Access to Accounts (XSTA or XS2A)

Access to Accounts allows financial institutions and approved and regulated non-traditional financial institutions to access to the bank accounts of EU consumers. These organisations are positioned between the consumer and the customer’s banks (they can be a bank not servicing the account of the payer) and are referred to as Third Party Payment Service Providers (see below).

Account Information Service Provider (AISP)

Account information service providers already exist today and offer tools that allow companies and consumers to have a consolidated view of their financial situation. Nowadays, these services are not regulated at EU level. PSD2 will provide for a common framework with clear conditions under which these providers can access the financial information on behalf of their customers. This will allow these services providers to operate without hindrance and to reach a broader audience which normally does not make use of such account managing services.

Account Servicing Payment Service Provider (ASPSP)

All financial institutions that offer payment accounts (e.g. current accounts, credit cards) with online access (internet banking) are considered ASPSPs. Under PSD2 they will be obliged to open up an interface to allow authorised and registered third parties to initiate payments and access account information. Examples of ASPSP include banks, building societies, credit unions.

Application Programme Interface (API)

API stands for Application Program Interface or Application Programming Interface and is a set of commands, functions, and procedures that programmers use when building software for a certain operating system. An API means programmers can use predefined functions to interact with the operating system, so they do not have to create them from the beginning. Through an API, one application can make a request with standardised input towards another application and get the second application to take the input, perform an operation and deliver a standardised output back to the first application. As an example, it would be possible for a PSP to have an app that aggregates information from accounts in several banks and present it to the customer in one consolidated overview. The app could also enable the customers to initiate payments and make transfers between the accounts.See Open API below.


A shared, peer-to-peer database, where any changes are recorded and cascaded throughout the network — it is sometimes refered to as a distributed ledger. Transactions are confirmed in blocks and stored in the database in chronological order, all with a reference to the previous block, creating a chain. A blockchain makes it possible, using cryptography and mathematics, to reach consensus on who owns what, without having to rely on a trusted intermediary such as a bank to keep the ledger.

Card scheme

Card schemes are payment networks linked to payment cards, such as debit or credit cards, of which a bank or any other eligible financial institution can become a member.

Digital disruption

A phrase used to capture the changes enabled by digital technologies — such as mobile, cloud computing, big data analytics and social media — that are changing rapidly and disrupting established ways of doing business. The impact Uber has had on the taxi industry is often cited as an example of digital disruption.


ECON stands for the European Parliament Economic and Monetary Affairs Committee. The Committee is responsible for Economic and monetary Union (EMU), the regulation of financial services, the free movement of capital and payments, taxation and competition policies, and the international financial system.


Enterprise resource planning is a class of business software, typically comprised of a number of related systems, for collecting, storing and managing data from day-to-day business activities. This may include back office systems such as procurement, inventory, product lifecycle, marketing, sales and HR.

European Banking Authority (EBA)

The European Banking Authority (EBA) is a regulatory agency of the European Union headquartered in London, United Kingdom. It is an independent EU Authority which works to ensure effective and consistent prudential regulation and supervision across the European banking sector. Its overall objectives are to maintain financial stability in the EU and to safeguard the integrity, efficiency and orderly functioning of the banking sector. The EBA was established on 1 January 2011


FinTech is a portmanteau of the words ‘financial’ and ‘technology’. FinTech is broadly used as the term for computer programs or financial services technology developed by companies or financial institutions to support or enable more efficient banking and financial services.

General Data Protection Regulation (GDPR)

The GDPR is a piece of legislation intended to strengthen and unify data protection for all individuals within the European Union (EU). Among other provisions, it governs how companies and financial institutions collect, share, manage and destroy private information. It will go into effect 25 May 2018.

Merchant acquirer

An acquiring bank (or acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant (e.g. retailer). The term acquirer indicates that the bank accepts

Open API

An Open API or Public API is a free-to-use, publicly available application programming interface (API) that provides developers with programmatic access to a proprietary software application. In short, an API allows one piece of software to connect with another piece of software. APIs also set the requirements that govern how one application can communicate and interact with another and lets developers access some internal functions of a program. They can be used by developers inside an organisation that published the API or by developers outside that organisation who wish to register for access to the interface.


Payment Service Directory 2 is a set of regulations intended to further the development of an EU-wide market for electronic payments. It is intended to remove the barriers to entry for companies that want to offer payment services, and obliges banks to provide standardised access to a customer’s bank account information and initiate payments on their request.

Payment Initiation Service Provider (PSP or PISP)

A PSP is any organisation that offers companies, retailers, merchants etc. an online solution for accepting electronic payments. This usually takes the form of software-as-a-service (SaaS) model that connects, for instance, the website of the seller or merchant with the online banking platform of the payer’s bank so a credit transfer can be enacted and completed. It can facilitate multiple payment methods such as credit card, bank-based payments (direct debit) and real-time online bank transfers by connecting to multiple acquiring banks, card, and payment networks. Often the PSP handles the electronic connections, the relationships with the external network and the bank accounts.

Payment Institute

A payment institute is a category of payment service provider that came about as a direct result of Payment Services Directive (PSD). They can offer customers services such as executing payment transactions (e.g. direct debits, payment cards, credit transfers, standing orders, etc.), the issuing of payment instruments, card processing, money remittance, foreign exchange services and in certain circumstances, credit.

Payment Service User (PSU)

The end-user of payment services.

Payment Services Directive 2 (PSD2)

Payment Service Directory 2 is a set of regulations intended to further the development of an EU-wide market for electronic payments. It is intended to remove the barriers to entry for companies that want to offer payment services, and obliges banks to provide standardised access to a customer’s bank account information and initiate payments on their request.

Regulatory Technical Standards (RTS)

The European Banking Authority develops regulatory technical standards which are submitted to the European Commission for endorsement. Regulatory Technical Standards are a set of detailed compliance criteria set for all parties that cover areas such as data security, legal accountability and other processes.

Software-as-a-service (SaaS)

Software-as-a-service is a type of software delivered online that enables users and companies to gain access to applications without the need to install or maintain software locally.

Third Party Payment Service Providers (TPP/ TPPSP)

Third party payment service providers are the Account Information Service Provider (AISPs) and Payment Initiation Service Providers (PISPs) that are employed by/work alongside the customer and the banks in the payment process.

The information provided within this website is intended for background information only. The views and other information provided herein are the current views of Nordea Bank Abp as of the date of publication and are subject to change without notice. The information provided within this website is not an exhaustive description of the described product or the risks related to it, and it should not be relied on as such, nor is it a substitute for the judgement of the recipient.

The information provided within this website is not intended to constitute and does not constitute investment advice nor is the information intended as an offer or solicitation for the purchase or sale of any financial instrument. The information provided within this website has no regard to the specific investment objectives, the financial situation or particular needs of any particular recipient. Relevant and specific professional advice should always be obtained before making any investment or credit decision. It is important to note that past performance is not indicative of future results.

Nordea Bank Abp is not and does not purport to be an adviser as to legal, taxation, accounting or regulatory matters in any jurisdiction.

The information provided within this website may not be reproduced, distributed or published for any purpose without the prior written consent from Nordea Bank Abp.

Related articles