This document is an excerpt from the EUR-Lex website
Document 52023AE3611
Opinion of the European Economic and Social Committee on a) Proposal for a Regulation of the European Parliament and of the Council on a framework for Financial Data Access and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010 and (EU) 2022/2554 (COM(2023) 360 final — 2023/0205 (COD)) b) Proposal for a Directive of the European Parliament and of the Council on payment services and electronic money services in the Internal Market amending Directive 98/26/EC and repealing Directives 2015/2366/EU and 2009/110/EC (COM(2023) 366 final — 2023/0209 (COD)) and c) Proposal for a Regulation of the European Parliament and of the Council on payment services in the internal market and amending Regulation (EU) No 1093/2010 (COM(2023) 367 final — 2023/0210 (COD))
Opinion of the European Economic and Social Committee on a) Proposal for a Regulation of the European Parliament and of the Council on a framework for Financial Data Access and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010 and (EU) 2022/2554 (COM(2023) 360 final — 2023/0205 (COD)) b) Proposal for a Directive of the European Parliament and of the Council on payment services and electronic money services in the Internal Market amending Directive 98/26/EC and repealing Directives 2015/2366/EU and 2009/110/EC (COM(2023) 366 final — 2023/0209 (COD)) and c) Proposal for a Regulation of the European Parliament and of the Council on payment services in the internal market and amending Regulation (EU) No 1093/2010 (COM(2023) 367 final — 2023/0210 (COD))
Opinion of the European Economic and Social Committee on a) Proposal for a Regulation of the European Parliament and of the Council on a framework for Financial Data Access and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010 and (EU) 2022/2554 (COM(2023) 360 final — 2023/0205 (COD)) b) Proposal for a Directive of the European Parliament and of the Council on payment services and electronic money services in the Internal Market amending Directive 98/26/EC and repealing Directives 2015/2366/EU and 2009/110/EC (COM(2023) 366 final — 2023/0209 (COD)) and c) Proposal for a Regulation of the European Parliament and of the Council on payment services in the internal market and amending Regulation (EU) No 1093/2010 (COM(2023) 367 final — 2023/0210 (COD))
EESC 2023/03611
OJ C, C/2024/1594, 5.3.2024, ELI: http://data.europa.eu/eli/C/2024/1594/oj (BG, ES, CS, DA, DE, ET, EL, EN, FR, GA, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
|
Official Journal |
EN Series C |
|
C/2024/1594 |
5.3.2024 |
Opinion of the European Economic and Social Committee on
a) Proposal for a Regulation of the European Parliament and of the Council on a framework for Financial Data Access and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010 and (EU) 2022/2554
(COM(2023) 360 final — 2023/0205 (COD))
b) Proposal for a Directive of the European Parliament and of the Council on payment services and electronic money services in the Internal Market amending Directive 98/26/EC and repealing Directives 2015/2366/EU and 2009/110/EC
(COM(2023) 366 final — 2023/0209 (COD))
and c) Proposal for a Regulation of the European Parliament and of the Council on payment services in the internal market and amending Regulation (EU) No 1093/2010
(COM(2023) 367 final — 2023/0210 (COD))
(C/2024/1594)
|
Rapporteur: |
João NABAIS |
|
Referrals |
|
||||||
|
Legal basis |
|
||||||
|
Section responsible |
Section for the Single Market, Production and Consumption |
||||||
|
Adopted in section |
23.11.2023 |
||||||
|
Adopted at plenary |
14.12.2023 |
||||||
|
Plenary session No |
583 |
||||||
|
Outcome of vote (for/against/abstentions) |
197/7/13 |
1. Conclusions and recommendations
|
1.1. |
The European Economic and Social Committee (EESC) welcomes the inclusion of e-money services and independent Automated Teller Machines (ATM) services in the directive (as well as the regulation), as this increases the safeguards for users. |
|
1.2. |
The EESC finds that it is necessary to clarify in this new directive whether or not digital wallets (such as Apple or Google Pay) are included. |
|
1.3. |
The role of the supervisory authorities of the host Member State should be extended and should include more powers with regard to payment institutions that carry out their activities by exercising the right of establishment and the freedom to provide services. |
|
1.4. |
The EESC welcomes the provision in the proposed directive with regard to cash provision services in retail stores. |
|
1.5. |
It considers that the five-year period laid down in the review clause of the proposed directive (Article 43) is too long. |
|
1.6. |
