Payment Matters: No. 46
Legal News & Analysis - Asia Pacific - Banking & Finance
26 June 2020
This edition includes:
Spotlight: Advocate General opinion concerning the application of consumer protection rules and PSD2 to contactless payment cards in the case of DenizBank AG v Verein fur Konsumenteninformation (Case C 287/19)
Advocate General opinion concerning the application of consumer protection rules and PSD2 to contactless payment cards in the case of DenizBank AG v Verein fur Konsumenteninformation (Case C 287/19)
On 30 April 2020, the Court of Justice of the European Union (“CJEU”) published an opinion by Advocate General Campos Sánchez-Bordona (“Opinion”) concerning the interpretation of consumer protection rules when applied to the Payments Services Directive 2015/2366 (“PSD2”) specifically in respect of cards with near-field communication (“NFC”) functionality or commonly referred to as contactless payment cards (“CPC”).
NFC functionality is a key component of CPC, and allows for one-off payments of up to 50 Euros* (£45 in the UK) or multiple payments cumulatively worth 150 Euros* without the use of a personal identification number (“PIN”) to authenticate a payment. (*these are the increased thresholds to support consumers who choose to pay using CPC during the COVID-19 outbreak).
Personalised multifunctional payment cards are payment cards with a combination of anonymised NFC and personalised PIN functionality to authorise transactions. Clearly, any “non-personalised” or “anonymised” functionality poses a heightened security risk in respect of fraud. However, NFC has been proven to significantly increase the speed at checkout for consumers. As a result, finding the right balance between the two is essential to the viability of CPC.
PSD2 seeks to strike a balance between payments being processed more quickly through the use of NFC functionality, and the risk of improper use of the card which is beyond the control of the card holder and the issuing bank. In light of these objectives, the referring court sought a preliminary ruling from the CJEU on the following issues:
Whether NFC functionality of a personalised multifunctional payment card should be classified as a payment instrument as defined in Article 4(14) PSD2?
It was proposed that NFC functionality of a personalised multifunctional payment card must be classified as a payment instrument. As such, users of NFC-enabled cards would benefit from the protections afforded by PSD2.
The addition of NFC functionality could therefore constitute a replacement payment instrument when sending out a new CPC and the provision of a CPC with NFC functionality could lead to a breach of Article 70(1)(b) of PSD2.
What are the obligations on the issuing institution where CPC cards with NFC functionality cannot be blocked or prevented from further use and what is the liability of the issuing institution where the payment card is used anonymously?
An institution issuing a personalised multifunctional payment card to which NFC
functionality has been added may be exempt from certain obligations under PSD2 if it can demonstrate that it is not technically feasible to block that card or prevent its further use in the event of loss, theft, misappropriation or unauthorised use. The obligations which it can agree with the customer to disapply relate to the notification of lost or stolen payment instruments and the liability position relating to the subsequent use of the payment instrument after it has been lost or stolen. In these circumstances, the issuing institution can essentially increase the payer’s liability for losses incurred, as it has no power to block the payment instrument and limit such losses. Many NFC enabled cards on the market can of course be blocked, so this exemption is unlikely to be of use to most PSPs.
The Advocate General proposed that the making of low-value contactless payments using the NFC functionality of a personalised multifunctional payment card constitutes an instance of that card being used ‘anonymously’ within the meaning of Article 63(1)(b) of PSD2. Therefore, if the holder of a personalised payment card explicitly consents to the inclusion of NFC functionality on that card, then the issuing PSP will not be liable for unauthorised transactions made when being used as a CPC (subject also to this position being reflected and agreed to by the customer in the issuing PSP’s terms).
Can a customer consent to a change of contractual obligations proposed by the PSP simply by not rejecting it?
It was proposed that implied acceptance cannot be extended to all of the framework contract’s conditions and should only be available for non-essential terms despite the right to make unilateral changes and deem acceptance of them under Article 52(6)(a) of PSD2. The addition of NFC functionality to a personalised card concerns the provision of a new service to the payment contract or an “essential change” to the conditions of the framework contract. Therefore the customer, once informed of the advantages and risks associated with the card’s NFC functionality, must unequivocally give their explicit consent to the inclusion of the “essential change” relating to that payment instrument or be asked to agree to a new framework contract.
