Stay up-to-date with regulatory and other developments impacting the European payments market going forward: visit the new infographic
The European Payments Council (EPC) has frequently pointed out that the Single Euro Payments Area () is a European Union (EU) integration initiative pursued by the EU institutions. These are the European Commission, the European Parliament, the Council of the EU representing EU governments and the European Central Bank. With the introduction of the euro currency in 1999, the political drivers have focused on the integration of the euro payments market. SEPA compliance requirements that must be met by payment service users and providers are determined by the EU institutions in accordance with their specific competences.
Going forward, the institutional SEPA landscape will become even more complex: in future, the newly established Euro Retail Payments Board () chaired by the European Central Bank and the European Banking Authority (EBA) will also play a role in shaping SEPA. In July 2014 the EPC published a new infographic. It provides a timeline highlighting key milestones of SEPA roll-out and an overview of the actors involved in the SEPA process at the European level and their interaction. This infographic will be updated in the future as required.
(Please note: the EPC, representing the European banking industry in relation to payments, is not an EU legislative body. More generally, the EPC is not part of the EU institutional framework. The EPC has, therefore, no role in the adoption of any EU laws or other regulatory initiatives establishing SEPA compliance requirements.)
Figure 1: SEPA at a glance – the infographic (Source: EPC.)
Participate in the new EPC poll: in your view, which regulatory initiatives will have the greatest impact on the European payments market going forward?
The European authorities driving the SEPA process – the EU governments, the European Parliament, the European Commission and the European Central Bank – have clarified that migration to harmonised SEPA payment schemes and technical standards, as mandated by EU law1, does not conclude this EU integration project. Consequently, further regulatory action intended to bring about ‘SEPA 2.0’ is now in the pipeline.
In July 2014, the EPC introduced a new poll to collect the views of payments audiences on which of the following initiatives will have the greatest impact on the European payments market going forward:
- European Commission proposal for a revised Payment Services Directive ().
- European Commission proposal for a new Regulation on interchange fees for card-based payment transactions.
- Work programme of the Euro Retail Payments Board, chaired by the European Central Bank.
- SecuRe Pay Forum recommendations for the security of internet payments; for the security of payment account access services; and for the security of mobile payments.
- Guidelines and technical standards issued by the European Banking Authority pursuant to the mandate provided by the proposed revised Payment Services Directive (PSD2) (Articles 86, 87).
To cast your vote, please check the one item most significant in your view in the poll posted on the upper left hand side of this article page. Below you will find background information on the topics listed in the poll. The poll will be open until the end of September 2014. The results, (and latest developments with regard to the regulatory initiatives mentioned in the poll), will be presented in the October 2014 edition of the EPC Newsletter.
(Sources cited in this article and other related information are included in the ‘related links’ below.)
European Commission ‘payments legislative package’, published in July 2013, includes the proposals for a revised Payment Services Directive and for a new Regulation on interchange fees for card-based payment transactions.
The European Commission has the right of initiative to propose laws for adoption by the EU co-legislators. These are the European Parliament and the Council of the EU. The Council of the EU is the EU institution where the Member States’ government representatives sit, i.e. the ministers of each EU Member State with responsibility for a given policy area.
With the publication of its Green Paper ‘Towards an integrated European market for card, internet and mobile payments’2 (the Green Paper) for public consultation in January 2012, the European Commission announced that, taking into consideration the feedback received, it would determine the need for EU action to address ‘gaps’ it perceived with regard to competition, choice and innovation in this area.
The Commission’s conclusions on the matter are also reflected with its ‘payments legislative package’ tabled in July 2013, which includes its proposals for a revised Payment Services Directive (PSD2) and for a new Regulation on interchange fees for card-based payments transactions (IF Regulation). (The formal title of the proposed PSD2 is “Proposal for a Directive of the European Parliament and of the Council [of the EU] on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC.”).
