EXPLANATORY MEMORANDUM

1.           Context of the proposal

Grounds for and objectives of the proposal

The electronic payments market in Europe offers great opportunities for innovation. Consumers have already significantly changed their payment habits in recent years. In addition to the ever growing number of credit and debit card payments, the rise of e-commerce and the increasing popularity of smart phones have paved the way for the emergence of new means of payments. The benefits of better market integration and reduced fragmentation in this field at European level are substantial.

This initiative will allow consumers and merchants to benefit fully from the internal market, particularly in terms of e-commerce.The aim of the proposal is to help develop further an EU-wide market for electronic payments, which will enable consumers, retailers and other market players to enjoy the full benefits of the EU internal market, in line with Europe 2020 and the Digital Agenda. Such further integration is becoming increasingly important as the world moves beyond bricks-and-mortar trade towards a digital economy.

To achieve this and promote more competition, efficiency and innovation in the field of e-payments, there should be legal clarity and a level playing field, leading to downward convergence of costs and prices for payment services users, more choice and transparency of payment services, facilitating the provision of innovative payment services, and to ensure secure and transparent payment services.

These objectives will be achieved by updating and complementing the current framework on payments services; providing for rules that enhance transparency, innovation and security in the field of retail payments and improving consistency between national rules, with an emphasis on the legitimate needs of consumers. The proposed measures seek to do so in a technologically neutral manner that will remain relevant as payment services evolve further.

This proposal also incorporates and repeals Directive 2007/64/EC of the European Parliament and of the Council (the so called ‘Payment Services Directive’ or ‘PSD’)[1] which sets the basis for a harmonised legal framework for the creation of an integrated payments market, thus improving the level playing field and accessibility of the current payments framework for all stakeholders.

At a time when the distinction between payment institutions (subject to the PSD) and electronic money institutions (subject to Directive 2009/110/EC of the European Parliament and of the Council[2], the second Electronic Money Directive or ‘EMD’) is increasingly blurred as technology and business models converge, a full modernisation of the digital payment framework resulting in the merger of both categories of actors and respective legislations would be optimal. This would however entail as a pre-requisite to review the EMD to ensure a coherent regulatory framework. Unfortunately, the late transposition by many Member States of the EMD has not allowed gaining sufficient experience with this Directive to evaluate it together with the Payment Service Directive and consider possible synergies in the review. A review of Directive 2009/110/EC is foreseen to take place in 2014.

General context

Significant progress and integration of retail payments in the EU have been achieved over the past 12 years, with the current regulatory and legislative acquis on payments.

The legal framework established by the PSD, the cross-border payments Regulation (EC) No 924/2009[3] and the Second Electronic Money Directive have already resulted in significant progress regarding the integration of the European retail payments markets. The SEPA migration end-date Regulation (EU) No 260/2012[4] brought this development a step further by setting migration deadlines for pan-European credit transfers and direct debits, replacing national schemes for national and cross border euro payments within the EU (1 February 2014 for the Eurozone). This regulatory framework is complemented by ECJ case law and Commission decisions in the context of competition law in the field of retail payments.

The retail payments market is very dynamic and has experienced a significant innovation pace in the last few years. At the same time, important areas of the payments market, especially card payments and new means of payments, such as internet and mobile payments, are often still fragmented along national borders making it difficult for innovative and easy-to-use digital payment services to develop efficiently and to provide consumers and retailers with convenient and secure payment methods (with the possible exception of credit cards) at pan-European level to purchase an expanding range of goods and services. The latest developments in these markets have also highlighted certain gaps in the current legal framework for payments and market failures in the markets for card, internet and mobile payments to be addressed in this initiative.

The review of the European framework and notably the Payment Services Directive and the consultation on the Commission Green Paper ‘Towards an integrated European market for card, internet and mobile payments’[5] in 2012 have led to the conclusion that further measures and regulatory updates, including adjustments to the PSD, are required so that the payments framework can better serve the needs of an effective European payments market, fully contributing to a payments environment which nurtures competition, innovation and security.

In the Commission’s 2012 Communication “Single Market Act II – Together for new growth”[6], the modernisation of the legislative framework for retail payments has been identified as a key priority in view of its potential for new growth and innovation. The revision of the PSD and the preparation of a legislative proposal on multilateral interchange fees for card payments were defined as one of the key actions of the Commission for 2013.

Existing provisions in the area of the proposal

This initiative is part of a broader package of legislative measures on payment services. It will complement and update the existing legal framework for payment services within the EU, and notably:

– Directive 2007/64/EC creating a harmonised legal framework so that payments could be made more quickly and easily through the whole EU, introducing more competition in payment systems and facilitating economies of scale. It also facilitated the operational implementation of the Single Euro Payments Area (SEPA).

– Regulation (EC) 924/2009 on cross-border payments repealing Regulation (EC) No 2560/2001 and extending the scope of the Regulation to direct debits. It eliminated the differences in payment charges for payment service users between national and cross-border payments in euro with in the European Union. It applies to all electronically processed payments.

– Regulation (EU) No 260/2012 setting migration deadlines for pan-European credit transfers and pan-European direct debits and replacing national schemes for national and cross border euro payments within the European Union.

– Directive 2009/110/EC on electronic money providing for the legal framework to issue and redeem e-money and brings the prudential regime for electronic money institutions in line with the requirements for payment institutions in the PSD.

– Regulation (EC) No 1781/2006 laying down rules for payment service providers to send information on the payer throughout the payment chain for the purposes of prevention, investigation and detection of money laundering and terrorist financing.

In addition to the legislative framework, a number of competition proceedings conducted at European and national level have addressed anti-competitive practices in the payment market.

Consistency with other policies and objectives of the Union

The objectives of the proposal are fully coherent with the EU policies and objectives pursued by the Union. First, this proposal will improve the functioning of the internal market for payment services and more broadly for all goods and services given the need for innovative, efficient and secure means of payments. By facilitating economic transactions within the Union, this will also contribute to the attainment of the wider objectives of the EU 2020 strategy and the promotion of new growth. Second, this initiative supports EU policies in other areas such as data protection, administrative sanctions, anti-money laundering and terrorist financing and more in particular:

– The Commission's legislative initiatives regarding the Digital Agenda for Europe[7] and notably the Commission's proposal for a legal framework on electronic identification and trust in services for electronic transactions[8] and its proposal concerning measures to ensure a high common level of network and information security across the Union[9] and the key priorities identified in the Communication on e-Commerce and online Services[10], which aim to achieve a Digital Single Market.

– The Commission's efforts to increase competition through establishing equal obligations, rights and opportunities for market players and facilitating cross-border provision of payment services.

– The Commission’s legislative proposal on interchange fees for card-based payment transactions and on the use of certain restrictive business rules and practices which is prepared at the same time and in close coordination with the present proposal.

– Directive 2011/83/EC on Consumer Rights[11] which aims at promoting a real business-to-consumer internal market and at striking the right balance between a high level of consumer protection and the competitiveness of enterprises, thereby limiting the discretion of merchants to apply charges on the use of payment instruments to the costs at hand.

2.           consultations with interested parties and impact assessment

Consultation of interested parties

On 11 January 2012, the European Commission published a Green Paper "Towards an integrated European market for card, internet and mobile payments”[12] which was followed by an extensive public consultation. The Commission received more than 300 replies from authorities, civil society, business federations and companies from different fields, representing a broad variety of stakeholders. An additional number of comments, position papers and contributions were received outside the consultation.

The comprehensive feedback by stakeholders[13] provided relevant information on some recent new developments and on possible requirements for changes to the existing payments framework. A public hearing in the same context took place on 4 May 2012 and was attended by some 350 interested stakeholders.

On 20 November 2012, the European Parliament adopted a resolution “Towards an integrated European market for card, internet and mobile payments[14]. The resolution acknowledges the objectives and integration hurdles identified in the Green Paper and calls for legislative action in different areas concerning card payments, while suggesting more caution regarding internet and mobile payments due to the lesser maturity of those markets. Furthermore, it calls for a reform of the Single Euro Payments Area (SEPA) governance model.

The consultation results called for important regulatory adjustments to the existing framework, in order to reinforce the effectiveness of the European payments market and contribute to a payment environment nurturing competition, innovation and security.

Use of expertise

Regarding the review of the PSD and of the Regulation on cross-border payments in the Internal Market, and the potential need for a revision of both legal texts, the Commission engaged in additional work to obtain evidence in the field and to ensure full engagement of the different stakeholders.

The Commission’s review process on the impact of the PSD and the Regulation on cross-border payments in the Internal Market has been based on two dedicated external studies. These studies have provided the Commission with a comprehensive picture of the economic and legal consequences arising from the PSD. The first study, carried out by external consultants Tipik in 2011, provided a legal conformity assessment regarding the transposition of the PSD in the 27 Member States[15]. Over the course of 2012, a second study prepared by London Economics and iff in association with PaySys, analysed the impact of the PSD on payment services in the internal market and the application of the Regulation on cross-border payments in the Community. Furthermore, input by Member States and relevant market actors was gathered via the Commission's advisory committees in the field of payments policy, i.e. the Payments Committee (composed of representatives from EU countries) and the Payment Systems Market Expert Group (composed of market representatives from both the supply and the demand side). In addition, the Commission consulted further relevant stakeholders on particular issues as appropriate.

Impact assessment

The Commission carried out an Impact Assessment[16], where it analysed the potential consequences of a lack of an integrated European payments market. Notably the following problem drivers were examined:

– Inconsistent application of the existing rules across Member States due to many options and often very general criteria of application. In particular, certain exemptions set out in the PSD appear too general or outdated with regard to market developments and are being interpreted very differently. Gaps in the scope of application also arise for payments with one leg of the transaction located outside the EEA and payments in non-EU currencies, leading to continued market fragmentation, regulatory arbitrage, and distortions of competition.

– Legal vacuum for certain newly emerged internet service providers, such as third party service providers offering online banking based payment initiation. These services represent a viable and often cheaper payment alternative to card payments, attractive also for consumers who do not dispose of cards. Most of these providers are currently not subject to the current legal framework as they do not hold funds at any moment. The legal vacuum risks impeding innovation and appropriate market access conditions.

– Lack of standardisation and inter-operability between different payment solutions (card, internet and mobile payments), in varying aspects and to different degrees especially at cross-border level, exacerbated by weak governance arrangements for the EU retail payments market.

– Diverse and inconsistent charging practices (for the use of a specific payment instrument applied by merchants) between Member States (where around half of EU Member States allow and the other half forbids surcharging) leading to confusion for consumers when they shop abroad or on the internet and an un-level playing field.

– In the area of payment cards, several restrictive business rules and practices distorting competition (regardings MIFs and rules on choice and flexibility of merchants regarding card acceptance).

The identified problems described above have resulted in consequences for consumers, merchants, new payment services providers and the payment services market as a whole.

The impact assessment concluded that the best policy options to improve the existing situation by (i) facilitating the emergence of a competitive level playing field between incumbents and new providers of card, internet and mobile payments, (ii) increasing the efficiency, transparency and choice of payment instruments for payment services users (consumers and merchants) and (iii) ensuring a high level protection of the latter would be, with respect to the PSD:

– To reinforce the SEPA project and to empower all stakeholders to take a more active role in the conception and realisation of the retail payments policy (governance);

– To facilitate standardisation through adequate governance framework and through the better involvement of the European Standardisation Organisations (standardisation);

– To ensure legal certainty in the field of interchange fees for card-based payments and provide clarity on an acceptable business model for current and future payment initiatives based on cards (interchange fees);

– To abolish restrictive business rules for card payments which lead to market distortions (interchange fees flanking measures);

– To harmonise the Member States policies on surcharging in line with the regulatory decisions on interchange fees (interchange fees flanking measures);

– To define conditions of access to the information on the availability of funds for third party providers, including payment initiation services (scope of the PSD);

– To adjust the scope and improve the consistency of the legislative framework (scope of the PSD);

– To improve the implementation of the existing PSD (PSD fine-tuning measures);

– To reinforce the rights of PSUs and safeguard the consumer rights in view of the regulatory changes (scope of the PSD, interchange fee flanking measures).

The impact assessment received a positive opinion of the Impact Assessment Board during a hearing of 20 March 2013. In accordance with the Board recommendations, several changes were made to the document, notably in:

– substantiating the urgency for the revision of the Payment Services Directive (PSD) as well as the reasons for regulating MIF through legislation,

– streamlining the presentation of impacts by focussing on the impacts of the most important options in the main text and moving less significant issues to annexes,

– better explaining the interdependencies between different options and packages.

Most of the proposed policy measures are addressed in the current proposal. This applies especially to the areas already covered by the current rules in the PSD, e.g. market access for TPPs, surcharging and rules for payment institutions. Other measures, in particular the regulation of MIFs and ancillary measures, will be addressed by a dedicated legislative proposal, submitted in parallel.

Some measures described above should be addressed through non-legislative means, for example issues relating to the involvement of European Standardisation Organisations and SEPA governance.

The SEPA governance arrangements in place, including the role of the existing SEPA Council, an ad-hoc high level governing body, which has been put in place under the co-chairmanship of the Commission and the European Central bank for an initial period of three years in order to improve stakeholders’ involvement in SEPA, need to be strengthened. To this end, the mandate of the SEPA Council needs to be clarified, its composition reviewed and a better balance of interest of the supply and the demand side established, to ensure effective advice to Commission and the European Central Bank as regards the orientation of the SEPA project in the future and to facilitate the creation of an integrated, competitive and innovative market for retail payments, in particular in the Euro area. The Commission will work with the European Central Bank to identify appropriate ways to address the tasks, composition, chairmanship and functioning of the governance arrangements around SEPA.

3.           LEGAL ELEMENTS OF THE PROPOSAL

Legal basis

The current proposal is based on Article 114 TFEU.

Subsidiarity and proportionality

An integrated EU market for electronic retail payments market contributes to the aim of Article 3 of the Treaty on the European Union stipulating an internal market. Market integration is necessary to fully unlock a number of benefits for European citizens. These benefits include more competition between payment service providers and more choice, innovation and security for payment service users, especially consumers. An integrated payments market ultimately facilitates the cross-border provision of goods and services and thereby contributes to a genuine Single Market. The depth of revision of the Payment Services Directive is proportionate to the issues arisen to date. The Directive remains globally fit for purpose; at the same time, the EU legal framework needs to evolve to take due account of the latest technological and business developments in the area of retail payments.

By its nature, an integrated payments market, based on networks that reach beyond national borders, requires a Union-wide approach as the applicable principles, rules, processes and standards have to be consistent across all Member States in order to achieve legal certainty and a level playing field for all relevant market participants. Given the current fragmentation in the market, individual action at the level of Member States would not be able to achieve the aim of an integrated and efficient payment market for both domestic and cross-border goods and services.

The approach supports the further enhancement of the Single Euro Payments Area (SEPA) and is consistent with the Digital Agenda, in particular the creation of a Digital Single Market. It will promote technological innovation and contribute to new growth and jobs, in particular in the areas of e- and m-commerce.

4.           BUDGETARY IMPLICATION

The Directive has a budgetary impact as indicated in the Legislative Financial Statement attached to the proposal.

5.           Additional information

European Economic Area

The proposed act concerns an EEA matter and should therefore extend to the European Economic Area.

Explanatory documents

The proposed new Directive contains several adaptations to the existing Directive and certain new obligations for Member States with a fair margin of discretion with respect to the way these obligations are transposed in national law, such as the new provisions on security. Member States are therefore asked to provide explanatory documents in relation to the transposition measures to be adopted to allow the Commission to better identify the relevant national measures and monitoring the correct transposition of the Directive.

Detailed explanation of the proposal

The following short summary aims to facilitate the decision making process by sketching the main modifications compared to the to be repealed PSD:

Article 2 – Scope: It is proposed to extend the scope both as regards the geographical scope and currencies being covered.

Article 2(1): The PSD’s provisions on transparency and information requirements will also apply in relation to payment transactions to third countries, when only one of the payment service providers is located within the European Union (so called ‘one-leg transactions’), as regards those parts of the payments transaction which are carried out in the European Union.

Article 2(2): The PSD’s provisions on transparency and information requirements will be extended to apply to all currencies and not, as currently, only to EU currencies.

Article 3 – Negative scope: This provision clarifies and updates the ‘negative scope’ provided for in the current Directive, which exempts a number of payments (related) activities from the scope of the PSD:

Article 3(b): The ‘commercial agent’ exemption has been amended to only apply to commercial agents which act on behalf of either the payer or the payee, and not to those which act for both payer and the payee. The exemption under the current PSD has increasingly been used with regard to payment transactions handled by e-commerce platforms on behalf of both the seller (payee) and the buyer (payer). This use goes beyond the purpose of the exemption and should thus be further circumscribed.

Article 3(k): The ‘limited network’ exemption has increasingly been applied to large networks involving high payment volumes and ranges of products and services. This clearly goes beyond the original purpose of this exemption, leaving large volumes of payments outside the regulatory framework and creating a competitive disadvantage for regulated market actors. The new definition, which is in line with the definition of limited networks set out in Directive 2009/110/EC, should contribute to reducing these risks.

Article 3(l): The current digital content or ‘telecom’ exemption is redefined with a more restricted focus as it will apply exclusively to ancillary payment services carried out by providers of electronic communication networks or services, as for example telecom operators. The exemption will apply for the provision of digital content furnished by a third party, subject to certain thresholds set out in this directive. The new definition should ensure a level playing field between different providers and address in a more efficient way the consumer protection needs in the context of payments.

Deletion of old Article 3(o): The exemption of ATM services offered by independent ATM deployers from the PSD led to the creation of ATM networks where consumers were charged high fees for ATM withdrawals. It appears that this provision has provided incentives to the existing bank-owned ATM networks to cancel their current contractual relation with other payment service providers in order to be able to charge higher fees directly on consumers. Consequently, this exemption should be deleted.

Article 9 - Safeguarding requirements: These requirements will be streamlined and the safeguarding requirements for payment institutions licensed under the PSD will be harmonised further, in particular reducing current possibilities for Member States to limit safeguarding requirements and reduce the number of possible safeguarding methods with a view to an enhanced level playing field and improved legal certainty.

Article 14 – European electronic access point within EBA: A unique electronic access point should provide for enhanced transparency of authorised and registered payment institutions by providing for the interconnection at Union level of national public registers.

Article 27 – Conditions: The possibility to use a ‘lighter regime’ for ‘small payment institutions’ will be expanded to cover a higher number of small institutions, given that some Member States have had negative experiences (such as insolvency) with small payment service providers with activities beyond the current threshold for the waiver regime. The purpose is to achieve the right balance and on the one hand, avoid unnecessary regulatory burden for very small institutions and, on the other hand, making sure that payment services’ users enjoy an adequate level of protection.

Article 29 – Access to payment systems: This Article fine-tunes the rules around access to payment systems by clarifying the conditions of non-direct access of payment institutions to payment systems designated under Directive 98/26/EC (Settlement Finality Directive) in a way comparable to the access used by smaller credit institutions.

Article 55(3) and (4) – Charges applicable: This rule will harmonise surcharging practices further, taking due account of Directive 2011/83 on consumer rights and of the Commission proposal for a Regulation (EU) XXX of the European Parliament and of the Council on interchange fees for card-based payment transactions, which is being presented in parallel. The flexibility under the current PSD, allowing merchants to request from the payer a charge, offer him a reduction or otherwise steer him towards the use of the most efficient payment means, with the qualifier that Member States may forbid or limit any such surcharging for its territory, has led to extreme heterogeneity in the market. Thirteen Member States have used this option to prohibit surcharges under the current PSD. The different regimes in place in Member States create problems and confusion for merchants and consumers alike, notably when selling or purchasing goods and services cross-border via the internet. The proposed prohibition of surcharging is directly linked to the capping of interchange fees according to the abovementioned proposal for a Regulation on interchange fees for card-based transactions. Given the significant reduction of the fees that the merchant will have to pay to his bank, surcharging is no longer justified for the MIF-regulated cards which will represent more than 95% of the consumer card market. The proposed rules will thus contribute to a better consumer experience when paying with a card throughout the Union and to a greater usage of payment cards instead of use of cash.

