The note said that the Netherlands and the European Commission have also raised concerns about the planned directive.
Luxembourg is concerned that the PSD2 compromise text "undermines the passporting regime established by the current PSD, and the principle of home state supervision", it said in a statement in the 'I' note.
This reintroduces the potential for market fragmentation, it said.
The text also lacks a coherent approach to cross-border supervision and the balance between the powers of home and host competent authorities, Luxembourg said.
The Netherlands is concerned about the security of payment initiation services during the transitional period. The text seems to allow payment initiation service providers to offer services while technical standards to ensure security are not yet in force, it said. Without adequate security standards, public trust in electronic payments could be undermined, the statement said.
The European Commission's statement said that, while the text provides host states with powers to supervise and monitor activities within their territories by payment institutions authorised in another member state, the Commission notes 'with great regret' that host states can still require those payment institutions to set up a central contact point in their territories.
While it is important that host states are able to monitor activities within their territory, this requirement to set up a central contact point may create barriers to the proper functioning of the internal market, the Commission said.
Renewed efforts are needed to improve cooperation between relevant authorities in home and host states, it said.
The Council published the final compromise text of PSD2 on 3 June
PSD2 is set to replace the existing Payment Services Directive which has been in place since 2007. The new Directive would need to be implemented into national laws across the EU within two years of it coming into force. The main features of the new legislation include new rules on access to payment accounts, liability allocation provisions, transparency requirements and customer authentication measures.
The new rules are designed to open up access to payment account information to third parties, to reflect the growing number of account aggregators - businesses that enable customers to access different online banking accounts including credit cards, current and savings accounts using a single online portal, and other financial technology companies moving into the payments sphere.