Issue 8 - October 2010
EPC Latest News
Update EPC Plenary MeetingsMain decisions taken in September 2010
25.10.10 By Gerard Hartsink
Gerard Hartsink summarises the main decisions taken at the September 2010 EPC Plenary meeting including approval of updated and enhanced versions of the SEPA Scheme Rulebooks for publication on 1 November 2010 (these versions will take effect in November 2011); approval of the SEPA Fixed Amount Direct Debit Scheme Rulebook version 1.0 as ready to be communicated to national banking communities, relevant stakeholders and suppliers; establishment of the Certification Authority Supervisory Body (CASB) relevant to the management of the EPC e-Mandates e-Operating Model and approval of the joint EPC and GSMA paper "Mobile Contactless Payments Service Management Roles - Requirements and Specifications". The Plenary thanked Herman Segers for his significant contributions as EPC Secretary General and welcomed Marco Musto as the new EPC Secretary General.***
Scroll to the end of the page and post a comment.
Approval of updated versions of the SEPA Credit Transfer Scheme (SCT) and SEPA Direct Debit Scheme (SDD) Rulebooks
The EPC Plenary approved updated and enhanced versions of the SEPA Scheme Rulebooks and adjacent Implementation Guidelines for publication on 1 November 2010. The SCT and SDD Schemes evolve based on an open change management process providing all stakeholders with the opportunity to introduce suggestions for changes to the SEPA Schemes. To ensure planning security for all market participants, publication of new rulebook versions follows a strict release management cycle. In accordance with best industry practice, banks and their service providers have sufficient time to address the updates of the rulebooks and Implementation Guidelines ahead of 19 November 2011 - the date that these revised rulebooks will come into effect. The limited number of requests for additional elements introduced into the new rulebook versions demonstrates the maturity of the SEPA Schemes and highlights that they are fit for purpose. For a detailed report on the new mandatory and optional elements introduced into the updated rulebook versions refer to the article "SEPA Schemes: Next Generation" in this newsletter.
Approval of version 1.0 of the SEPA Direct Debit Fixed Amount Scheme (SDD FA) Rulebook
As reported in previous issues of this newsletter, the EPC is in the process of developing a new optional SEPA Direct Debit Fixed Amount Scheme. The new SDD Scheme will apply the regime defined in the Payment Services Directive (PSD) with regard to refund rights; e.g. the refund right does not apply in cases of authorised transactions when the exact amount of the direct debit collection is agreed between the payer (debtor) and the biller (creditor). This option is contingent upon the payer and the biller having agreed the exact amount and the frequency of collections in the mandate. The mandate to be signed by a payer authorising a biller to collect payments under the new SDD Fixed Amount Scheme will clearly highlight the difference to the SDD Core Scheme as regards the application of the refund right in case of authorised transactions to avoid misuse of the 'no-refund' feature.
In the event of unauthorised direct debit collections, the payer's right to claim a refund as stipulated in the PSD extends to thirteen months. Naturally, the right to a refund in case of an unauthorised transaction during a period of thirteen months is granted to the payer also under the new optional SDD Fixed Amount Scheme, in full compliance with the PSD.
The mandate to be signed under the SDD FA Scheme will specify the exact amount of the collection as well as the frequency of the collections, it is the case. If the biller collects a different amount than the amount stated in the mandate, or if the biller diverts from the frequency of collections agreed in the mandate, the payer can make a claim for a refund citing a case of an unauthorised transaction.
The Plenary resolved that the SEPA Fixed Amount Direct Debit Scheme Rulebook version 1.0 and adjacent Implementation Guidelines are approved as ready to be communicated to national banking communities, relevant stakeholders and suppliers, recognising that the adjacent deliverables referred to below remain to be completed and appropriately approved prior to opening the adherence process for future scheme participants and setting a launch date for the SDD FA Scheme. These adjacent deliverables include:
- A separate mandate is available. Approved translations and a specific set of layout guidelines for a separate SDD FA mandate will be prepared.
- Documentation related to adherence by payment service providers to the SDD FA Scheme will be addressed once the first version of the Rulebook has been approved by the Plenary and open questions regarding the proposed Code of Conduct (see below) will be resolved. With future approval of the updated adherence documentation the Plenary will instruct the EPC Scheme Management Committee1 on the date when to open the SDD FA adherence process and on the launch date of the SDD FA Scheme.