The redesign of the revised Payment Services Directive (1) (PSD2), replacing the latter with a directive and this proposed Payment Services Regulation (2) (PSR), lacks provision for stronger consumer protection against new types of fraud and scams; for this reason the EESC proposes a range of measures under point 3.2.7 below. |
|
1.7. |
The EESC deems the introduction of prior information on the cost of withdrawals (Article 7 of the PSR) to be positive. |
|
1.8. |
It welcomes the proposal to extend the ban on increased charges for credit transfers and direct debit transactions in all EU currencies (Article 28 PSR). |
|
1.9. |
The EESC also welcomes the provisions of the PSR requiring the establishment of a permissions dashboard and users’ permission for payments. |
|
1.10. |
It warns that it is not acceptable for consumers to be induced to introduce their security credentials on third-party websites. |
|
1.11. |
The EESC calls for consideration to be given to the correlation between the proposed directive on instant payments and the PSR as regards International Bank Account Number (IBAN) verification. It would refer here to its opinion on the Instant Payments Regulation (3). |
|
1.12. |
In addition, the EESC calls for consideration to be given to applying these services to batch payments. |
|
1.13. |
The ban on Payment Services Providers (PSPs) unilaterally increasing the spending limits of payment instruments (Article 51) is very positive. |
|
1.14. |
The rules on the blocking of payment funds when the amount of the transaction is not known in advance are to be welcomed (Article 61 of the PSR). |
|
1.15. |
Given the serious nature of the fraud and scams that are often practised, the proposed regulation should consider a feature in the schemes for the recovery of funds, without affecting settlement, where it is reasonable to suspect that fraud has occurred. |
|
1.16. |
The EESC would point out the need to improve the provisions of the PSR on strong customer authentication (SCA). |
|
1.17. |
The proposed regulation on open finance (4) should strike a balance between the needs of the parties involved, without losing sight of the need to protect customers’ data. Proper training for PSP staff should be provided, with a view to better provision of services. The EESC believes that the data minimisation principle under the General Data Protection Regulation (5) (GDPR) should be guaranteed. |
|
1.18. |
The list of customer data categories in the proposed regulation is quite comprehensive and has been extended (Article 2), but there is still a risk of misuse and illegitimate interference with the data collected. |
|
1.19. |
The proposed regulation falls short on prohibiting the use of sensitive personal data and relevant financial data and does not properly safeguard balance and transparency. |
|
1.20. |
Dashboards (and portals) should follow specific patterns that allow consumers to give their consent to the data that can be shared and to determine with which entities and for what purposes their data is shared. |
2. Background and problems detected
|
2.1. |
The Commission has shown that it firmly believes that the decision to submit two separate legal instruments would be the most appropriate approach to legislation on payments, given that a separate directive regulating the licensing and supervision of institutions providing payment services and e-money services is warranted because these competences still fall within the remit of Member States’ authorities and the Commission is not proposing that they be transferred to an EU-level remit. |
|
2.2. |
Although the PSD2 could be considered to have largely achieved the objectives identified by the Commission, the latter has published an assessment of its impact and concluded that four key problems in the EU payments market persist. |
|
2.3. |
The problems identified by the Commission are as follows: (1) consumers are at risk of fraud and lack confidence in payments; (2) the open banking sector is still developing and needs improving; (3) supervisors in EU Member States have inconsistent powers and obligations; and (4) there is an unlevel playing field between banks and non-bank PSPs. |
|
2.4. |
The Commission deems these four problems to have the following consequences for the market: (1) users (consumers, merchants and small and medium-sized enterprises (SMEs)) continue to be exposed to fraud risk and have a very limited choice of payment services, being faced with prices higher than they need to be; (2) banking providers face some obstacles to offering basic services and find it harder to innovate; (3) PSPs experience uncertainty about their obligations, and non-bank PSPs are at a competitive disadvantage vis-à-vis banks; (4) there are economic inefficiencies and higher costs of commercial operations, which has a negative impact on EU competitiveness; and (5) the internal market for payments is fragmented, with forum shopping (where companies seek the Member State with the most favourable legal framework) occurring. |
