The European Payments Council ( ) has frequently pointed out that the Single Euro Payments Area ( ) programme is a policy-maker-driven European Union ( ) initiative aimed at completing the Economic and Monetary Union and the integration of the internal market. The European authorities driving the process – the governments, the European Parliament, the European Commission and the European Central Bank – have clarified that migration to harmonised payment schemes and technical standards, as mandated by law, does not conclude the project. Consequently, further regulatory action intended to bring about ‘ 2.0’ is now in the pipeline.
This blog introduces a new poll launched to capture the views of payments audiences on which of the following initiatives will have the greatest impact on the European payments market going forward:
- European Commission proposal for a revised Payment Services Directive ( ).
- European Commission proposal for a new Regulation on interchange fees for card-based payment transactions.
- Work programme of the Euro Retail Payments Board, chaired by the European Central Bank.
- SecuRe Pay Forum recommendations for the security of internet payments; for the security of payment account access services; and for the security of mobile payments.
- Guidelines and technical standards issued by the European Banking Authority pursuant to the mandate provided by the proposed revised Payment Services Directive ( ) (Articles 86, 87).
To cast your vote, please check the one item most significant in your view in the poll posted on the upper left hand side of this blog page. Below you will find background information on the topics listed in the poll. Sources cited and other related information are included in the ‘related links’ at the foot of this blog. The poll will be open until the end of September 2014. The results, (and latest developments with regard to the regulatory initiatives mentioned in the poll), will be presented in the October 2014 edition of the Newsletter.
European Commission ‘payments legislative package’, published in July 2013, includes the proposals for a revised Payment Services Directive and a new Regulation on interchange fees for card-based payment transactions.
compliance requirements that must be met by payment service users and providers are determined by the institutions in accordance with their specific competences. The European Commission has the right of initiative to propose laws for adoption by the co-legislators. These are the European Parliament and the Council of the . The Council of the is the institution where the Member States’ government representatives sit, i.e. the ministers of each Member State with responsibility for a given policy area.
The Payment Services Directive (PSD) as currently in effect was implemented in most Member States by 1 November 2009. On 24 July 2013 the European Commission published its ‘payments legislative package’, which includes the proposal for . (The formal title of this proposed legislative act is “Proposal for a Directive of the European Parliament and of the Council [of the ] on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/ and 2009/110/EC and repealing Directive 2007/64/EC.”) Within the payments legislative package, the Commission tabled, in addition, its proposal for a new Regulation on interchange fees for card-based payment transactions (IF Regulation).
legislation proposed by the Commission related to payments is considered by the European Parliament’s Economic and Monetary Affairs Committee (ECON) prior to the European Parliament taking a vote on a proposal. The ECON agreed its proposed versions of and the IF Regulation including amendments to the Commission’s proposals on 20 February 2014. The members of the European Parliament approved the final ECON reports on these legislative proposals at its plenary session on 3 April 2014. However, the European Parliament postponed the votes (in first reading) on the related draft legislative resolutions until after the elections that took place in May 2014. The Council of the will continue to progress its work on the payments legislative package in the second half of 2014 under the Italian Presidency which will take over the six-month rotating presidency of the Council on 1 July 2014.
The related links below include publications issued by the institutions to-date as well as sources identifying key considerations of the with regard to, specifically, the .
Work programme of the Euro Retail Payments Board, chaired by the European Central Bank
The European Central Bank (ECB) – in its role as a catalyst for the integration of the euro payments market and based on its mandate to promote the smooth operation of payment systems – has closely monitored and steered the process since its inception in dialogue with the political authorities and other stakeholders.
In 2010, the European Commission together with the ECB established the Council, which brought together representatives from both the demand and supply sides, including the , with a view to promote the realisation of an integrated euro retail payments market by ensuring high level stakeholder involvement. On 19 December 2013 the ECB announced the launch of the Euro Retail Payments Board ( ). This new entity, which replaces the Council, will “help foster the development of an integrated, innovative and competitive market for retail payments in euro in the ”.
The ECB points out that the “ERPB’s composition and mandate will be broader than those of its predecessor”. Seven representatives from the demand side (e.g. consumers, retailers and corporations) and seven from the supply side (banks and payment and e-money institutions) sit on the Board (compared with five each on the Council). They are joined by five representatives from the euro area national central banks and one representative from the non-euro area national central banks (all on a rotating basis). The is chaired by the ECB. The European Commission is invited to join as an observer. The ’s work will consist mainly of identifying strategic issues and work priorities (including business practices, requirements and standards) and ensuring they are addressed. The held its first meeting on 16 May 2014. (The is one member of the .)
For more information on the including the statement setting out its work plan and priorities published following its first meeting, refer to the links below.
Recommendations for the security of internet payments, for the security of payment account access services and for the security of mobile payments developed, respectively, by the European Forum on the Security of Retail Payments (SecuRe Pay Forum)
The European Forum on the Security of Retail Payments (SecuRe Pay Forum) was established in 2011 as a voluntary cooperative initiative between relevant authorities from the European Economic Area; supervisors of payment service providers and overseers in particular. It was formed with the objective of facilitating common knowledge and understanding of issues related to the security of electronic retail payment services and instruments and, where necessary, issuing recommendations.