- The EPC Plenary clarified that the launch of the SDD FA Scheme is subject to the development of a "Code of Conduct" specifying the type of trade environment adequate for direct debit collections under the new SDD FA Scheme. The aim of such a "Code of Conduct" is to ensure satisfactory consumer protection. This remains to be developed with the necessary involvement of all relevant market players including representatives of businesses and consumers. The EPC will support the set-up of this guidance in order to have it available as soon as possible. The ownership of this "Code of Conduct" should be shared with the regulators as well as associations representing consumers, corporates and public administrations. Furthermore, it should be decided which governance model will be used to supervise the correct application of the code of conduct usage guidance.
Establishment of a Certification Authority Supervisory Body (CASB)
As previously reported, the SDD Schemes include the optional e-Mandate feature; i.e. the option to create a mandate through an electronic channel. With a mandate the payer authorises a biller to collect payments by direct debit. At the same time the mandate authorises the payer's bank to debit the payer's account when a euro direct debit collection is presented. The e-Mandate option provides an additional means of authorising direct debit collections. The e-Mandate solution is based on secure, widely used online banking services offered by banks today. The e-Mandate solution is an optional service supported and offered by banks to their customers.
The payer's bank validates the e-Mandates issued by a payer wishing to make euro payments by SEPA Direct Debit either itself or through a validation service provider acting on behalf of the payer's bank. The routing service necessary to facilitate the communication between all parties involved in the process is supplied to the biller by the biller's bank or by one or more routing service provider(s) acting on behalf of the biller's bank. The biller and his bank should have an agreement on the conditions for the use of routing service(s).
The messages sent from the biller via the routing service to the validation service of the payer's bank are routed via open networks by making use of the Internet. In order to make this message exchange reliable and secure, the EPC has defined a standard for this messaging which is called the "EPC e-Mandates e-Operating Model". This is a high-level definition describing message flows, a data model and general requirements as regards the solution itself and the parties executing it. In addition, the detailed specifications of the EPC e-Mandates e-Operating Model facilitate consistent implementation of the e-Mandate feature by the parties involved in the process. Last but not least, the EPC e-Mandates e-Operating Model establishes a secure environment based on defined security requirements. The messages exchanged via the EPC e-Mandates e-Operating Model must be compliant with the ISO 20022 standards set out in the e-Mandate-Service Implementation Guidelines for the SDD Core and SDD B2B Schemes, respectively.
The EPC e-Mandates e-Operating Model also spells out the requirements to be met by EPC-approved Certification Authorities (CAs). It is the role of the EPC-approved Certification Authorities to securely qualify legitimate validation service providers and routing service providers. The CAs will issue certificates to validation service providers and routing service providers that meet the requirements of the EPC e-Mandates e-Operating Model. The EPC-approved Certification Authorities provide a common trust (and hence liability) model enabling secure message flows between the validation service providers and the routing service providers facilitating the e-Mandate service. Thanks to the Certification Authorities, there is no need for the parties involved in the e-Mandate process flow to establish bilateral agreements.
The EPC will allow any Certification Authority approved by the EPC according to a dedicated approval process, based on well accepted international standards, to provide certificates to validation service providers and routing service providers. The public key certificates identifying EPC-approved Certification Authorities for e-Mandate Services will be published in a so called Trust-Service Status List (TSL) for e-Mandate Services. The EPC has contracted a Trust Body to establish and publish this Trust Service List.
Any Certification Authority that wants to get EPC-approval can submit its registration request to the EPC with information on its auditor. If the auditor is not yet accredited by the EPC, the auditor must be accredited by the EPC according to the requirements outlined in the EPC document "Approval Scheme for EPC Approved CAs" (a link is included below). The auditor prepares an audit report confirming that the examination has been conducted in accordance with the standards and specifications published by the EPC and the candidate CA will sign an agreement with the EPC clarifying the liabilities between the EPC and this CA. Once the EPC has granted approval, the CA will be published as "EPC-approved CA for e-Mandates" on the EPC web site.
The Plenary established the Certification Authority Supervisory Body (CASB) - the body responsible for approving Certification Authorities in the e-Mandate process. The CASB will approve applications from candidate CAs. In addition, the CASB will also review and approve the audit reports on the TSL Trust Body.
For more information on the optional e-Mandate feature included in the SDD Schemes and the security architecture of the EPC e-Mandates e-Operating Model refer to the article "Have it Your Way! The EPC e-Mandate option: a secure way to authorise a SEPA Direct Debit payment" (EPC Newsletter, Issue 6, April 2010).