|
2.5. |
As regards the proposed Regulation (6), in 2020 the Commission already identified the promotion of a data-based financial environment as one of the priorities of its digital finance and payments strategy and announced its intention to go ahead with a legislative proposal to create a better framework for access to financial data. |
|
2.6. |
The regulation of access to financial data concerns the processing of data in a business-to-business or business-to-customer (including consumer) relationship, based on a request — a fundamental requirement — from a customer for a wide range of financial services. |
3. Analysis and general comments
3.1. Proposal for a Directive on Payment services and electronic money services (7)
|
3.1.1. |
As regards the scope (Articles 1 and 2 and Recitals 13 and 68), this proposal for a directive is largely based on Title II of PSD2 — Payment service providers — which applies only to payment institutions. |
|
3.1.2. |
The present proposal updates and clarifies the provisions of that directive in relation to payment institutions by including former electronic money institutions in the sub-category of payment institutions, and consequently repeals the Second Electronic Money Directive (8). |
|
3.1.3. |
Furthermore, it includes provisions on cash withdrawal services provided by merchants (without the need to make a purchase) or by independent cash machine or Automated Teller Machine (ATM) deployers, and revises the Settlement Finality Directive (9). |
|
3.1.4. |
The EESC welcomes the inclusion of e-money services in the directive (and also in the regulation), as this increases the safeguards for users of these services as well as the payment services already covered by PSD2. |
|
3.1.5. |
The inclusion of independent ATM services is also positive. |
|
3.1.6. |
The EESC does note, however, that there are still a considerable number of exclusions which leave many services outside of what is a necessary and appropriate regulatory framework. |
|
3.1.7. |
It is necessary to clarify in this new directive whether or not digital wallets (such as Apple or Google Pay) are included, as these services are widely used for payments worldwide and are quite popular in the EU as well. The EESC would therefore argue that they should indeed be included. |
|
3.1.8. |
In fact, the EESC believes that it is inappropriate that these payment instruments should only be considered in the future review due to take place five years after the entry into force of the directive, bearing in mind how important these services already are today. |
|
3.1.9. |
As regards the supervision of payment institutions that carry out their activities by exercising the right of establishment and the freedom to provide services (Article 31 of the proposed directive), the role of the competent authorities of the host Member State should be extended and should include more powers. |
|
3.1.10. |
Currently, there are many cases where users are obliged to lodge complaints with the authorities of the Member State in which the payment institution is located — that is to say, in a country other than that the one in which the users are located. |
|
3.1.11. |
In this respect, it should be noted that the option of setting up a central contact point in the host Member State, at the request of the latter, is positive, although the EESC proposes that this be mandatory and not merely an option. |
|
3.1.12. |
With regard to cash provision services in retail stores (Article 37 of the proposed directive), this provision is to be welcomed, as it responds to a need resulting from the progressive reduction in access to hard cash, now that more and more ATMs and bank branches are being closed. |
|
3.1.13. |
As regards the review clause (Article 43 of the proposed directive), the EESC considers that the five-year period before carrying out a review is too long, given the pace of innovation in services and the predictable emergence of new and more sophisticated service providers, as well as the appearance of new types of fraud, which makes it essential to update the legal and regulatory framework more frequently. |
3.2. Proposal for a Regulation on Payment Services (10)
|
3.2.1. |
In recent years, the directives issued in this area have introduced measures that have had a very positive impact, such as reducing payment card users’ liability to EUR 50 in the event of unauthorised payments, the right to reimbursement in the event of erroneous direct debits challenged within a period of 8 weeks, the ban on additional charges for the use of credit or debit card payments, and, lastly, the implementation of SCA requirements. |
