PSD2: Getting Ready for the Next Generation of Payment Services (Part 1)
The European Commission's long awaited revision of the Payment Services Directive (PSD2) will bring a range of new players inside the regulatory regime.
The Commission's assessment of the 2007 Payment Services Directive (PSD) was that it was generally fit for purpose but needed to be updated to reflect the dynamic nature of the payments services market. At the same time, the Commission highlighted inconsistencies in the way in which Member States had implemented PSD and the consequential fragmentation of the payments services market along national borders, especially in internet and mobile payments. In order to address these challenges, it has changed the scope of the PSD and expanded the type of services for which organisations will require to be authorised or registered as payment services institutions.
PSD will be repealed and replaced by PSD2. Among the more important changes in the e-commerce and m-payments space are:
- E-commerce platforms will no longer be able to rely on the "commercial agent" exemption to escape regulation where they act for both the buyer and seller in a payment transaction. The Commission perceived a risk to consumers using such platforms without the legal protections of PSD, so this exemption is being tightened and a commercial agent will, if the e-commerce platform wishes to rely on the exemption, only be able to act for one party or another but not both.
- The "digital services" exemption, which some had expected to be removed, has been retained, but with tighter controls on its scope. The aim is to cover ancillary payment services carried out by the providers of electronic communication networks or services, such as mobile network operators, connected with the sale of digital content to their subscribers. The new rules will set limits on the levels of mobile payments (€50 per transaction and €200 per month) for the exemption to apply but the type of device used will be irrelevant. These changes will cause some businesses currently relying on the digital services exemption to review whether they will need to be authorised or registered as a payment services institution.
- The "limited network" exemption has been redrawn, with a view to bringing large scale or high volume payments or wide ranges of products and services into the regulated arena. The intention of the Commission is to clarify the scope of the exemption and to focus on payment instruments which are used to purchase goods or services in a specific store or chain, or for a limited range of goods and services. The terminology used by the Commission is a little unclear and this will need to be clarified prior to finalisation of the Directive so that the precise impact of the exemption is understood.
- Third party providers offering payment initiation services and account information platforms will be regulated for the first time. The aim is to encourage new low-cost internet payment solutions, such as mobile payment applications and bank to bank payment transfer services, under defined and controlled conditions.
- For the first time, "one-leg" transactions (i.e. where the payment service provider of either the payer or the payee is outside the EEA) and transactions in any currency (not just in the currencies of EU member states) will be subject to regulations relating to transparency and the supply of information to users. This is one area where Member States were inconsistent in their implementation of PSD and the Commission's aims here are to ensure that users receive equal protection regardless of where in the EU they are located.
- In an attempt to future-proof PSD2, the new definition of "payment services" aims to be technologically neutral and allow for the development of new types of payment systems.
Work on PSD2 will continue after the summer break and it could be at least 2015 before the new Directive reaches the statute book (and there will then be a period in which Member States are required to amend national legislation and bring PSD2 into effect) so this will not be a sudden revolution.
So does this go far enough? Although at first sight PSD2 represents a good effort, the Commission itself has flagged one flaw in PSD2: the distinction between payment institutions and e-money issuers has become increasingly blurred and ideally it would like to have undertaken a full modernisation of the digital payments framework, resulting in a merger of the payment services and e-money categories and associated legislation. Delays in implementing 2EMD meant this was not possible, but that legislation is due to be reviewed in 2014. Now that we can see the direction in which the Commission would like to be travelling, this will be an area to watch going forward.