All questions


i Overview

As mentioned in Section II.i, payment services are regulated by Royal Decree-Law 19/2018, of 23 November, on payment services and other urgent financial measures and Order EHA/1608/2010 of 14 June on transparency and payment services.

In particular, the recently approved Royal Decree-Law 19/2018 partially transposes into the Spanish legal system Directive 2015/2366/EU of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, together with Regulation 2015/751/EU of the European Parliament and of the Council of 29 April 2015 on interchange fees for card payment transactions.

These regulations govern the performance of payment transactions by any means (dealing with issues such as, among others, consent and withdrawal of consent in payment transactions, limitations on payment methods, information to be provided to the payer and beneficiary of a payment transaction, authentication, expenses derived from payment transactions, and the notification procedure for unauthorised transactions) and the provisions of services framework agreements (content, amendment and termination).

The payment industry has evolved substantially over the past decades, from traditional channels using cash and cheques to a much greater use of digital channels such as online banking and mobile payments. Payment services can be defined as activities relating to payment transactions (transfers of funds from one account to another) made through payment methods other than cash: wire transfer, direct debit and payment cards. With new entrants into the payment services industry, ranging from large technology companies to specialised start-ups, the legislation will need to be adapted.

Fintech is continuously evolving, however, and in the future more areas will need to be addressed through regulation. An example of this is the wider use of blockchain technology in the banking system. Although still in its infancy, it could be used for shared databases with applications to international payments and securities settlements, which could raise consumer protection and data privacy issues.

ii Recent developmentsMobile payments

New payment technologies, including both contactless cards and new mobile payments, are increasingly present in Spanish purchasing processes. These payment methods have certain advantages for consumers, such as their convenience and the intentional increase in the security of daily transactions.

Although fintech and mobile payments are not yet regulated in Spain, final guidelines on the security of online payments, published by the European Banking Authority on 19 December 2014, were approved by the executive committee of the Bank of Spain on 24 March 2015.

Limits on cash payments

A limit on cash payments to prevent tax fraud came into force in 2012 when the Spanish government passed Law 7/2012 of 29 October. Under this regulation, cash payments of €2,500 or more cannot be made in transactions where at least one of the parties involved is a company or professional. This law has significant implications for citizens who are sometimes obliged to use alternative means of payment.

The previous Spanish government was considering the reduction of the limit to €1,000, but this modification was not formalised and the new Spanish government has not taken a position on this issue.

The use of big data

Another aspect of fintech is the use of big data (often focusing on spending and payment patterns) for the purposes of credit scoring, the provision of other financial services or cross-selling. This is not yet specifically regulated, although the European Banking Authority launched a public consultation on 19 December 2016 regarding the potential benefits and risks of big data for consumers and financial firms, to determine whether any further regulatory or supervisory action may be needed.

Likewise, the European Commission launched a public consultation on 23 March 2017 entitled 'Fintech: a more competitive and innovative European financial sector', the main purpose of which was to seek input from stakeholders to further develop the Commission's policy approach towards technological innovation in financial services.