PURPOSE: to help develop further an EU-wide market for electronic payments.

LEGISLATIVE ACT: Directive (EU) 2015/2366 of the European Parliament and of the Council on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC.

CONTENT: the Directive incorporates and repeals directive 2007/64/EC , which provided the legal basis for the creation of an EU-wide single market for payment services.

Since the adoption of Directive 2007/64/EC (the original payment services directive), methods for the initiation of payments in the field of e-commerce have evolved.

The revised directive adapts the rules to cater for emerging and innovative payment services, including internet and mobile payments . It seeks to ensure a more secure environment for payments, in particular for those using remote channels. It is complemented by Regulation (EU) 2015/751 of the European Parliament and of the Council which introduces, in particular, rules on the charging of interchange fees for card-based transactions.

The main elements of the Directive are as follows:

Scope and application : this Directive aims to ensure continuity in the market, enabling existing and new service providers, regardless of the business model applied by them, to offer their services with a clear and harmonised regulatory framework. Equivalent operating conditions should be guaranteed, to existing and new players on the market , enabling new means of payment to reach a broader market, and ensuring a high level of consumer protection in the use of those payment services across the Union as a whole. This should generate efficiencies in the payment system as a whole and lead to more choice and more transparency of payment services while strengthening consumers’ trust in a harmonised payments market.

This Directive also establishes rules concerning:

the transparency of conditions and information requirements for payment services; and the respective rights and obligations of payment service users and payment service providers in relation to the provision of payment services as a regular occupation or business activity.

The Directive shall also cover:

the accounts information service which allow the payment service user to have an overall view of its financial situation immediately at any given moment; payment initiation services that enable the payment initiation service provider to reassure the payee that the payment has been initiated thus providing an incentive to the payee to release the goods or to deliver the service without undue delay.

This Directive applies to payment services provided within the Union . Titles III (information requirements) and IV (rights and obligations in relation to the provision and use of payments) apply to payment transactions in the currency of a Member State where both the payer’s payment service provider and the payee’s payment service provider are, or the sole payment service provider in the payment transaction is, located within the Union.

Exclusions : the exclusion relating to certain payment transactions by means of telecom or information technology devices shall focus specifically on micro-payments for digital content and voice-based services .

The Directive does not apply to cash withdrawal services offered by means of automated teller machines (ATMs) by providers, acting on behalf of one or more card issuers, which are not a party to the framework contract with the customer withdrawing money from a payment account, on condition that those providers comply with specific transparency provisions of this Directive while ensuring clarity with regard to withdrawal charges.

Authorisation as payment institutions : the Directive does not substantially change the conditions for granting and maintaining authorisation as payment institutions. The conditions include prudential requirements proportionate to the operational and financial risks faced by such bodies in the course of their business. In that connection, there is a need for a sound regime of initial capital combined with on-going capital which could be elaborated in a more sophisticated way in due course depending on the needs of the market.

Member States shall require undertakings that apply for authorisation to provide payment services, as a condition of their authorisation, to hold a professional indemnity insurance , covering the territories in which they offer services, or some other comparable guarantee against liability to ensure that they can cover their liabilities.

Role of the European Banking Authority : the role of the EBA is strengthened in that it shall:

develop, operate and maintain an electronic, central register that contains the information as notified by the competent authorities and make it publicly available on its website; assist in resolving disputes between competent authorities in the context of cross-border cooperation; develop draft regulatory technical standards specifying the framework for cooperation.

The Directive also provides for the supervision of payment institutions exercising the right of establishment and freedom to provide services as well as measures in case of non-compliance, including precautionary measures to ensure that the payment institution concerned puts an end to its irregular situation.

Access to accounts maintained with a credit institution : the Directive stipulates that Member States shall ensure that payment institutions have access to credit institutions' payment accounts services on an objective, non-discriminatory and proportionate basis. Such access shall be sufficiently extensive as to allow payment institutions to provide payment services in an unhindered and efficient manner. The credit institution shall provide the competent authority with duly motivated reasons for any rejection.

Transparency and consumer rights : this Directive shall provide for a right for consumers to receive relevant information free of charge before being bound by any payment service contract. Consumers shall also be able to request prior information as well as the framework contract, on paper, free of charge at any time during the contractual relationship, so as to enable them both to compare the services and conditions offered by payment service providers and in the case of any dispute, to verify their contractual rights and obligations.