Following a public consultation in 2012, in January 2013 the ECB released the final recommendations for the security of internet payments developed by the SecuRe Pay Forum. Addressees will have to comply with both its recommendations and key considerations or be able to explain and justify any deviation from them upon the request of the relevant competent authority. This is known as the ‘comply or explain’ principle.
In November 2013, the SecuRe Pay draft recommendations for the security of mobile payments were issued for public consultation.
In May 2014, the final text of the recommendations for the security of payment account access services following public consultation was made publicly available. This document states: “The final text of these Recommendations (…) was not prepared in view of publication, but rather in view of transmission to the European Banking Authority ( ). The decision not to publish the final text was taken given the ongoing revision of the Payment Services Directive (PSD), the current lack of supervisory competence over providers of payment account access services and the related proposal to introduce a licensing requirement for these providers in the revised PSD, as well as the proposed mandate for the included in the revised PSD to develop (in collaboration with the ECB) guidelines on security measures encompassing also payment account access services. The ECB has decided to make this document public following a public access request. This is without prejudice to the fact that the Recommendations [for the security of payment account access services] remain addressed to the for their drafting of guidelines on security measures. In the meantime, any implementation of these Recommendations would neither be expected nor enforced by the authorities that are members of the European Forum on the Security of Retail Payments.”
Guidelines and technical standards issued by the European Banking Authority pursuant to mandate provided by the proposed (Articles 86 and 87)
Established in January 2011, the European Banking Authority ( ) is an independent authority which works to ensure effective and consistent prudential regulation and supervision across the European banking sector. Its overall objectives are to maintain financial stability in the and to safeguard the integrity, efficiency and orderly functioning of the banking sector. Article 86 of the proposed introduced by the European Commission in July 2013 states: “[ ] Member States shall ensure that payment service providers provide (…) on a yearly basis updated information of the assessment of the operational and security risks associated with the payment services they provide and on the adequacy of the mitigation measures and control mechanisms implemented in response to these risks. (…) shall, in close cooperation with the ECB, develop guidelines with regard to the establishment, implementation and monitoring of the security measures, including certification processes when relevant.”
Article 87 of the proposed states: “[ ] Member States shall ensure that a payment service provider applies strong customer authentication when the payer initiates an electronic payment transaction unless guidelines allow specific exemptions based on the risk involved in the provided payment service. This also applies to a third party payment service provider when initiating a payment transaction on behalf of the payer. The account servicing payment service provider shall allow the third party payment service provider to rely on the authentication methods of the former when acting on behalf of the payment service user. (…) shall, in close cooperation with the ECB, issue guidelines addressed to payment service providers as set out in Article 1(1) of this Directive in accordance with Article 16 of Regulation ( ) No 1093/2010 on state of the art customer authentication and any exemption to the use of strong customer authentication. (…)”.
(Please note: the European Payments Council ( ), representing the European banking industry in relation to payments, is not an legislative body. More generally, the is not part of the institutional framework. The has therefore, no role in the adoption of any laws or other regulatory initiatives.)
- EPC Newsletter (October 2013): SEPA Fact Check: The SEPA Benefits Projected by EU Governments, the European Parliament, the European Commission and the European Central Bank (1999 - 2013)
- EPC Website: SEPA Legal and Regulatory Framework
- European Commission (24 July 2013): Payments Legislative Package (includes proposals for and new Regulation on interchange fees for card-based payment transactions)
- EPC Blog (June 2014): PSD2: EPC Calls on EU Lawmakers to Maintain the Firewall Protecting Consumers Making Internet Payments. This Means: No Sharing of Any Personalised Security Credentials with Third Parties
- EPC Blog (April 2014): PSD2: The New Article 67, (‘Refunds for Payment Transactions Initiated By or Through a Payee’), Proposed by the European Commission Risks Undermining Consumer’s Unconditional Refund Right for Direct Debits Included with the SEPA Direct Debit Core Scheme
- European Central Bank (5 February 2014): Opinion on a Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and Repealing Directive 2007/64/EC
- European Parliament Economic and Monetary Affairs Committee (ECON) Website
- European Parliament Economic and Monetary Affairs Committee (ECON) (11 March 2014): Report on the Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC
- Council of the European Union Website
- Council of the European Union (20 June 2014): Item Note. Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC – State of play
- European Banking Authority Website
- European Central Bank Website: Governance (includes detailed information on the Euro Retail Payments Board – ERPB)
- European Central Bank Website: Statement of the Euro Retail Payments Board (ERPB) (May 2014)
- European Central Bank: Recommendations for the Security of Internet Payments. Final Version after Public Consultation (developed by the European Forum on the Security of Retail Payments)
- European Central Bank: Final Recommendations for the Security of Payment Account Access Services Following the Public Consultation (developed by the European Forum on the Security of Retail Payments)
- European Central Bank: Recommendations for the Security of Mobile Payments. Draft Document for Public Consultation (developed by the European Forum on the Security of Retail Payments)
- EPC Newsletter (April 2014): EPC Comments on the Draft ‘Recommendations for the Security of Mobile Payments’ Developed by the European Forum on the Security of Retail Payments
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website conditions of use.