presentation the payment services directive review ... · the payment services directive review...
TRANSCRIPT
osborneclarke.com Private & Confidential
0
The Payment Services Directive ReviewShaping the Future Regulatory Structure of the Payments SectorPaul Anning, Partner 3 December 2013
osborneclarke.com Private & Confidential
1
Agenda
• Introduction
• PSD
• PSD Review – an overview
• MIF Regulation – an overview
• European payment services regulatory regime
• Concluding remarks
osborneclarke.com Private & Confidential
2
The World
osborneclarke.com Private & Confidential
3
PSD
• Objective:
"to establish at Community level a modern and coherent legal framework for payment services, whether or not the services are compatible with the system resulting from the financial sector initiative for a single euro payments area, which is neutral so as to ensure a level playing field for all payment systems, in order to maintain consumer choice, which should mean a considerable step forward in terms of consumer cost, safety and efficiency, as compared with the present national systems"
• In force from 25 December 2007; transitional deadline of 1 November 2009
• Review date set for 2012
• Full harmonisation measure albeit with 25 optional provisions
osborneclarke.com Private & Confidential
4
PSD Review - Conclusions
• Globally fit for purpose
• Any changes must be 'evolutionary' not 'revolutionary'
• Market is very dynamic and has experienced significant innovation
• Recent developments show:
– still fragmentation along national borders
– some regulatory gaps
– market failures for card, internet and mobile payments
osborneclarke.com Private & Confidential
5
PSD ReviewOverview
Mobile payments
Overlay (or third party) services
Operational security and
authentication
Access to payment systems
One-leg transactions
/all currencies
'Negative scope'matters
Digital economy
Acquiring
Liability framework
Surcharging
Enhanced PI
conditions
PSD 2
Passporting issues
osborneclarke.com Private & Confidential
6
PSD ReviewScope, subject matter and definitions
• Extension to one-leg transactions: Title III and value dating
• Extension to all currencies: Title III only
• Adjustments to negative scope:
– changes to commercial agent exemption
– restriction of 'limited network' exemption and associated prior clearance mechanism
– restriction of telecom device exemption to digital content purchases not exceeding €50 each and cumulatively €200 monthly
– removal of ATM operator exemption
• Extension of scope to include account information and payment initiation services ('overlay services')
osborneclarke.com Private & Confidential
7
PSD ReviewExtension of scope to include 'overlay services'
• New type of payment services defined as:“Services based on access to payment accounts provided by a [PSP] who is not the account servicing [PSP], in the form of:(a) payment initiation services(b) account information services”
• Technical services provider exemption adjusted accordingly• EC’s objective is to enhance competition, encourage the digital economy and achieve harmonisation• In summary:
– PSD provisions apply equally to these new types of PIs, TP PSPs– requirements upon Member States to ensure a payer has the right to make use of a third party
PSP (separate from the account servicing PSP, AS PSP)– provisions setting out protocols for communications between the TP and AS PSPs and for
allocation of liability as between them and the PSU concerned (including as to burden of proof)– provisions ensuring that AS PSPs do not discriminate payment orders received from TP PSPs
osborneclarke.com Private & Confidential
8
PSD ReviewMarket access, structure and prudential rules
• Increased authorisation requirements for PIs (and EMIs) relating to:
– security control and mitigation measures
– sensitive payment data
– business continuity arrangements
• Extension of safeguarding requirements to all PIs (including small PIs)
• Provisions aimed at reducing friction in functioning of passporting regime:
– a web portal as an electronic access point for connecting public registers
– development of guidelines for exercising passporting rights and regulatory technical standards establishing a framework for the co-operation and exchange of information
• Extension of rights of access to payment systems to indirect access also
osborneclarke.com Private & Confidential
9
PSD ReviewRights and obligations of PSUs and PSPs
• Harmonisation and refinement of surcharging rules:
– steering permitted but any charges must not exceed the costs for the specific payment instrument
• Replacement card charges are to be limited to directly attributable replacement costs
• Refinement of liability framework:
– unauthorised transactions – payer's liability limited to €50 (now €150) and where 'strong customer authentication' has not been used, to where payer acted fraudulently
– refund right for payee-initiated transactions – doesn't apply in cases of immediate consumption; back-value dating of refunds
– non-execution/defective execution – provisions extended to 'late' execution
• Introduction of customer complaint resolution procedures
osborneclarke.com Private & Confidential
10
PSD ReviewOperational and security and authentication
• Confirmation of application of Network and Information Security Directive to PSPs
• Requirement to notify PSUs without undue delay following a security incident with the potential to impact their financial interests
• Yearly updated assessments of operational and security risks and related mitigation measures and control mechanisms
• Development of guidelines for the establishment, implementation and monitoring of security measures
• Requirement on PSPs to use 'strong customer authentication' when payer initiates an electronic payment transaction, unless EBA guidelines exempt (on a risk basis)
osborneclarke.com Private & Confidential
11
PSD ReviewNot in isolation
• PSD2 proposals published on 24 July 2013
• Alongside a proposed Interchange Fees Regulation
• No proposals on Governance
osborneclarke.com Private & Confidential
12
The Universe
osborneclarke.com Private & Confidential
13
MIF RegulationOverview
• Regulation, not a Directive
• Immediate entry into force (once published)
• Two key elements:
– Sets caps on interchange fees
– Details a series of business rules applicable to payment card schemes and related contractual (typically licensing) arrangements
• Scope and definitions are key
osborneclarke.com Private & Confidential
14
MIF RegulationInterchange fees - Overview
• Sets (almost) immediate caps on interchange fees:– cross-border debit card transactions: 0.2% per transaction– cross-border credit card transactions: 0.3% per transaction