The consumer shall receive basic information on executed payment transactions at no additional charge . In order to facilitate customer mobility, it shall be possible for consumers to terminate a framework contract without incurring charges.

Rights and obligations in relation to the provision and use of payment services : the Directive concerns in particular issues such as:

limits on applicable fees : for payment transactions provided within the Union, where both the payer’s and the payee’s payment service providers are, or the sole payment service provider in the payment transaction is, located within the Union, the payee pays the charges levied by his payment service provider, and the payer pays the charges levied by his payment service provider; confirmation on the availability of funds : on the part of a claimant's payment service provider, confirmation of the amount necessary for the execution of a card-based payment transaction is available on the payment account of the payer, provided that certain following conditions are met; rules on access to payment account in the case of payment initiation services : where a payment order is initiated through a payment initiation service provider, it shall make available to the payer’s account servicing payment service provider the reference of the payment transaction; limits of the use of the payment instrument and of the access to payment accounts by payment service providers :

i. if agreed in the framework contract, the payment service provider may reserve the right to block the payment instrument for objectively justified reasons relating to the security of the payment instrument, the suspicion of unauthorised or fraudulent use of the payment instrument or, in the case of a payment instrument with a credit line, a significantly increased risk that the payer may be unable to fulfil its liability to pay;

ii. an account servicing payment service provider may deny an account information service provider or a payment initiation service provider access to a payment account for objectively justified and duly evidenced reasons relating to unauthorised or fraudulent access to the payment account by that account information service provider or that payment initiation service provider. In such cases the account servicing payment service provider shall immediately report the incident relating to the account information service provider or the payment initiation service provider to the competent authority;

rules on access to and use of payment account information in the case of account information service: limits of the use of the payment instrument and of the access to payment accounts by payment service providers ; an account servicing payment service provider may deny an account information service provider access to a payment account for objectively justified and duly evidenced reasons relating to unauthorised or fraudulent access to the payment account and notified to the competent authority; obligations of the payment service user in relation to payment instruments and personalised security credentials; payer's liability for unauthorised payment transactions: in this case, the payment service provider should immediately refund the amount of that transaction to the payer .

Protection of data and safer payments : the Directive provides that Member States shall permit processing of personal data by payment systems and payment service providers when necessary to safeguard the prevention, investigation and detection of payment fraud . Payment service providers shall only access, process and retain personal data necessary for the provision of their payment services, with the explicit consent of the payment service user.

Payment service providers shall establish and maintain effective incident management procedures, including for the detection and classification of major operational and security incidents. For electronic remote payment transactions, payment service providers apply strong customer authentication that includes elements which dynamically link the transaction to a specific amount and a specific payee.

In any event, all payment services offered electronically should be carried out in a secure manner , adopting technologies able to guarantee the safe authentication of the user and to reduce, to the maximum extent possible, the risk of fraud.

Obligation to inform consumers of their rights : by 13 January 2018, the Commission shall produce a user-friendly electronic leaflet, listing in a clear and easily comprehensible manner, the rights of consumers under this Directive and related Union law.

ENTRY INTO FORCE: 12.01.2016.

TRANSPOSITION: 13.01.2018. Member States shall adopt and publish the measures necessary to comply with this Directive.

DELEGATED ACTS: the Commission shall be empowered to adopt delegated acts concerning certain elements of the Directive. It shall be conferred on the Commission for an undetermined period of time from 12 January 2016 . The European Parliament or the Council may formulate objections with regard to the delegated act within a period of three months of its notification (this period may be extended by three months). If the European Parliament and the Council object, the delegated act may not enter into force.

The European Parliament adopted by 578 votes to 29, with 52 abstentions, the proposal for a directive of the European Parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC.

The European Parliament’s position, adopted at first reading following the ordinary legislative procedure, amended the Commission proposal. The key amendments adopted in plenary dealt with the following points:

Enhance growth and enlarge the consumer’s choice : since the adoption of Directive 2007/64/EC, the retail payments market has experienced significant technical innovation, with rapid growth in the number of electronic and mobile payments and the emergence of new types of payment services in the market place, which challenges the current framework.

The new Directive should aim to ensure continuity in the market, enabling existing and new service providers , regardless of the business model applied by them, to offer their services with a clear and harmonised regulatory framework.

The new rules, supplemented by Regulation (EU) 2015/751 of the European Parliament and of the Council which introduces, in particular, rules on the charging of interchange fees for card-based transactions , should generate efficiencies in the payment system as a whole and lead to more choice and more transparency of payment services while strengthening the trust of consumers in a harmonised payments market .

