On July 24th, 2013 the European Commission published the awaited proposal for a revised Payment Services Directive (“PSD2”)1 having for its purpose to complete and recast the Payment Services Directive (N° 2007/64/EC, “PSD1”) implemented in the Grand Duchy of Luxembourg by the Law of November 10th 2009 on payment services.2
The aims of the PSD1, which were the harmonisation of the legislation on payment services throughout the European Union (and extended to the EEA area), the implementation of new payment products (based on the SEPA products) allowing cross-border payments in Euro as simple and secure as domestic payments, and the improvement of the protection of the payment services users (“PS users”), are found in the PSD2.
If approved, PSD2 will widen the scope of application of the European legal framework related to payment services.
New players in the payment services will qualify as payment services providers (“PSP”), namely the “third-party Payment Service Providers,” providing:
- payment initiation services, i.e. services enabling the access to a payment account, where the payer can be actively involved in the payment initiation or the third-party PSP’s software, or where payment instruments can be used by the payer or the payee to transmit the payer’s credentials to the PSP holding the payment account; and,
- account information services, i.e. a payment service where consolidated and user-friendly information is provided to a PS user on one or several payment accounts held by the PS user with one or several PSPs.
These third-party Payment Service Providers will be subject to the same regulatory requirements and supervision as those applicable to any entity already qualifying as PSP.
Furthermore, PSD2 will extend the application of rules related to the transparency and obligations of information of PS users to the “one-leg transactions.” Under the PSD1, rules governing the compulsory information and transparency of the services of payments apply only to payments made from and in the EU (i.e. where the PSP of the payer and of the payee are both located in the EU) and in the Euro or another member State currency. Under the PSD2, PSPs located in the EU will have to comply with the same transparency and information obligations each time they provide a payment service, notwithstanding the fact that such payment could originate from or be made to an account located outside of the EU and notwithstanding the currency (Euro, EU or non-EU currency) of the payment.
PSD2 will further reinforce security rules for online transactions and places under the PSPs’ responsibilities the obligation to enforce stronger consumer authentication procedures, i.e. procedure based on the use of at least two elements categorised as knowledge, possession, and inherence and that are independent (e.g. for the use of a debit card: the possession of the card and the use of a PIN code).
The liability regime of the PSP will also be amended under the PSD2. In cases of unauthorised card payments, consumers will have to bear losses up to a maximum of 50 EUR (instead of 150 EUR currently). Moreover, the PSD2 will grant the consumer an unconditional right to a refund of any disputed payment transactions, in cases of card payment or domiciliation (this refund right will be aligned with the existing SEPA SDD standard), except where the payee has already fulfilled the contractual obligations and the services have already been received or the goods have already been consumed by the payer.
The proposal of the Commission to recast the payment services regulation is completed by a proposal of Regulation on Multilateral Interchange Fees (MIFs) (the “Regulation”), having for its purpose to regulate at the European level the interchange fees applicable on debit and credit card transactions and card-based payment transactions undertaken through “banking” cards. Commercial cards or three party scheme cards will be excluded from the regulation.Maximum levels of interchange fees will be imposed for cross-border transactions during a transition period of two years following the publication of the Regulation. It is therefore proposed that, after the transitional phase, the same maximum fees that apply to cross-border acquired transactions will also apply to domestic transactions. All (cross-border and domestic) 'consumer' debit card transactions will have a maximum interchange fee of 0.20% and all (cross-border and domestic) ‘consumer’ credit card transactions will have a maximum interchange fee of 0.30%.
The Regulation further provides for business rules that will be applicable to all categories of card transactions, notably:
- transparency rules (PSPs will have to provide at least monthly statements to their clients acting as merchants, disclosing the fees paid by the merchant concerning each category of card);
- no discrimination between card users as regards the issuing bank or the provenance of the card holder (however, without prejudice to the limitation of the “Honor All Cards Rule” set forth by the regulation);
- prohibition of any regulation preventing or limiting merchants from steering customers to more efficient payments instruments ('no steering rules'); and,
- merchants shall be entitled to disclose to their customers the fees they pay to their PSP.
At this time, the PSD2 Directive and the MIFs Regulation proposals have been released as provisional versions, but already allow professionals, users and practitioners to consider and start anticipating the new legal framework to come.