EU legislation proposed by the Commission related to payments is considered by the European Parliament’s Economic and Monetary Affairs Committee (ECON) prior to the European Parliament taking a vote on a proposal. The ECON agreed its proposed versions of PSD2 and the IF Regulation including amendments to the Commission’s proposals on 20 February 2014. The members of the European Parliament approved the final ECON reports on these legislative proposals at its plenary session on 3 April 2014. However, the European Parliament postponed the votes (in first reading) on the related draft legislative resolutions until after the elections that took place in May 2014.
The Greek Presidency of the Council of the EU published its compromise text on PSD2 in June 2014. The Italian Presidency, which took over the six-month rotating presidency of the Council on 1 July 2014, published a second compromise text on 23 July 2014. The Council of the EU will continue to progress its work on the payments legislative package in the second half of 2014.
In a last step, the Commission, the European Parliament and the Council of the EU will have to agree the final version of the forthcoming PSD2 and the IF Regulation, respectively.
Considering that the Commission proposes that EU Member States are given two years to implement this revised EU Directive into national law, the forthcoming PSD2 could take effect at the earliest in 2016. An EU Regulation has binding legal force throughout every EU Member State, i.e. the new Regulation on interchange fees for card-based payment transactions would enter into force at a date to be determined by the EU co-legislators.
The links included at the end of this article cover publications issued by the EU institutions to date as well as sources identifying key considerations of the EPC with regard to, specifically, the PSD2.
Work programme of the Euro Retail Payments Board, chaired by the European Central Bank
The European Central Bank (ECB) – in its role as a catalyst for the integration of the euro payments market and based on its mandate to promote the smooth operation of payment systems – has closely monitored and steered the SEPA process since its inception in dialogue with the political authorities and other stakeholders.
In 2010, the European Commission together with the ECB established the SEPA Council, which brought together representatives from both the demand and supply sides, including the EPC, with a view to promote the realisation of an integrated euro retail payments market by ensuring high level stakeholder involvement. On 19 December 2013 the ECB announced the launch of the Euro Retail Payments Board (ERPB). This new entity, which replaces the SEPA Council, will “help foster the development of an integrated, innovative and competitive market for retail payments in euro in the EU”.
The ECB points out that the ERPB’s composition and mandate are “broader than those of its predecessor”. Seven representatives from the demand side (e.g. consumers, retailers and corporations) and seven from the supply side (banks and payment and e-money institutions) sit on the Board (compared with five each on the SEPA Council). They are joined by five representatives from the euro area national central banks and one representative from the non-euro area EU national central banks (all on a rotating basis). The ERPB is chaired by the ECB. The European Commission is invited to join as an observer. The ERPB’s work will consist mainly of identifying strategic issues and work priorities (including business practices, requirements and standards) and ensuring they are addressed. (The EPC is a member of the ERPB.)
Following its first meeting on 16 May 2014, the ERPB published a statement setting out its work plan for the period 2014 through 2016. The ERPB members agreed to immediately set up two working groups, both to be composed of relevant stakeholders from the supply and demand side, on: i) post-migration issues relating to the SEPA Credit Transfer () and SEPA Direct Debit (SDD) Schemes; and ii) pan-European electronic mandate solutions for SDDs. These working groups are to be temporary (ad hoc) structures based on specific mandates adopted by the ERPB. They would be expected to report back to the ERPB by the end of 2014. ERPB members also agreed to examine the possibility of setting up working groups on mobile payments and innovative payments and, therefore, asked the ERPB Secretariat to prepare draft mandates for these working groups for consideration by the members of the ERPB.
This ERPB work plan for the period 2014 through 2016 identifies the following priorities:
Payments cards standardisation: the ERPB members agreed to acknowledge the work of the Cards Stakeholders Group (CSG) and invited the CSG to continue its work on formulating harmonised requirements for payment cards standardisation and to keep the ERPB informed of their progress on a regular basis. In addition, the members of the ERPB invited the CSG to carry out a stock-taking exercise on the implementation of standards related to payment cards and to devise a plan on dealing with the practical implementation issues in this respect at the next meeting of the ERPB. (The EU authorities driving the SEPA programme stressed the need to create harmonised cards standardisation requirements. In response to these expectations retailers, vendors, processors, card schemes and the EPC jointly created the CSG in 2009. The CSG develops and maintains the SEPA Cards Standardisation Volume (the SCS Volume). The SCS Volume defines a standard set of requirements to ensure an interoperable and scalable card and terminal infrastructure across SEPA, based on open international card standards.)