Purpose and scope : the Directive should apply to:

credit institutions as defined under Regulation (EU) No 575/2013 , including branches, where such branches are located in the Union, whether the head offices of those branches are located within the Union or, outside the Union; electronic money institutions as defined under Directive 2009/110/EC , including, branches thereof, where such branches are located within the Union and their head offices are located outside the Union, in as far as the payment services provided by those branches are linked to the issuance of electronic money.

The Directive should also cover: i) the accounts information service which allow the payment service user to have an overall view of its financial situation immediately at any given moment; ii) payment initiation services that enable the payment initiation service provider to provide comfort to a payee that the payment has been initiated in order to provide an incentive to the payee to release the goods or to deliver the service without undue delay.

Exclusions : the exclusion relating to certain payment transactions by means of telecom or information technology devices should focus specifically on micro-payments for digital content and voice-based services A clear reference to payment transactions for the purchase of electronic tickets should also be introduced.

The Directive does not apply to cash withdrawal services offered by means of automated teller machines (ATMs) by providers, acting on behalf of one or more card issuers, which are not a party to the framework contract with the customer withdrawing money from a payment account, on condition that those providers comply with specific transparency provisions of this Directive while ensuring clarity with regard to withdrawal charges.

Payment initiation service providers : Member States shall require undertakings that apply for authorisation to provide payment services, as a condition of their authorisation, to hold a professional indemnity insurance , covering the territories in which they offer services, or some other comparable guarantee against liability to ensure that they can cover their liabilities.

In order to enhance transparency of the operation of payment institutions and to ensure a high level of consumer protection in the Union, the European Banking Authority (EBA) should therefore set up a central register in which it publishes a list of the names of the entities providing payment services.

Parliament also enhanced provisions of the Directive regarding:

control of the shareholding in a payment institution settlement of disagreements between competent authorities of different Member States, the EBA may be called upon if necessary; application to exercise the right of establishment and freedom to provide services; supervision of payment institutions exercising the right of establishment and freedom to provide services; measures in case of non-compliance, including precautionary measures to ensure that the payment institution concerned puts an end to its irregular situation.

Access to accounts maintained with a credit institution : a new Article stipulates that Member States shall ensure that payment institutions have access to credit institutions' payment accounts services on an objective, non-discriminatory and proportionate basis . Such access shall be sufficiently extensive as to allow payment institutions to provide payment services in an unhindered and efficient manner.

The credit institution shall provide the competent authority with duly motivated reasons for any rejection.

Rights and obligations in relation to the provision and use of payment services : the amendments concern in particular issues such as:

limits on applicable fees ; for payment transactions provided within the Union, where both the payer’s and the payee’s payment service providers are, or the sole payment service provider in the payment transaction is, located within the Union, the payee pays the charges levied by his payment service provider, and the payer pays the charges levied by his payment service provider; confirmation on the availability of funds; on the part of a claimant's payment service provider, confirmation of the amount necessary for the execution of a card-based payment transaction is available on the payment account of the payer, provided that certain following conditions are met; rules on access to payment account in the case of payment initiation services; rules on access to and use of payment account information in the case of account information service; limits of the use of the payment instrument and of the access to payment accounts by payment service providers ; an account servicing payment service provider may deny an account information service provider access to a payment account for objectively justified and duly evidenced reasons relating to unauthorised or fraudulent access to the payment account and notified to the competent authority; obligations of the payment service user in relation to payment instruments and personalised security credentials; payer's liability for unauthorised payment transactions ; in this case, the payment service provider should immediately refund the amount of that transaction to the payer .

Protection of data and safer payments : the amended text provides that Member States shall permit processing of personal data by payment systems and payment service providers when necessary to safeguard the prevention, investigation and detection of payment fraud . Payment service providers shall only access, process and retain personal data necessary for the provision of their payment services, with the explicit consent of the payment service user.

Payment service providers shall establish and maintain effective incident management procedures, including for the detection and classification of major operational and security incidents. For electronic remote payment transactions, payment service providers apply strong customer authentication that includes elements which dynamically link the transaction to a specific amount and a specific payee.

In any event, all payment services offered electronically should be carried out in a secure manner , adopting technologies able to guarantee the safe authentication of the user and to reduce, to the maximum extent possible, the risk of fraud.