|
3.2.2. |
However, fraud and scams remain a source of serious concern and now the user is the target, rather than the payment instrument or channel. |
|
3.2.3. |
Thus, laws and regulations must help eliminate such attacks against customers/consumers, also addressing phishing and spoofing. To combat fraud more effectively, the Commission should focus on prevention and detection, and target criminals by making it mandatory to implement measures for all parties whose services and systems are exposed to cyber fraud. At the same time, it should raise users’ awareness in order to protect information and their access data. |
|
3.2.4. |
As is well known, in many cases payers/clients are induced to do such things as share their credentials, such as passwords or codes, or make payments from their accounts. |
|
3.2.5. |
These actions are in practice carried out by the payers/clients, but under the influence of criminals who manage to create conditions to mislead them. Although, in such cases, the action is physically carried out by the payer, the fact remains that, from a subjective point of view, it does not correspond to what they actually want. |
|
3.2.6. |
In this context, replacing the PSD2 with this proposed regulation (PSR) lacks provision for stronger consumer protection against these new types of fraud and scams; what is missing is a broader set of provisions, measures and requirements for payment service providers, and for other entities whose services and systems are exposed to cyber fraud (for example, electronic communication services and social media platforms). |
|
3.2.7. |
The EESC is proposing a number of measures including: (1) a clear definition of the concept of ‘gross negligence’, ‘authorisation’ and ‘suspected/actual fraud’; (2) arrangements that clearly define liability in such cases of fraud and/or scams, with a clear definition of gross negligence and scrutiny, along with the right to immediate reimbursement of the amounts removed from bank accounts; (3) the definition of a strict framework for sharing responsibilities between payment service providers, payers and payment recipients, involving other participants in the payment chain; (4) a requirement for increased monitoring of transactions by payment service providers, including by setting clear responsibilities/liabilities for all participants in the payment service; (5) a requirement to invest in the establishment of means to identify fake websites and fake IBANs used by fraudsters; (6) an obligation on payment service providers to participate in alternative dispute resolution mechanisms to make Recital 122 effective; (7) the legal means for PSPs to suspend payment services in the event of suspected fraud, including by blocking certain payments and recovering funds credited; and (8) the provision of adequate training for PSP staff in this regard, as well as steps to promote user awareness of how to use payment instruments properly, ways to detect fraudsters/scammers, and what to do in the event of fraud/scams. |
|
3.2.8. |
On contactless payments, the Commission, in its retail payments strategy, has indicated that there would be an assessment of the possible introduction of a functionality allowing consumers to define their preference for thresholds in contactless payments, and the EESC calls for a solution such as this to be put in place. |
|
3.2.9. |
This would respond to many consumers’ concerns that the EUR 50 ceiling for contactless payments is too high and to their desire for the ceiling to be lower for their debit card. |
|
3.2.10. |
As regards information requirements applicable to cash withdrawal services, the EESC welcomes the introduction of prior information on the cost of withdrawals (Article 7 of the proposed regulation). |
|
3.2.11. |
With regard to rights and obligations relating to the use of payment services, the EESC also welcomes the proposal to extend the ban on increased charges for credit transfers and direct debit transactions in all EU currencies (Article 28 of the proposed regulation). |
|
3.2.12. |
The definition of rules for transactions initiated by merchants to be aligned with those for direct debits, applying the same consumer protection rules to both, is also to be welcomed. |
|
3.2.13. |
The amendments contained in Article 32, allowing payment institutions access to a payment account, are important and remove unwarranted limitations to such access. |
|
3.2.14. |