The Opinion does not tightly define “essential changes”. Therefore, looking at this more broadly, it will be important for issuing institutions to understand how this obligation to get customer consent for “essential changes” may affect their ability to make significant terms changes and draft their associated notice of variation processes. The risk of changes being deemed invalid by a court can of course not be ignored. However, from a UK perspective, we see it very unlikely that there will be a change to existing legislation or further FCA guidance that will further limit the ability to make unilateral changes to framework contracts in the short term.
The EBA has published an Opinion setting out elements which it considers to be an obstacle, and therefore prohibited, under Article 32(3) of the RTS. In particular, the EBA identified the following key areas which it felt needed clarification in the context of the requirement to ensure that dedicated interfaces do not create obstacles to the provision of payment initiation services (“PIS”) and account information services (“AIS”):
Authentication procedures – The dedicated interface must support all of the authentication procedures made available to customers directly. For example, if ASPSPs allow their customers to authenticate using biometrics in a direct journey, ASPSPs should also allow customers to use biometrics in a payment initiation or account information journey by supporting decoupled or app-to-app redirection. Account servicing payment service providers (“ASPSPs”) must not create unnecessary friction or add unnecessary steps to the customer journey.
Redirection – Redirection is not, in itself, an obstacle, but it may be an obstacle depending on the way ASPSPs implement authentication procedures (e.g. if customers are not redirected back to the third party payment providers’ (“TPP”) domain in an app-to-app journey).
Multiple applications of strong customer authentication (“SCA”) – An ASPSP may not apply SCA twice in a PIS journey where the payment initiation service provider (“PISP”) transmits all of the information necessary to initiate the payment (including the account number/IBAN). However, if the PISP does not transmit all of the information and the customer is required to select the account on the ASPSP’s domain, applying SCA twice (once to access the list of payment accounts and second to authenticate the payment) is not an obstacle. Additionally, it is worth clarifying that an ASPSP may apply SCA twice in the case of a combined AIS and PIS journey.
90 day re-authentication – The use of the SCA exemption under Article 10 of the RTS is encouraged to minimise friction in the customer journey and mitigate the impact on AIS of authentication being required more frequently than every 90 days. Additionally, ASPSPs may delegate/outsource the application of this re-authentication to TPPs but the responsibility for compliance with the requirement to apply SCA would remain with the ASPSP.
Account selection – Implementations which require customers to manually input their IBAN into the ASPSP’s domain are an obstacle. In a redirection model, ASPSPs can allow customers to select the account(s) on the ASPSP’s domain during the authentication procedure. Additionally, not sharing the list of all the customer’s payment accounts with a PISP is not an obstacle as doing so would go beyond the permitted information to be shared with PISPs under PSD2. Where the PISP does not provide the account details and the customer selects the account in the ASPSP’s domain, the ASPSP must provide the account number to the PISP under Article 66(4)(b) of PSD2 and Article 36(1)(b) of the RTS (if the ASPSP provides this information to the customer when the payment is initiated directly).
Additional checks on consent – A requirement for a customer to provide consent to an ASPSP to use AIS or PIS is an obstacle under the RTS. To this effect, there is also a prohibition on account terms and conditions which include a term which would make it more difficult for customers to use these payment services. However, in the context of corporate accounts, the terms may provide that only certain authorised users acting on behalf of the corporate account holder can operate the accounts (provided the ASPSP does not impose any additional checks when an authorised user accesses the corporate account or initiates a payment via an AISP or PISP, compared to the checks applied when the same corporate user completes these actions directly).
Additional registrations – Additional registrations that go beyond what is technically necessary to ensure secure access to payment accounts are to be treated as obstacles (e.g. a requirement for TPPs to pre-register their contact details to gain access). Similarly, additional mandatory registration steps or processes (other than identification via exchanging eIDAS certificates) are to be treated as obstacles, although any such processes that are optional or agreed between the ASPSP and TPP are permitted.
You can find a copy of the EBA’s Opinion here.
What this means for you?