Alternative SEPA direct debit scheme: the ERPB members discussed the principles outlined in a note prepared by a multi-stakeholder task force that had analysed the feasibility of an alternative direct debit scheme in SEPA that did not include the unconditional right to refunds. Although the representative of consumers stressed the importance of the unconditional right to refunds for payers, the members of the ERPB agreed that —if permitted under EU law — such a scheme could be launched provided that the scheme followed, inter alia, the seven principles outlined by the task force. These principles are: i) ensuring full transparency to consumers; ii) limiting the list of goods or services that the scheme could be used for; iii) making collections subject to a maximum amount; iv) the consumer refund rights for unauthorised transactions remaining fully intact to ensure full consumer protection; v) making it easy for payment service providers () to determine which creditors are entitled to use the scheme; vi) no requirements for PSPs to check or monitor individual underlying transactions; and vii) having the potential to reach the legally defined adherence threshold for a pan-European direct debit scheme. ERPB members agreed: i) to recommend to the European Commission and the EU legislators that they consider a legal solution to clarify the refund rights in the context of a review of the Payment Services Directive; and ii) that such an alternative direct debit scheme in SEPA could only be launched once the review of the Payment Services Directive was complete and thus provided a clear legal background to allow for this.
Electronic mandates for SDDs: the ERPB members took note of the diversity of both the existing and planned electronic mandate solutions for SDDs and the lack of pan-European solutions in the making. They agreed that there was a short-term need to clarify the rules of the SDD Schemes governing electronic mandates in a way that was more open to all types of electronic mandate solutions. With regard to a longer-term perspective, the ERPB agreed that truly pan-European electronic mandate solutions needed to be found and implemented. This made it necessary to analyse the existing barriers to cross-border integration. This work would be conducted by an ERPB working group specifically created for this purpose.
The next meeting of the ERPB is planned to take place in December 2014.
Recommendations developed by the European Forum on the Security of Retail Payments (SecuRe Pay Forum) for the security of internet payments, for the security of mobile payments and for payment account access services, respectively
The European Forum on the Security of Retail Payments (SecuRe Pay Forum) was established in 2011 as a voluntary cooperative initiative between relevant authorities from the European Economic Area; supervisors of payment service providers and overseers in particular. It was formed with the objective of facilitating common knowledge and understanding of issues related to the security of electronic retail payment services and instruments and, where necessary, issuing recommendations.
Following a public consultation in 2012, in January 2013 the ECB released the final recommendations for the security of internet payments developed by the SecuRe Pay Forum. Addressees will have to comply with both its recommendations and key considerations or be able to explain and justify any deviation from them upon the request of the relevant competent authority. This is known as the ‘comply or explain’ principle.
In November 2013, the SecuRe Pay draft recommendations for the security of mobile payments were issued for public consultation.
In May 2014, the final text of the recommendations for the security of payment account access services following public consultation was made publicly available. This document states: “The final text of these Recommendations (…) was not prepared in view of publication, but rather in view of transmission to the European Banking Authority (EBA). The decision not to publish the final text was taken given the ongoing revision of the Payment Services Directive (PSD), the current lack of supervisory competence over providers of payment account access services and the related proposal to introduce a licensing requirement for these providers in the revised PSD, as well as the proposed mandate for the EBA included in the revised PSD to develop (in collaboration with the ECB) guidelines on security measures encompassing also payment account access services. The ECB has decided to make this document public following a public access request. This is without prejudice to the fact that the Recommendations [for the security of payment account access services] remain addressed to the EBA for their drafting of guidelines on security measures. In the meantime, any implementation of these Recommendations would neither be expected nor enforced by the authorities that are members of the European Forum on the Security of Retail Payments.”