The provisions of the proposed regulation requiring the establishment of a permissions dashboard and users’ permission, including the possibility for users to handle these, are welcome. However, the EESC considers that the ban on the use of screen scraping, set out in Recital 61, should be included in the articles on access to account data. |
|
3.2.15. |
Also in this domain, the EESC warns that it is not acceptable for consumers to be induced to introduce their security credentials on third-party websites. Consumers’ sensitive data should not be processed and consumers must be guaranteed that they will not be denied access to products or services when they refuse to participate in an open banking environment. |
|
3.2.16. |
The requirement is to be welcomed to introduce cost-free IBAN verification for banks and payment service providers, along the lines of that which already exists in the proposal for a Regulation on Instant Payments (Article 50). The EESC calls for consideration to be given to the correlation between both proposals (instant payments and PSR) as regards IBAN verification. In addition, the EESC calls for consideration to be given to applying this service to payments by companies in instalments. |
|
3.2.17. |
However, this measure concerns only one type of scam; as mentioned above, the PSR should include more measures to prevent fraud, even those outside the payment services environment, and to support users who are victims thereof. The EESC recommends considering ways of applying these measures beyond the context of payments. |
|
3.2.18. |
The ban on PSPs unilaterally increasing the spending limits of payment instruments (Article 51) is very positive. |
|
3.2.19. |
On liability for unauthorised payments, despite some positive innovations, there is still room for improvement in the relevant legal provisions so as to ensure that PSR Recital 79 is effective. Thus, the EESC calls upon the Commission to further evaluate the need to set up a proper mechanism regarding the chain of responsibility in the entire payment service environment, including users of the services. |
|
3.2.20. |
It is still not clear what gross negligence is and how it can be proven, and for this reason PSPs may hold consumers liable for fraud of which they are actually the victims. |
|
3.2.21. |
The rules on the blocking of payment funds when the amount of the transaction is not known in advance are to be welcomed, as they will reduce or even eliminate consumer complaints about the blocking of disproportionate amounts and about the delay in releasing blocked funds (Article 61). |
|
3.2.22. |
Given the serious nature of the fraud and scams that are often practised, the proposed regulation should consider a feature in the schemes for the recovery of funds, without affecting settlement, where it is reasonable to suspect that fraud has occurred. |
|
3.2.23. |
The requirement to report fraud is positive (Article 82), underlining the important role assigned to the European Banking Authority (EBA) in this domain. |
|
3.2.24. |
It should be mandatory for PSPs to share fraudulent IBANs and other data that could be used to prevent fraud, with the aim of preventing future cases of fraud (Article 83) at the first attempt at fraud, whether it has been perpetrated or rejected, and not requiring two different customers to report it. The EESC recommends considering whether this obligation could be applied to third parties, including public authorities and law enforcement agencies, in order to benefit from the network effect. Enabling swifter data sharing among PSPs and with authorities will allow better fraud detection and prevention. |
|
3.2.25. |
The EESC welcomes the requirements to issue warnings on new forms and types of fraud, but this must not under any circumstances lead to a reduction in PSPs’ liability in relation to fraud prevention, the burden of proof or the protection of consumer rights (Article 84). |
|
3.2.26. |
The provisions of the PSR on the introduction of training programmes for PSP staff are also deemed to be positive. |
|
3.2.27. |
The EESC welcomes the provisions in the PSR on SCA, so as to ensure that everyone — including people with physical disabilities, elderly people, people who are unable to use digital means and people who do not have access to digital channels or smartphones — also has at their disposal at least one means to perform strong authentication. |
|
3.2.28. |
Many consumers complain that the ways to carry out strong authentication usually entail the need to access an app-based solution. |
|
3.2.29. |
This means that many consumers are excluded from making certain payments, especially payments for online purchases using cards. The EESC recommends that the most suitable SCAs be assessed for inclusion, taking into account the implementation and enforcement issues of other legislation such as the GDPR and the European Accessibility Act (11). |