This guidance comes at a time when the majority of institutions have already designed their dedicated interfaces and analysed their customer journeys to remove any potential obstacles based on the pre-existing guidance issued by both the Financial Conduct Authority (“FCA”) and the EBA. In our view, the Opinion does not necessitate fundamental changes to the approaches adopted across the industry in the UK (unlike when the EBA previously published its subsequent guidance on SCA factors which conflicted with pre-existing FCA guidance) and is likely to have a greater impact in some other European jurisdictions. ASPSPs will still need to take the time to review this clarificatory guidance and check that their interface will still be considered as compliant. The EBA has specifically said that it expects national competent authorities to take these clarifications into account when monitoring compliance, and the EBA will also be monitoring the way in which the Opinion is applied. In particular, the EBA notes that it may (as applicable) look to take action itself if it identifies inconsistencies in the application of this Opinion across the industry which could damage the desire to build a level playing field for all institutions across the EU.
On 30 April 2020, the FCA announced a six month delay to the implementation of SCA for e-commerce transactions in the UK. The new timeline is set to minimise potential disruption to consumers and merchants (replacing the previous 14 March 2021 deadline with a new date of 14 September 2021). Conversely, no extension has yet been announced by the EBA for providers across the EU. However, speaking at a webinar on 6 May, the Head of the Retail and Payments Unit in the European Commission, announced that the Commission has received several requests to extend the implementation deadline from providers across the EU. Therefore, it is clear that the pressure to extend the implementation deadline for providers across the EU is building and we expect to receive an update from the EBA at the end of this month (June 2020).
What this means for you?
The extended implementation deadline for e-commerce transactions in the UK has largely been welcomed due to growing concerns that a phased roll-out of any potential solutions at this time could have adversely impacted institution’s operations (resulting in increased customer calls, complaints, and a drop-off in e-commerce transactions). This means the industry can now continue collaborating (in a timely manner) to develop SCA compliant solutions for e-commerce transactions. Interestingly, since this development we understand that the FCA has welcomed the potential use of behavioural biometrics as a second factor (alongside the use of one-time passcodes as a possession factor) to apply SCA to e-commerce transactions. In particular, during a webinar run by UK Finance on 9 May, issuers were encouraged to begin analysing the use of behavioural biometrics solutions which are largely built on customers’ typical payment behaviours (such as locations, recognised devices, typing speed, browsers, mouse movements and touchscreen use) and to design and test SCA authentication solutions well in advance of the new 14 September 2021 deadline.
In response to a question from the Swedish Bankers Association, the EBA has now confirmed that physical signatures on paper do not comply with the requirements set out in the RTS.
The EBA had previously responded to a question raised about signatures constituting an authentication factor relating to its “Final Report Draft RTS” (23rd February 2017) that “it was of the view that a signature complied with the requirements under the RTS, including the presence of a dynamic element.”
The Swedish Bankers Association was critical of the way this earlier question had been posed because it was unclear if the answer related to a signature on a paper slip or on a digital device, or both. The reference to the “presence of a dynamic element” by the EBA was also vague and it was therefore asked to separately address the question of digital signatures from a signature on a paper slip. It had been recognised that a signature on a paper slip was only saved by the merchant (the payee) for reference if the transaction was disputed, and was not then captured in any direct or indirect way by the payer’s PSP, (the issuer).
In responding the EBA referred to Paragraph 34 of its EBA Opinion on the implementation of the RTS that stated that behavioural biometrics may constitute inherence provided they comply with the requirements under Article 8 of the RTS.
However, the EBA recognised that where the merchant compares the payers signature on a paper slip with the signature on the card, this cannot be considered as a behavioural biometric as it would not meet the requirements of Article 8 of the RTS. Such a signature is not being read by access devices and software provided to the payer, and the issuer cannot therefore verify the payer’s signature as part of the authentication process.
In addition to failing as an inherence factor, the EBA said that a signature on a paper slip didn’t constitute ‘knowledge’ (only known by the user) or ‘possession’ (something only the user possesses). Therefore it wasn’t a valid factor in a two-factor SCA under PSD2 and the RTS.
What this means for you?
It is good to have confirmation now that signatures on paper slips do not constitute an inherence factor. This however doesn’t stop a signature on the screen of a digital device constituting inherence provided that the PSP can ensure that the access devices and recognition software provide for the ‘very low probability of an unauthorised party being authenticated as the payer’ as required under Article 8 of the RTS.