Obligation to inform consumers of their rights : by two years after the date of entry into force of this Directive, the Commission shall produce a user-friendly electronic leaflet, listing in a clear and easily comprehensible manner, the rights of consumers under this Directive.

The Committee on Economic and Monetary Affairs adopted a report by Antonio TAJANI (EPP, IT) on the proposal for a directive of the European Parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC.

The committee recommended that the European Parliament’s position adopted at first reading following the ordinary legislative procedure should amend the Commission proposal as follows.

Enhance growth and enlarge the consumer’s choice : since the adoption of Directive 2007/64/EC, the retail payments market has experienced significant technical innovation, with rapid growth in the number of electronic and mobile payments and the emergence of new types of payment services in the market place, which challenges the current framework.

The amended text stressed that the continued development of an integrated internal market for safe electronic payments is crucial in order to support the growth of the Union economy and to ensure that consumers, merchants and companies enjoy choice and transparency of payment services to benefit fully from the internal market.

This should generate efficiencies in the payment system as a whole and lead to more choice and more transparency of payment services while strengthening the trust of consumers in a harmonised payments market.

Purpose and scope : the Directive shall apply to:

credit institutions as defined under Regulation (EU) No 575/2013 , including branches, where such branches are located in the Union, whether the head offices of those branches are located within the Union or, outside the Union; electronic money institutions as defined under Directive 2009/110/EC , including, branches thereof, where such branches are located within the Union and their head offices are located outside the Union, in as far as the payment services provided by those branches are linked to the issuance of electronic money.

Exclusions : the Directive does not apply to the following:

payment transactions by a provider of electronic communications networks or services provided in addition to electronic communications services for a subscriber to the network or service: (i) for purchase of digital content and voice-based services , regardless of the device used for the purchase or consumption of the digital content and charged to the related bill; or (ii) performed from or via an electronic device and charged to the related bill within the framework of a charitable activity or for the purchase of ticket. Members laid down the conditions to this exclusion; cash withdrawal services offered by means of automated teller machines (ATM) by providers, acting on behalf of one or more card issuers, which are not a party to the framework contract with the customer withdrawing money from a payment account, on condition that those providers do not conduct other payment services.

Payment initiation service providers : Member States shall require undertakings that apply for authorisation to provide payment services, as a condition of their authorisation, to hold a professional indemnity insurance , covering the territories in which they offer services, or some other comparable guarantee against liability to ensure that they can cover their liabilities.

EBA should develop guidelines on the criteria to be used by Member States to establish the minimum monetary amount of professional indemnity insurance or comparable guarantee. Members introduced provisions as regards the control of the shareholding.

EBA register : in order to enhance transparency of the operation of payment institutions that are authorised by, or registered with, competent authorities of the home Member State, including their agents, and to ensure a high level of consumer protection in the Union, it is necessary to ensure easy public access to the list of the entities providing payment services . EBA should therefore develop and operate a central register in which it publishes a list of the names of the entities providing payment services. Member States should ensure that the data that they provide is kept up to date.

The report also enhanced provisions regarding:

settlement of disagreements between competent authorities of different Member States, the EBA may be called upon if necessary; application to exercise the right of establishment and freedom to provide services : Members stated that any authorised payment institution wishing to provide payment services for the first time in a Member State other than its home Member State, in the exercise of the right of establishment or the freedom to provide services, shall communicate information to the competent authorities in its home Member State. The type of information is laid down in the report; supervision of payment institutions exercising the right of establishment and freedom to provide services; measures in case of non-compliance, including precautionary measures to ensure that the payment institution concerned puts an end to its irregular situation.

Access to accounts maintained with a credit institution : a new Article stipulates that Member States shall ensure that payment institutions have access to credit institutions' payment accounts services on an objective, non-discriminatory and proportionate basis . Such access shall be sufficiently extensive as to allow payment institutions to provide payment services in an unhindered and efficient manner.

Rights and obligations in relation to the provision and use of payment services : the amendments concern in particular issues such as:

limits on applicable fees; confirmation on the availability of funds; rules on access to payment account in the case of payment initiation services; rules on access to and use of payment account information in the case of account information service; limits of the use of the payment instrument and of the access to payment accounts by payment service providers; obligations of the payment service user in relation to payment instruments and personalised security credentials; payer's liability for unauthorised payment transactions; payment transactions where the transaction amount is not known in advance.