Guidelines and technical standards issued by the European Banking Authority (EBA) pursuant to mandate provided by the proposed PSD2 (Articles 86 and 87)
Established in January 2011, the European Banking Authority (EBA) is an independent EU authority which works to ensure effective and consistent prudential regulation and supervision across the European banking sector. Its overall objectives are to maintain financial stability in the EU and to safeguard the integrity, efficiency and orderly functioning of the banking sector. Article 86 of the proposed PSD2 introduced by the European Commission in July 2013 states: “[EU] Member States shall ensure that payment service providers provide (…) on a yearly basis updated information of the assessment of the operational and security risks associated with the payment services they provide and on the adequacy of the mitigation measures and control mechanisms implemented in response to these risks. (…) EBA shall, in close cooperation with the ECB, develop guidelines with regard to the establishment, implementation and monitoring of the security measures, including certification processes when relevant.”
Article 87 of the proposed PSD2 states: “[EU] Member States shall ensure that a payment service provider applies strong customer authentication when the payer initiates an electronic payment transaction unless EBA guidelines allow specific exemptions based on the risk involved in the provided payment service. This also applies to a third party payment service provider when initiating a payment transaction on behalf of the payer. The account servicing payment service provider shall allow the third party payment service provider to rely on the authentication methods of the former when acting on behalf of the payment service user. (…) EBA shall, in close cooperation with the ECB, issue guidelines addressed to payment service providers as set out in Article 1(1) of this Directive in accordance with Article 16 of Regulation (EU) No 1093/2010 on state of the art customer authentication and any exemption to the use of strong customer authentication.”
European Banking Authority (EBA) opinion on virtual currencies
In July 2014, the EBA published its opinion on virtual currencies (VCs) which states, among other things: “Following three months of analysis, the EBA issued a public warning on 13 December 2013, making consumers aware that VCs are not regulated and that the risks are unmitigated as a result. The question that remained unaddressed at the time was whether VCs should or can be regulated. This EBA opinion sets out the result of this assessment and is addressed to EU legislators as well as national supervisory authorities in the 28 [EU] Member States. (…) More than 70 risks were identified across several categories, including risks to users; risks to non-user market participants; risks to financial integrity, such as money laundering and other financial crime; risks to existing payment systems in conventional FCs [(Conventional) Fiat currency], and risks to regulatory authorities. A regulatory approach that addresses these drivers comprehensively would require a substantial body of regulation, some components of which are untested. It would need to comprise, amongst other elements, governance requirements for several market participants, the segregation of client accounts, capital requirements and, crucially, the creation of ‘scheme governing authorities’ that are accountable for the integrity of a VC scheme and its key components, including its protocol and transaction ledger.” The EBA opinion also recommends several “immediate responses” to be taken by national supervisory authorities and the EU legislator, respectively.
It remains to be seen what specific EU regulatory action, if any, will result based on the EBA opinion.
Whether or not SEPA will deliver on its potential also depends on the EU institutions and governments adhering to a harmonised vision of who should do what to achieve ‘SEPA 2.0’
As previously reported, from the perspective of the EPC it would be welcomed if the authorities would keep in mind that payment habits and business models established on both the demand and supply sides will only change gradually once SEPA is achieved. Therefore, realistic targets – taking into consideration customer preferences – should be agreed when determining further EU action. The EPC also suggests that going forward possible duplication of efforts by the ERPB, the Commission and other regulatory bodies be avoided. Whether or not SEPA will deliver on its potential also depends on the EU institutions and governments adhering to a harmonised vision of who should do what to achieve ‘SEPA 2.0’.
Javier Santamaría is the Chair of the EPC.