As regards cards not subject to the Regulation of interchange fees as per the abovementioned proposal on interchange fees for card-based transactions, i.e. corporate cards and three-party scheme cards, merchants will still be allowed to surcharge, as long as the surcharge corresponds to the real cost incurred, taking due account of Directive 2011/83. Articles 65 and 66 – Payment service provider’s and payer’s liability for unauthorised payment transactions: The proposed modifications will streamline and further harmonise the liability rules in case of unauthorised transactions, , ensuring enhanced protection of the legitimate interests of payment users. Except in case of fraud and gross negligence, the maximum amount a payment user could under any circumstances be obliged to pay in case of an unauthorised payment transaction will be decreased from the current amount of 150 EUR to 50 EUR. It will also clarify that late payments do not necessarily trigger a refund.

Article 67 – Refunds for payment transactions initiated by or through a payee: This rule clarifies the refund right for direct debit transactions bringing it in line with the SEPA Core Direct Debit Rulebook, provided that the good or service paid for has not yet been consumed. Under the current rules, different refund regimes apply regarding direct debits, depending on whether a prior authorisation has been given, the amount exceeds the amount expected or whether, alternatively, a further right had been agreed.

Article 85 – Security measures: The proposed rules address security aspects and aspects of authentication in line with the Commission proposal for a Directive of the European Parliament and Council on Network and Information Security.

Title I-V and Annex I point 7: Coverage of new services and service providers enabling access to payment accounts - The current PSD does not cover these actors insofar as they do not dispose of the payer’s or payee’s fund at any time. The fact that these TPPs are currently unregulated, at least in certain Member States, has raised security, data protection and liability concerns, despite the potential benefits brought by these services and service providers. The proposal brings third party service providers offering notably online banking based payment initiation services under the scope of the PSD (Annex I point 7). This should enhance new low cost e-payment solutions on the internet while ensuring appropriate security, data protection and liability standards. In order to be allowed to provide payment initiation services, TPPs would be required to get licensed or registered and supervised as payment institutions (Title II. Like other payment service providers, they will be subject to harmonised rights and obligations, and in particular security requirements (Articles 85 and 86). The envisaged rules will in particular address conditions for access to account information (Article 58)requirements regarding authentication (Article 87) and rectification of transactions (Articles 63 and 64) and a balanced liability repartition (Articles 65 and 66). New payment services providers will benefit from this new regime, regardless of whether they dispose of the payer’s or payee’s funds at any time.

Chapter 6 - Out-of-Court complaint and redress procedures for the settlement of disputes - shall enhance effective compliance with the Directive. The new measures update the requirements on out of court complaint and redress procedures and appropriate penalties.

Article 92 – Sanctions: In line with other recent proposals in the financial services sector, Member States will be obliged to align administrative sanctions, ensure that appropriate administrative measures and sanctions are available for breaches of the Directive and ensure that these sanctions are duly applied.

European Banking Authority – The Directive contains several areas where work by EBA in its capacity of contributing to the consistent and coherent functioning of supervision is foreseen (as referred to in Regulation (EU) 1093/2010). In particular, EBA will be asked to issue guidelines and draft regulatory technical standards in various fields, for example in order to clarify the rules on ‘passporting’ for payment institutions operating in several Member States, or to ensure the establishment of adequate security requirements.

2013/0264 (COD)

Proposal for a

DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

on payment services in the internal market and amending Directives 2002/65/EC, 2013/36/EU and 2009/110/EC and repealing Directive 2007/64/EC

(Text with EEA relevance)

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national Parliaments,

Having regard to the opinion of the European Economic and Social Committee[17],

Having regard to the opinion of the European Central Bank[18]

After consulting the European Data Protection Supervisor,

Acting in accordance with the ordinary legislative procedure,

Whereas:

(1)       In recent years, significant progress has been achieved integrating retail payments in the Union, in particular in the context of the Union acts on payments, notably Directive 2007/64/EC of the European Parliament and of the Council[19], Regulation (EC) No 924/2009 of the European Parliament and of the Council[20], Directive 2009/110/EC of the European Parliament and of the Council[21], and Regulation (EU) No 260/2012 of the European Parliament and of the Council[22]. Directive 2011/83/EU of the European Parliament and of the Council[23] has further complemented the legal framework for payment services by setting a specific limit on the possibility for retailers to surcharge their customers for the use of a certain means of payment.

(2)       Directive 2007/64/EC has been adopted in December 2007 on the basis of a Commission proposal of December 2005. Since then, the retail payments market has experienced significant technical innovations with the rapid growth in the number of electronic and mobile payments and the emergence of new types of payments services in the market place.

(3)       The review of the Union legal framework on payment services and notably the analysis of the impact of Directive 2007/64/EC and the consultation on the Commission Green Paper “Towards an integrated European market for card, internet and mobile payments”[24] have shown that developments have given rise to important challenges from a regulatory perspective. Important areas of the payments market, in particular card payments, internet and mobile payments are often still fragmented along national borders. Many innovative payment products or services do not fall, entirely or in large parts, under the scope of Directive 2007/64/EC. Furthermore, the scope of Directive 2007/64/EC and in particular, the elements excluded therefrom, as certain payment-related activities from the general rules, proved in a few cases too ambiguous, too general or simply outdated, taking into account the market developments. This has resulted in legal uncertainty, potential security risks in the payment chain and a lack of consumer protection in certain areas. For innovative and easy-to-use digital payment services it has proven to be difficult to take off and provide consumers and retailers with effective, convenient and secure payment methods in the Union.

(4)       Establishing an integrated single market for electronic payments is crucial in order to ensure that consumers, merchants and companies enjoy the full benefits of the internal market, given the development of the digital economy.

(5)       New rules should be provided in order to close the regulatory gaps while at the same time providing for more legal clarity and ensuring a consistent application of the legislative framework across the Union. Equivalent operating conditions should be guaranteed to both existing and new players on the market, facilitating new means of payment to reach a broader market and ensuring a high level of consumer protection in the use of these payment services across the whole of the Union. This should lead to a downward trend in costs and prices for payment services users and more choice and transparency of payment services.

(6)       In recent years, the security risks related electronic payments have increased, which is due to the greater technical complexity of electronic payments, the continuously growing volumes of electronic payments worldwide and the emerging types of payment services. As safe and secure payment services constitute a vital condition for a well-functioning payment services market, users of payment services should be adequately protected against such risks. Payment services are essential for the maintenance of vital economic and societal activities and therefore payment services providers such as credit institutions have been qualified as market operators according to Article 3(8) of Directive [pls insert number of NIS Directive after adoption] of the European Parliament and of the Council[25].

(7)       In addition to the general measures to be taken at Member States' level in Directive [pls insert number of NIS Directive after adoption], the security risks related to payment transactions should also be addressed at the level of the payment service providers. The security measures to be taken by the payment service providers need to be proportionate to the security risks concerned. A regular reporting mechanism should be established, so as to ensure payment services should provide the competent authorities on an annual basis with updated information on the assessment of their security risks and the (additional) measures that they have taken in response to these risks. Furthermore, in order to ensure that damages to other payment service providers and payment systems, such as a substantial disruption of a payment system and to users is kept to a minimum, it is essential that payment service providers have the obligation to report within undue delay major security incidents to the European Banking Authority.

(8)       The revised regulatory framework for payment services is complemented by Regulation (EU) [XX/XX/XX] of the European Parliament and of the Council[26]. That Regulation introduces rules with regard to the charging of multilateral and bilateral interchange fees for all consumer debit and credit card transactions and electronic and mobile payments based on those transactions, and puts restrictions on the use of certain business rules with regard to card transactions. That Regulation aims at further accelerating the achievement of an effective integrated market for card based payments.

(9)       In order to avoid divergent approaches across Member States to the detriment of consumers, the provisions on transparency and information requirements for payment service providers in this Directive should also apply to transactions where the payer's or payee's payment service provider is located within the European Economic Area (hereinafter “EEA”) and the other payment service provider is located outside the EEA. It is also appropriate to extend the application of transparency and information provisions to transactions in all currencies between payment service providers that are located within the EEA.

(10)     The definition of payment services should be technologically neutral and allow for the further development of new types of payment services, while ensuring equivalent operating conditions for both existing and new payment service providers.

(11)     The exemption of payment transactions through a commercial agent on behalf of the payer or the payee, as established in Directive 2007/64/EC is being applied very differently in the Member States. Certain Member States allow the use of the exemption by e-commerce platforms that act as an intermediary on behalf of both individual buyers and sellers without a real margin to negotiate or conclude the sale or purchase of goods or services. That goes beyond the intended scope of the exemption and may increase risks for the consumers, as these providers remain outside the protection of the legal framework. Different application practices also distort competition in the payment market. The definition should become more precise and clearer to address these concerns.

(12)     Feedback from the market shows that the payment activities covered by the limited network exception often comprise massive payment volumes and values and offer to consumers hundreds or thousands of different products and services, which does not fit the purpose of the limited network exemption as provided for in Directive 2007/64/EC. That implies greater risks and no legal protection for payment service users, in particular for consumers and clear disadvantages for regulated market actors. A more precise description of a limited network, in line with Directive 2009/110/EC, is necessary in order to limit those risks. A payment instrument should thus be considered to be used within such a limited network if it can be used only either for the purchase of goods and services in a specific store or chain of stores, or for a limited range of goods or services, regardless of the geographical location of the point of sale. Such instruments could include store cards, petrol cards, membership cards, public transport cards, meal vouchers or vouchers for specific services, which are sometimes subject to a specific tax or labour legal framework designed to promote the use of such instruments to meet the objectives laid down in social legislation. Where such a specific-purpose instrument develops into a general purpose instrument, the exemption from the scope of this Directive should no longer apply. Instruments which can be used for purchases in stores of listed merchants should not be exempted from the scope of this Directive as such instruments are typically designed for a network of service providers which is continuously growing. The exemption should apply in combination with the obligation of potential payment service providers to notify activities falling within the scope of the definition of a limited network.

(13)     Directive 2007/64/EC exempts from its scope certain payment transactions by means of telecom or information technology devices where the network operator not only acts as an intermediary for the delivery of digital goods and services through the device in question, but also adds value to these goods or services. In particular, this exemption allows for so called operator billing or direct to phone-bill purchases which, starting with ringing tones and premium SMS-services, contributes to the development of new business models based on low-value sale of digital content. Feedback from the market shows no evidence that this payment method, trusted by consumers as convenient for low threshold payments, has developed into a general payment intermediation service. However, due to the ambiguous wording of the current exemption, this rule has been implemented differently in Member States. This translates into lack of legal certainty for operators and consumers and has occasionally allowed other payment intermediation services to claim eligibility for the exemption of the application of Directive 2007/64/EC. It is therefore appropriate to narrow down the scope of that Directive. The exemption should focus specifically on micro-payments for digital content, such as ringtones, wallpapers, music, games, videos, or applications. The exemption should only apply to payment services when provided as ancillary services to electronic communications services (i.e. the core business of the operator concerned).

(14)     Similarly, Directive 2007/64/EC exempted from its scope payment services offered by deployers of automated teller machines (hereinafter “ATMs”) independent from banks or other payment service providers. Originally devised as incentive to install stand-alone ATMs in remote and poorly populated areas by allowing them to charge extra fees on top of fees paid to the payment service providers that issued the card, the provision was not intended to be used by ATM providers with networks comprising hundreds or even thousands of ATMs, covering one or more Member States. It leads to non-application of that Directive to a growing part of the ATM market, with negative effects on the consumer protection. It also incentivises the existing ATM providers to redesign their business model and cancel the usual contractual relation with the payment service providers in order to charge higher fees directly on the consumers. Consequently, the exemption should be deleted.

(15)     Service providers seeking to benefit from an exemption under Directive 2007/64/EC often do not consult authorities on whether their activities are covered or exempted under that Directive but rely on their own assessments. It appears that some exemptions may have been used by payment service providers to redesign business models so that the payment activities offered would be outside the scope of that Directive. This may result in increased risks for payment service users and diverging conditions for payment service providers in the internal market. Service providers should therefore be obliged to notify certain activities to the competent authorities, to ensure a homogenous interpretation of the rules throughout the internal market.

(16)     It is important to include a requirement for potential payment service providers to notify their intention to provide activities in the framework of a limited network if the volume of payment transactions is above a certain threshold. Competent authorities should examine and take a motivated decision on the basis of the criteria set out in Article 3(k) whether those activities can be considered activities provided in the framework of a limited network.

(17)     The new rules should follow the approach taken in Directive 2007/64/EC, covering all types of electronic payment services. It is therefore still not appropriate that the new rules apply to services where the transfer of funds from the payer to the payee or their transport is executed solely in bank notes and coins or where the transfer is based on a paper cheque, paper-based bill of exchange, promissory note or other instrument, paper-based vouchers or cards drawn upon a payment service provider or other party with a view to placing funds at the disposal of the payee.

(18)     Since the adoption of Directive 2007/64/EC new types of payment services have emerged, especially in the area of internet payments. In particular, third party providers (hereinafter “TPPs”) have evolved, offering so-called payment initiation services to consumers and merchants, often without entering into the possession of the funds to be transferred. Those services facilitate the e-commerce payments by establishing a software bridge between the website of the merchant and the online banking platform of the consumer in order to initiate internet payments on the basis of credit transfers or direct debits. The TPPs offer a low-cost alternative to card payments for both merchants and consumers and provide consumers a possibility to shop online even if they do not possess credit cards. However, as TPPs are currently not subject to Directive 2007/64/EC, they are not necessarily supervised by a competent authority and do not follow the requirements of Directive 2007/64/EC. This raises a series of legal issues, such as consumer protection, security and liability as well as competition and data protection issues. The new rules should therefore respond to those issues.

(19)     Money remittance is a simple payment service that is usually based on cash provided by a payer to a payment service provider, which remits the corresponding amount, for example via communication network, to a payee or to another payment service provider acting on behalf of the payee. In some Member States supermarkets, merchants and other retailers provide to the public a corresponding service enabling the payment of utility and other regular household bills. Those bill-paying services should be treated as money remittance, unless the competent authorities consider the activity to fall under another payment service.

(20)     It is necessary to specify the categories of payment service providers which may legitimately provide payment services throughout the Union, namely, credit institutions which take deposits from users that can be used to fund payment transactions and which should continue to be subject to the prudential requirements under Directive 2013/36/EC of the European Parliament and of the Council[27], electronic money institutions which issue electronic money that can be used to fund payment transactions and which should continue to be subject to the prudential requirements under Directive 2009/110/EC, payment institutions and post office giro institutions which are so entitled under national law.

(21)     This Directive should lay down rules on the execution of payment transactions where the funds are electronic money as provided for in Directive 2009/110/EC. This Directive should, however, neither regulate issuance of electronic money nor amend the prudential regulation of electronic money institutions as provided for in that Directive. Therefore, payment institutions should not be allowed to issue electronic money.

(22)     Directive 2007/64/EC has established a prudential regime, introducing a single license for all providers of payment services which are not connected to taking deposits or issuing electronic money. To that end, Directive 2007/64/EC introduced a new category of payment service providers, "payment institutions", by providing for the authorisation, subject to a set of strict and comprehensive conditions, of legal persons outside the existing categories to provide payment services throughout the Union. Thus, the same conditions should apply Union-wide to such services.

(23)     The conditions for granting and maintaining authorisation as payment institutions have not substantially changed. As in Directive 2007/64/EC, the conditions include prudential requirements proportionate to the operational and financial risks faced by such bodies in the course of their business. In this connection, there is a need for a sound regime of initial capital combined with on-going capital which could be elaborated in a more sophisticated way in due course depending on the needs of the market. Due to the range of variety in the payments services area, this Directive should allow various methods combined with a certain range of supervisory discretion to ensure that the same risks are treated the same way for all payment service providers. The requirements for the payment institutions should reflect the fact that payment institutions engage in more specialised and limited activities, thus generating risks that are narrower and easier to monitor and control than those that arise across the broader spectrum of activities of credit institutions. In particular, payment institutions should be prohibited from accepting deposits from users and permitted to use funds received from users only for rendering payment services. The required prudential rules including the initial capital should be appropriate to the risk related to the respective payment service provided by the payment institution. Services solely enabling access to payment accounts, but without offering any accounts, should be considered of a medium risk with regard to the initial capital.

(24)     Provision should be made for client funds to be kept separate from the payment institution's funds for other business activities. However, safeguarding requirements seem only necessary when a payment institution is in possession of the clients’ funds. Payment institutions should also be subject to effective anti-money laundering and anti-terrorist financing requirements.

(25)     This Directive should not introduce changes in the obligations of payment institutions with regard to their account reporting and the account audits on their annual and consolidated accounts. Payment institutions should draw up their annual and consolidated accounts in accordance with Council Directive 78/660/EEC[28] and, where applicable, Council Directive 83/349/EEC[29] and Council Directive 86/635/EEC[30]. The annual accounts and consolidated accounts should be audited, unless the payment institution is exempted from this obligation under Directive 78/660/EEC and, where applicable, Directives 83/349/EEC and 86/635/EEC.

(26)     With technological developments a range of complementary services have also emerged in recent years, such as account information and account aggregation services. These services should also be covered by this Directive in order to provide consumers with adequate protection and legal certainty about their status.

(27)     Payment service providers when engaging in the provision of one or more of the payment services covered by this Directive should always hold payment accounts used exclusively for payment transactions. For payment institutions to be able to provide payment services, it is indispensable that they have access to payment accounts. Member States should ensure that such access is provided in a way proportionate to the legitimate aim it intends to serve.

(28)     This Directive should regulate the granting of credit by payment institutions, i.e. the granting of credit lines and the issuance of credit cards, only where it is closely linked to payment services. Only if credit is granted in order to facilitate payment services and such credit is of a short-term nature and is granted for a period not exceeding 12 months, including on a revolving basis, it is appropriate to allow payment institutions to grant such credit with regard to their cross-border activities, on condition that it is refinanced using mainly the payment institution's own funds, as well as other funds from the capital markets, but not the funds held on behalf of clients for payment services. Such rules should be without prejudice to Council Directive 2008/48/EC of the European Parliament and of the Council[31] or other relevant Union or national legislation regarding conditions for granting credit to consumers not harmonised by this Directive.

(29)     Overall, the functioning of the cooperation between the competent national authorities responsible for granting authorisations to payment institutions, carrying out controls and deciding on the withdrawal of those authorisations, has proven to work satisfactorily. However, the cooperation between the competent authorities should be enhanced, both with regard to the information exchanged as well as a coherent application and interpretation of the Directive, in cases where the authorised payment institution would like to provide payment services also in a Member State other than its home Member State, in exercise of the right of establishment or the freedom to provide services (“passporting”). The European Banking Authority (EBA) should be asked to prepare a set of guidelines on the cooperation and data exchange.

(30)     To enhance transparency on the payment institutions authorised by or registered with competent authorities, including their agents and branches, a web portal serving as European electronic access point should be established with EBA, interconnecting the national registers. These measures should aim at contributing to the enhancement of the cooperation between the competent authorities.

(31)     The availability of accurate, updated information should be enhanced by requiring payment institutions to inform the competent authority of their home state without undue delay of any changes affecting the accuracy of the information and evidence provided with regard to the authorisation, including additional agents, branches or entities to which activities are outsourced. The competent authorities should also verify, in case of doubts, that the information received is correct.

(32)     While this Directive specifies the minimum set of powers competent authorities should have when supervising the compliance of payment institutions, these powers are to be exercised with respect to fundamental rights, including the right to privacy. For the exercise of those powers which may amount to serious interferences with the right to respect private and family life, home and communications, Member States should have in place adequate and effective safeguards against any abuse or arbitrariness, for instance, where appropriate through prior authorisation from the judicial authority of the Member State concerned.

(33)     It is important to ensure that all persons providing remittance services are brought within the ambit of certain minimum legal and regulatory requirements. Thus, it is desirable to require the registration of the identity and whereabouts of all persons providing remittance services, including of persons which are unable to meet the full range of conditions for authorisation as payment institutions. This approach is in line with the rationale of Special Recommendation VI of the Financial Action Task Force on Money Laundering which foresees the provision of a mechanism whereby payment service providers unable to meet all conditions set out in that Recommendation may nevertheless be treated as payment institutions. For those purposes, Member States should enter such persons in the register of payment institutions while not applying all or part of the conditions for authorisation. However, it is essential to make the possibility of waiver subject to strict requirements relating to the volume of payment transactions. Payment institutions benefiting from a waiver should have neither the right of establishment nor the freedom to provide services, nor should they indirectly exercise those rights when being a member of a payment system.