Protection of data and safer payments : the amended text provides that Member States shall permit processing of personal data by payment systems and payment service providers when necessary to safeguard the prevention, investigation and detection of payment fraud. Payment service providers shall only access, process and retain personal data necessary for the provision of their payment services, with the explicit consent of the payment service user. Payment service providers shall establish and maintain effective incident management procedures , including for the detection and classification of major operational and security incidents.

Member States shall ensure that, for electronic remote payment transactions, payment service providers apply strong customer authentication that includes elements which dynamically link the transaction to a specific amount and a specific payee.

Obligation to inform consumers of their rights : by two years after the date of entry into force of this Directive, the Commission shall produce a user-friendly electronic leaflet, listing in a clear and easily comprehensible manner, the rights of consumers under this Directive.

The European Parliament adopted amendments to the proposal for a directive of the European Parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC.

The matter was referred back for further examination to the committee responsible . The vote was postponed until a subsequent plenary session.

The main amendments adopted in plenary were the following:

Safe electronic payments: given the development of the digital economy, Parliament stated that it was in favour of establishing an integrated single market for safe electronic payments was crucial in order to support the growth of the Union economy and to ensure that consumers, merchants and companies enjoy choice and transparency of payment services to benefit from the full benefits of the internal market.

Consumer information: Parliament called for charges for information to be reasonable and in line with the payment service provider’s actual costs.

Consumers who switch their payment account , upon request can receive the transactions carried out on the former payment account recorded on a durable medium from the transferring payment service provider for a reasonable fee. The burden of proof should lie with the payment service provider to prove that it has complied with the information requirements.

The amended text stipulates that for payment initiation services, the third party payment service provider should, prior to initiation, provide the payer with the following clear and comprehensive information :

· the contact information and registration number of the third-party payment service provider, and the name of the supervisory authority responsible;

· where applicable, the maximum time-limit for the payment initiation procedure;

· all possible charges payable by the payment service user to the third-party payment service provider and, where applicable, the breakdown of the amounts of any charges;

· where applicable, the actual or reference exchange rate to be applied.

These provisions are without prejudice to the data protection obligations applicable to the third-party payment service provider and the payee.

Access of third-party payment service providers and third-party payment instrument issuers to payment account details: the amended text stated that Member States should ensure that a payer who held a payment account that could be accessed via online banking, has the right to make use of an authorised third party payment service provider, to obtain payment services enabling access to payment accounts. A payer should have the right to make use of an authorised third-party payment instrument issuer to obtain payment instrument enabling payment transactions.

Furthermore, payees who offered to payers the option of making use of third party payment service providers or third-party payment instrument issuers should unambiguously provide to payers information about such third party payment service provider(s), including their registration number and the name of their responsible supervisory authority.

Notification of unauthorised or incorrectly executed payment transactions: the payment service user should report to its account servicing payment service provider any incident known to them that affected the former in the context of its use of a third-party payment service provider or third-party payment instrument issuer.

If the payment service user initiated the payment transaction through a third party payment service provider, the burden shall be on the latter to prove that the payment transaction was authenticated, accurately recorded and not affected by a technical breakdown or other deficiencies.

Liability: in the case of an unauthorised payment transaction, the payer's payment service provider must refund the amount to the payer within 24 hours of having noted or having been notified about the transaction .

If the third party payment service provider cannot demonstrate that it is not liable for the unauthorised payment transaction, it should, within one business day , compensate the account servicing payment service provider for reasonable costs incurred as a result of the refund to the payer, including the amount of the unauthorised payment transaction.

By way of derogation, the payer may be obliged to bear the losses, up to a maximum of EUR 50 or the equivalent in another national currency, resulting from the use of a lost or stolen payment instrument or from the misappropriation of a payment instrument. This should not apply if the loss, theft or misappropriation of a payment instrument was not detectable to the payer prior to a payment.

The payer should not bear any financial consequences resulting from use of a lost, stolen or misappropriated payment instrument if the resulting unauthorised payment was made possible by a method or a security breach, that had already been known and documented and the payment service provider failed to enhance security schemes to effectively block further attacks of that kind, except where the payer himself has acted fraudulently.

Data protection: processing of personal data by payment systems and payment service providers should only be permitted when this is necessary to safeguard the prevention, investigation and detection of payment fraud.

Parliament called for the principles of data protection privacy by design/privacy by default to be embedded in all data processing systems developed and used within the framework of this Directive.

