The SEPA Payment Account Access (SPAA) Scheme Rulebook

The Payment Account Access ( ) scheme rulebook, which is created in line with the requirements defined in the June 2021 report of the ERPB Working Group on a SEPA Application Programming Interface (API) Access Scheme, covers the set of rules, practices and standards that will allow the exchange of payment accounts related data (i.e. data assets) and facilitates the initiation of payment transactions (i.e. transaction assets), in the context of ‘value-added’ (‘premium’1) -based services provided by asset holders (i.e. Account-Servicing Payment Service Providers ( )) to asset brokers (e.g. Third Party Providers ( in a revised Payment Services Directive ( ) context) such as Payment Initiation Service Providers ( ) or Account Information Service Providers (AISP)).

The first version (v1.0) of the scheme rulebook, with an effective date of 30 November 2023, takes into account the comments received during a three-month rulebook public consultation which ended on 12 September 2022. A document containing the public consultation comments received and the related responses is expected to be published by the end of 2022 on the website.

All the services listed in version 1.0 of the rulebook are currently positioned as optional. In the coming months, the Multi-Stakeholder Group ( MSG) will progress on defining a ‘minimum viable product’ (MVP) (a set of mandatory services to be supported by the asset holders) based on market demand and on the outcome of the work on the default business conditions performed by an independent economic consultant. This MVP will be reflected in a revised version of the first scheme rulebook for publication in 2023 subject to Board approval. 

The fully recognises that potential scheme participants will only be able to take a firm decision as to whether to adhere to the scheme when they will have a ‘full picture’ of the scheme, i.e. including the MVP and the default business conditions.

The publication of version 1.0 of the rulebook at this stage will however already enable the market (asset holders, asset brokers, infrastructures, standardisation initiatives, …) to make an early assessment of the scheme and its requirements on the basis of a stable first version of the rulebook, which should facilitate a timely adoption of the scheme. 

It is however envisaged that the scheme will evolve further over time to support more elaborated functionalities, in line with market demand.

A public consultation is expected to be launched before the end of 2022 on strong customer authentication ( ), to complement the current rulebook sections on

The scheme default business conditions are expected to be published on the website in Q2 2023  and will cover a set of default asset fees for the ‘premium’ assets exposed by the asset holder to the asset broker as well as default access fees for the use of the itself, as provided by the asset holder. 

The Security Framework document provides the minimum security-related requirements applicable to the scheme participants using . It defines an security framework based on widely available European or international security standards. The first version of this framework will focus on the Request-to-Pay ( ) scheme and be made available before the end of the year. The scheme related specifications are envisaged to be included in a second version to be published in Q2 2023 upon Board approval. 

The implementation guidelines which support the scheme operationally will be developed by the relevant European standardisation initiatives in the field of . Scheme participants will be free to select the standardisation initiative of their choice. However, to ensure pan-European harmonisation in the field of implementation, the is envisaged to contract a homologation body in a future phase as need be, tasked with checking whether the specifications developed by the standardisation initiatives comply with the requirements as defined in the rulebook.
The scheme adherence process will be open on 1 September 2023 to allow applicants to prepare their adherence application ahead of the effective date of the scheme.

1 Premium services are to be considered as:

  • services building on -regulated ones, but going beyond the minimum regulatory requirements via the combination with (a) so-called premium feature(s). For example, the transaction asset ‘one-off payments’ a basic service but when combined with a premium feature such as a ‘Payment certainty mechanism’, it becomes a premium service as described under the rulebook. 
  • services that are not available via online banking interfaces but provided via a .

Document download