(34)     It is essential for any payment service provider to be able to access the services of technical infrastructures of payment systems. Such access should, however, be subject to appropriate requirements in order to ensure integrity and stability of those systems. Each payment service provider applying for a participation in a payment system should furnish proof to the participants of the payment system that its internal arrangements are sufficiently robust against all kinds of risk. These payment systems typically include e.g. the four-party card schemes as well as major systems processing credit transfers and direct debits. In order to ensure equality of treatment throughout the Union as between the different categories of authorised payment service providers, according to the terms of their licence, it is necessary to clarify the rules concerning access to the provision of payment services and access to payment systems.

(35)     Provision should be made for the non-discriminatory treatment of authorised payment institutions and credit institutions so that any payment service provider competing in the internal market is able to use the services of the technical infrastructures of these payment systems under the same conditions. It is appropriate to provide for different treatment for authorised payment service providers and for those benefiting from a waiver under this Directive as well as from the waiver under the Article 3 of Directive 2009/110/EC, due to the differences in their respective prudential framework. In any case, differences in price conditions should be allowed only where this is motivated by differences in costs incurred by the payment service providers. This should be without prejudice to Member States' right to limit access to systemically important systems in accordance with Directive 98/26/EC of the European Parliament and of the Council[32] and without prejudice to the competence of the European Central Bank and the European System of Central Banks (ESCB) concerning access to payment systems.

(36)     In certain cases, Member States have granted indirect access to specific payment service providers to designated payment systems, in analogy to the provisions of Directive 98/26/EC. This decision is at the discretion of the Member State concerned. However, to ensure fair competition between payment service providers, this Directive should provide that where a Member State has granted a payment service provider indirect access to such systems, other payment service providers which are in the same situation should be benefit from the same, non-discriminatory treatment.

(37)     In recent years, certain three party payment systems in which the system acts as the sole payment service provider for both the payer and the payee, have become respectable players in the market for processing payments. It is therefore no longer justified to allow these systems to benefit from an exemption with regard to providing access to other payment service providers, where other payment systems cannot benefit from such exemption.

(38)     A set of rules should be established in order to ensure transparency of conditions and information requirements for payment services.

(39)     This Directive should apply neither to payment transactions made in cash since a single payments market for cash already exists nor to payment transactions based on paper cheques since, by their nature, these cannot be processed as efficiently as other means of payment. Good practice in this area should, however, be based on the principles set out in this Directive.

(40)     As consumers and enterprises are not in the same position, they do not need the same level of protection. While it is important to guarantee consumers' rights by provisions which cannot be derogated from by contract, it is reasonable to let enterprises and organisations agree otherwise when they are not dealing with consumers. However, Member States should have the possibility to provide that micro-enterprises, as defined by Commission Recommendation 2003/361/EC[33], should be treated in the same way as consumers. In any case, certain core provisions of this Directive should always be applicable irrespective of the status of the user.

(41)     This Directive should specify the obligations on payment service providers as regards the provision of information to the payment service users who should receive the same high level of clear information about payment services in order to make well-informed choices and be able to choose freely within the Union. In the interest of transparency this Directive should lay down the harmonised requirements needed to ensure that necessary and sufficient information is given to the payment service users with regard to the payment service contract and the payment transactions. In order to promote smooth functioning of the single market in payment services, Member States should be able to adopt only those information provisions laid down in this Directive.

(42)     Consumers should be protected against unfair and misleading practices in line with Directive 2005/29/EC of the European Parliament and the Council[34] as well as Directive 2000/31/EC of the European Parliament and the Council[35] and Directive 2002/65/EC of the European Parliament and the Council[36]. The additional provisions in those Directives continue to be applicable. However, the relationship of the pre-contractual information requirements between this Directive and Directive 2002/65/EC should, in particular, be clarified.

(43)     The information required should be proportionate to the needs of users and communicated in a standard format. However, the information requirements for a single payment transaction should be different from those of a framework contract which provides for the series of payment transactions.

(44)     In practice, framework contracts and the payment transactions covered by them are far more common and economically important than single payment transactions. If there is a payment account or a specific payment instrument, a framework contract is required. Therefore, the requirements for prior information on framework contracts should be quite comprehensive and information should always be provided on paper or on another durable medium, such as printouts by account printers, CD-ROMs, DVDs and hard drives of personal computers on which electronic mail can be stored, and Internet sites, as long as such sites are accessible for future reference for a period of time adequate for the purposes of information and allow the unchanged reproduction of the information stored. However, it should be possible for the payment service provider and the payment service user to agree in the framework contract on the manner in which subsequent information on executed payment transactions is given, for instance, that in Internet banking all information on the payment account is made available online.

(45)     In single payment transactions only the essential information should always be given on the payment service provider's own initiative. As the payer is usually present when he gives the payment order, it is not necessary to require that information should in every case be provided on paper or on another durable medium. The payment service provider may give information orally over the counter or make it otherwise easily accessible, for example by keeping the conditions on a notice board on the premises. Information should also be given on where other more detailed information is available (e.g. the address of the website). However, if the consumer so requests, the essential information should be given on paper or on another durable medium.

(46)     This Directive should provide for the consumer's right to receive relevant information free of charge before being bound by any payment service contract. The consumer should also be able to request prior information as well as the framework contract, on paper, free of charge at any time during the contractual relationship, so as to enable them to compare payment service providers' services and their conditions and in case of any dispute verify their contractual rights and obligations. Those provisions should be compatible with Directive 2002/65/EC. The explicit provisions on free information in this Directive should not have the effect of allowing charges to be imposed for the provision of information to consumers under other applicable Directives.

(47)     The way in which the required information is to be given by the payment service provider to the payment service user should take into account the needs of the latter as well as practical technical aspects and cost-efficiency depending on the situation with regard to the agreement in the respective payment service contract. Thus, this Directive should distinguish between two ways in which information is to be given by the payment service provider: either the information should be provided, i.e. actively communicated by the payment service provider at the appropriate time as required by this Directive without further prompting by the payment service user, or the information should be made available to the payment service user, taking into account any request he may have for further information. In the latter case, the payment service user should take some active steps in order to obtain the information, such as requesting it explicitly from the payment service provider, logging into bank account mail box or inserting a bank card into printer for account statements. For such purposes the payment service provider should ensure that access to the information is possible and that the information is available to the payment service user.

(48)     The consumer should receive basic information on executed payment transactions for no additional charge. In the case of a single payment transaction the payment service provider should not charge separately for this information. Similarly, the subsequent monthly information on payment transactions under a framework contract should be given free of charge. However, taking into account the importance of transparency in pricing and differing customer needs, the parties should be able to agree on charges for more frequent or additional information. In order to take into account different national practices, Member States should be allowed to set rules requiring that monthly paper-based statements of payment accounts are always to be given free of charge.

(49)     In order to facilitate customer mobility, it should be possible for consumers to terminate a framework contract after a year without incurring charges. For consumers, the period of notice agreed should be no longer than a month, and for payment service providers no shorter than two months. This Directive should be without prejudice to the payment service provider's obligation to terminate the payment service contract in exceptional circumstances under other relevant Union or national legislation, such as legislation on money laundering and terrorist financing, any action targeting the freezing of funds, or any specific measure linked to the prevention and investigation of crimes.

(50)     Low value payment instruments should be a cheap and easy-to-use alternative in the case of low-priced goods and services and should not be overburdened by excessive requirements. The relevant information requirements and rules on their execution should therefore be limited to essential information, taking also into account technical capabilities that can justifiably be expected from instruments dedicated to low value payments. Despite the lighter regime payment service users should benefit from adequate protection considering the limited risks posed by those payment instruments, especially with regard to prepaid payment instruments.

(51)     It is necessary to set up the criteria under which TPPs are allowed to access and use the information on the availability of funds on the payment service user account held with another payment service provider. In particular, necessary data protection and security requirements set or referred to in this Directive or included in the EBA guidelines should be fulfilled by both the TPP and the payment service provider servicing the account of the payment service user. The payers should give an explicit consent to the TPP to access their payment account and be properly informed about the extent of this access. To allow the development of other payment services providers which cannot receive deposits, it is necessary that credit institutions provide them with the information on the availability of funds if the payer has given consent for this information to be communicated to the payment service provider issuer of the payment instrument.

(52)     Rights and obligations of the payment service users and payment service providers should be appropriately adjusted to take account of the TPP involvement in the transaction whenever the payment initiation service is used. Specifically, a balanced liability repartition between the payment service provider servicing the account and the TPP involved in the transaction should compel them to take responsibility for the respective parts of the transaction that are under their control and clearly point to the responsible party in case of incidents. In case of fraud or dispute, the TPP should be under a specific obligation to provide the payer and the account servicing payment service provider with the reference of the transactions and the information of the authorisation relating to the transaction concerned.

(53)     In order to reduce the risks and consequences of unauthorised or incorrectly executed payment transactions the payment service user should inform the payment service provider as soon as possible about any contestations concerning allegedly unauthorised or incorrectly executed payment transactions provided that the payment service provider has fulfilled its information obligations under this Directive. If the notification deadline is met by the payment service user, it should be able to pursue those claims within the prescription periods pursuant to national law. This Directive should not affect other claims between payment service users and payment service providers.

(54)     In the case of unauthorized payment transactions the payer should be refunded immediately the amount of the respective transaction. In order to prevent the payer from any disadvantages, the credit value date of the refund should not be later than the date when the respective amount has been debited. In order to provide an incentive for the payment service user to notify, without undue delay, the provider of any theft or loss of a payment instrument and thus to reduce the risk of unauthorised payment transactions, the user should be liable only for a very limited amount, unless the payment service user has acted fraudulently or with gross negligence. In this context an amount of EUR 50 seems to be adequate in order to ensure a harmonized and a high level user protection within the Union. Moreover, once users have notified a payment service provider that their payment instrument may have been compromised, the users should not be required to cover any further losses stemming from unauthorised use of that instrument. This Directive should be without prejudice to the payment service providers' responsibility for technical security of their own products.

(55)     In order to assess possible negligence by the payment service user, account should be taken of all the circumstances. The evidence and degree of alleged negligence should generally be evaluated according to national law. Contractual terms and conditions relating to the provision and use of a payment instrument, the effect of which would be to increase the burden of proof on the consumer or to reduce the burden of proof on the issuer should be considered null and void. Moreover, in specific situations and notably where the payment instrument is not present at the point of sale, such as in the case of online payments over the internet, it is appropriate that the payment service provider is required to provide evidence of alleged negligence since the payer’s means are very limited to do so in such cases.

(56)     Provisions should be made for the allocation of losses in the case of unauthorised payment transactions. Except for cases of fraud and gross negligence, a consumer should never be obliged to pay more than a maximum of 50 EUR in case of an unauthorised transaction from his account. Different provisions may apply to payment service users who are not consumers, since such users are normally in a better position to assess the risk of fraud and take countervailing measures.

(57)     This Directive should lay down rules for a refund to protect the consumer when the executed payment transaction exceeds the amount which could reasonably have been expected. In order to prevent a financial disadvantage for the payer, it needs to be ensured that the credit value date of any refund is no later than the date when the respective amount has been debited. In the case of direct debits payment service providers should be able to provide even more favourable terms to their customers, who should have an unconditional right to a refund of any disputed payment transactions. However, this unconditional refund right which ensures the highest level of consumer protection is not justified in cases where the merchant has already fulfilled the contract and the corresponding good or service has already been consumed. In cases where the user makes a claim for the refund of a payment transaction refund rights should affect neither the liability of the payer vis-à-vis the payee from the underlying relationship, e.g. for goods or services ordered, consumed or legitimately charged, nor the users rights with regard to revocation of a payment order.

(58)     For financial planning and the fulfilment of payment obligations in due time, consumers and enterprises need to have certainty on the length of time that the execution of a payment order takes. Therefore, this Directive should introduce a point in time at which rights and obligations take effect, namely, when the payment service provider receives the payment order, including when he has had the opportunity to receive it through the means of communication agreed in the payment service contract, notwithstanding any prior involvement in the process leading up to the creation and transmission of the payment order, e.g. security and availability of funds checks, information on the use of the personal identity number or issuance of a payment promise. Furthermore, the receipt of a payment order should occur when the payer's payment service provider receives the payment order to be debited from the payer's account. The day or moment in time when a payee transmits to the service provider payment orders for the collection e.g. of card payment or of direct debits or when the payee is granted a pre-financing on the related amounts by the payment service provider (by way of a contingent credit to the account) should have no relevance in this respect. Users should be able to rely on the proper execution of a complete and valid payment order if the payment service provider has no contractual or statutory ground for refusal. If the payment service provider refuses a payment order, the refusal and the reason therefore should be communicated to the payment service user at the earliest opportunity subject to the requirements of Union and national law.

(59)     In view of the speed with which modern fully automated payment systems process payment transactions, which means that after a certain point in time payment orders cannot be revoked without high manual intervention costs, it is necessary to specify a clear deadline for payment revocations. However, depending on the type of the payment service and the payment order, the point in time may be varied by agreement between the parties. Revocation, in this context, should be applicable only to the relationship between a payment service user and payment service provider, thus being without prejudice to the irrevocability and finality of payment transactions in payment systems.

(60)     Such irrevocability should not affect a payment service provider's right or obligation under the laws of some Member States, based on the payer's framework contract or national laws, regulations, administrative provisions or guidelines, to reimburse the payer with the amount of the executed payment transaction in the event of a dispute between the payer and the payee. Such reimbursement should be considered to be a new payment order. Except for those cases, legal disputes arising within the relationship underlying the payment order should be settled only between the payer and the payee.

(61)     It is essential, for the fully integrated straight-through processing of payments and for legal certainty with respect to the fulfilment of any underlying obligation between payment service users, that the full amount transferred by the payer should be credited to the account of the payee. Accordingly, it should not be possible for any of the intermediaries involved in the execution of payment transactions to make deductions from the amount transferred. However, it should be possible for payees to enter into an agreement with their payment service provider under which the latter may deduct own charges. Nevertheless, in order to enable the payee to verify that the amount due is correctly paid, subsequent information provided on the payment transaction should indicate not only the full amount of funds transferred but also the amount of any charges.

(62)     With regard to charges, experience has shown that the sharing of charges between a payer and a payee is the most efficient system since it facilitates the straight-through processing of payments. Provision should therefore be made for charges to be levied, in the normal course, directly on the payer and the payee by their respective payment service providers. However, that should apply only where the payment transaction does not require currency exchange. The amount of any charges levied may also be zero as the provisions of this Directive should not affect the practice whereby the payment service provider does not charge consumers for crediting their accounts. Similarly, depending on the contract terms, a payment service provider may charge only the payee (merchant) for the use of the payment service, which has the effect that no charges are imposed on the payer. The charging by the payment systems may be in the form of a subscription fee. The provisions on the amount transferred or any charges levied have no direct impact on pricing between payment service providers or any intermediaries.

(63)     Different national practices concerning charging for the use of a given payment instrument (hereinafter “surcharging”) have led to extreme heterogeneity of the Union’s payments market and become a source of confusion for consumers, in particular in the e-commerce and cross-border context. Merchants located in Member States where surcharging is allowed offer products and services in Member States where it is prohibited and in this case still surcharge the consumer. Moreover, a strong rationale for revision of surcharging practices is supported by the fact that Regulation (EU) No xxx/yyyy establishes rules for multilateral interchange fees for card-based payments. As interchange fees are the main element making most card payments expensive and surcharging is in practice limited to card-based payments, the rules on interchange fees should be accompanied by a revision of surcharging rules. In order to promote cost transparency and the use of the most efficient payment instruments, Member States and payment service providers should not prevent the payee from requesting a charge from the payer for using a specific payment instrument, duly taking into account the provisions set out in Directive 2011/83/EU. However, the right of the payee to request a surcharge should only apply to those payment instruments for which interchange fees are not regulated. This should act as a steering mechanism towards the cheapest means of payments.

(64)     In order to improve the efficiency of payments throughout the Union, all payment orders initiated by the payer and denominated in euro or the currency of a Member State outside the euro area, including credit transfers and money remittances, should be subject to a maximum one-day execution time. For all other payments, such as payments initiated by or through a payee, including direct debits and card payments, in the absence of an explicit agreement between the payment service provider and the payer setting a longer execution time, the same one-day execution time should apply. It should be possible to extend those periods by an additional business day, if a payment order is given on paper. This allows the continued provision of payment services for those consumers who are used to paper documents only. When a direct debit scheme is used the payee's payment service provider should transmit the collection order within the time limits agreed between the payee and the payment service provider, enabling settlement at the agreed due date. In view of the fact that payment infrastructures are often highly efficient and in order to prevent any deterioration in current service levels, Member States should be allowed to maintain or set rules specifying an execution time shorter than one business day, where appropriate.

(65)     The provisions on execution for the full amount and execution time should constitute good practice where one of the service providers is not located in the Union.

(66)     It is essential for payment service users to know the real costs and charges of payment services in order to make their choice. Accordingly, the use of non-transparent pricing methods should not be allowed, since it is commonly accepted that those methods make it extremely difficult for users to establish the real price of the payment service. Specifically, the use of value dating to the disadvantage of the user should not be permitted.

(67)     The smooth and efficient functioning of the payment system depends on the user being able to rely on the payment service provider executing the payment transaction correctly and within the agreed time. Usually, the provider is in the position to assess the risks involved in the payment transaction. It is the provider that provides the payments system, makes arrangements to recall misplaced or wrongly allocated funds and decides in most cases on the intermediaries involved in the execution of a payment transaction. In view of all those considerations, it is entirely appropriate, except under abnormal and unforeseeable circumstances, to impose liability on the payment service provider in respect of execution of a payment transaction accepted from the user, except for the payee's payment service provider's acts and omissions for whose selection solely the payee is responsible. However, in order not to leave the payer unprotected in unlikely constellations where it may remain open (non liquet) whether the payment amount was duly received by the payee's payment service provider or not, the corresponding burden of proof should lie upon the payer's payment service provider. As a rule, it can be expected that the intermediary institution, usually a "neutral" body like a central bank or a clearing house, transferring the payment amount from the sending to the receiving payment service provider will store the account data and be able to furnish the latter whenever this may be necessary. Whenever the payment amount has been credited to the receiving payment service provider's account, the payee should immediately have a claim against the payment service provider for credit to the account.

(68)     The payer's payment service provider should assume liability for correct payment execution, including, in particular the full amount of the payment transaction and execution time, and full responsibility for any failure by other parties in the payment chain up to the account of the payee. As a result of that liability the payment service provider of the payer should, where the full amount is not or only late credited to the payee's payment service provider, correct the payment transaction or without undue delay refund to the payer the relevant amount of that transaction, without prejudice to any other claims which may be made in accordance with national law. Due to the payment service provider’s liability, the payer or payee should not be burdened with any costs related to the incorrect payment. In case of non-execution, defective or late execution of payment transactions, Member States should ensure that the value date of corrective payments of payment service providers is always the same as the value date in case of correct execution.

(69)     This Directive should concern only contractual obligations and responsibilities between the payment service user and the payment service provider. However, the proper functioning of credit transfers and other payment services requires that payment service providers and their intermediaries, such as processors, have contracts where their mutual rights and obligations are agreed upon. Questions related to liabilities form an essential part of these uniform contracts. To ensure the reliability among payment service providers and intermediaries taking part in a payment transaction, legal certainty is necessary to the effect that a non-responsible payment service provider is compensated for losses incurred or sums paid under the provisions of this Directive relating to liability. Further rights and details of content of recourse and how to handle claims towards the payment service provider or intermediary attributable to a defective payment transaction should be left to be defined by contractual arrangements.

(70)     It should be possible for the payment service provider to specify unambiguously the information required to execute a payment order correctly. On the other hand, however, in order to avoid fragmentation and jeopardising the setting-up of integrated payment systems in the Union, Member States should not be allowed to require a particular identifier to be used for payment transactions. However, this should not prevent Member States from requiring the payment service provider of the payer to act in due diligence and verify, where technically possible and without requiring manual intervention, the coherence of the unique identifier, and where the unique identifier is found to be incoherent, to refuse the payment order and inform the payer thereof. The liability of the payment service provider should be limited to the correct execution of the payment transaction in accordance with the payment order of the payment service user.