Management of operational risks: payment service providers should establish a framework with appropriate mitigation measures and control mechanisms to manage the operational risks, including security risks, relating to the payment services they provide. As part of that framework payment service providers shall establish and maintain effective incident management procedures, including the detection and classification of major incidents.

Common and secure open standards of communication: it is proposed that EBA should, in close cooperation with the ECB develop draft regulatory technical standards in the form of common and secure open standards of communication. The common and secure open standards of communication should in particular, specify how third-party payment service providers are to authenticate themselves towards account servicing payment service providers and how account servicing payment providers are to notify and inform third-party payment service providers.

List of payment services providers: Parliament called for the EBA to make available on its website a list of all the authorised payment services providers within the Union.

That list should refer to all authorised payment services providers whose registration has been revoked and the reasons for this.

Electronic leaflet: Members suggested that within two years of the entry into force of the Directive, the Commission should produce a consumer friendly electronic leaflet listing, in a clear and easily comprehensible manner, the rights and obligations of consumers laid down in the Directive and in related Union law on payment services.

This information should be made available on the websites of the Commission, the European Supervisory Authority (European Banking Authority - 'EBA'), and national banking regulators.

The Committee on Economic and Monetary Affairs adopted the report by Diogo FEIO (EPP, PT) on the proposal for a directive of the European Parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC

The committee recommended that the position of the European Parliament adopted in first reading following the ordinary legislative procedure should amend the Commission proposal as follows:

Safe electronic payments : given the development of the digital economy, Members stated that they were in favour of establishing an integrated single market for safe electronic payments was crucial in order to support the growth of the Union economy and to ensure that consumers, merchants and companies enjoy choice and transparency of payment services to benefit from the full benefits of the internal market,

Licensing and registration : the report stressed that third party providers offering payment initiation services based on online banking had a promising potential when it came to facilitating cross-border e-commerce in the internal market. They also represent important security challenges to the safeguarding of the integrity of payments and personal data made available to them by payers.

The new rules should therefore address all those challenges appropriately and ensure that TPPs operating in the Union were licensed or registered and supervised as payment institutions.

Consumer information : Members stated that where the payment service provider may impose charges for information, they should be reasonable and in line with the payment service provider’s actual costs.

Consumers who switch their payment account, upon request can receive the transactions carried out on the former payment account recorded on a durable medium from the transferring payment service provider for a reasonable fee. The burden of proof should lie with the payment service provider to prove that it has complied with the information requirements.

The amended text stipulates that for payment initiation services, the third party payment service provider shall, prior to initiation , provide the payer with the following clear and comprehensive information:

· the contact information and registration number of the third-party payment service provider, and the name of the supervisory authority responsible;

· where applicable, the maximum time-limit for the payment initiation procedure;

· all possible charges payable by the payment service user to the third-party payment service provider and, where applicable, the breakdown of the amounts of any charges;

· where applicable, the actual or reference exchange rate to be applied.

These provisions are without prejudice to the data protection obligations applicable to the third-party payment service provider and the payee.

Rights and obligations regarding payment services : the amended text stated that Member States should ensure that a payer who held a payment account that could be accessed via online banking, had the right to make use of an authorised third party payment service provider, to obtain payment services enabling access to payment accounts. A payer should have the right to make use of an authorised third-party payment instrument issuer to obtain payment instrument enabling payment transactions.

Furthermore, payees who offered to payers the option of making use of third party payment service providers or third-party payment instrument issuers should unambiguously provide to payers information about such third party payment service provider(s), including their registration number and the name of their responsible supervisory authority.

Notification of unauthorised or incorrectly executed payment transactions : the payment service user should report to its account servicing payment service provider any incident known to them that affected the former in the context of its use of a third-party payment service provider or third-party payment instrument issuer.

If the payment service user initiated the payment transaction through a third party payment service provider, the burden shall be on the latter to prove that the payment transaction was authenticated, accurately recorded and not affected by a technical breakdown or other deficiencies.

Liability: in the case of an unauthorised payment transaction, the payer's payment service provider must refund the amount to the payer within 24 hours of having noted or having been notified about the transaction.

If the third party payment service provider cannot demonstrate that it is not liable for the unauthorised payment transaction, it shall, within one business day , compensate the account servicing payment service provider for reasonable costs incurred as a result of the refund to the payer, including the amount of the unauthorised payment transaction.

