PSD2 Independent Assessment

Given the increasing need for electronic payments regulatory harmonization and to implement consumer protections, the EU has introduced the Payment Service Directive 2 – PSD 2. The focus is on improving transparency and security. It requires informing the customer of conditions and required information for payment services. Additionally, it calls for strict security requirements to protect the customer’s financial data and to lessen the risk of fraud. This directive significantly affects payment providers, requiring the sector to lean a new way of entering payments.

Key Impacts




  • Transparency on data and infrastructures
  • Improved customer experience, even beyond the retail
    bank limits
  • New opportunities to develop synergies and implement
    the established systems
  • Improved competition
  • Open access to accounts and payment systems
  • Both a threat and an opportunity for the traditional payment provider
  • The "third party access requirement" will allow in new competitors
  • Technologically enhanced services for the customers 
  • More transparency and protection from a customer's perspective
PSD2 independent assessment

Scope of PSD2 independent assessment


How we do it?

Evidence request 

Report release2-3 weeks before the start of the assesment we provide our preliminary list of evidence request

Indipendent assessment

We carry it out according to our PSD2 work program. The project will be delivered in a competitive time span of 4 to 6 weeks The system is then tested and the controls are assessed on a design and implementation level

Report release

A fact-finding report is provided and includes:

  1. Introduction (scope, approach, methodology) 
  2. Executive summary
  3. GAP analysis 

Our services

Deloitte can support you with the end-to-end execution of PSD2 independent assessment. Due to our experience in information security and the financial industry, we will be able to provide the service with the highest standard of quality. 

Why Deloitte

Professionals from Deloitte have an excellent track record in serving clients regarding the PSD2 Directive. Our consultants will guide payment providers through the whole directive and subsequently conduct reviews of the implemented processes. We will further notify you with the latest development regarding the PSD2 directive.


Contact us

Jakub Höll

Jakub Höll


Jakub leads the Operational Risk Team at the Risk Advisory department, Deloitte Czech Republic. He focuses on project management, agile and digital transformations of companies, data privacy and gover... More

Jakub Ponec

Jakub Ponec

Specialist Lead

Jakub works as a Risk Advisory Specialist Lead in the Operational Risk Team at Deloitte Czech Republic. He specialises in IT/internal audit, internal IT processes, internal control systems and IT advi... More