(71)     In order to facilitate effective fraud prevention and combat payment fraud across the Union, provision should be made for the efficient exchange of data between payment service providers who should be allowed to collect, process and exchange personal data relating to persons involved in payment fraud. Directive 95/46/EC of the European Parliament and of the Council[37], the national rules which transpose Directive 95/46/EC and Regulation (EC) No 45/2001 of the European Parliament and of the Council[38] are applicable to the processing of personal data for the purposes of this Directive.

(72)     This Directive respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, including the right to respect for private and family life, the right to protection of personal data, the freedom to conduct a business, the right to an effective remedy and the right not to be tried or punished twice in criminal proceedings for the same offence. This Directive has to be implemented in accordance with these rights and principles.

(73)     It is necessary to ensure the effective enforcement of the provisions of national law adopted pursuant to this Directive. Appropriate procedures should therefore be established by means of which it will be possible to pursue complaints against payment service providers which do not comply with those provisions and to ensure that, where appropriate, effective, proportionate and dissuasive sanctions are imposed. In view of ensuring an effective compliance with this Directive, Member States should designate competent authorities which comply with the conditions under Regulation (EU) No 1093/2010 of the European Parliament and of the Council [39] and which act independently from the payment service providers. For transparency reasons, Member States should notify the Commission which authorities have been designated, with a clear description of their duties under this Directive.

(74)     Without prejudice to the right of customers to bring action in the courts, Member States should ensure an easily accessible and cost-sensitive out-of-court resolution of conflicts between payment service providers and consumers arising from the rights and obligations set out in this Directive. Regulation (EC) No 593/2008 of the European Parliament and of the Council[40] provides that the protection afforded to consumers by the mandatory rules of the law of the country in which they have their habitual residence may not be undermined by any contractual terms on law applicable. With regard to establishing an efficient and effective dispute resolution procedure, Member States should ensure that payment service providers put in place an effective consumer complaint procedure that can be followed by their consumers before the dispute is referred to be resolved in an out-of-court procedure or before court. The complaints procedure should contain short and clearly defined timeframes within which the payment service provider should reply to a complaint.

(75)     Member States should determine whether the competent authorities designated for granting authorisation to payment institutions might also be the competent authorities with regard to out-of-court complaint and redress procedures.

(76)     This Directive should be without prejudice to provisions of national law relating to the consequences as regards liability of inaccuracy in the expression or transmission of a statement.

(77)     This Directive should be without prejudice to the provisions relating to the VAT treatment of payment services in Directive 2006/112/EC of the European Parliament and the Council[41].

(78)     In the interests of legal certainty, it is appropriate to make transitional arrangements allowing persons who have commenced the activities of payment institutions in accordance with the national law transposing Directive 2007/64/EC before the entry into force of this Directive to continue those activities within the Member State concerned for a specified period.

(79)     The power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union should be delegated to the Commission in respect of adapting the reference to Recommendation 2003/361/EC where that Recommendation is amended and in respect of updating, in case of inflation or significant market developments, the average amount of payment transactions executed by the payment service provider used as a threshold for Member States that apply the option to waive (parts) of the licencing requirements for smaller payment institutions. It is of particular importance that the Commission carries out appropriate consultations during its preparatory work, including at expert level. The Commission, when preparing and drawing up delegated acts, should ensure a simultaneous, timely and appropriate transmission of relevant documents to the European Parliament and to the Council.

(80)     In order to ensure consistent application of this Directive, the Commission should be able to rely on the expertise and support of EBA, which should have the task to elaborate guidelines and prepare regulatory technical standards on security aspects regarding payment services, and on the cooperation between Member States in the context of the provision of services and establishment of authorised payment institutions in other Member States. The Commission should be empowered to adopt those regulatory technical standards. These specific tasks are fully in line with the role and responsibilities of EBA defined in Regulation (EU) No 1093/2010, under which the EBA has been set up.

(81)     Since the objective of this Directive, namely, the further integration of a single market in payment services, cannot be sufficiently achieved by the Member States because it requires the harmonisation of a multitude of different rules currently existing in the legal systems of the various Member States and can therefore be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Directive does not go beyond what is necessary in order to achieve that objective.

(82)     In accordance with the Joint Political Declaration of Member States and the Commission of 28 September 2011 on explanatory documents[42], Member States have undertaken to accompany, in justified cases, the notification of their transposition measures with one or more documents explaining the relationship between the components of a Directive and the corresponding parts of national transposition instruments. With regard to this Directive, the legislator considers the transmission of such documents to be justified.

(83)     Given the number of changes that need to be made to Directive 2007/64/EC it is appropriate to repeal and replace it

HAVE ADOPTED THIS DIRECTIVE:

TITLE I SUBJECT MATTER, SCOPE AND DEFINITIONS

Article 1 Subject matter

1.           This Directive lays down the rules in accordance with which Member States shall distinguish the following six categories of payment service provider:

(a) credit institutions within the meaning of Article 4(1)(1) of Regulation (EU) No 575/2013 of the European Parliament and of the Council[43] , including branches within the meaning of Article 4(1)(17) of that Regulation located in the Union of credit institutions having their head offices inside or, in accordance with Article 47of Directive 2013/36/EU , outside the Union;

(b) electronic money institutions within the meaning of Article 2(1) of Directive 2009/110/EC;

(c) post office giro institutions which are entitled under national law to provide payment services;

(d) payment institutions within the meaning of Article 4(4) of this Directive;

(e) the European Central Bank and national central banks when not acting in their capacity as monetary authority or other public authorities;

(f) Member States or their regional or local authorities when not acting in their capacity as public authorities.

2.           This Directive also lays down rules concerning transparency of conditions and information requirements for payment services, and the respective rights and obligations of payment service users and payment service providers in relation to the provision of payment services as a regular occupation or business activity.

Article 2 Scope

1.           This Directive shall apply to payment services provided within the Union, where both the payer's payment service provider and the payee's payment service provider are, or the sole payment service provider in the payment transaction is, located therein. Article 78 and Title III shall also apply to payment transactions where only one of the payment service providers is located within the Union, in respect to those parts of the payments transaction which are carried out in the Union.

2.           Title III shall apply to payment services in any currency. Title IV shall apply to payment services made in euro or the currency of a Member State outside the euro area.

3.           Member States may waive the application of all or part of the provisions of this Directive to the institutions referred to in Article 2(5)(2)-(23) of Directive 2013/36/EU, with the exception of those referred to in paragraph 5(2) and (3) of that Article.

Article 3 Negative scope

This Directive shall not apply to any of the following:

(a) payment transactions made exclusively in cash directly from the payer to the payee, without any intermediary intervention;

(b) payment transactions from the payer to the payee through a commercial agent authorised to negotiate or conclude the sale or purchase of goods or services on behalf of either the payer or the payee;

(c) professional physical transport of banknotes and coins, including their collection, processing and delivery;

(d) payment transactions consisting of the non-professional cash collection and delivery within the framework of a non-profit or charitable activity;

(e) services where cash is provided by the payee to the payer as part of a payment transaction following an explicit request by the payment service user just before the execution of the payment transaction through a payment for the purchase of goods or services;

(f) cash-to-cash operations where the funds are not held on a payment account;

(g) payment transactions based on any of the following documents drawn on the payment service provider with a view to placing funds at the disposal of the payee:

i.        paper cheques governed by the Geneva Convention of 19 March 1931 providing a uniform law for cheques;

ii.       paper cheques similar to those referred to in point (i) and governed by the laws of Member States which are not party to the Geneva Convention of 19 March 1931 providing a uniform law for cheques;

iii.      paper-based drafts in accordance with the Geneva Convention of 7 June 1930 providing a uniform law for bills of exchange and promissory notes;

iv.      paper-based drafts similar to those referred to in point (iii) and governed by the laws of Member States which are not party to the Geneva Convention of 7 June 1930 providing a uniform law for bills of exchange and promissory notes;

v.       paper-based vouchers;

vi.      paper-based traveller's cheques;

vii.     paper-based postal money orders as defined by the Universal Postal Union;

(h) payment transactions carried out within a payment or securities settlement system between settlement agents, central counterparties, clearing houses and/or central banks and other participants of the system, and payment service providers, without prejudice to Article 29;

(i) payment transactions related to securities asset servicing, including dividends, income or other distributions, or redemption or sale, carried out by persons referred to in point (h) or by investment firms, credit institutions, collective investment undertakings or asset management companies providing investment services and any other entities allowed to have the custody of financial instruments;

(j) services provided by technical service providers, which support the provision of payment services, without them entering at any time into possession of the funds to be transferred, including processing and storage of data, trust and privacy protection services, data and entity authentication, information technology (IT) and communication network provision, provision and maintenance of terminals and devices used for payment services, with the exclusion of payment initiation services and account information services;

(k) services based on specific instruments that are designed to address precise needs that can be used only in a limited way, because they allow the specific instrument holder to acquire goods or services only in in the premises of the issuer or within a limited network of service providers under direct commercial agreement with a professional issuer or because they can be used only to acquire a limited range of goods or services;

(l) payment transactions carried out by a provider of electronic communication networks or services where the transaction is provided for a subscriber to the network or service and for purchase of digital content as ancillary services to electronic communications services, regardless of the device used for the purchase or consumption of the content, provided that the value of any single payment transaction does not exceed EUR 50 and the cumulative value of payment transactions does not exceed EUR 200 in any billing month;

(m) payment transactions carried out between payment service providers, their agents or branches for their own account;

(n) payment transactions between a parent undertaking and its subsidiary or between subsidiaries of the same parent undertaking, without any intermediary intervention by a payment service provider other than an undertaking belonging to the same group.

Article 4 Definitions

For the purposes of this Directive, the following definitions shall apply:

1.           ‘home Member State’ means either of the following:

i.        the Member State in which the registered office of the payment service provider is situated; or

ii.       if the payment service provider has, under its national law, no registered office, the Member State in which its head office is situated;

2.           ‘host Member State’ means the Member State other than the home Member State in which a payment service provider has an agent or a branch or provides payment services;

3.           ‘payment service’ means any business activity set out in Annex I;

4.           ‘payment institution’ means a legal person that has been granted authorisation in accordance with Article 10 to provide and execute payment services throughout the Union;

5.           ‘payment transaction’ means an act, initiated by the payer or on his behalf or by the payee, of placing, transferring or withdrawing funds, irrespective of any underlying obligations between the payer and the payee;

6.           ‘payment system’ means a funds transfer system with formal and standardised arrangements and common rules for the processing, clearing and/or settlement of payment transactions;

7.           ‘payer’ means a natural or legal person who holds a payment account and allows a payment order from that payment account, or, where there is no payment account, a natural or legal person who gives a payment order;

8.           ‘payee’ means a natural or legal person who is the intended recipient of funds which have been the subject of a payment transaction;

9.           ‘payment service provider’ means bodies referred to in Article 1(1) and legal and natural persons benefiting from the waiver under Article 27;

10.         ‘account servicing payment service provider’ means a payment service provider providing and maintaining payment accounts for a payer;

11.         ‘third party payment service provider’ means a payment service provider pursuing business activities referred to in point 7 of Annex I;

12.         ‘payment service user’ means a natural or legal person making use of a payment service in the capacity of either payer or payee, or both;

13.         ‘consumer’ means a natural person who, in payment service contracts covered by this Directive, is acting for purposes other than the trade, business or profession of that person;

14.         ‘framework contract’ means a payment service contract which governs the future execution of individual and successive payment transactions and which may contain the obligation and conditions for setting up a payment account;

15.         ‘money remittance’ means a payment service where funds are received from a payer, without any payment accounts being created in the name of the payer or the payee, for the sole purpose of transferring a corresponding amount to a payee or to another payment service provider acting on behalf of the payee, and/or where such funds are received on behalf of and made available to the payee;

16.         ‘payment account’ means an account held in the name of one or more payment service users which is used for the execution of payment transactions;     

17.         ‘funds’ means banknotes and coins, scriptural money and electronic money as defined in Article 2(2) of Directive 2009/110/EC;

18.         ‘payment order’ means any instruction by a payer or payee to his payment service provider requesting the execution of a payment transaction;

19.         ‘value date’ means a reference time used by a payment service provider for the calculation of interest on the funds debited from or credited to a payment account;

20.         ‘reference exchange rate’ means the exchange rate which is used as the basis to calculate any currency exchange and which is made available by the payment service provider or comes from a publicly available source;

21.         ‘authentication’ means a procedure which allows the payment service provider to verify the identity of a user of a specific payment instrument, including the use of its personalised security features or the checking of personalised identity documents;

22.         ‘strong customer authentication’ means a procedure for the validation of the identification of a natural or legal person based on the use of two or more elements categorised as knowledge, possession and inherence that are independent, in that the breach of one does not compromise the reliability of the others and is designed in such a way as to protect the confidentiality of the authentication data.

23.         ‘reference interest rate’ means the interest rate which is used as the basis for calculating any interest to be applied and which comes from a publicly available source which can be verified by both parties to a payment service contract;

24.         ‘unique identifier’ means a combination of letters, numbers or symbols specified to the payment service user by the payment service provider and to be provided by the payment service user to identify unambiguously the other payment service user and/or the payment account of that other payment service user for a payment transaction;

25.         ‘agent’ means a natural or legal person which acts on behalf of a payment institution in providing payment services;

26.         ‘payment instrument’ means any personalised device(s) and/or set of procedures agreed between the payment service user and the payment service provider and used in order to initiate a payment order;

27.         ‘means of distance communication’ refers to any means which, without the simultaneous physical presence of the payment service provider and the payment service user, may be used for the conclusion of a payment services contract;

28.         ‘durable medium’ means any instrument which enables the payment service user to store information addressed personally to of that payment service user in a way accessible for future reference for a period of time adequate to the purposes of the information and which allows the unchanged reproduction of the information stored;

29.         ‘micro-enterprise’ means an enterprise, which at the time of conclusion of the payment service contract, is an enterprise as defined in Article 1 and Article 2(1) and (3) of the Annex to Recommendation 2003/361/EC in the version of 6 May 2003;

30.         ‘business day’ means a day on which the relevant payment service provider of the payer or the payment service provider of the payee involved in the execution of a payment transaction is open for business as required for the execution of a payment transaction;

31.         ‘direct debit’ means a payment service for debiting a payer's payment account, where a payment transaction is initiated by the payee on the basis of the payer's consent given to the payee, to the payee's payment service provider or to the payer's own payment service provider;

32.         ‘payment initiation service’ means a payment service enabling access to a payment account provided by a third party payment service provider, where the payer can be actively involved in the payment initiation or the third party payment service provider’s software, or where payment instruments can be used by the payer or the payee to transmit the payer’s credentials to the account servicing payment service provider;

33.         ‘account information service’ means a payment service where consolidated and user-friendly information is provided to a payment service user on one or several payment accounts held by the payment service user with one or several account servicing payment service providers;

34.         ‘branch’ means a place of business other than the head office which is a part of a payment institution, which has no legal personality and which carries out directly some or all of the transactions inherent in the business of a payment institution; all the places of business set up in the same Member State by a payment institution with a head office in another Member State shall be regarded as a single branch;

35.         ‘group’ means a group of undertakings, which consists of a parent undertaking, its subsidiaries and the entities in which the parent undertaking or its subsidiaries have a holding as well as undertakings linked to each other by a relationship referred to in Article 12(1) of Directive 83/349/EEC;

36.         "electronic communication network" means a network as defined in Article 2(a) of Directive 2002/21/EC of the European Parliament and of the Council[44];

37.         "electronic communication service" means a service as defined in Article 2(c) of Directive 2002/21/EC;

38.         "digital content" means goods or service as defined in Article 2 (11) of Directive 2011/83/EU.

TITLE II PAYMENT SERVICE PROVIDERS

CHAPTER 1 Payment institutions

Section 1 General rules

Article 5 Applications for authorisation

For authorisation as a payment institution, an application shall be submitted to the competent authorities of the home Member State, together with the following:

(a) a programme of operations, setting out in particular the type of payment services envisaged;

(b) a business plan including a forecast budget calculation for the first three financial years which demonstrates that the applicant is able to employ the appropriate and proportionate systems, resources and procedures to operate soundly;

(c) evidence that the payment institution holds initial capital provided for in Article 6;

(d) for the payment institutions referred to in Article 9(1), a description of the measures taken for safeguarding payment service users' funds in accordance with Article 9;

(e) a description of the applicant's governance arrangements and internal control mechanisms, including administrative, risk management and accounting procedures, which demonstrates that these governance arrangements, control mechanisms and procedures are proportionate, appropriate, sound and adequate;

(f) a description of the procedure in place to monitor, handle and follow up a security incident and security related customer complaints, including an incidents reporting mechanism which takes account of the notification obligations of the payment institution laid down in Article 86;

(g) a description of the process in place to monitor, track and restrict access to sensitive payment data, and logical and physical critical resources;

(h) a description of business continuity arrangements including a clear identification the crucial operations, effective contingency plans and a procedure to regularly test and review the adequacy and efficiency of such plans;

(i) a description on the principles and definitions applied for the collection of the statistical data performance, transactions and fraud;

(j) a security policy document, a detailed risk assessment in relation to its payment services and a description of security control and mitigation measures taken to adequately protect the payment services users against the risks identified, including fraud and illegal use of sensitive and personal data;

(k) a description of the internal control mechanisms which the applicant has established in order to comply with obligations in relation to money laundering and terrorist financing under Directive 2005/60/EC of the European Parliament and of the Council[45]and Regulation (EC) No 1781/2006 of the European Parliament and of the Council[46];

(l) a description of the applicant's structural organisation, including, where applicable, a description of the intended use of agents and branches and a description of outsourcing arrangements, and of its participation in a national or international payment system;

(m) the identity of persons holding in the applicant, directly or indirectly, qualifying holdings within the meaning of Article 3(1)(33) of Directive 2013/36/EU, the size of their holdings and evidence of their suitability taking into account the need to ensure the sound and prudent management of a payment institution;

(n) the identity of directors and persons responsible for the management of the payment institution and, where relevant, persons responsible for the management of the payment services activities of the payment institution, as well as evidence that they are of good repute and possess appropriate knowledge and experience to perform payment services as determined by the home Member State of the payment institution;

(o) where applicable, the identity of statutory auditors and audit firms as defined in Directive 2006/43/EC of the European Parliament and of the Council[47];

(p) the applicant's legal status and articles of association;

(q) the address of the applicant's head office.

For the purposes of points (d), (e) (f) and (l), the applicant shall provide a description of its audit arrangements and the organisational arrangements it has set up with a view to taking all reasonable steps to protect the interests of its users and to ensure continuity and reliability in the performance of payment services.

The security control and mitigation measures referred to in point (j) shall indicate how they ensure a high level of technical security, including for the software and IT systems used by the applicant or the undertakings it sub-contracts to for the whole or part of its operations. Those measures shall also include the security measures laid down in Article 86(1). Those measures shall take into account the guidelines on security measures of the European Banking Authority (EBA) referred to in Article 86(2) when in place.

Article 6 Initial capital

Member States shall require payment institutions to hold, at the time of authorisation, initial capital, comprised of the items as referred to in Article 12 of Directive 2013/36/EU as follows:

(a) where the payment institution provides only the payment service as referred to in point 6 of Annex I, its capital shall at no time be less than EUR 20000;

(b) where the payment institution provides the payment service as referred to in point 7 of Annex I, its capital shall at no time be less than EUR 50000;

(c) where the payment institution provides any of the payment services as referred to in points 1 to 5 of Annex I, its capital shall at no time be less than EUR 125000.

Article 7  Own funds

1.           The payment institution's own funds may not fall below the amount required under Articles 6 or 8 of this Directive, whichever is the higher.

2.           Member States shall take the necessary measures to prevent the multiple use of elements eligible for own funds where the payment institution belongs to the same group as another payment institution, credit institution, investment firm, asset management company or insurance undertaking. This paragraph shall also apply where a payment institution has a hybrid character and carries out activities other than providing payment services.

3.           If the conditions laid down in Article 7 of Regulation (EU) No 575/2013 are met, Member States or their competent authorities may choose not to apply Article 8 of this Directive to payment institutions which are included in the consolidated supervision of the parent credit institution pursuant to Directive 2013/36/EU

Article 8

Calculation of own funds

1.           Notwithstanding the initial capital requirements set out in Article 6, Member States shall require payment institutions to hold, at all times, own funds calculated in accordance with one of the following three methods, as determined by the competent authorities in accordance with national legislation:

Method A

The payment institution's own funds shall amount to at least 10 % of its fixed overheads of the preceding year. The competent authorities may adjust that requirement in the event of a material change in a payment institution's business since the preceding year. Where a payment institution has not completed a full year's business at the date of the calculation, the requirement shall be that its own funds amount to at least 10 % of the corresponding fixed overheads as projected in its business plan, unless an adjustment to that plan is required by the competent authorities.