The CJEU recently determined that a savings account, which allows for deposits to be made without notice and which only allows customers to make deposits and/or withdraw monies through another account held in the customer’s name, should not be classified as a payment account under PSD2.
As part of this judgment, both the CJEU and the Advocate General noted that the lack of functionality to transfer monies to third parties to and from the account was fundamental to determining its status as a non-payment account.
The original CJEU judgment raised a number of questions in the UK as the suggestion that the ability to send and/or receive payments was a definitive factor was not part of the FCA’s guidance on the meaning of a ‘payment account’ in PERG at that time.
The FCA has now announced that it has updated its guidance in PERG to make it clear that “the possibility of making payment transactions to a third party from an account, or of benefitting from such transactions carried out by a third party, is one of the defining features of the concept of payment account.”
You can find the full version of the guidance in PERG here.
What this means for you?
It is now clear that the FCA is of the view that the ability to make payments to and/or from the account in question is an important factor for institutions to consider when classifying their accounts. However, following concerns that this new guidance could be interpreted to mean that such functionality was a definitive factor (rather than just one of the defining features of a payment account), the FCA has also retained some of its existing guidance to emphasise that it remains of the view that it is also appropriate to consider the purpose of an account by balancing a number of factors. This means you should continue to consider the purpose of the account (in addition to the ability to make payments to and/or from the account) by assessing the factors set out in PERG, namely:
the purpose for which the account is designed and held out;
the functionality of the account (the greater the scope for carrying out payment transactions on the account, the more likely it is to be a payment account);
restrictive features relating to the account (for example, an account that has notice periods for withdrawals, or reduced interest rates if withdrawals are made, may be less likely to be a payment account);
a limited ability to place and withdraw funds unless there is additional intervention or agreement from the payment service provider (this will tend to point more towards the account not being a payment account); and
the extent to which customers use an account's payment service functionality in practice.
On 13 May 2020, the EBF published its finalised guidance regarding the implementation of the amended Cross-Border Payments Regulation (“CBPR2”). The guidance includes information regarding the EBF’s interpretation of the various requirements under CBPR2, including:
the requirement to ensure charges for cross-border payments within the EEA are equivalent to charges for corresponding domestic payments in a country’s national currency (in force since December 2019);
enhanced transparency requirements which apply to both card-based payments and credit transfers (in force since April 2020); and
in the context of card-based payments, the requirement to send an electronic message with the currency conversion charges expressed as a percentage mark-up (due to come into force in April 2021).
You can find the full guidance on the EBF’s website here.
What this means for you?
We are aware that a number of institutions have been reviewing the final guidance to inform their approach to achieving compliance in the context of the requirement to send an electronic message (which does not come into force until April 2021). Some of the issues that institutions are considering are:
what methods of electronic communication they could use (e.g. SMS, push notifications via apps and email);
how they should agree the method of communication with customers;
what information should be included in the electronic message given the guidance confirms that firms do not need to include the amount of the transaction in the communication; and
within what timescales they should send the message given the guidance suggests that firms should send the electronic message when they first become aware of the transaction during authorisation (rather than during the subsequent clearing process which is not visible to customers).
Additionally, firms are reviewing the guidance against their proposed solutions to satisfy both the equalisation and transparency requirements which have already come into force, including the requirement to display currency conversion charges applied to card transactions as a percentage mark-up over the reference rate issued by the European Central Bank.
We would, therefore, recommend that you review the EBF guidance against both your existing and proposed solutions to identify any discrepancies and to inform your approach to achieving compliance going forward.
On 30 April 2020, the LSB published a summary report setting out its findings and recommendations regarding the implementation of the CRM Code by the current voluntary signatories of the code. In particular, the LSB identified the following four key areas which require improvement to ensure the CRM Code meets its aim of protecting consumers who fall victim to an authorised push payment (“APP”) scam:
Reimbursement – Customers should be reimbursed unless there is a clear ground for attributing blame to the consumer.
Effective warnings – The issuance of warnings should not be treated as a sole factor to determine a consumer’s liability and firms should ensure warnings are ‘effective’ in capturing the customer’s attention and relevant to the transaction/customer channel.