|
3.2.30. |
The provisions giving the EBA powers to intervene on payment products made available by PSPs are to be welcomed (Article 104). |
|
3.2.31. |
As noted for PSD3 (Payment Services Directive 3), the deadline for reviewing the provisions of this payment services regulation lies too far in the future. |
|
3.2.32. |
The EESC recommends that legislators consider extending the implementation period by another 6 months, allowing PSPs time to adapt to significant technical developments. |
3.3. Proposal for a Regulation on a Framework for Financial Data Access (Open Finance) (12)
|
3.3.1. |
This proposal for a regulation aims to address problems identified in the field of data sharing by giving consumers and businesses the means to have better access to their financial data. |
|
3.3.2. |
This initiative will make it possible for consumers and firms to benefit from products and services that have been created to meet their needs, based on the relevant data, while avoiding the inherent risks. The EESC believes that the development of technological solutions should take into account issues related to accessibility and use from the outset, avoiding potential future problems. |
|
3.3.3. |
With this proposed regulation, the Commission intends to improve the economic outcomes for financial services customers (consumers and businesses) by promoting digital transformation and speeding up adoption of data-driven business models in the EU financial sector. |
|
3.3.4. |
While fully accepting this objective of promoting a data-driven economy, it is important to establish a regulatory framework that clearly defines the rules governing data sharing, taking into account reciprocity for all parties involved (including outside the EU). This is particularly important in the field of financial data, as it involves sensitive information for both individuals and businesses. |
|
3.3.5. |
The proposed regulation should strike a balance between the needs of the parties involved, never losing sight of the need to protect customers’ data. Proper training for PSP staff should be provided to ensure better provision of services. The EESC believes that the data minimisation principle under the GDPR should be guaranteed. |
|
3.3.6. |
The list of customer data categories in the proposed regulation is quite comprehensive and has been extended (Article 2), but there is still a risk of misuse and illegitimate interference with the data collected. The EESC also highlights that it is possible that the playing field is not level between highly-regulated financial institutions and other market participants. |
|
3.3.7. |
The EESC believes that it is important for the EBA and the European Insurance and Occupational Pensions Authority (EIOPA) to be given an explicit mandate (Article 7) to develop guidelines for processing consumer data for products and services relating to the credit level and risk assessment of consumers and in the case of life, health and sickness insurance products. |
|
3.3.8. |
However, the proposed regulation is lacking in bans on the use of sensitive personal data and relevant financial data and does not properly safeguard balance and transparency. |
|
3.3.9. |
The EESC supports the provision requiring data holders to provide customers with a dashboard allowing them to take decisions to safeguard their position (Article 8). |
|
3.3.10. |
Dashboards (and portals) should follow specific patterns that allow consumers to give their consent to the data that can be shared, and to determine with which entities and for what purposes their data is shared. It is very important that consumers understand and feel that their consent is essential. |
|
3.3.11. |
The EESC considers that, in order for dashboards to work better, the implementation of restrictive practices by data holders should be prevented. |
|
3.3.12. |
Along the same lines as recommendations on the implementation of provisions on PSR, the EESC recommends that legislators consider extending the implementation period for technical features under FiDA (Financial Data Access framework) by another 6 months. |
Brussels, 14 December 2023.
The President of the European Economic and Social Committee
Oliver RÖPKE
(1) COM(2023) 366 final.
(2) COM(2023) 367 final.
(3) OJ C 146, 27.4.2023, p. 23.
(4) COM(2023) 360 final.
(5) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1)
(6) COM(2023) 360 final.
(7) COM(2023) 366 final.
(8) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).
(9) Directive 98/26/EC of the European Parliament and of the Council of 19 May 1998 on settlement finality in payment and securities settlement systems (OJ L 166, 11.6.1998, p. 45).
(10) COM(2023) 367 final.
