performance and operational-incident reporting — ComplyBridge covers the full Payment Services Directive lifecycle, including the upcoming PSD3 and Payment Services Regulation.
At a glance
12+
Authorisation document sets automated
99.2%
Average SCA success rate in monitored firms
4h
Major-incident report turnaround
PSD3 / PSR
Expected 2026
Transitional period begins on entry into force
PSD2 today, PSD3 tomorrow — one compliance spine.
PSD2 is the EU's current regime for payment services, introducing strong customer authentication, open-banking access for third-party providers, and a common authorisation model for payment institutions (PIs) and e-money institutions (EMIs).
PSD3 and the accompanying Payment Services Regulation (PSR) will tighten fraud obligations, harmonise enforcement, and elevate technical standards across the EU. Firms that structure their compliance around ComplyBridge today will absorb the PSD3 changes as a controlled delta, not a project.
What PSD2 / PSD3 covers.
The directive sweeps in a broad range of payment-related businesses. Most fintechs touching money in the EU fall under at least one category.
Payment institutions
Execution of payment transactions, acquiring, money remittance, and card issuance under a PI licence.
Account information services
AISPs accessing payment account data for multi-account aggregation or financial management.
Payment initiation services
PISPs initiating transfers on the user's behalf from their payment account.
E-money institutions
Issuance of e-money instruments, stored-value accounts, and digital wallets under an EMI licence.
Incident reporting
Major operational and security incidents reportable to the home NCA under EBA guidelines.
Open banking APIs
Dedicated interfaces, fallback mechanisms, and performance reporting under the RTS on SCA & CSC.
The recurring obligations we handle.
Most PSD2 pain is operational — not strategic. ComplyBridge automates the checks, the reports, and the evidence so your team focuses on product.
- SCA performance monitoring with exemption-rate tracking and friction analytics.
- Safeguarding checks against client funds with daily reconciliation and evidence logs.
- Fraud rate reporting aligned to EBA guidelines, per payment instrument.
- Major incident classification and 4-hour / 3-day / 2-week reports templated.
- Passporting notifications to host NCAs across all 27 EU member states.
- Annual ICAAP-equivalent capital-adequacy pack for PI and EMI supervisory review.
From authorisation to ongoing supervision.
Whether you're applying for your first PI licence or keeping a multi-jurisdictional EMI book clean, the path is the same four steps.
Scope & gap analysis
Identify which services you provide and map each to the PSD2 / PSD3 obligations that apply.
License build
Generate the full authorisation pack — business plan, policies, capital model, governance map.
Go-live controls
Stand up SCA monitoring, incident pipeline, and safeguarding reconciliation before first transaction.
Keep supervisory peace
Ongoing dashboards, periodic filings, and change alerts as PSD3 / PSR enters into force.
Frequently Asked Questions
Common questions about PSD2 / PSD3 and how ComplyBridge supports compliance.
It depends on whether you hold customer funds. If customer balances persist on your books between transactions, you almost certainly need EMI. Pure execution flows can sometimes stay PI-only. The right answer is a business-model analysis, not a template — we run it with you in the first session.
With a complete, well-prepared file, most EU NCAs complete review in 6–9 months (PI) or 9–12 months (EMI). Preparation quality is the biggest determinant — ComplyBridge typically compresses the preparation phase from 6 months of consulting to 8–10 weeks of guided build.
The two headline shifts are fraud liability (sharper expectations on prevention and reimbursement) and technical standards (moving some SCA and open-banking details from RTS into the regulation itself). Firms on ComplyBridge get the PSR obligation map as a progressive rollout — no big-bang cutover.
Yes. Once you're authorised in your home state, we manage the notification flow to host NCAs under the freedom to provide services and freedom of establishment, track confirmation, and maintain a passport register for supervisory review.