Method B

The payment institution's own funds shall amount to at least the sum of the following elements multiplied by the scaling factor k defined in paragraph 2, where payment volume (PV) represents one twelfth of the total amount of payment transactions executed by the payment institution in the preceding year:

(a) 4,0 % of the slice of PV up to EUR 5 million,

plus

(b) 2,5 % of the slice of PV above EUR 5 million up to EUR 10 million,

plus

(c) 1 % of the slice of PV above EUR 10 million up to EUR 100 million,

plus

(d) 0,5 % of the slice of PV above EUR 100 million up to EUR 250 million,

plus

(e) 0,25 % of the slice of PV above EUR 250 million.

Method C

The payment institution's own funds shall amount to at least the relevant indicator defined in point (a), multiplied by the multiplication factor defined in point (b) and by the scaling factor k defined in paragraph 2.

(a) The relevant indicator is the sum of the following:

– interest income,

– interest expenses,

– commissions and fees received, and

– other operating income.

Each element shall be included in the sum with its positive or negative sign. Income from extraordinary or irregular items may not be used in the calculation of the relevant indicator. Expenditure on the outsourcing of services rendered by third parties may reduce the relevant indicator if the expenditure is incurred from an undertaking subject to supervision under this Directive. The relevant indicator is calculated on the basis of the twelve-monthly observation at the end of the previous financial year. The relevant indicator shall be calculated over the previous financial year. Nevertheless own funds calculated according to Method C shall not fall below 80 % of the average of the previous three financial years for the relevant indicator. When audited figures are not available, business estimates may be used.

(b) The multiplication factor shall be:

i.        10 % of the slice of the relevant indicator up to EUR 2,5 million;

ii.       8 % of the slice of the relevant indicator from EUR 2,5 million up to EUR 5 million;

iii.      6 % of the slice of the relevant indicator from EUR 5 million up to EUR 25 million;

iv.      3 % of the slice of the relevant indicator from EUR 25 million up to 50 million;

v.       1,5 % above EUR 50 million.

2.           The scaling factor k to be used in Methods B and C shall be:

(a) 0,5 where the payment institution provides only the payment service listed in point 6 of -Annex I;

(b) 1 where the payment institution provides any of the payment services listed in points 1 to 5 or 7 ofAnnex I.

3.           The competent authorities may, based on an evaluation of the risk-management processes, risk loss data base and internal control mechanisms of the payment institution, require the payment institution to hold an amount of own funds which is up to 20 % higher than the amount which would result from the application of the method chosen in accordance with paragraph 1, or permit the payment institution to hold an amount of own funds which is up to 20 % lower than the amount which would result from the application of the method chosen in accordance with paragraph 1.

Article 9 Safeguarding requirements

1.           The Member States or competent authorities shall require a payment institution which provides any payment services and, insofar as it at the same time is engaged in other business activities referred to in Article 17(1)(c) to safeguard all funds which have been received from the payment service users or through another payment service provider for the execution of payment transactions, in either of the following ways:

(a) funds shall not be commingled at any time with the funds of any natural or legal person other than payment service users on whose behalf the funds are held and, where they are still held by the payment institution and not yet delivered to the payee or transferred to another payment service provider by the end of the business day following the day when the funds have been received, they shall be deposited in a separate account in a credit institution or invested in secure, liquid low-risk assets as defined by the competent authorities of the home Member State; and they shall be insulated in accordance with national law in the interest of the payment service users against the claims of other creditors of the payment institution, in particular in the event of insolvency;

(b) funds shall be covered by an insurance policy or some other comparable guarantee from an insurance company or a credit institution, which does not belong to the same group as the payment institution itself, for an amount equivalent to that which would have been segregated in the absence of the insurance policy or other comparable guarantee, payable in the event that the payment institution is unable to meet its financial obligations.

2.           Where a payment institution is required to safeguard funds under paragraph 1 and a portion of those funds is to be used for future payment transactions with the remaining amount to be used for non-payment services, that portion of the funds to be used for future payment transactions shall also be subject to the requirements under paragraph 1. Where that portion is variable or unknown in advance, Member States shall allow payment institutions to apply this paragraph on the basis of a representative portion assumed to be used for payment services provided such a representative portion can be reasonably estimated on the basis of historical data to the satisfaction of the competent authorities.

Article 10 Granting of authorisation

1.           Member States shall require undertakings other than those referred to in Article 1(1)(a), (b), (c), (e) and (f) and other than legal or natural persons benefiting from a waiver under Article 27, who intend to provide payment services, to obtain authorisation as a payment institution before commencing the provision of payment services. An authorisation shall only be granted to a legal person established in a Member State.

2.           An authorisation shall be granted if the information and evidence accompanying the application complies with all the requirements under Article 5 and if the competent authorities' overall assessment, having scrutinised the application, is favourable. Before an authorisation is granted, the competent authorities may, where relevant, consult the national central bank or other relevant public authorities.

3.           A payment institution which under the national law of its home Member State is required to have a registered office, shall have its head office in the same Member State as its registered office.

4.           The competent authorities shall grant an authorisation only if, taking into account the need to ensure the sound and prudent management of a payment institution, the payment institution has robust governance arrangements for its payment services business, which include a clear organisational structure with well-defined, transparent and consistent lines of responsibility, effective procedures to identify, manage, monitor and report the risks to which it is or might be exposed, and adequate internal control mechanisms, including sound administrative and accounting procedures; those arrangements, procedures and mechanisms shall be comprehensive and proportionate to the nature, scale and complexity of the payment services provided by the payment institution.

5.           Where a payment institution provides any of the payment services listed in Annex I and, at the same time, is engaged in other business activities, the competent authorities may require the establishment of a separate entity for the payment services business, where the non-payment services activities of the payment institution impair or are likely to impair either the financial soundness of the payment institution or the ability of the competent authorities to monitor the payment institution's compliance with all obligations laid down by this Directive.

6.           The competent authorities shall refuse to grant an authorisation if, taking into account the need to ensure the sound and prudent management of a payment institution, they are not satisfied as to the suitability of the shareholders or members that have qualifying holdings.

7.           Where close links as defined in Article 4(1)(38) of Regulation (EU) No 575/2013 exist between the payment institution and other natural or legal persons, the competent authorities shall grant an authorisation only if those links do not prevent the effective exercise of their supervisory functions.

8.           The competent authorities shall grant an authorisation only if the laws, regulations or administrative provisions of a third country governing one or more natural or legal persons with which the payment institution has close links, or difficulties involved in the enforcement of those laws, regulations or administrative provisions, do not prevent the effective exercise of their supervisory functions.

9.           An authorisation shall be valid in all Member States and shall allow the payment institution concerned to provide payment services throughout the Union, either under the freedom to provide services or the freedom of establishment, provided that such services are covered by the authorisation.

Article 11 Communication of the decision

Within three months of receipt of an application or, should the application be incomplete, of all the information required for the decision, the competent authorities shall inform the applicant whether the authorisation has been granted or refused. Reasons shall be given whenever an authorisation is refused.

Article 12 Withdrawal of authorisation

1.           The competent authorities may withdraw an authorisation issued to a payment institution only where the institution falls within the following cases:

(a) does not make use of the authorisation within 12 months, expressly renounces the authorisation or has ceased to engage in business for more than six months, if the Member State concerned has made no provision for the authorisation to lapse in such cases;

(b) has obtained the authorisation through false statements or any other irregular means;

(c) no longer fulfils the conditions for granting the authorisation or fails to inform the competent authority on major developments in this respect;

(d) would constitute a threat to the stability of or the trust in the payment system by continuing its payment services business;

(e) falls within one of the other cases where national law provides for withdrawal of an authorisation.

2.           Reasons shall be given for any withdrawal of an authorisation and those concerned shall be informed accordingly.

3.           The withdrawal of an authorisation shall be made public, including in the registers referred to in Articles 13 and 14.

Article 13 Registration in the home Member State

Member States shall establish a public register of authorised payment institutions, their agents and branches, as well as of natural and legal persons, their agents and branches, benefiting from a waiver under Article 27, and of the institutions referred to in Article 2(3) that are entitled under national law to provide payment services. They shall be entered in the register of the home Member State.

That register shall identify the payment services for which the payment institution is authorised or for which the natural or legal person has been registered. Authorised payment institutions shall be listed in the register separately from natural and legal persons that have been registered in accordance with Article 27. The register shall be publicly available for consultation, accessible online, and updated on a regular basis.

Article 14 Web portal with EBA

1.           A web portal serving as European electronic access point shall be established by EBA, interconnecting the public registers referred to in Article 13. EBA shall develop and operate the access point.

2.           The system of interconnection of public registers shall be composed of:

(a) the central registers of Member States;

(b) the portal serving as the European electronic access point.

3.           Member States shall ensure the access to their public registers via the access point.

4.           EBA shall develop draft regulatory technical standards setting technical requirements regarding access to the information contained in the public registers referred to in Article 13 at the Union level. EBA shall submit those draft regulatory technical standards to the Commission by […within two years of the date of entry into force of this Directive].

Power is conferred on the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with the procedure laid down in Articles 10 – 14 of Regulation (EU) No 1093/2010.

Article 15 Maintenance of authorisation

Where any change affects the accuracy of information and evidence provided in accordance with Article 5, the payment institution shall without undue delay inform the competent authorities of its home Member State accordingly.

Article 16 Accounting and statutory audit

1.           Directive 78/660/EEC and, where applicable, Directives 83/349/EEC and 86/635/EEC and Regulation (EC) 1606/2002 of the European Parliament and of the Council[48] shall apply to payment institutions mutatis mutandis.

2.           Unless exempted under Directive 78/660/EEC and, where applicable, Directives 83/349/EEC and 86/635/EEC, the annual accounts and consolidated accounts of payment institutions shall be audited by statutory auditors or audit firms within the meaning of Directive 2006/43/EC.

3.           For supervisory purposes, Member States shall require that payment institutions provide separate accounting information for payment services and activities referred to in Article 17(1), which shall be subject to an auditor's report. That report shall be prepared, where applicable, by the statutory auditors or an audit firm.

4.           The obligations established in Article 63 of Directive 2013/36/EU shall apply mutatis mutandis to the statutory auditors or audit firms of payment institutions in respect of payment services activities.

Article 17 Activities

1.           Apart from the provision of payment services, payment institutions shall be entitled to engage in the following activities:

(a) the provision of operational and closely related ancillary services such as ensuring the execution of payment transactions, foreign exchange services, safekeeping activities, and the storage and processing of data;

(b) the operation of payment systems, without prejudice to Article 29;

(c) business activities other than the provision of payment services, having regard to applicable Union and national law.

2.           When payment institutions engage in the provision of one or more of the payment services, they may hold only payment accounts used exclusively for payment transactions. Member States shall ensure that access to those payment accounts is proportionate.

3.           Any funds received by payment institutions from payment service users with a view to the provision of payment services shall not constitute a deposit or other repayable funds within the meaning of Article 9 of Directive 2013/36/EU, or electronic money within the meaning of Article 2(2) of Directive 2009/110/EC.

4.           Payment institutions may grant credit related to payment services referred to in points 4 or 5 of Annex I only if the following conditions are met:

(a) the credit shall be ancillary and granted exclusively in connection with the execution of a payment transaction;

(b) notwithstanding national rules on providing credit by credit cards, the credit granted in connection with a payment and executed in accordance with Article 10(9) and Article 26 shall be repaid within a short period which shall in no case exceed 12 months;

(c) such credit shall not be granted from the funds received or held for the purpose of executing a payment transaction;

(d) the own funds of the payment institution shall at all times and to the satisfaction of the supervisory authorities be appropriate in view of the overall amount of credit granted.

5.           Payment institutions shall not conduct the business of taking deposits or other repayable funds within the meaning of Article 9 of Directive 2013/36/EU.

6.           This Directive shall be without prejudice to Directive 2008/48/EC of the European Parliament and of the Council[49] or other relevant Union law or national measures regarding conditions for granting credit to consumers not harmonised by this Directive that is in conformity with Union law.

Section 2 Other requirements

Article 18 Use of agents, branches or entities to which activities are outsourced

1.           When a payment institution intends to provide payment services through an agent it shall communicate the following information to the competent authorities in its home Member State:

(a) the name and address of the agent;

(b) a description of the internal control mechanisms that will be used by agents in order to comply with the obligations in relation to money laundering and terrorist financing under Directive 2005/60/EC;

(c) the identity of directors and persons responsible for the management of the agent to be used in the provision of payment services and evidence that they are fit and proper persons.

2.           When the competent authorities receive the information in accordance with paragraph 1 then they shall list the agent in the register provided for in Article 13.

3.           Before listing the agent in the register, the competent authorities shall, if they consider that the information provided to them is incorrect, take further action to verify the information.

4.           If, after taking action to verify the information, the competent authorities are not satisfied that the information provided to them pursuant to paragraph 1 is correct, they shall refuse to list the agent in the register provided for in Article 13.

5.           If the payment institution wishes to provide payment services in another Member State by engaging an agent it shall follow the procedures set out in Article 26. In that case, before the agent may be registered under this Article, the competent authorities of the home Member State shall inform the competent authorities of the host Member State of their intention to register the agent and take their opinion into account.

6.           If the competent authorities of the host Member State have reasonable grounds to suspect that, in connection with the intended engagement of an agent or establishment of a branch, money laundering or terrorist financing within the meaning of Directive 2005/60/EC is taking place, has taken place or been attempted, or that the engagement of such agent or establishment of such branch could increase the risk of money laundering or terrorist financing, they shall so inform the competent authorities of the home Member State, which may refuse to register the agent or branch, or may withdraw the registration, if already made, of the agent or branch.

7.           Where a payment institution intends to outsource operational functions of payment services, it shall inform the competent authorities of its home Member State accordingly.

Outsourcing of important operational functions may not be undertaken in such way as to impair materially the quality of the payment institution's internal control and the ability of the competent authorities to monitor the payment institution's compliance with all obligations laid down in this Directive.

For the purposes of the second subparagraph, an operational function shall be regarded as important if a defect or failure in its performance would materially impair the continuing compliance of a payment institution with the requirements of its authorisation requested under this Title or its other obligations under this Directive, or its financial performance, or the soundness or the continuity of its payment services. Member States shall ensure that when payment institutions outsource important operational functions, the payment institutions comply with the following conditions:

(a) the outsourcing shall not result in the delegation by senior management of its responsibility;

(b) the relationship and obligations of the payment institution towards its payment service users under this Directive shall not be altered;

(c) the conditions with which the payment institution is to comply in order to be authorised and remain so in accordance with this Title shall not be undermined;

(d) none of the other conditions subject to which the payment institution's authorisation was granted shall be removed or modified.

8.           Payment institutions shall ensure that agents or branches acting on their behalf inform payment service users of this fact.

9.           Payment institutions shall inform the competent authorities of their home Member State without undue delay about any changes regarding the use of agents, including additional agents, branches or entities to which activities are outsourced and update the information referred to in paragraph 1 accordingly.

Article 19 Liability

1.           Member States shall ensure that, where payment institutions rely on third parties for the performance of operational functions, those payment institutions take reasonable steps to ensure that the requirements of this Directive are complied with.

2.           Member States shall require that payment institutions remain fully liable for any acts of their employees, or any agent, branch or entity to which activities are outsourced.

Article 20 Record-keeping

Member States shall require payment institutions to keep all appropriate records for the purpose of this Title for at least five years, without prejudice to Directive 2005/60/EC or other relevant Union legislation.

Section 3 Competent authorities and supervision

Article 21 Designation of competent authorities

1.           Member States shall designate as the competent authorities responsible for the authorisation and prudential supervision of payment institutions which are to carry out the duties provided for under this Title either public authorities, or bodies recognised by national law or by public authorities expressly empowered for that purpose by national law, including national central banks

The competent authorities shall guarantee independence from economic bodies and avoid conflicts of interest. Without prejudice to the first subparagraph, payment institutions, credit institutions, electronic money institutions, or post office giro institutions shall not be designated as competent authorities.

The Member States shall inform the Commission accordingly.

2.           Member States shall ensure that the competent authorities designated under paragraph 1 possess all the powers necessary for the performance of their duties.

3.           Where there is more than one competent authority for matters covered by this Title on its territory, Member States shall ensure that those authorities cooperate closely so that they can discharge their respective duties effectively. The same applies in cases where the authorities competent for matters covered by this Title are not the competent authorities responsible for the supervision of credit institutions.

4.           The tasks of the competent authorities designated under paragraph 1 shall be the responsibility of the competent authorities of the home Member State.

5.           Paragraph 1 shall not imply that the competent authorities are required to supervise business activities of the payment institutions other than the provision of payment services and the activities referred to in Article 17(1)(a).

Article 22 Supervision

1.           Member States shall ensure that the controls exercised by the competent authorities for checking continued compliance with this Title are proportionate, adequate and responsive to the risks to which payment institutions are exposed.

In order to check compliance with this Title, the competent authorities shall be entitled to take the following steps, in particular:

(a) to require the payment institution to provide any information needed to monitor compliance;

(b) to carry out on-site inspections at the payment institution, at any agent or branch providing payment services under the responsibility of the payment institution, or at any entity to which activities are outsourced;

(c) to issue recommendations, guidelines and, if applicable, binding administrative provisions;

(d) to suspend or withdraw authorisation in cases referred to in Article 12.

2.           Without prejudice to the procedures for the withdrawal of authorisations and the provisions of criminal law, the Member States shall provide that their respective competent authorities, may, as against payment institutions or those who effectively control the business of payment institutions which breach laws, regulations or administrative provisions concerning the supervision or pursuit of their payment service business, adopt or impose in respect of them penalties or measures aimed specifically at ending observed breaches or the causes of such breaches.

3.           Notwithstanding the requirements of Article 6, Article 7(1) and (2) and Article 8, Member States shall ensure that the competent authorities are entitled to take steps described under paragraph 1 of this Article to ensure sufficient capital for payment services, in particular where the non-payment services activities of the payment institution impair or are likely to impair the financial soundness of the payment institution.

Article 23 Professional secrecy

1.           Member States shall ensure that all persons working or who have worked for the competent authorities, as well as experts acting on behalf of the competent authorities, are bound by the obligation of professional secrecy, without prejudice to cases covered by criminal law.

2.           In the exchange of information in accordance with Article 25, professional secrecy shall be strictly applied to ensure the protection of individual and business rights.

3.           Member States may apply this Article taking into account, mutatis mutandis, Articles 53 to 61 of Directive 2013/36/EU.

Article 24 Right to apply to the courts

1.           Member States shall ensure that decisions taken by the competent authorities in respect of a payment institution pursuant to the laws, regulations and administrative provisions adopted in accordance with this Directive may be contested before the courts.

2.           Paragraph 1 shall apply also in respect of failure to act.

Article 25 Exchange of information

1.           The competent authorities of the different Member States shall cooperate with each other and, where appropriate, with the European Central Bank and the national central banks of the Member States, EBA and other relevant competent authorities designated under Union or national legislation applicable to payment service providers.

2.           Member States shall, in addition, allow the exchange of information between their competent authorities and the following:

(a) the competent authorities of other Member States responsible for the authorisation and supervision of payment institutions;

(b) the European Central Bank and the national central banks of Member States, in their capacity as monetary and oversight authorities, and, where appropriate, other public authorities responsible for overseeing payment and settlement systems;

(c) other relevant authorities designated under this Directive, Directive 2005/60/EC and other Union legislation applicable to payment service providers, such as legislation applicable to money laundering and terrorist financing;

(d) EBA, in its capacity of contributing to the consistent and coherent functioning of supervising mechanisms as referred to in Article 1(5)(a) of Regulation (EU) 1093/2010.

Article 26 Exercise of the right of establishment and freedom to provide services

1.           Any authorised payment institution wishing to provide payment services for the first time in a Member State other than its home Member State, in exercise of the right of establishment or the freedom to provide services, shall so inform the competent authorities in its home Member State.

Within one month of receiving that information, the competent authorities of the home Member State shall inform the competent authorities of the host Member State of the name and address of the payment institution, the names of those responsible for the management of the branch, its organisational structure and of the kind of payment services it intends to provide in the territory of the host Member State.