• Extends cap after 2 years to ALL debit/credit card transactions• Caps apply only to payment card transactions carried out within the EU
where both payer's and payee's PSP are established in the EU• Interchange fee caps do not apply to:
– limited networks– commercial cards– ATM cash withdrawals– 3 party payment card schemes
osborneclarke.com Private & Confidential
15
MIF RegulationInterchange fees – Points to note
• Provisions apply to PSPs, not card schemes directly• Definition of interchange fee is broad:
– "interchange fee or other agreed remuneration with an equivalent object or effect"
– any net compensation received by an issuing bank is treated as part of the interchange fee
• Similarly, definition of card based payment transaction is broad• Debit card transactions include prepaid card transactions• Charge cards?• 3 party schemes caught where third party PSP is licensed
osborneclarke.com Private & Confidential
16
MIF RegulationBusiness rules - Overview
Co-badging
Steering rules
Unblending
Honour All Cards rules
Separation of scheme
and processing
Licensing
MIF Regulation
osborneclarke.com Private & Confidential
17
European payment services regulatory regime: Objectives
Co-ordinated field relating to
payment services and
funds transfers
Enhanced competition
Greater efficiency
Consumer protection Digital economy
osborneclarke.com Private & Confidential
18
European payment services regulatory regime:Overview
Payment services and funds transfers:• Payment Services Directive (PSD) – PSD2 proposed• Second Electronic Money Directive (2EMD)• Cross Border Payments Regulation• Funds Transfers Regulation – proposed revisions for 4MLD• SEPA End Date Regulation• ECB's Recommendations on the Security of Internet Payments (SecuRePay)• Proposed Payment Accounts Directive• Proposed new MIF Regulation• ECB's proposed Recommendations on the Security of Mobile Payments (SecuRePay)Generic:• Fourth Anti-Money Laundering Directive (MLD)• Data Protection Directive• Cyber Security Directive• Proposed new Network and Information Security (NIS) Directive
osborneclarke.com Private & Confidential
19
The Expanding Universe
osborneclarke.com Private & Confidential
20
European payment services regulatory regime:Security
ECB (SecuRePay)
Recommendations
Data Protection Directive
Cyber Security Directive
NIS Directive (Network and Information Security)
EBA technical standards
Payment Services Directive
Security and technical standards
osborneclarke.com
Angela Merkel
21
osborneclarke.com Private & Confidential
22
Concluding remarks – PSD Review (1)
• Tangible benefits mean evolution will continue
• Greater harmonisation is inevitable
• Regulatory tools are being sharpened
• Focus on execution is shifting to security
• New market entrants are being strongly encouraged
osborneclarke.com Private & Confidential
23
Concluding remarks – PSD Review (2)
• Implications of regulatory evolution could be far-reaching for all stakeholders:
– harder to discern perimeter of regulation
– harder to differentiate or justify differentiation by product or provider
– multiple regulators with overlapping interests
– standardisation may override customer segregation
– significant technology developments
osborneclarke.com Private & Confidential
24
Further reading
• Payment Services Directivehttp://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32007L0064:EN:NOT
• Electronic Money Directivehttp://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32000L0046:EN:NOT
• European Commission’s Green Paper: Towards an integrated European market for card, internet and mobile paymentshttp://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52011DC0941:EN:NOT
• European Commission's draft proposal for a Network and Information Security Directivehttp://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1666
• ECB's Recommendations for the Security of Internet Paymentshttp://www.ecb.int/pub/pdf/other/recommendationsforthesecurityofinternetpaymentsen.pdf
• Single Market Act IIhttp://ec.europa.eu/internal_market/smact/docs/single-market-act2_en.pdf
• European Commission's proposal for a Payment Account Directivehttp://ec.europa.eu/internal_market/finservices-retail/inclusion/index_en.htm
• European Commission's July 2013 package of draft legislative proposals for a revised PSD and a new Interchange Fees Regulationhttp://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2013:0550:FIN:EN:PDF
• ECB's draft Recommendation for the Security of Mobile Paymentshttp://www.ecb.europa.eu/paym/cons/pdf/131120/recommendationsforthesecurityofmobilepaymentsdraftpc201311en.pdf
Private & Confidentialosborneclarke.com
25
Contact details – Paul Anning
Paul Anning is head of European law-firm, Osborne Clarke's Financial Institutions Group and a specialist financial services lawyer. Paul has market leading experience and expertise in the payments industry where he has guided clients through new product development, regulatory change and transformational projects, such as the creation of the UK's Payments Council (which sets the strategy for UK payments), the merger creating VocaLink (the UK’s largest payments processor), the UK's first NFC enabled stored value mobile payment solution (QuickTap) and the acquisition of one of Europe's leading prepaid card issuers.Paul is well versed in the complexities of the payments industry's network arrangements. He also has a deep knowledge of legal and regulatory developments affecting the payments industry, including key European developments such as the Single Euro Payments Area (SEPA), the Payment
Services Directive (PSD) and the Second Electronic Money Directive (2EMD). On PSD specifically, he has been involved since its inception in 2003 and has been advising the UK's Payments Council, banks and other payment service providers.Paul and the Osborne Clarke Payments team act for a range of clients from infrastructure providers and traditional credit institutions and GTS businesses through to electronic money issuers and corporates and retailers (including on corporate card and co-branded arrangements). Their Payments practice is recognized externally as top-tier ranking, with commentary such as - "Osborne Clarke is one of the leading practices working in the payments services sphere" and in July 2012 an award for "TMT Team of the Year 2012" at The Lawyer Awards for their work on Everything Everywhere and Barclaycard's QuickTap product.
Paul AnningPartnerT +44 (0) 20 7105 [email protected] TMT Team of the
Year 2012
The Lawyer Awards
IT Firm of the Year 2012
JUVE Awards