European Directive 2015/2366 (PSD2), on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC was published on 23rd December 2015. The Member States shall transpose the PSD2 Directive provisions into their internal legal system by 13th January 2018.
The European Union (EU) adopted this Directive with the purpose of developing an electronic payment market for the whole Union adapting the rules to the emerging services, such as those performed through mobile devices and the Internet. Pursuant to several reports, the growth of the mcommerce is above the e-commerce and we cannot ignore that such trend will increase in the following years. Furthermore, Directive is also aimed at reducing and normalising the payments market cost, which currently represents more than 1% of the GDP of the EU.
“…an electronic payment market for the whole Union adapting the rules to the emerging services, such as those performed through mobile devices and the Internet …”
Directive PSD2 provides the following developments:
- Introduction of the “payment initiation system”, a payment system that operates between the merchant and the originator’s bank, so that no credit card is needed, which implies low-cost and more efficient electronic payments. Furthermore, this service enables the payment initiation service provider to provide comfort to a payee that the payment has been initiated in order to provide an incentive to the payee to release the goods or to deliver the service without undue delay. Such system is based on access for the payment service providers to the payer’s account.
The Member States shall differentiate between the following categories of payment service providers, which shall require the respective authorization:
- Credit entities.
- Electronic money entities.
- Post office giro institutions.
- Payment entities.
- The European Central Bank and national central banks.
- The Member States and their regional and local authorities when not acting in their capacity as public authorities.
- Information services of aggregated accounts on line in relation to different accounts of the user, which will allow an overall and immediate view of its financial situation. This measure shall enhance a more appropriate protection with respect to payments and account data.
- The new Directive reduces the users’ risk in situations of fraud, abuses and different types of incidents related to payment, for example, non-authorized payments, the use of a payment instrument lost or misappropriation of a payment instrument, in which case the user’s liability shall be of a maximum of 50 Euros.
- Another development of the Directive is the extension of its scope, which will be applied in the following cases:
- Payment transactions in a currency that is not the currency of a Member State where both the payer’s payment service provider and the payee’s payment service provider are located within the Union.
- Payment transactions where only one payment service provider in the payment transaction is located within the Union.
“…a payment system that operates between the merchant and the originator’s bank, so that no credit card is needed…”
- New limitations related to exclusions from the Directive scope:
- Regarding payments made through commercial agents, the Directive was up to now applied very differently by the Member States. Now, the only exclusion applies to payment transactions in which the agent acts on behalf of only the payer or only the payee, whether it may have the funds or not.
- Exclusion of limited networks. It establishes the obligation to inform the competent authority in order to assess if such transactions may be excluded from the Directive scope when the average amount of transactions during a period of one year exceeds the threshold of one million Euros. This measure is aimed at mitigating the exclusions of significant payment amounts which may create disadvantages on competition with respect to other market agents. The payment instruments covered by this exclusion could include purchase cards, fuel cards, partners store cards, fuel cards, membership cards, public transport cards, parking ticketing, meal vouchers or vouchers for specific services, among others.
- The exclusion to certain payment transactions carried out by computer or telecommunication devices is clarified, which shall be now applied specifically on micro-payments for digital content and voice-based services. -
- Payment transactions between a parent undertaking and its subsidiary or between subsidiaries of the same parent undertaking provided by a payment service provider belonging to the same group should be excluded.
In turn, protection and privacy of users is improved on a generalised basis. Therefore, Member States shall appoint the competent authority in charge of the authorization and prudential supervision of payment institutions.
As regards the duties of user authentication, financial entities and payment service providers are obliged to reinforce the security measures applied to transactions carried out on the internet by establishing a strict user identification system when using the payment systems, including personalised security credentials of users.
“…sole and regulated payment system homogeneously in the whole EU…”
In conclusion, we are dealing with a regulatory framework that better adapts to the establishment of a sole and regulated payment system homogeneously in the whole EU, thus securing a continued development of the integrated sole market of electronic payments, which is essential to ensure transparency conditions in the payment services. In turn, the new Directive shall enhance the regulatory adaptation to the new technological scenario of the commerce and transactions carried out through mobile devices, which shall carry on growing and evolving in the future.