In order to carry out the controls and take the necessary steps provided for in Article 22 in respect of the agent, branch or entity to which activities are outsourced of a payment institution located in the territory of another Member State, the competent authorities of the home Member State shall cooperate with the competent authorities of the host Member State.

2.           By way of cooperation in accordance with paragraphs 1 and 2, the competent authorities of the home Member State shall notify the competent authorities of the host Member State whenever they intend to carry out an on-site inspection in the territory of the latter.

However, the competent authorities of the home Member State may delegate to the competent authorities of the host Member State the task of carrying out on-site inspections of the institution concerned.

3.           The competent authorities shall provide each other with all essential and/or relevant information, in particular in the case of infringements or suspected infringements by an agent, a branch or an entity to which activities are outsourced. In this regard, the competent authorities shall communicate, upon request, all relevant information and, on their own initiative, all essential information.

4.           Paragraphs 1 to 4 shall be without prejudice to the obligation of competent authorities under Directive 2005/60/EC and Regulation (EC) No 1781/2006, in particular under Article 37(1) of Directive 2005/60/EC and Article 15(3) of Regulation (EC) No 1781/2006 to supervise or monitor the compliance with the requirements laid down in those instruments.

5.           EBA shall issue guidelines addressed to competent authorities in accordance with Article 16 of Regulation (EU) No 1093/2010 on the elements to be taken into consideration when deciding whether the activity the payment institution notified intends to provide in another Member State under paragraph 1 of this Article would amount to the exercise of the right of establishment or freedom to provide services. Those guidelines shall be issued by […within two years of the date of entry into force of this Directive].

6.           EBA shall develop draft regulatory technical standards specifying the framework for the co-operation and exchange of information of competent authorities of the home Member State referred to in paragraph 1 of this Article with those of the host Member State in accordance with this Article and Article 18. The draft regulatory technical standards shall specify the method, means and details of cooperation in the notification of payment institutions operating on a cross border basis and notably the scope and treatment of information to be submitted, including a common terminology and standard notification templates to ensure a consistent and efficient notification process.

EBA shall submit those draft regulatory technical standards to the Commission by (insert date) [… within two years of the date of entry into force of this Directive].

7.           EBA shall develop draft regulatory technical standards specifying the framework for the cooperation and exchange of information of the competent authorities of the home Member State with those of the host Member State in accordance with paragraphs 2, 3 and 4 of this Article and Article 22. The draft regulatory technical standards shall specify the method, means and details of cooperation in the supervision of payment institutions operating on a cross border basis and notably the scope and treatment of information to be exchanged, to ensure consistent and efficient supervision of payment institutions exercising cross-border provision of payment services.

EBA shall submit those draft regulatory technical standards to the Commission by (insert date) […within two years of the date of entry into force of this Directive].

8.           Power is conferred on the Commission to adopt the regulatory technical standards referred to in paragraphs 6 and 7 in accordance with the procedure laid down in Articles 10 to 14 of Regulation (EU) No 1093/2010.

Section 4 Waiver

Article 27 Conditions

1.           Notwithstanding Article 13, Member States may waive or allow their competent authorities to waive the application of all or part of the procedure and conditions set out in Sections 1 to 3, with the exception of Articles 21, 23, 24 and 25, and allow natural or legal persons to be entered in the register provided for in Article 13, where:

(a) the average of the preceding 12 months' total amount of payment transactions executed by the person concerned, including any agent for which it assumes full responsibility, does not exceed EUR 1 million per month. That requirement shall be assessed on the projected total amount of payment transactions in its business plan, unless an adjustment to that plan is required by the competent authorities;

(b) none of the natural persons responsible for the management or operation of the business has been convicted of offences relating to money laundering or terrorist financing or other financial crimes.

2.           Any natural or legal person registered in accordance with paragraph 1 shall be required to have its head office or place of residence in the Member State in which it actually carries on its business.

3.           The persons referred to in paragraph 1 of this Article shall be treated as payment institutions, save that Article 10(9) and Article 26 shall not apply to them.

4.           Member States may also provide that any natural or legal person registered in accordance with paragraph 1 of this Article may engage only in certain activities listed in Article 17.

5.           The persons referred to in paragraph 1 of this Article shall notify the competent authorities of any change in their situation which is relevant to the conditions specified in that paragraph. Member States shall take the necessary steps to ensure that where the conditions set out in paragraphs 1, 2 and 4 are no longer fulfilled, the persons concerned shall seek authorisation within 30 calendar days in accordance with the procedure laid down in Article 10.

6.           Paragraphs 1 to 5 of this Article shall not be applied in respect of provisions of Directive 2005/60/EC or national anti-money-laundering provisions.

Article 28 Notification and information

If a Member State avails itself of the waiver provided for in Article 27, it shall notify the Commission accordingly by [insert date (the final date of transposition)]of its decision and it shall notify the Commission forthwith of any subsequent change. In addition, the Member State shall inform the Commission of the number of natural and legal persons concerned and, on an annual basis, of the total amount of payment transactions executed as of 31 December of each calendar year, as referred to in Article 27(1)(a).

CHAPTER 2 Common provisions

Article 29 Access to payment systems

1.           Member States shall ensure that the rules on access of authorised or registered payment service providers that are legal persons to payment systems shall be objective, non-discriminatory and proportionate and that those rules do not inhibit access more than is necessary to safeguard against specific risks such as settlement risk, operational risk and business risk and to protect the financial and operational stability of the payment system.

Payment systems shall not impose on payment service providers, on payment service users or on other payment systems any of the following requirements:

(a) any restrictive rule on effective participation in other payment systems;

(b) any rule which discriminates between authorised payment service providers or between registered payment service providers in relation to the rights, obligations and entitlements of participants;

(c) any restriction on the basis of institutional status.

2.           Paragraph 1 shall not apply to:

(a) payment systems designated under Directive 98/26/EC;

(b) payment systems composed exclusively of payment service providers belonging to a group composed of entities linked by capital where one of the linked entities enjoys effective control over the other linked entities.

For the purposes of point (a) of the first subparagraph of this paragraph, Member States shall ensure that where a designated payment system allows a payment service provider to pass transfer orders through the system via a direct participant, such indirect access to the system services shall, when requested, also be provided to other authorised or registered payment service providers in line with paragraph 1.

Article 30 Prohibition for persons other than payment service providers to provide payment services and duty of notification

1.           Member States shall prohibit natural or legal persons that are neither payment service providers nor explicitly excluded from the scope of this Directive from providing the payment services.

2.           Member States shall require that, before taking up an activity referred to in Article 3(k) for which the volume of payment transactions calculated in accordance with Article 27(1)(a) exceeds the threshold referred to therein, service providers notify their intention to the competent authorities and submit a request for recognition as a limited network.

Within one month from the date of receipt of the request for recognition, the competent authority shall take a motivated decision on the basis of the criteria referred to in Article 3(k) to recognise or not the activity as a limited network and inform the service provider accordingly. A summary of the decision shall be made publicly available in the public register provided for in Article 13.

The competent authorities shall inform the Commission of any decision taken in accordance with the second subparagraph.

TITLE III TRANSPARENCY OF CONDITIONS AND INFORMATION REQUIREMENTS FOR PAYMENT SERVICES

CHAPTER 1 General rules

Article 31 Scope

1.           This Title shall apply to single payment transactions, framework contracts and payment transactions covered by them. The parties may agree that it shall not apply in whole or in part when the payment service user is not a consumer.

2.           Member States may provide that the provisions in this Title shall be applied to micro enterprises in the same way as to consumers.

3.           This Directive shall be without prejudice to Directive 2008/48/EC or other relevant Union law or to national measures regarding conditions for granting credit to consumers not harmonised by this Directive that is in conformity with Union law.

Article 32 Other provisions in Union legislation

The provisions of this Title are without prejudice to any Union legislation containing additional requirements on prior information.

However, where Directive 2002/65/EC is also applicable, the information requirements set out in Article 3(1) of that Directive, with the exception of points (2)(c) to (g), (3)(a), (d) and (e), and (4)(b) of that paragraph shall be replaced by Articles 37, 38, 44 and 45 of this Directive.

Article 33 Charges for information

1.           The payment service provider shall not charge the payment service user for providing information under this Title.

2.           The payment service provider and the payment service user may agree on charges for additional or more frequent information, or transmission by means of communication other than those specified in the framework contract, provided at the payment service user's request.

3.           Where the payment service provider may impose charges for information in accordance with paragraph 2, they shall be appropriate and in line with the payment service provider's actual costs.

Article 34 Burden of proof on information requirements

Member States may stipulate that the burden of proof shall lie with the payment service provider to prove that it has complied with the information requirements set out in this Title.

Article 35 Derogation from information requirements for low-value payment instruments and electronic money

1.           In cases of payment instruments which, according to the framework contract, concern only individual payment transactions that do not exceed EUR 30 or that either have a spending limit of EUR 150 or store funds that do not exceed EUR 150 at any time:

(a) by way of derogation from Articles 44, 45 and 49, the payment service provider shall provide the payer only with information on the main characteristics of the payment service, including the way in which the payment instrument can be used, liability, charges levied and other material information needed to take an informed decision as well as an indication of where any other information and conditions specified in Article 45 are made available in an easily accessible manner;

(b) it may be agreed that, by way of derogation from Article 47, the payment service provider shall not be required to propose changes in the conditions of the framework contract in the same way as provided for in Article 44(1);

(c) it may be agreed that, by way of derogation from Articles 50 and 51, after the execution of a payment transaction:

(i)      the payment service provider shall provide or make available only a reference enabling the payment service user to identify the payment transaction, the amount of the payment transaction, any charges and/or, in the case of several payment transactions of the same kind made to the same payee, information on the total amount and charges for those payment transactions;

(ii)      the payment service provider shall not be required to provide or make available information referred to in point (i) if the payment instrument is used anonymously or if the payment service provider is not otherwise technically in a position to provide it. However, the payment service provider shall provide the payer with a possibility to verify the amount of funds stored.

2.           For national payment transactions, Member States or their competent authorities may reduce or double the amounts referred to in paragraph 1. For prepaid payment instruments, Member States may increase those amounts up to EUR 500.

CHAPTER 2 Single payment transactions

Article 36 Scope

1.           This Chapter shall apply to single payment transactions not covered by a framework contract.

2.           When a payment order for a single payment transaction is transmitted by a payment instrument covered by a framework contract, the payment service provider shall not be obliged to provide or make available information which is already given to the payment service user on the basis of a framework contract with another payment service provider or which will be given to him according to that framework contract.

Article 37 Prior general information

1.           Member States shall require that before the payment service user is bound by any single payment service contract or offer, the payment service provider, in an easily accessible manner, makes available to the payment service user the information and conditions specified in Article 38. At the payment service user's request, the payment service provider shall provide the information and conditions on paper or on another durable medium. The information and conditions shall be given in easily understandable words and in a clear and comprehensible form, in an official language of the Member State where the payment service is offered or in any other language agreed between the parties.

2.           If the single payment service contract has been concluded at the request of the payment service user using a means of distance communication which does not enable the payment service provider to comply with paragraph 1, the payment service provider shall fulfil its obligations under that paragraph immediately after the execution of the payment transaction.

3.           The obligations under paragraph 1 of this Article may also be discharged by supplying a copy of the draft single payment service contract or the draft payment order including the information and conditions specified in Article 38.

Article 38 Information and conditions

1.           Member States shall ensure that the following information and conditions are provided or made available to the payment service user:

(a) a specification of the information or unique identifier that has to be provided by the payment service user in order for a payment order to be properly initiated or executed;

(b) the maximum execution time for the payment service to be provided;

(c) all charges payable by the payment service user to the payment service provider and, where applicable, the breakdown of the amounts of any charges;

(d) where applicable, the actual or reference exchange rate to be applied to the payment transaction.

2.           Member States shall ensure that for payment initiation services, the third party payment service provider shall provide the payer with information about the service offered and contact information to the third party payment service provider.

3.           Where applicable, any other relevant information and conditions specified in Article 42 shall be made available to the payment service user in an easily accessible manner.

Article 39 Information for the payer and payee in case of a payment initiation service

Where a third party payment service provider, at the request of the payer, initiates a payment order, it shall provide or make available to the payer and, where applicable, the payee, immediately after initiation, the following data:

(a) a confirmation of the successful initiation of the payment order with the payer's account servicing payment service provider;

(b) a reference enabling the payer and the payee to identify the payment transaction and the payer, where appropriate, and any information transferred with the payment transaction;

(c) the amount of the payment transaction;

(d) where applicable, the amount of any charges for the payment transaction and, where applicable, a breakdown thereof.

Article 40 Information for the payer’s account servicing payment service provider in case of a payment initiation service

Where a payment order is initiated by the third party payment service provider’s own system, it shall in case of fraud or dispute make available to the payer and the account servicing payment service provider the reference of the transactions and the authorisation information.

Article 41 Information for the payer after receipt of the payment order

Immediately after receipt of the payment order, the payer's payment service provider shall provide or make available to the payer, in the same way as provided for in Article 37(1), the following data:

(a) a reference enabling the payer to identify the payment transaction and, where appropriate, information relating to the payee;

(b) the amount of the payment transaction in the currency used in the payment order;

(c) the amount of any charges for the payment transaction payable by the payer and, where applicable, a breakdown of the amounts of such charges;

(d) where applicable, the exchange rate used in the payment transaction by the payer's payment service provider or a reference thereto, when different from the rate provided in accordance with Article 38(1)(d), and the amount of the payment transaction after that currency conversion;

(e) the date of receipt of the payment order.

Article 42 Information for the payee after execution

Immediately after the execution of the payment transaction, the payee's payment service provider shall provide or make available to the payee, in the same way as provided for in Article 37(1), all of the following data:

(a) the reference enabling the payee to identify the payment transaction and, where appropriate, the payer and any information transferred with the payment transaction;

(b) the amount of the payment transaction in the currency in which the funds are at the payee's disposal;

(c) the amount of any charges for the payment transaction payable by the payee and, where applicable, a breakdown of the amount of such charges;

(d) where applicable, the exchange rate used in the payment transaction by the payee's payment service provider, and the amount of the payment transaction before that currency conversion;

(e) the credit value date.

CHAPTER 3 Framework contracts

Article 43 Scope

This Chapter applies to payment transactions covered by a framework contract.

Article 44 Prior general information

1.           Member States shall require that, in good time before the payment service user is bound by any framework contract or offer, the payment service provider provide the payment service user on paper or on another durable medium with the information and conditions specified in Article 45. The information and conditions shall be given in easily understandable words and in a clear and comprehensible form, in an official language of the Member State where the payment service is offered or in any other language agreed between the parties.

2.           If the framework contract has been concluded at the request of the payment service user using a means of distance communication which does not enable the payment service provider to comply with paragraph 1, the payment service provider shall fulfil its obligations under that paragraph immediately after the conclusion of the framework contract.

3.           The obligations under paragraph 1 may also be discharged by supplying a copy of the draft framework contract including the information and conditions specified in Article 45.

Article 45 Information and conditions

Member States shall ensure that the following information and conditions are provided to the payment service user:

1.           on the payment service provider:

(a) the name of the payment service provider, the geographical address of its head office and, where applicable, the geographical address of its agent or branch established in the Member State where the payment service is offered, and any other address, including electronic mail address, relevant for communication with the payment service provider;

(b) the particulars of the relevant supervisory authorities and of the register provided for in Article 13 or of any other relevant public register of authorisation of the payment service provider and the registration number, or equivalent means of identification in that register;

2.           on use of the payment service:

(a) a description of the main characteristics of the payment service to be provided;

(b) a specification of the information or unique identifier that has to be provided by the payment service user in order for a payment order to be properly initiated or executed;

(c) the form of and procedure for giving consent to initiate or execute a payment transaction and withdrawal of such consent in accordance with Articles 57 and 71;

(d) a reference to the point in time of receipt of a payment order as defined in Article 69 and the cut-off time, if any, established by the payment service provider;

(e) the maximum execution time for the payment services to be provided;

(f) whether there is a possibility to agree on spending limits for the use of the payment instrument in accordance with Article 60(1);

3.           on charges, interest and exchange rates:

(a) all charges payable by the payment service user to the payment service provider and, where applicable, the breakdown of the amounts of any charges;

(b) where applicable, the interest and exchange rates to be applied or, if reference interest and exchange rates are to be used, the method of calculating the actual interest, and the relevant date and index or base for determining such reference interest or exchange rate;

(c) if agreed, the immediate application of changes in reference interest or exchange rate and information requirements related to the changes in accordance with Article 47(2);

4.           on communication:

(a) where applicable, the means of communication, including the technical requirements for the payment service user's equipment and software, agreed between the parties for the transmission of information or notifications under this Directive;

(b) the manner in and frequency with which information under this Directive is to be provided or made available;

(c) the language or languages in which the framework contract will be concluded and communication during this contractual relationship undertaken;

(d) the payment service user's right to receive the contractual terms of the framework contract and information and conditions in accordance with Article 46;

5.           on safeguards and corrective measures:

(a) where applicable, a description of steps that the payment service user is to take in order to keep safe a payment instrument and how to notify the payment service provider for the purposes of Article 61(1)(b); and the secure procedure on notification of the customer by the payment service provider in case of suspected or actual fraud or security threats;

(b) if agreed, the conditions under which the payment service provider reserves the right to block a payment instrument in accordance with Article 60;

(c) the liability of the payer in accordance with Article 66, including information on the relevant amount;

(d) how and within what period of time the payment service user is to notify the payment service provider of any unauthorised or incorrectly initiated or executed payment transaction in accordance with Article 63 as well as the payment service provider's liability for unauthorised payment transactions in accordance with Article 65;

(e) the liability of the payment service provider for the initiation or execution of payment transactions in accordance with Article 80;

(f) the conditions for refund in accordance with Articles 67 and 68;

6.           on changes in and termination of framework contract:

(a) if agreed, information that the payment service user will be deemed to have accepted changes in the conditions in accordance with Article 47, unless he notifies the payment service provider that he does not accept them before the date of their proposed date of entry into force;

(b) the duration of the contract;

(c) the right of the payment service user to terminate the framework contract and any agreements relating to termination in accordance with Article 47(1) and Article 48;

7.           on redress:

(a) any contractual clause on the law applicable to the framework contract and/or the competent courts;

(b) the out-of-court complaint and redress procedures available to the payment service user in accordance with Articles 88 to 91.

Article 46 Accessibility of information and conditions of the framework contract

At any time during the contractual relationship the payment service user shall have a right to receive, on request, the contractual terms of the framework contract as well as the information and conditions specified in Article 45 on paper or on another durable medium.

Article 47 Changes in conditions of the framework contract

1.           Any changes in the framework contract as well as the information and conditions specified in Article 45, shall be proposed by the payment service provider in the same way as provided for in Article 44(1) and no later than two months before their proposed date of application.

Where applicable in accordance with point (a) of Article 45(6), the payment service provider shall inform the payment service user that he is to be deemed to have accepted these changes if he does not notify the payment service provider that he does not accept them before the proposed date of their entry into force. In this case, the payment service provider shall also specify that the payment service user has the right to terminate the framework contract immediately and without charge before the date of the proposed application of the changes.

2.           Changes in the interest or exchange rates may be applied immediately and without notice, provided that such a right is agreed upon in the framework contract and that the changes are based on the reference interest or exchange rates agreed on in accordance with points (b) and (c) of Article 45(3). The payment service user shall be informed of any change in the interest rate at the earliest opportunity in the same way as provided for in Article 44(1), unless the parties have agreed on a specific frequency or manner in which the information is to be provided or made available. However, changes in interest or exchange rates which are more favourable to the payment service users, may be applied without notice.

3.           Changes in the interest or exchange rate used in payment transactions shall be implemented and calculated in a neutral manner that does not discriminate against payment service users.

Article 48 Termination

1.           The payment service user may terminate the framework contract at any time, unless the parties have agreed on a period of notice. Such a period may not exceed one month.

2.           Termination of a framework contract concluded for a fixed period exceeding 12 months or for an indefinite period shall be free of charge for the payment service user after the expiry of 12 months. In all other cases charges for the termination shall be appropriate and in line with costs.

3.           If agreed in the framework contract, the payment service provider may terminate a framework contract concluded for an indefinite period by giving at least two months' notice in the same way as provided for in Article 44(1).

