The Act of 10 May 2018 amending the act on payment services and certain other acts (Journal of Laws of 2018 item 1075) - referred to as the Act - implemented into national law the provisions of the Directive of Payment Services (PSD2).

The new rules ensure greater transparency and legal coherence in the area of ​​payment services. They will also contribute to creating a single payment market in the EU. The idea is to make cross-border payments as simple and secure as national payments in Member States. The Act significantly affects the shape of the entire payment services market, and thus the activities of, among others, banks, payment institutions, entities offering store cards and fuel cards as well as independent ATM operators or other non-bank payment service providers.

The Act creates the basis for the functioning of new service providers in the payment services market. In addition to banks, payment institutions, postal operators and others, there will be TPPs (Third Party Providers), which will provide two types of new services:

• Payment Initiation Service (PIS) –  is an online service which accesses a user’s payment account to initiate the transfer of funds on their behalf with the user’s consent and authentication. Payment initiation services provide an alternative to paying online using a credit card or debit card.
• Account Information Service (AIS) – a service made available to users of payment services with online access to accounts through which the payer can get, thanks to an online platform, a consolidated view on all its payment accounts, even if those are held with multiple providers. The AIS providers cannot use customer data or log on to its payment accounts for any purpose other can those provided by the service.

The act also introduces the so-called strong customer authentication. This means that after a transitional period included in the Act, in order to initiate a payment, it will be necessary to identify the customer by means of at least two independent methods of authentication. The supplier will have to use strong authentication if the payer: accesses his account online; initiates an electronic payment transaction; performs the activity via a remote channel that may involve the risk of payment fraud or other fraud. This solution will significantly improve the security of electronic payments.

A new entity authorized to provide payment services has been introduced - a Small Payment Institution (MIP) which is a natural person, legal entity or organizational unit that is not a legal person, has legal capacity, is entered into the register of small payment institutions, is carrying out the activity of providing payment services. MIP can perform its activities only in Poland after being entered in the register of small payment institutions kept by the Polish Financial Supervision Authority (in this case, a simplified procedure is taken before the supervisory authority). It was assessed that MIP may be an attractive form of running business by entities just starting to operate on the payment services market, in particular from the so-called FinTech sector, i.e. from this part of the financial market, which provides services and solutions using state-of-the-art technologies such as artificial intelligence, automated consultancy, biometrics or large database analyzes.