By way of derogation the payer may be obliged to bear the losses s, up to a maximum of EUR 50 or the equivalent in another national currency, resulting from the use of a lost or stolen payment instrument or from the misappropriation of a payment instrument. This shall not apply if the loss, theft or misappropriation of a payment instrument was not detectable to the payer prior to a payment.

The payer should not bear any financial consequences resulting from use of a lost, stolen or misappropriated payment instrument if the resulting unauthorised payment was made possible by a method or a security breach, that had already been known and documented and the payment service provider failed to enhance security schemes to effectively block further attacks of that kind, except where the payer himself has acted fraudulently.

Electronic leaflet : Members suggested that within two years of the entry into force of the Directive, the Commission should produce a consumer friendly electronic leaflet listing, in a clear and easily comprehensible manner, the rights and obligations of consumers laid down in the Directive and in related Union law on payment services. That information should be made available on the websites of the Commission, the European Supervisory Authority (European Banking Authority - 'EBA'), and national banking regulators.

OPINION OF THE EUROPEAN CENTRAL BANK on a proposal for a directive of the European Parliament and of the Council on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC.

On 31 October 2013, the European Central Bank (ECB) received a request from the Council for an opinion on the proposal for a directive which aims to help further develop a Union-wide market for electronic payments.

The ECB strongly supports the objectives and the content of the proposed directive . In particular, it supports the proposal to extend the current list of payment services to include payment initiation services and account information services as a means to support innovation and competition in retail payments.

The ECB also welcomes the fact that: (a) harmonisation and improvement of operational and security requirements for payment service providers has been proposed; (b) the competent authorities’ enforcement powers are to be strengthened; and (c) certain provisions of the Payment Services Directive (PSD 2007).

The ECB makes the following observations:

Defined terms and expressions : the ECB suggests improving the defined terms and adding to the proposed Directive the definitions of ‘issuing of payment instruments’ and ‘acquiring of payment transactions’.

Scope : the proposed directive provides that, where only one of the payment service providers to a payments transaction is located within the Union, the provisions with regard to the credit value date and on transparency of conditions and information requirements for payment services shall apply to those parts of the transaction that are carried out in the Union.

To the extent possible, Title IV, which covers rights and obligations in relation to the provision and use of payment services, should also apply in such cases and should apply equally in respect of all currencies.

Safeguarding requirements: the ECB would propose that payment institutions should have an obligation to provide appropriate protection in the form of the safeguarding requirements for a payment service user’s funds, regardless of whether they are engaged in other business activities than payment services or not.

Single Authority : the ECB would welcome one single authority, which would be responsible for ensuring compliance with the directive. Furthermore, the ECB suggests that Europol be added as an additional authority with which the competent authorities for supervising payment services may exchange information.

Third party payment service providers (TPP) : the ECB suggests, for security reasons, that TPPs should not be the cause for any waiver under Article 27 of the Directive.

Definition of “indirect participant” : the definition of ‘indirect participant’ in Directive 2009/44/EU does not currently cover payment institutions and, in order to ensure consistency and legal certainty, the ECB suggests amending the definition of ‘indirect participant’ in the Settlement Finality Directive to also cover payment service providers.

Authentication of clients : in order to combine security requirements and customer protection with the idea of open access to payment account services, the ECB suggests that customers are appropriately authenticated by relying on a strong customer authentication system. TPPs could ensure this through either redirecting the payer in a secure manner to their account servicing payment service provider or issuing their own personalised security features. Both options should form part of a standardised European interface for payment account access.

Furthermore, the ECB recommends that third party payment service providers should: (a) protect the personalised security features of payment service users they issue themselves; (b) authenticate themselves in an unequivocal manner vis-à-vis the account servicing payment service provider(s); (c) refrain from storing data obtained when accessing payment accounts, apart from information that identifies payments they initiate, such as reference number, payer’s and payee’s IBAN as well as the transaction amount; and (d) refrain from using data for any purposes other than those explicitly permitted by the payment service user.

Consumer protection : the consumer should have the right to instruct its account servicing payment service provider to establish specific positive or negative lists of TPPs.

Refunds : to comply with the provisions on the refund right, payment service providers would probably have to collect information about their customers’ purchases. The ECB suggests introducing, as a general rule, an unconditional refund right for a period of eight weeks for all consumer direct debits. For listed goods or services meant for immediate consumption, debtors and creditors could separately and explicitly agree that no refund rights should apply. The Commission could establish such a list by means of a delegated act.