(11) Directive (EU) 2019/882 of the European Parliament and of the Council of 17 April 2019 on the accessibility requirements for products and services (OJ L 151, 7.6.2019, p. 70).
(12) COM(2023) 360 final.
ANNEX
The following amendments, which received at least a quarter of the votes cast, were rejected in the course of the debate (Rule 74(3) of the Rules of Procedure):
Point 3.2.7
Amend as follows
|
Section opinion |
Amendment |
|
The EESC is proposing a number of measures including: (1) a clear definition of the concept of ‘gross negligence’, ‘authorisation’ and ‘suspected/actual fraud’; (2) arrangements that clearly define liability in such cases of fraud and/or scams, with a clear definition of gross negligence and scrutiny, along with the right to immediate reimbursement of the amounts removed from bank accounts; (3) the definition of a strict framework for sharing responsibilities between payment service providers, payers and payment recipients, involving other participants in the payment chain; (4) a requirement for increased monitoring of transactions by payment service providers, including by setting clear responsibilities/liabilities for all participants in the payment service; (5) a requirement to invest in the establishment of means to identify fake websites and fake IBANs used by fraudsters; (6) an obligation on payment service providers to participate in alternative dispute resolution mechanisms to make Recital 122 effective; (7) the legal means for PSPs to suspend payment services in the event of suspected fraud, including by blocking certain payments and recovering funds credited; and (8) the provision of adequate training for PSP staff in this regard, as well as steps to promote user awareness of how to use payment instruments properly, ways to detect fraudsters/scammers, and what to do in the event of fraud/scams. |
The EESC is proposing a number of measures including: (1) a clear definition of the concept of ‘gross negligence’, ‘authorisation’ and ‘suspected/actual fraud’; (2) arrangements that clearly define liability in such cases of fraud and/or scams, with a clear definition of gross negligence and scrutiny, along with the right to reimbursement of the amounts removed from bank accounts; (3) the definition of a strict framework for sharing responsibilities between payment service providers, payers and payment recipients, involving other participants in the payment chain; (4) a requirement for increased monitoring of transactions by payment service providers, including by setting clear responsibilities/liabilities for all participants in the payment service; (5) a requirement to invest in the establishment of means to identify fake websites and fake IBANs used by fraudsters; (6) an obligation on payment service providers to participate in alternative dispute resolution mechanisms to make Recital 122 effective; (7) the legal means for PSPs to suspend payment services in the event of suspected fraud, including by blocking certain payments and recovering funds credited; and (8) the provision of adequate training for PSP staff in this regard, as well as steps to promote user awareness of how to use payment instruments properly, ways to detect fraudsters/scammers, and what to do in the event of fraud/scams. |
Outcome of the vote:
|
In favour: |
83 |
|
Against: |
110 |
|
Abstention: |
19 |
Point 3.2.8
Amend as follows
|
Section opinion |
Amendment |
|
On contactless payments, the Commission, in its retail payments strategy, has indicated that there would be an assessment of the possible introduction of a functionality allowing consumers to define their preference for thresholds in contactless payments, and the EESC calls for a solution such as this to be put in place. |
On contactless payments, the Commission, in its retail payments strategy, has indicated that there would be an assessment of the possible introduction of a functionality allowing consumers to define their preference for thresholds in contactless payments, and the EESC calls for a solution such as this to be put in place if such assessment has proven that the functionality is feasible . |
Outcome of the vote:
|
In favour: |
73 |
|
Against: |
126 |
|
Abstention: |
17 |
Point 3.2.20
Amend as follows
|
Section opinion |
Amendment |
|
It is still not clear what gross negligence is and how it can be proven , and for this reason PSPs may hold consumers liable for fraud of which they are actually the victims . |
It is still not clear what gross negligence is and how it can be proven. |
Outcome of the vote:
|
In favour: |
68 |
|
Against: |
136 |
|
Abstention: |
17 |
ELI: http://data.europa.eu/eli/C/2024/1594/oj
ISSN 1977-091X (electronic edition)