4.           Charges for payment services levied on a regular basis shall be payable by the payment service user only proportionally up to the termination of the contract. If such charges are paid in advance, they shall be reimbursed proportionally.

5.           The provisions of this Article are without prejudice to the Member States' laws and regulations governing the rights of the parties to declare the framework contract unenforceable or void.

6.           Member States may provide more favourable provisions for payment service users.

Article 49 Information before execution of individual payment transactions

In the case of an individual payment transaction under a framework contract initiated by the payer, a payment service provider shall, at the payer's request for this specific payment transaction, provide explicit information on the maximum execution time and the charges payable by the payer and, where applicable, a breakdown of the amounts of any charges.

Article 50 Information for the payer on individual payment transactions

1.           After the amount of an individual payment transaction is debited from the payer's account or, where the payer does not use a payment account, after the receipt of the payment order, the payer's payment service provider shall provide the payer without undue delay in the same way as laid down in Article 44(1) with the following information:

(a) a reference enabling the payer to identify each payment transaction and, where appropriate, information relating to the payee;

(b) the amount of the payment transaction in the currency in which the payer's payment account is debited or in the currency used for the payment order;

(c) the amount of any charges for the payment transaction and, where applicable, a breakdown thereof, or the interest payable by the payer;

(d) where applicable, the exchange rate used in the payment transaction by the payer's payment service provider, and the amount of the payment transaction after that currency conversion;

(e) the debit value date or the date of receipt of the payment order.

2.           A framework contract may include a condition that the information referred to in paragraph 1 is to be provided or made available periodically at least once a month and in an agreed manner which allows the payer to store and reproduce information unchanged.

3.           However, Member States may require payment service providers to provide information on paper once a month free of charge.

Article 51 Information for the payee on individual payment transactions

1.           After the execution of an individual payment transaction, the payee's payment service provider shall provide the payee without undue delay in the same way as laid down in Article 44(1) with the following information:

(a) the reference enabling the payee to identify the payment transaction and, where appropriate, the payer, and any information transferred with the payment transaction;

(b) the amount of the payment transaction in the currency in which the payee's payment account is credited;

(c) the amount of any charges for the payment transaction and, where applicable, a breakdown thereof, or the interest payable by the payee;

(d) where applicable, the exchange rate used in the payment transaction by the payee's payment service provider, and the amount of the payment transaction before that currency conversion;

(e) the credit value date.

2.           A framework contract may include a condition that the information referred to in paragraph 1 is to be provided or made available periodically at least once a month and in an agreed manner which allows the payee to store and reproduce information unchanged.

3.           However, Member States may require payment service providers to provide information on paper once a month free of charge.

CHAPTER 4 Common provisions

Article 52 Currency and currency conversion

1.           Payments shall be made in the currency agreed between the parties.

2.           Where a currency conversion service is offered prior to the initiation of the payment transaction and where that currency conversion service is offered at the point of sale or by the payee, the party offering the currency conversion service to the payer shall disclose to the payer all charges as well as the exchange rate to be used for converting the payment transaction.

The payer shall agree to the currency conversion service on that basis.

Article 53 Information on additional charges or reductions

1.           Where, for the use of a given payment instrument, the payee requests a charge or offers a reduction, the payee shall inform the payer thereof prior to the initiation of the payment transaction.

2.           Where, for the use of a given payment instrument, a payment service provider or a third party requests a charge, he shall inform the payment service user thereof prior to the initiation of the payment transaction.

TITLE IV RIGHTS AND OBLIGATIONS IN RELATION TO THE PROVISION AND USE OF PAYMENT SERVICES

CHAPTER 1 Common provisions

Article 54 Scope

1.           Where the payment service user is not a consumer, the payment service user and the payment service provider may agree that Article 55(1), Article 57(3), and Articles 64, 66, 67, 68, 71 and 80 shall not apply in whole or in part. The payment service user and the payment service provider may also agree on a time period different from that laid down in Article 63.

2.           Member States may provide that Article 91 does not apply where the payment service user is not a consumer.

3.           Member States may provide that provisions in this Title are applied to micro enterprises in the same way as to consumers.

4.           This Directive shall be without prejudice Directive 2008/48/EC or other relevant Union law or national legislation regarding conditions for granting credit to consumers not harmonised by this Directive that are in conformity with Union law.

Article 55 Charges applicable

1.           The payment service provider may not charge the payment service user for fulfilment of its information obligations or corrective and preventive measures under this Title, unless otherwise specified in Articles 70(1), 71(5) and 79(2). Those charges shall be agreed between the payment service user and the payment service provider and shall be appropriate and in line with the payment service provider's actual costs.

2.           Where a payment transaction does not involve any currency conversion, Member States shall require that the payee pays the charges levied by his payment service provider, and the payer pays the charges levied by his payment service provider.

3.           The payment service provider shall not prevent the payee from requesting from the payer a charge, offering him a reduction or otherwise steering him towards the use of a given payment instrument. Any charges applied shall, however, not exceed the costs borne by the payee for the use the specific payment instrument.

4.           However, Member States shall ensure that the payee shall not request charges for the use of payment instruments for which interchange fees are regulated under Regulation (EU) No [XX/XX/XX/] [OP please insert number of Regulation once adopted]

Article 56 Derogation for low value payment instruments and electronic money

1.           In the case of payment instruments which according to the framework contract, solely concern individual payment transactions not exceeding EUR 30 or which either have a spending limit of EUR 150 or store funds which do not exceed EUR 150 at any time payment service providers may agree with their payment service users that:

(a) Article 61(1)(b) and Article 62(1)(c) and (d) as well as Article 66(2) do not apply if the payment instrument does not allow its blocking or prevention of its further use;

(b) Articles 64, 65 and Article 66(1) and (2) do not apply if the payment instrument is used anonymously or the payment service provider is not in a position for other reasons which are intrinsic to the payment instrument to prove that a payment transaction was authorised;

(c) by way of derogation from Article 70(1), the payment service provider is not required to notify the payment service user of the refusal of a payment order, if the non-execution is apparent from the context;

(d) by way of derogation from Article 71, the payer may not revoke the payment order after transmitting the payment order or giving consent to execute the payment transaction to the payee;

(e) by way of derogation from Articles 74 and 75, other execution periods apply.

2.           For national payment transactions, Member States or their competent authorities may reduce or double the amounts referred to in paragraph 1. They may increase them for prepaid payment instruments up to EUR 500.

3.           Articles 65 and 66 of this Directive shall apply also to electronic money within the meaning of Article 2(2) of Directive 2009/110/EC, except where the payer's payment service provider does not have the ability to freeze the payment account or block the payment instrument. Member States may limit that derogation to payment accounts or payment instruments of a certain value.

CHAPTER 2 Authorisation of payment transactions

Article 57 Consent and withdrawal of consent

1.           Member States shall ensure that a payment transaction is considered to be authorised only if the payer has given consent to execute the payment transaction. A payment transaction may be authorised by the payer prior to or, if agreed between the payer and the payment service provider, after the execution of the payment transaction.

2.           Consent to execute a payment transaction or a series of payment transactions shall be given in the form agreed between the payer and the payment service provider. Consent may also be given directly or indirectly via the payee. Consent to execute a payment transaction shall also be considered given where the payer authorises a third party payment service provider to initiate the payment transaction with the account servicing payment service provider.

In the absence of consent, a payment transaction shall be considered to be unauthorised.

3.           Consent may be withdrawn by the payer at any time, but no later than the point in time of irrevocability under Article 71. Consent to execute a series of payment transactions may also be withdrawn with the effect that any future payment transaction is to be considered as unauthorised.

4.           The procedure for giving consent shall be agreed between the payer and the relevant payment service provider(s).

Article 58 Access to and use of payment account information by third party payment service provider

1.           Member States shall ensure that a payer has the right to make use of a third party payment service provider to obtain payment services enabling access to payment accounts as referred to in point (7) of Annex I.

2.           Where a third party payment service provider has been authorised by the payer to provide payment services under paragraph 1, he shall have the following obligations:

(a) to ensure that the personalised security features of the payment service user are not accessible to other parties;

(b) to authenticate itself in an unequivocal manner towards the account servicing payment service provider(s) of the account owner.

(c) not to store sensitive payment data or personalised security credentials of the payment service user.

3.           Where, for a payment initiation service, the account servicing payment service provider has received the payer’s payment order through the services of a third party payment service provider, it shall immediately notify the latter of the receipt of the payment order and provide information on the availability of sufficient funds for the specified payment transaction.

4.           Account servicing payment service providers shall treat payment orders transmitted through the services of a third party payment service provider without any discrimination for other than objective reasons in terms of timing and priority vis-à-vis payment orders transmitted directly by the payer himself.

Article 59 Access to and use of payment account information by third party payment instrument issuers

1.           Member States shall ensure that a payer has the right to make use of a third party payment instrument issuer to obtain payment card services.

2.           If the payer has given consent to a third party payment instrument issuer which has provided the payer with a payment instrument to obtain information on the availability of sufficient funds for a specified payment transaction on a specified payment account held by the payer, the account servicing payment service provider of the specified payment account shall provide such information to the third party payment instrument issuer immediately upon receipt of the payer's payment order.

3.           Account servicing payment service providers shall treat payment orders transmitted through the services of a third party payment instrument issuer without any discrimination for other than objective reasons in terms of timing and priority in respect of payment orders transmitted directly by the payer personally.

Article 60 Limits of the use of the payment instrument

1.           Where a specific payment instrument is used for the purposes of giving consent, the payer and the payer's payment service provider may agree on spending limits for payment transactions executed through that payment instrument.

2.           If agreed in the framework contract, the payment service provider may reserve the right to block the payment instrument for objectively justified reasons related to the security of the payment instrument, the suspicion of unauthorised or fraudulent use of the payment instrument or, in the case of a payment instrument with a credit line, a significantly increased risk that the payer may be unable to fulfil its liability to pay.

3.           In such cases the payment service provider shall inform the payer of the blocking of the payment instrument and the reasons for it in an agreed manner, where possible, before the payment instrument is blocked and at the latest immediately thereafter, unless giving such information would compromise objectively justified security reasons or is prohibited by other relevant Union or national legislation.

4.           The payment service provider shall unblock the payment instrument or replace it with a new payment instrument once the reasons for blocking no longer exist.

Article 61 Obligations of the payment service user in relation to payment instruments

1.           The payment service user entitled to use a payment instrument shall have the following obligations:

(a) to use the payment instrument in accordance with the objective, non-discriminatory and proportionate terms governing the issue and use of the payment instrument;

(b) to notify the payment service provider, or the entity specified by the latter, without undue delay on becoming aware of loss, theft or misappropriation of the payment instrument or of its unauthorised use.

2.           For the purposes of point (a) of paragraph 1, the payment service user shall, in particular, as soon as he in receipt of a payment instrument, take all reasonable steps to keep its personalised security features safe. The payment service users’ obligations of care shall not inhibit the use of any payment instrument and services authorised under this Directive.

Article 62 Obligations of the payment service provider in relation to payment instruments

1.           The payment service provider issuing a payment instrument shall have the following obligations:

(a) to make sure that the personalised security features of the payment instrument are not accessible to parties other than the payment service user entitled to use the payment instrument, without prejudice to the obligations on the payment service user set out in Article 61;

(b) to refrain from sending an unsolicited payment instrument, except where a payment instrument already given to the payment service user is to be replaced;

(c) to ensure that appropriate means are available at all times to enable the payment service user to make a notification pursuant to Article 61(1)(b) or request unblocking pursuant to Article 60(4); on request, the payment service provider shall provide the payment service user with the means to prove, for 18 months after notification, that he made such notification;

(d) to provide the payer with an option to make a notification pursuant to Article 61(1)(b) free of charge and to charge, if at all, only replacement costs directly attributed to the payment instrument;

(e) to prevent all use of the payment instrument once notification pursuant to Article 61(1)(b) has been made.

2.           The payment service provider shall bear the risk of sending a payment instrument to the payer or of sending any personalised security features of it.

Article 63 Notification of unauthorised or incorrectly executed payment transactions

1.           The payment service user shall obtain rectification from the account servicing payment service provider only if he notifies the payment service provider without undue delay on becoming aware of any unauthorised or incorrectly executed payment transactions giving rise to a claim, including that under Article 80, and no later than 13 months after the debit date, unless, where applicable, the payment service provider has failed to provide or make available the information on that payment transaction in accordance with Title III.

2.           Where a third party payment service provider is involved, the payment service user shall also obtain rectification from the account servicing payment service provider pursuant to paragraph 1 of this Article, without prejudice to Articles 65(2) and 80(1).

Article 64 Evidence on authentication and execution of payment transactions

1.           Member States shall require that, where a payment service user denies having authorised an executed payment transaction or claims that the payment transaction was not correctly executed, it is for the payment service provider and, if involved and as appropriate, the third party payment service provider, to prove that the payment transaction was authenticated, accurately recorded, entered in the accounts and not affected by a technical breakdown or some other deficiency.

If the payment transaction has been initiated through a third party payment service provider, the burden shall be on the latter to prove that the payment transaction was not affected by a technical breakdown or other deficiencies linked to the payment service it is in charge of.

2.           Where a payment service user denies having authorised an executed payment transaction, the use of a payment instrument recorded by the payment service provider, including the third party payment service provider as appropriate, shall in itself not necessarily be sufficient to prove either that the payment transaction was authorised by the payer or that the payer acted fraudulently or failed with intent or gross negligence to fulfil one or more of the obligations under Article 61.

Article 65 Payment service provider's liability for unauthorised payment transactions

1.           Member States shall ensure that, without prejudice to Article 63, in the case of an unauthorised payment transaction, the payer's payment service provider refunds to the payer immediately the amount of the unauthorised payment transaction and, where applicable, restores the debited payment account to the state in which it would have been had the unauthorised payment transaction not taken place. This shall also ensure that the credit value date for the payer’s payment account shall be no later than the date the amount had been debited.

2.           Where a third party payment service provider is involved, the account servicing payment service provider shall refund the amount of the unauthorised payment transaction and, where applicable, restore the debited payment account to the state in which it would have been had the unauthorised payment transaction not taken place. Financial compensation to the account servicing payment service provider by the third party payment service provider may be applicable.

3.           Further financial compensation may be determined in accordance with the law applicable to the contract concluded between the payer and the payment service provider or the contract concluded between the payer and the third party payment service provider if applicable.

Article 66 Payer's liability for unauthorised payment transactions

1.           By way of derogation from Article 65 the payer may be obliged to bear the losses relating to any unauthorised payment transactions, up to a maximum of EUR 50, resulting from the use of a lost or stolen payment instrument or from the misappropriation of a payment instrument.

The payer shall bear all the losses relating to any unauthorised payment transactions if incurred by acting fraudulently or by failing to fulfil one or more of the obligations set out in Article 61 with intent or gross negligence. In such cases, the maximum amount referred to in paragraph 1 of this Article shall not apply. For payments via a distance communication where the payment service provider does not require strong customer authentication, the payer shall only bear any financial consequences where having acted fraudulently. Should the payee or the payment service provider of the payee fail to accept strong customer authentication, they shall refund the financial damage caused to the payer’s payment service provider.

2.           The payer shall not bear any financial consequences resulting from use of the lost, stolen or misappropriated payment instrument after notification in accordance with Article 61(1)(b), except where having acted fraudulently. If the payment service provider does not provide appropriate means for the notification at all times of a lost, stolen or misappropriated payment instrument, as required under Article 62(1)(c), the payer shall not be liable for the financial consequences resulting from use of that payment instrument, except where having acted fraudulently.

Article 67 Refunds for payment transactions initiated by or through a payee

1.           Member States shall ensure that a payer is entitled to a refund from the payment service provider of an authorised payment transaction initiated by or through a payee which has already been executed, if the following conditions are met:

(a) the authorisation did not specify the exact amount of the payment transaction when the authorisation was made;

(b) the amount of the payment transaction exceeded the amount the payer could reasonably have expected taking into account the previous spending pattern, the conditions in the framework contract and relevant circumstances of the case.

At the payment service provider’s request, the payer shall bear the burden to prove such conditions are met.

The refund shall consist of the full amount of the executed payment transaction. This includes that the credit value date for the payer’s payment account is no later than the date the amount had been debited.

For direct debits the payer has an unconditional right for refund within the time limits set in Article 68, except where the payee has already fulfilled the contractual obligations and the services have already been received or the goods have already been consumed by the payer. At the payment service provider’s request, the payee shall bear the burden to prove that the conditions referred to in the third subparagraph.

2.           However, for the purposes of point (b) of the first subparagraph of paragraph 1, the payer may not rely on currency exchange reasons if the reference exchange rate agreed with his payment service provider in accordance with Articles 38(1)(d) and 45(3)(b) was applied.

3.           It may be agreed in a framework contract between the payer and the payment service provider that the payer has no right to a refund where having given consent to execute the payment transaction directly to the payment service provider and, where applicable, information on the future payment transaction was provided or made available in an agreed manner to the payer for at least four weeks before the due date by the payment service provider or by the payee.

Article 68 Requests for refunds for payment transactions initiated by or through a payee

1.           Member States shall ensure that the payer can request the refund referred to in Article 67 of an authorised payment transaction initiated by or through a payee for a period of eight weeks from the date on which the funds were debited.

2.           Within 10 business days of receiving a request for a refund, the payment service provider shall either refund the full amount of the payment transaction or provide justification for refusing the refund, indicating the bodies to which the payer may refer the matter in accordance with Articles 88 to 91 if not accepting the justification provided.

The payment service provider's right under the first subparagraph to refuse the refund shall not apply in the case set out in the fourth subparagraph of Article 67(1).

CHAPTER 3 Execution of payment transactions

Section 1 Payment orders and amounts transferred

Article 69 Receipt of payment orders

1.           Member States shall ensure that the point in time of receipt is the time when the payment order initiated directly by the payer or on his behalf by a third party payment service provider or indirectly by or through a payee is received by the payer's payment service provider. If the point in time of receipt is not on a business day for the payer's payment service provider, the payment order shall be deemed to have been received on the following business day. The payment service provider may establish a cut-off time near the end of a business day beyond which any payment order received shall be deemed to have been received on the following business day.

2.           If the payment service user initiating a payment order and the payment service provider agree that execution of the payment order shall start on a specific day or at the end of a certain period or on the day on which the payer has set funds at the payment service provider's disposal, the point in time of receipt for the purposes of Article 74 is deemed to be the agreed day. If the agreed day is not a business day for the payment service provider, the payment order received shall be deemed to have been received on the following business day.

Article 70 Refusal of payment orders

1.           Where the payment service provider refuses to execute a payment order, the refusal and, if possible, the reasons for it and the procedure for correcting any factual mistakes that led to the refusal shall be notified to the payment service user, unless prohibited by other relevant Union or national legislation.

The payment service provider shall provide or make available the notification in an agreed manner at the earliest opportunity, and in any case, within the periods specified in Article 74.

The framework contract may include a condition that the payment service provider may charge for such a notification if the refusal is objectively justified.

2.           Where all the conditions set out in the payer's framework contract are met, the payer's account servicing payment service provider shall not refuse to execute an authorised payment order irrespective of whether the payment order is initiated by a payer, on his behalf by a third party payment service provider or by or through a payee, unless prohibited by other relevant Union or national legislation.

3.           For the purposes of Articles 74 and 80 a payment order of which execution has been refused shall be deemed not to have been received.

Article 71 Irrevocability of a payment order

1.           Member States shall ensure that the payment service user may not revoke a payment order once it has been received by the payer's payment service provider, unless otherwise specified in this Article.

2.           Where the payment transaction is initiated by a third party payment service provider on behalf of the payer or by or through the payee, the payer may not revoke the payment order after giving consent to the third party payment service provider to initiate the payment transaction or transmitting the payment order or giving consent to execute the payment transaction to the payee.

3.           However, in the case of a direct debit and without prejudice to refund rights the payer may revoke the payment order at the latest by the end of the business day preceding the day agreed for debiting the funds.

4.           In the case referred to in Article 69(2) the payment service user may revoke a payment order at the latest by the end of the business day preceding the agreed day.

5.           After the time limits specified in paragraphs 1 to 4, the payment order may be revoked only if and in so far as agreed between the payment service user and the relevant payment service providers. In the case referred to in paragraphs 2 and 3, the payee's agreement shall also be required. If agreed in the framework contract, the relevant payment service provider may charge for revocation.