Approval of EPC-GSMA Mobile Contactless Payments Service Management Roles Requirements and Specifications
The Plenary approved publication of the joint EPC and the GSMA paper "Mobile Contactless Payments Service Management Roles - Requirements and Specifications". The paper describes the provision and lifecycle management of banks' mobile contactless payment applications when integrated with a mobile phone. It also outlines the role of the 'Trusted Service Manager", which is to support banks and mobile operators aiming to promote mobile contactless payments. For details refer to the article "Common Architecture for Mobile Payments. EPC and GSMA publish joint paper on mobile contactless payments service management" in this newsletter.
The Plenary thanked Herman Segers for his contributions as EPC Secretary General
The Plenary thanked Herman Segers, who served as EPC Secretary General since 2008, for his significant contributions and support to the Plenary. Herman Segers retired following completion of his term in office.
The Plenary welcomed Marco Musto as the new EPC Secretary General
The EPC Plenary welcomed Marco Musto as the new EPC Secretary General. Marco Musto has more than 20 years of international experience in the payments industry. His strong and extensive professional portfolio features assignments across different industry segments including the banking, processing and acquiring sectors. Since 2005, he was responsible for SEPA product development, management and deployment on behalf of leading payment service providers.
Gerard Hartsink is the Chair of the EPC.
Related article in this issue not linked above:
1 The EPC Scheme Management Committee (SMC), amongst others, administers and approves adherence applications of payment service providers wishing to become participate in the SEPA Schemes.
Other articles in this issue
25.10.10 The Shortcut to SEPA: Who Is Who and Who Does What - Latest EPC releases highlight key SEPA concepts and prove: the IBAN is your new best friend! By Meral Ruesing 25.10.10 The EPC Newsletter also Makes for a Nice Christmas Present - Do you agree? Please share your thoughts on this newsletter by completing our reader survey! By the EPC Newsletter Editorial Board 25.10.10 Facing up to the IT Challenge - Choosing the right IT strategy for SEPA compliance By Magiel Bruntink and Zeeger Lubsen 25.10.10 The Way is the Goal - New book on the (rocky) road to EU payments integration By Ruth Wandhöfer 25.10.10 Moving Forward - 'Banks & Future 2010' identifies the trends shaping the European payments market By Claus-Peter Praeg and Benjamin Syrbe 25.10.10 332 Votes for an End Date - Main findings of the European Payments Survey 2010 on SEPA and the PSD By Chris Skinner 25.10.10 Facing the Facts in October 2010 - The EPC Newsletter tracks the progress of SEPA implementation By Gerard Hartsink 25.10.10 The Single Euro Cash Area - Towards a more efficient European cash society By Carlo R.W. de Meijer 25.10.10 Searching for Enlightenment? - The new book 'ISO 20022 For Dummies' has all the answers! Jamie Shay and Stephen Lindsay 25.10.10 The Global Data Highway - The ISO 20022 catalogue of financial services messages: a progress report By Jolanda Schekermans 25.10.10 An Epic Voyage: the SEPA Odyssey - Looking to Homer provides useful insight on the integration of the euro payments market By Javier Santamaría 25.10.10 So what´s in a Name? Explaining Payment Schemes, Instruments and Systems - Clarity on payment terms is critical in the debate over the approach to setting end dates for migration to SEPA through EU Regulation By Gerard Hartsink 25.10.10 Preparation for SEPA by Public Administrations in France - France´s public administrations are among the country´s leading users of cashless payment systems By Daniel Perrin 25.10.10 The Quantum Leap for SEPA Direct Debit - From 1 November 2010, all banks in the euro area are reachable for SEPA Core Direct Debit By Javier Santamaría and Kevin Brown 25.10.10 Common Architecture for Mobile Payments - EPC and GSMA publish joint paper on mobile contactless payments service management By Dag-Inge Flatraaker 25.10.10 SEPA Schemes: Next Generation - EPC publishes new versions of the SCT and SDD Rulebooks on 1 November 2010 By Javier Santamaría
If you would like to comment on this article, please use the box under the headline 'Add New Comment' below. Please identify yourself with your first and last name. Please note that your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC Newsletter Terms and Conditions, so please read them carefully before doing so.
To receive notification when a new comment is added to this specific discussion, please subscribe to get updates by email or RSS using the links below. (These links are not available on the mobile version of the EPC Website, to subscribe by email or RSS, please visit the standard version of the EPC Website).