European Commission (24 July 2013): Payments Legislative Package (includes proposals for PSD2 and new Regulation on interchange fees for card-based payment transactions)
EPC Blog (April 2014): PSD2: The New Article 67, (‘Refunds for Payment Transactions Initiated By or Through a Payee’), Proposed by the European Commission Risks Undermining Consumer’s Unconditional Refund Right for Direct Debits Included with the SEPA Direct Debit Core Scheme
European Central Bank (5 February 2014): Opinion on a Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and Repealing Directive 2007/64/EC
European Parliament Economic and Monetary Affairs Committee (ECON) (11 March 2014): Report on the Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and Repealing Directive 2007/64/EC
European Parliament Economic and Monetary Affairs Committee (ECON) (11 March 2014): Report on the Proposal for a Regulation of the European Parliament and of the Council on Interchange Fees for Card-based Payment Transactions
Council of the European Union (20 June 2014): Item Note. Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and Repealing Directive 2007/64/EC – State of Play
Council of the European Union (27 June 2014): Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and Repealing Directive 2007/64/EC - Presidency Compromise
Council of the European Union (23 July 2014): Proposal for a Directive of the European Parliament and of the Council on Payment Services in the Internal Market and Amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and Repealing Directive 2007/64/EC - Presidency Compromise
European Central Bank Website: Governance (includes detailed information on the Euro Retail Payments Board (ERPB) and documentation published following the first meeting of the ERPB)
European Central Bank: Recommendations for the Security of Internet Payments. Final Version after Public Consultation (developed by the European Forum on the Security of Retail Payments)
European Central Bank: Final Recommendations for the Security of Payment Account Access Services Following the Public Consultation (developed by the European Forum on the Security of Retail Payments)
European Central Bank: Recommendations for the Security of Mobile Payments. Draft Document for Public Consultation (developed by the European Forum on the Security of Retail Payments)
Related articles in this issue:
PSD2: EPC Calls on EU Lawmakers to Maintain the Firewall Protecting Consumers Making Internet Payments. This Means: No Sharing of Any Personalised Security Credentials with Third Parties. Update on legislative process leading to the adoption of the revised Payment Services Directive
Related articles in previous issue:
EPC Newsletter (April 2014): EPC Comments on the Draft ‘Recommendations for the Security of Mobile Payments’ Developed by the European Forum on the Security of Retail Payments (EPC Newsletter, Issue 22, April 2014)
Card Interchange Fees Regulation: What is the Right Question? A commentary on the European Commission proposal for a new Regulation on interchange fees for card-based payment transactions (EPC Newsletter, Issue 21, January 2014)
SEPA Fact Check: The SEPA Benefits Projected by EU Governments, the European Parliament, the European Commission and the European Central Bank (1999 - 2013) (EPC Newsletter, Issue 20, October 2013)
EPC Newsletter: Articles Published in the Section ‘Legal and Regulatory Issues’
1 In February 2012, the European co-legislators, i.e. the European Parliament and the Council of the EU representing EU Member States, adopted the 'Regulation (EU) No 260/2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009' (the SEPA Regulation). This legislative act effectively mandates migration to SEPA Credit Transfer and SEPA Direct Debit in the euro area by 1 February 2014. To avoid difficulties for non-compliant market participants, in February 2014 the European Commission, the European Parliament and EU governments agreed amending the SEPA Regulation to give the option to continue processing non-SEPA formats until 1 August 2014. Deadline for compliance with the SEPA Regulation in non-euro area countries is 31 October 2016.
2 Follow the link for more information on the European Commission’s Green Paper ‘Towards an integrated European market for card, internet and mobile payments’ and the EPC’s response to this paper: http://www.europeanpaymentscouncil.eu/index.cfm/blog/more-eu-action-impacting-payments-in-the-pipeline-epc-responds-to-the-european-commission- green-paper-on-card-internet-and-mobile-payments/.
If you would like to comment on this article, please identify yourself with your first and last name. Your name will appear next to your comment. Email addresses will not be published. Please note that by accessing or contributing to the discussion you agree to abide by the EPC website Terms and Conditions.