Financial compensation : the financial compensation to be paid by the TPPs to the account servicing payment service provider in respect of unauthorised payment transactions does not correspond to compensation for non-execution, defective or late execution. The ECB would therefore suggest aligning these provisions with each other to ensure similar rules for compensation.

Security measures and reporting requirements : the EBA shall coordinate the sharing of information in the area of operational and security risks associated with payment services with the competent authorities under this Directive, the ECB, the competent authorities under the NIS Directive, and where relevant, with ENISA. Reporting requirements as regards operational and security risks should be defined and assessed by prudential supervisors and central banks.

The EBA should also develop guidelines addressed to competent authorities on complaint procedures that will assist in harmonising procedures.

Access and use of payment account information : separate provisions are provided on access and use of payment account information by TPPs and by third party payment instrument issuers, i.e. when a payment card is issued by a TPP. These services are not essentially different, so the ECB would suggest merging these provisions since the former regime on access and use of payment account information by the TPP could also apply mutatis mutandis to third party payment instrument issuers.

PURPOSE: to help develop further an EU-wide market for electronic payments.

PROPOSED ACT: Directive of the European Parliament and of the Council (amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC).

ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council.

BACKGROUND: significant progress and integration of retail payments in the EU have been achieved over the past 12 years, with the current regulatory and legislative acquis on payments. Moreover, the retail payments market is very dynamic and has experienced a significant innovation pace in the last few years.

At the same time, important areas of the payments market , especially card payments and new means of payments, such as internet and mobile payments, are often still fragmented along national borders making it difficult for innovative and easy-to-use digital payment services to develop efficiently and to provide consumers and retailers with convenient and secure payment methods.

The review of the European framework and notably Directive 2007/64/EC on the Payment Services Directive (PSD) and the consultation on the Commission Green Paper ‘Towards an integrated European market for card, internet and mobile payments’ in 2012 have led to the conclusion that further measures and regulatory updates , including adjustments to the PSD, are required .

In the Commission’s 2012 Communication “ Single Market Act II – Together for new growth ”, the modernisation of the legislative framework for retail payments has been identified as a key priority in view of its potential for new growth and innovation. The revision of the PSD and the preparation of a legislative proposal on multilateral interchange fees for card payments were defined as one of the key actions of the Commission for 2013.

LEGAL BASIS: Article 114 of the Treaty on the Functioning of the European Union (TFEU).

IMPACT ASSESSMENT: the impact assessment concluded that the best policy options to improve the existing situation by (i) reinforcing the Single Euro Payments Area (SEPA) project; (ii) facilitating standardisation through adequate governance framework; (iii) ensuring legal certainty in the field of interchange fees for card-based payments; (iv) abolishing restrictive business rules for card payments; (v) defining conditions of access to the information on the availability of funds for third party providers; (vi) adjusting the scope and improve the consistency of the legislative framework; (vii) reinforcing the rights of payment services users and safeguard the consumer rights in view of the regulatory changes.

CONTENT: this proposal also incorporates and repeals Directive 2007/64/EC of the European Parliament and of the Council on the Payment Services Directive which sets the basis for a harmonised legal framework for the creation of an integrated payments market. It aims to update and complement the current framework on payments services by providing for rules that enhance transparency, innovation and security in the field of retail payments and improving consistency between national rules, with an emphasis on the legitimate needs of consumers.

More specifically, the proposed measures seek to:

ensure a competitive level playing field between all categories of payment service providers, including new emerging providers, which in turn increases the choice, efficiency, transparency and security of retail payments; facilitate the provision of innovative card, internet and mobile payment services across borders by ensuring a Single Market for all retail payments; address standardisation and interoperability gaps for card, internet and mobile payments; eliminate hurdles for competition , in particular for card and internet payments; align charging and steering practices for payment services across the EU; ensure that emerging types of payment services and instruments are covered by the regulatory framework for retail payments in the EU; ensure a consistent application of the legislative framework (PSD) and align the practical operation of the licensing and supervisory rules for payment services across Member States; ensure adequate and consistent protection of consumer interests in the context of payment transactions, including extending regulatory protection to new channels and innovative payment services.

The proposed measures seek to implement this reform in a technologically neutral manner that will remain relevant as payment services evolve further.

BUDGETARY IMPLICATIONS : the impact on the EU budget is estimated at EUR 609 000 for the period 2015-2020.

DELEGATED ACTS: the proposal contains measures empowering the Commission to adopt delegated acts in accordance with Article 290 of the Treaty on the Functioning of the European Union.