Customer vulnerability – The assessment of vulnerability should be completed on a case-by-case basis (considering both elements which become known at the time of the scam or through subsequent discussions with customers).
Record keeping – Firms should document decisions and ensure they have good quality record keeping processes to enable them to justify the decision reached if challenged.
You can find the full guidance on the LSB’s website here.
What this means for you?
Whilst the findings and recommendations in this report will help to inform the internal processes of institutions going forward, numerous institutions feel that there is a lack of practical guidance available across the industry in relation to the implementation of the CRM Code.
To this effect, it is worth noting that the LSB has announced that it intends to complete a further review of the implementation of the CRM Code at the end of this year, and complete a separate standalone review of the ‘effective warning’ processes in 2020/2021.
However, in the meantime, it seems that many questions remain unanswered and further work on the implementation of the CRM Code is required across the industry to ensure that it meets its aim of protecting consumers against APP scams.
If you would like to discuss any concerns you may have regarding the implementation of the CRM Code, please contact Ruth Fairhurst or Sian Cosgrove.
On 22 May 2020, the FCA launched a consultation to consider additional guidance for payments firms on safeguarding customers’ funds in light of COVID 19. The consultation closed on 12 June 2020 with the final guidance expected at the end of June. The primary driver for this consultation is the FCA’s heightened concern over certain firms’ poor compliance with statutory safeguarding provisions and the impact on customers where firms become insolvent as a result of the business disruptions caused by COVID 19.
What this means for you?
The consultation revealed a number of proposals from the FCA to require firms to take additional actions to safeguard customers’ funds, manage prudential risks and have an effective wind-down plan. In particular, the 5 key points which the FCA proposes are:
1. Reconciliation where discrepancies occur
A direction to firms to document their daily reconciliation exercises (including providing accompanying rationale) where discrepancies arise (for e.g. when holding funds in a different currency) on top of the existing requirement on firms to document their reconciliation approach. Note that this would create an obligation to notify the FCA where firms are not keeping and/or cannot keep their reconciliation records up to date on a daily basis.
2. Designation of safeguarding accounts
A direction to firms to include the word ‘safeguarding’ or ‘client’ when naming or designating safeguarding accounts containing relevant funds or equivalent, or alternatively, for firms who cannot follow this naming convention, a direction to provide evidence in the form of a letter (in a prescribed form) from the relevant credit institution or custodian, confirming appropriate designation.
3. Auditing requirement
A direction to firms, which are required to be audited, to arrange specific audits of their compliance with safeguarding requirements under the PSRs and EMRs in the UK annually and following any changes to their business model that would materially affect their safeguarding arrangements. Note that the FCA would also expect firms to select auditors who understand the safeguarding requirements under the PSRs and EMRs.
4. Disclosing information on treatment of funds on insolvency to customers
A warning to firms to avoid giving customers misleading impressions about how much protection they will get from safeguarding requirements and avoid suggestions that funds are protected by the FSCS where this is not the case.
5. Additional prudential risk management guidance
A direction to firms to review their capital adequacy regularly; to reduce exposure to intra-group risk, by deducting any assets representing intra-group receivables from firms’ own funds; to carry out liquidity and capital stress testing to analyse exposure to, and assess the impact of, severe business disruptions; and to consider the firm’s own liquidity including available funds to meet existing liabilities as they fall due.
Should the FCA conclude on implementing the new guidance, the FCA will expect all relevant firms to review and improve their safeguarding systems including implementing a robust record management system to best protect customers’ funds and ensure customers are not financially impacted by firms’ insolvency. As we’ve mentioned in our previous edition, safeguarding has been a particular area of concern for the FCA in recent years. Along with the factsheet published by the FCA to educate consumers on non-bank payment providers, this consultation is a testament to the FCA’s plan to keep a close eye on firms’ safeguarding systems and controls.
On 5 May 2020, the FCA updated its website to set out how it expects firms to handle requests from customers to withdraw their funds from restricted access accounts in the light of the COVID 19 pandemic. In particular, the FCA expects firms to pay due regard to the interests of their customers, treat customers fairly, communicate in a way that is clear, fair and not misleading, and consider the needs of vulnerable customers in their actions or communications when deciding whether to allow customers to withdraw their funds from restricted access accounts. This does not mean firms will need to offer all customers access to funds in a restricted access account, or to offer unlimited access to funds in a restricted access account. However, firms should be aware that the impact of COVID 19 may exacerbate customers’ personal circumstances to cause vulnerability or impact existing vulnerabilities which existed pre-pandemic.
