The Payments Services Directive 2, or PSD2, is a major reworking of the bloc's payments rules to reflect rapid advances in technology like smart phones for accessing financial services.
The main elements are:
* With a customer's permission, a bank must allow an outside company authorised by regulators to take a payment directly from an account for goods and services.
* A bank must allow an outside firm to access transactions history from a customer's account for the purposes of aggregating information from several current and savings accounts into a single "dashboard".
* Tougher customer authentication of online payments will be introduced from the second half of 2019.
* Banks will have to spell out reasons for refusing an application for a new account, making it harder to hide behind generic concerns like money laundering.
* Banks are required to give refunds for unauthorised transactions.
* Outside payment firms must respond to complaints within 15 days.
* Firms authorised under PSD2 are not allowed to take deposits or grant loans like traditional banks.
* Most PSD2 firms that take data from a bank account will also come under a separate EU General Data Protection Regulation that comes into force in May to reinforce safeguards on personal data.
(Reporting by Huw Jones; Editing by Sonya Hepinstall)