What this means for you?
Firms should be developing internal processes and conducting staff training to ensure that they effectively respond to requests from customers to access funds in a restricted access account during the pandemic. Such policies may include, for example, staff assessing factors such as the reason for the customer’s requests (e.g. whether the withdrawn funds would be used to pay for essential goods and services), the customer's access to other forms of income (e.g. access to Universal Credit) and customers’ vulnerabilities (including new vulnerabilities which have been caused or exacerbated by the COVID 19 pandemic).
Additionally, these new policies and procedures may lead firms to potentially assess their approach to savings products (both restricted access accounts and easy access accounts) in the long term post-pandemic. It will, of course, always be important to provide customers with a variety of product offerings to meet the variable demands across the market but this guidance comes at an interesting time when the regulator is already considering consumer fairness across the savings market in the UK.
In particular, the FCA has recently issued a consultation regarding potential discrimination in the easy access cash savings and cash ISA market. This consultation, which closes for feedback on 1 October 2020, proposes that firms introduce a single interest rate set no later than the day after the first anniversary of the opening of the account and publish data on such rates to allow comparison across the market.
Cash as the default method of payment for retail transactions in the UK has been in steady decline now for at least a decade. This decline has accelerated over the past two years and been mirrored by a corresponding increase in debit card transactions. The widespread use of contactless as a method of payment is seen as one of the major causes for these directions of travel. This decline in cash usage has meant that the predominantly fixed costs of supplying cash wholesale has been steadily increasing per unit making it less viable as a business proposition for suppliers. By contrast in mainland Europe (including Germany (65%), Italy (60%), Spain (55%)) as at 2018, cash still accounted for the majority of payment transactions conducted.
The onset of COVID 19 has been the key reason for the increase in the limit for contactless transactions from £30 to £45. The move away from in-store transactions to on-line purchasing (out of necessity for consumers and merchants due to retail closures) has exacerbated the declining position for cash. During February and March this year 2,442 ATMs were turned off exceeding the total ATM closures in the UK for 2019. Some of these will be switched back on as we come out of lockdown but there is concern within the wholesale cash industry that this accelerated decline won’t abate. This is despite doubts now being expressed by medical experts (including within the World Health Organisation) about banknotes and coins ever actually increasing the spread of the coronavirus.
In tandem with these concerns is the recognition that parts of UK society will always be reliant on cash and will possibly never adopt digital or on-line payments. For these reasons the Government, the Bank of England and various industry bodies, system operators and regulators have been considering ways to restructure the provision of wholesale cash to remove the current duplicated costs incurred by suppliers whilst ensuring those members of society that rely on cash to buy and sell will always have access to it.
In March, the government announced that it will introduce legislation to guarantee cash access to communities in the UK. It is anticipated that as part of the restructuring of the UK’s wholesale cash market there will be considerably more government and regulatory oversight regarding the supply of cash. This is likely to address competition concerns between cash suppliers whilst also developing ways of reducing the infrastructure costs burden borne by these suppliers via consolidated cash supply chains. Various cash supply models in other jurisdictions which have adopted a utility approach to cash supply are also being considered.
What this means for you?
These mooted reforms will affect merchants and consumers as well as cash suppliers through changes likely to be introduced to the costs of supplying cash. Such changes could cover interchange fees charged by ATM suppliers and any continued capping of these. A consolidated cash supply model as well as free to use ATMs may also result in reduced costs for cash usage by merchants making this an attractive alternative to participation in card schemes. It is also likely to mean a range of new cash supply products being developed on the back of changes to supply costs.
Participants in the cash supply model should be reviewing their current arrangements to understand how pricing is calculated and how and when they may be terminated for convenience. Participants should also consider whether they wish to become more or less active in this space as these changes to the current supply model become apparent.
On 4 February 2020, lobby-group EuroCommerce’s Director-General Christian Verschueren published a report (the “Report”) to the European Commission (“EC”) to act on the growing problems facing retailers and wholesalers resulting from the limited scope of the Interchange Fee Regulation (“IFR”).
The IFR was adopted 5 years ago and includes caps on interchange fees (“IF”) for credit and debit cards.
The Report shows that card schemes fees have been steadily increasing therefore increasing the financial burden on merchants accepting card payments.
“Increases across both card schemes are estimated to cost EEA merchants an additional €794 million every year, representing a 47.5% increase on total scheme fee costs since the beginning of 2018”.
This unprecedented rise in IF deriving from unregulated commercial card transactions directly undermines the objectives of the IFR.
It would have been hard not to notice the influx of Payment Service Providers (“PSP”) offering business accounts in the last 5 years largely due to these accounts not being captured by the IFR and therefore presenting a business opportunity in favour of the issuer. The effect of capping commercial card IF will therefore undoubtedly reduce the revenue streams for issuers offering business accounts. However, of more interest to EuroCommerce and merchants, the proposal aims to collectively save European merchants billions of euros in card acceptance fees.
The Report also urges the EC to review:
Regulation of the total fees charged to payment card acquirers;
Removal of all substantive exemptions in the Regulation so as to cover, three party card schemes, cash withdrawals at ATMs, inter-regional cards, and virtual card transactions;
Provision for independent acquiring of three-party card schemes (in order to regulate three-party and four-party schemes equally);
Mandatory minimum interchange fees for cash withdrawals and deposits at ATMs in order to maintain consumer choice and cash alternatives; and
Strong and dissuasive penalties for non-compliance with the regulation.
What this means for you?
Clearly this is good news for merchants who will see significant reductions in acceptance fees if the IFR is extended to apply to commercial cards. PSPs offering commercial cards however will need to review their business models to ascertain how they will operate, should commercial cards come within the scope of the IFR.
The EC has started assessing the impact and consequences of the IFR on the payments market. We will continue to provide further updates on this matter in due course.
China is testing innovative digital wallets to process its potential central bank digital currency - “DC/ EP” or Digital Currency/Electronic Payments.
After years of research and preparatory work since 2014, the Digital Currency Research Institute of the People’s Bank of China (“PBOC”) has recently announced pilot trials of digital wallets which process its new digital RMB (renminbi) in four cities, namely Suzhou, Shenzhen, Chengdu and Xiong’an. Restaurants and grocery stores such as Starbucks, McDonald’s and Subway, along with UnionPay’s and JD.com’s physical grocery stores are among the first participants in the pilot scheme.
Despite the pilot scheme, PBOC has not yet officially issued the DC/EP. Nonetheless, the Digital Currency Research Institute has published initial information in relation to how DC/EP may operate once issued. Based on such introductory information:
DC/EP will be considered legal tender in mainland China and one DC/EP will be worth RMB1.
DC/EP is positioned to be a replacement currency of existing physical paper notes and coins issued by PBOC.
DC/EP will support payments by users on an anonymous basis.
Transactions of DC/EP can be made through an innovative digital wallet in the form of a mobile application. A user can pay DC/EP to its recipient through the digital wallet which are held in close distance, even if both sides are offline without Internet and have not connected their digital wallets to any bank cards.
DC/EP will be issued through a two-tier processing structure, namely the PBOC shall first issue DC/EP to commercial banks, which will then service end customers.
An end customer will be able to convert its deposits at its commercial bank to DC/EP on the digital wallet.
What this means for you?
An innovative feature of the DC/EP is the “double offline” digital wallet supporting it. This enables users to pay DC/EP similar to making physical cash payments – without Internet connection or having to link to an existing bank card. Financial institutions operating DC/EP digital wallets will have a competitive advantage over current payments wallets which require Internet connections.
Due to these new technical features of DC/EP, there is little information on how non-bank Fintech companies can take part in DC/EP processing. For example, whether and how non-bank companies will be granted a licence to process DC/EP. Therefore, the launch of DC/EP may create new challenges for non-bank payments companies which have been (until now) transforming China to be a largely cashless society.
While there is still no official launch date, the innovative DC/EP digital wallet technology is opening a new chapter for digital payments offline. We will continue to monitor the situation closely and will keep you informed of any developments.
Richard Jones, Partner, Eversheds Sutherland