Article 72 Amounts transferred and amounts received

1.           Member States shall require the payment service provider(s) of the payer, the payment service provider(s) of the payee and any intermediaries of the payment service providers to transfer the full amount of the payment transaction and refrain from deducting charges from the amount transferred.

2.           However, the payee and the payment service provider may agree that the relevant payment service provider deduct its charges from the amount transferred before crediting it to the payee. In such a case, the full amount of the payment transaction and charges shall be separated in the information given to the payee.

3.           If any charges other than those referred to in paragraph 2 are deducted from the amount transferred, the payment service provider of the payer shall ensure that the payee receives the full amount of the payment transaction initiated by the payer. In cases where the payment transaction is initiated by or through the payee, the payment service provider shall ensure that the full amount of the payment transaction is received by the payee.

Section 2 Execution time and value date

Article 73 Scope

1.           This Section shall apply to:

(a) payment transactions in euro;

(b) national payment transactions in the currency of the Member State outside the euro area;

(c) payment transactions involving only one currency conversion between the euro and the currency of a Member State outside the euro area, provided that the required currency conversion is carried out in the Member State outside the euro area concerned and, in the case of cross-border payment transactions, the cross-border transfer takes place in euro.

2.           This Section shall apply to other payment transactions, unless otherwise agreed between the payment service user and the payment service provider, with the exception of Article 78, which is not at the disposal of the parties. However, when the payment service user and the payment service provider agree on a longer period than those laid down in Article 74, for intra-Union payment transactions such period shall not exceed 4 business days following the point in time of receipt in accordance with Article 69.

Article 74 Payment transactions to a payment account

1.           Member States shall require the payer's payment service provider to ensure that, after the point in time of receipt in accordance with Article 69, the amount of the payment transaction is credited to the payee's payment service provider's account at the latest by the end of the next business day. These periods may be extended by a further business day for paper-initiated payment transactions.

2.           Member States shall require the payment service provider of the payee to value date and make available the amount of the payment transaction to the payee's payment account after the payment service provider has received the funds in accordance with Article 78.

3.           Member States shall require the payee's payment service provider to transmit a payment order initiated by or through the payee to the payer's payment service provider within the time limits agreed between the payee and the payment service provider, enabling settlement, as far as direct debit is concerned, on the agreed due date.

Article 75 Absence of payee's payment account with the payment service provider

Where the payee does not have a payment account with the payment service provider, the funds shall be made available to the payee by the payment service provider who receives the funds for the payee within the period specified in Article 74.

Article 76 Cash placed on a payment account

Where a consumer places cash on a payment account with that payment service provider in the currency of that payment account, the payment service provider shall ensure that the amount is made available and value dated immediately after the point of time of the receipt of the funds. Where the payment service user is not a consumer, the amount shall be made available and value dated at the latest on the next business day after the receipt of the funds.

Article 77 National payment transactions

For national payment transactions, Member States may provide for shorter maximum execution times than those provided for in this Section.

Article 78 Value date and availability of funds

1.           Member States shall ensure that the credit value date for the payee's payment account is no later than the business day on which the amount of the payment transaction is credited to the payee's payment service provider's account.

The payment service provider of the payee shall ensure that the amount of the payment transaction is at the payee's disposal immediately after that amount is credited to the payee's payment service provider's account, also including payments within one payment service provider.

2.           Member States shall ensure that the debit value date for the payer's payment account is no earlier than the point in time at which the amount of the payment transaction is debited to that payment account.

Section 3 Liability

Article 79 Incorrect unique identifiers

1.           If a payment order is executed in accordance with the unique identifier, the payment order shall be deemed to have been executed correctly with regard to the payee specified by the unique identifier.

2.           If the unique identifier provided by the payment service user is incorrect, the payment service provider shall not be liable under Article 80 for non-execution or defective execution of the payment transaction.

3.           However the payer's payment service provider shall make reasonable efforts to recover the funds involved in the payment transaction.

4.           If agreed in the framework contract, the payment service provider may charge the payment service user for recovery.

5.           If the payment service user provides information additional to that specified in Articles 38(1)(a) or 45(2)(b), the payment service provider shall be liable only for the execution of payment transactions in accordance with the unique identifier provided by the payment service user.

Article 80 Non-execution, defective or late execution

1.           Where a payment order is directly initiated by the payer, the payment service provider shall, without prejudice to Article 63, Article 79(2) and (3), and Article 83, be liable to the payer for correct execution of the payment transaction, unless it can prove to the payer and, where relevant, to the payee's payment service provider that the payee's payment service provider received the amount of the payment transaction in accordance with Article 74(1). In that case, the payee's payment service provider shall be liable to the payee for the correct execution of the payment transaction.

Where a payment order is initiated by the payer through a third party payment service provider, the third party payment service provider shall, without prejudice to Article 63, Article 79(2) and (3), and Article 83, be liable to the payer for correct execution of the payment transaction, unless it can prove to the payer and, where relevant, to the payer’s account servicing payment service provider that the payment initiation was received by the payer’s account servicing payment service provider in accordance with Article 69. In that case, the payer’s account servicing payment service provider shall be liable to the payee for the correct execution of the payment transaction.

Where the payer's payment service provider or a third party payment service provider is liable under the first or the second subparagraph, the relevant payment service provider shall without undue delay refund to the payer the amount of the non-executed or defective payment transaction, and, where applicable, restore the debited payment account to the state in which it would have been had the defective payment transaction not taken place. The credit value date for the payer’s payment account shall be no later than the date the amount had been debited.

In case a payment transaction is executed late, the payer may decide that the amount is value dated on the payee’s payment account no later than the date the amount should have been value dated in case of correct execution.

Where the payee's payment service provider is liable under the first subparagraph, it shall immediately place the amount of the payment transaction at the payee's disposal and, where applicable, credit the corresponding amount to the payee's payment account. The amount shall be value dated no later than the date the amount should have been value dated in case of correct execution.

In the case of a non-executed or defectively executed payment transaction where the payment order is initiated by the payer, the payment service provider shall regardless of liability under this paragraph, on request, make immediate efforts to trace the payment transaction and notify the payer of the outcome. This shall be free of charge for the payer.

2.           Where a payment order is initiated by or through the payee, the payment service provider shall, without prejudice to Article 63, Article 79(2) and (3), and Article 83, be liable to the payee for correct transmission of the payment order to the payment service provider of the payer in accordance with Article 74(3). Where the payee's payment service provider is liable under this subparagraph, he shall immediately re-transmit the payment order in question to the payment service provider of the payer. In the case of a late transmission of the payment order, the amount shall be value dated on the payee’s payment account no later than the date the amount should have been value dated in case of correct execution.

In addition, the payment service provider of the payee shall, without prejudice to Article 63, Article 79(2) and (3), and Article 83, be liable to the payee for handling the payment transaction in accordance with its obligations under Article 78. Where the payee's payment service provider is liable under this subparagraph, it shall ensure that the amount of the payment transaction is at the payee's disposal immediately after that amount is credited to the payee's payment service provider's account. The amount shall be value dated on the payee’s payment account no later than the date the amount should have been value dated in case of correct execution.

In the case of a non-executed or defectively executed payment transaction for which the payee's payment service provider is not liable under the first and second subparagraphs, the payer's payment service provider shall be liable to the payer. Where the payer's payment service provider is so liable he shall, as appropriate and without undue delay, refund to the payer the amount of the non-executed or defective payment transaction and restore the debited payment account to the state in which it would have been had the defective payment transaction not taken place. The credit value date for the payer’s payment account shall be no later than the date the amount had been debited.

In the case of a late executed payment transaction, the payer may decide that the amount shall be value dated on the payee’s payment account no later than the date the amount should have been value dated in case of correct execution.

In the case of a non-executed or defectively executed payment transaction where the payment order is initiated by or through the payee, the payment service provider shall, regardless of liability under this paragraph, on request, make immediate efforts to trace the payment transaction and notify the payee of the outcome. This shall be free of charge for the payee.

3.           In addition, payment service providers shall be liable to their respective payment service users for any charges for which they are responsible, and for any interest to which the payment service user is subject as a consequence of non-execution or defective, including late, execution of the payment transaction.

Article 81 Additional financial compensation

Any financial compensation additional to that provided for under this Section may be determined in accordance with the law applicable to the contract concluded between the payment service user and the payment service provider.

Article 82 Right of recourse

1.           Where the liability of a payment service provider under Article 80 is attributable to another payment service provider or to an intermediary, that payment service provider or intermediary shall compensate the first payment service provider for any losses incurred or sums paid under Article 80. This shall include compensation where any of the payment service providers fail to use strong customer authentication.

2.           Further financial compensation may be determined in accordance with agreements between payment service providers and/or intermediaries and the law applicable to the agreement concluded between them.

Article 83 No liability

Liability under Chapters 2 and 3 shall not apply in cases of abnormal and unforeseeable circumstances beyond the control of the party pleading for the application of those circumstances, the consequences of which would have been unavoidable despite all efforts to the contrary, or where a payment service provider is bound by other legal obligations covered by national or Union legislation.

CHAPTER 4 Data protection

Article 84 Data protection

Any processing of personal data for the purposes of this Directive shall be carried out in accordance with Directive 95/46/EC, the national rules which transpose Directive 95/46/EC and Regulation (EC) No 45/2001.

CHAPTER 5 operational and security and Authentication

Article 85 Security requirements and incident notification

1.           Payment service providers are subject to Directive [NIS Directive] [OP please insert number of Directive once adopted] and notably to the risk management and incident reporting requirements in Articles 14 and 15 therein.

2.           The authority designated under Article 6(1) of Directive [NIS Directive] [OP please insert number of Directive once adopted] shall without undue delay inform the competent authority in the home Member State and EBA of the notifications of NIS incidents received from payment services providers.

3.           Upon receipt of the notification, and where relevant, EBA shall notify the competent authorities in the other Member States.

4.           In addition to the provisions of Article 14(4) of Directive [NIS Directive] [OP please insert number of Directive once adopted], where the security incident has the potential of impacting the financial interests of the payment service users of the payment service provider, it shall without undue delay notify its payment service users of the incident and inform them of possible mitigation measures that they can take on their side to mitigate the adverse effects of the incident.

Article 86 Implementation and reporting

1.           Member States shall ensure that payment service providers provide to the authority designated under Article 6(1) of Directive [NIS Directive] [OP please insert number of Directive once adopted] on a yearly basis updated information of the assessment of the operational and security risks associated with the payment services they provide and on the adequacy of the mitigation measures and control mechanisms implemented in response to these risks. The authority designated under Article 6(1) of Directive [NIS Directive] [OP please insert number of Directive once adopted] shall without undue delay transmit a copy of this information to the competent authority in the home Member State.

2.           Without prejudice to Articles 14 and 15 of Directive [NIS Directive] [OP please insert number of Directive once adopted], EBA shall, in close cooperation with the ECB, develop guidelines with regard to the establishment, implementation and monitoring of the security measures, including certification processes when relevant. It shall, inter alia, take into account the standards and/or specifications published by the Commission under Article 16(2) of Directive [NIS Directive] [OP please insert number of Directive once adopted].

3.           EBA shall, in close cooperation with the ECB, review the guidelines on a regularly basis, but at least every two years.

4.           Without prejudice to Articles 14 and 15 of Directive [NIS Directive] [OP please insert number of Directive once adopted], EBA shall issue guidelines to facilitate payment service providers in qualifying major incidents and the circumstances under which a payment institution is required to notify a security incident. Those guidelines shall be issued by (insert date - two years of the date of entry into force of this Directive).

Article 87 Authentication

1.           Member States shall ensure that a payment service provider applies strong customer authentication when the payer initiates an electronic payment transaction unless EBA guidelines allow specific exemptions based on the risk involved in the provided payment service. This also applies to a third party payment service provider when initiating a payment transaction on behalf of the payer. The account servicing payment service provider shall allow the third party payment service provider to rely on the authentication methods of the former when acting on behalf of the payment service user.

2.           Where a payment service provider provides services referred to in point 7 of Annex I, it shall authenticate itself towards the account servicing payment service provider of the account owner.

3.           EBA shall, in close cooperation with the ECB, issue guidelines addressed to payment service providers as set out in Article 1(1) of this Directive in accordance with Article 16 of Regulation (EU) No 1093/2010 on state of the art customer authentication and any exemption to the use of strong customer authentication. Those guidelines shall be issued by (insert date - two years from the date of entry into force of this Directive) and be updated on a regular basis as appropriate.

CHAPTER 6 Out-of-court complaint and redress procedures for the settlement of disputes

Section 1 Complaint procedures

Article 88 Complaints

1.           Member States shall ensure that procedures are set up which allow payment service users and other interested parties, including consumer associations, to submit complaints to the competent authorities with regard to payment service providers' alleged infringements of this Directive.

2.           Where appropriate and without prejudice to the right to bring proceedings before a court in accordance with national procedural law, the reply from the competent authorities shall inform the complainant of the existence of the out-of-court complaint and redress procedures set up in accordance with Article 91.

Article 89 Competent authorities

1.           Member States shall designate competent authorities to ensure and monitor effective compliance with this Directive. Those competent authorities shall take all necessary measures to ensure such compliance. They shall be independent from payment service providers. They shall be competent authorities within the meaning of Article 4(2) of Regulation (EU) 1039/2010.

2.           The authorities referred to in paragraph 1 shall possess all the powers necessary for the performance of their duties. Where more than one competent authority is empowered to ensure and monitor effective compliance with this Directive, Member States shall ensure that those authorities collaborate closely so that they can discharge their respective duties effectively.

3.           In the event of infringement or suspected infringement of the provisions of national law adopted pursuant to Titles III and IV, the competent authorities referred to in paragraph 1 of this Article shall be those of the home Member State of the payment service provider, except for agents and branches conducted under the right of establishment where the competent authorities shall be those of the host Member State.

4.           Member States shall notify the Commission of the designated competent authorities referred to in paragraph 1 by [… one year after entry into force of this Directive] at the latest. They shall inform the Commission of any division of duties of those authorities. They shall immediately notify the Commission of any subsequent change concerning the designation and respective competences of those authorities.

Section 2 Out-of-court redress procedures and sanctions

Article 90 Internal dispute resolution

1.           Member States shall ensure that payment service providers put in place adequate and effective consumer complaint resolution procedures for the settlement of complaints of payment service users concerning the rights and obligations arising under this Directive.

2.           Member States shall require that payment service providers make every possible effort to reply, in writing, to the payment service users’ complaints, addressing all points raised, within an adequate timeframe and at the latest within 15 business days. In exceptional situations, if the answer cannot be given within 15 business days for reasons beyond the control of the payment service provider, it shall be required to send a holding reply, clearly indicating the reasons for a delay in answering to the complaint and specifying the deadline by which the consumer will receive the final reply. That deadline may not, in any case, exceed another 30 business days.

3.           The payment service provider shall inform the payment service user about the out-of-court redress entities which are competent to deal with disputes concerning the rights and obligations arising under this Directive.

4.           The information referred to in paragraph 2 shall be mentioned in an easily, directly, prominently and permanently accessible way on the website of the payment service provider, where one exists, in the general terms and conditions of the contract between the payment service provider and the payment service user and in invoices and receipts relating to such contracts. It shall specify how further information on the out-of-court redress entity concerned and on the conditions for using it can be accessed.

Article 91 Out-of-court redress

1.           Member States shall ensure that adequate and effective out-of-court complaint and redress procedures for the settlement of disputes between payment service users and payment service providers concerning the rights and obligations arising under this Directive are established according to the relevant national and Union legislation, using existing bodies where appropriate. Member States shall ensure that such procedures are applicable to payment service providers and that they also cover the activities of appointed representatives.

2.           Member States shall require the bodies referred to in paragraph 1 to cooperate for the resolution of cross-border disputes concerning the rights and obligations arising under this Directive.

Article 92 Sanctions

1.           Member States shall ensure that payment service providers and third party payment providers can be held liable for breaches of the national provisions adopted pursuant to this Directive.

2.           Without prejudice to the right of Member States to impose criminal sanctions, Member States shall ensure that competent authorities may take appropriate administrative measures and impose administrative sanctions where payment service providers and third party payment providers referred to in paragraph 1 breach the national provisions, adopted in the transposition of this Directive, and shall ensure that they are applied. Those measures and sanctions shall be effective, proportionate and dissuasive.

TITLE V DELEGATED ACTS

Article 93 Delegated Acts

The Commission shall be empowered to adopt delegated acts in accordance with Article 94 concerning:

(a) adaptation of the reference to Recommendation 2003/361/EC in Article 4(29) of this Directive where that Recommendation is amended;

(b) updating of the amounts specified in Articles 27(1) and 66(1) to take account of inflation and significant market developments.

Article 94 Exercise of the delegation

1.           The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.

2.           The delegation of power referred to in Article 93 shall be conferred on the Commission for an undetermined period of time from [insert date - date of entry into force of the legislative act]

3.           The delegation of powers referred to in Article 93 may be revoked at any time by the European Parliament or by the Council. A decision of revocation shall put an end to the delegation of the power specified in that decision. It shall take effect the day following the publication of the decision in the Official Journal of the European Union or at a later date specified therein. It shall not affect the validity of any delegated acts already in force.

4.           As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.

5.           A delegated act adopted pursuant to Article 93 shall enter into force only if no objection has been expressed either by the European Parliament or the Council within a period of two months of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by two months at the initiative of the European Parliament or of the Council.

TITLE VI FINAL PROVISIONS

Article 95 Full harmonisation

1.           Without prejudice to Article 31(2), Article 34, Article 35(2), Article 48(6), Article 50(3), Article 51(3), Article 54(2), Article 56(2), and Articles 77 and 96 insofar as this Directive contains harmonised provisions, Member States shall not maintain or introduce provisions other than those laid down in this Directive.

2.           Where a Member State makes use of any of the options referred to in paragraph 1, it shall inform the Commission thereof as well as of any subsequent changes. The Commission shall make the information public on a web-site or other easily accessible means.

3.           Member States shall ensure that payment service providers do not derogate, to the detriment of payment service users, from the provisions of national law implementing or corresponding to provisions of this Directive except where explicitly provided for therein.

However, payment service providers may decide to grant more favourable terms to payment service users.

Article 96 Review clause

The Commission shall present to the European Parliament, the Council, the European Economic and Social Committee and the European Central Bank, within five years of entry into force of this Directive, a report on the application and impact of this Directive, and in particular on the appropriateness and the impact of the rules on charges as set out in Articles 55(3) and (4).

Article 97 Transitional provision

1.           Member States shall allow legal persons who have commenced before [OP please insert final transposition date], the activities as a payment institution in accordance with the national laws transposing Directive 2007/64/EC, to continue those activities in accordance with the requirements provided for in Directive 2007/64/EC without being required to seek authorisation in accordance with Article 5 of this Directive or to comply with the other provisions laid down or referred to in Title II of this Directive until [OP please insert final transposition date + 6 months].

Member States shall require legal persons referred to in the first subparagraph to submit all relevant information to the competent authorities in order to allow the latter to assess by [OP please insert final transposition date + 6 months], whether those legal persons comply with the requirements laid down in this Directive and, if not, which measures need to be taken in order to ensure compliance or whether a withdrawal of authorisation is appropriate.

Legal persons referred to in the first subparagraph, which upon verification by the competent authorities comply with the requirements laid down in Title II of this Directive, shall be granted authorisation and shall be entered in the register of the home Member State and the EBA register provided for in Articles 13 and 14 of this Directive. Where those legal persons do not comply with the requirements laid down in Title II of this Directive by [OP please insert final transposition date + 6 months], they shall be prohibited in accordance with Article 30 of this Directive to provide payment services.

2.           Member States may provide that legal persons referred to in the first subparagraph of paragraph 1 of this Article shall be automatically granted authorisation and entered in their national register of the home Member State and the EBA register provided for in Articles 13 and 14 if the competent authorities already have evidence that the requirements laid down in Articles 5 and 10 are complied with. The competent authorities shall inform the entities concerned before the authorisation is granted.

3.           Member States shall allow natural or legal persons who have commenced, before [OP Please insert final date of transposition], pursuing activities as payment institutions within the meaning of this Directive, and who have been granted a waiver under Article 26 of Directive 2007/64/EC, to continue those activities within the Member State concerned in accordance with Directive 2007/64/EC, until [OP Please insert final transposition date + 12 months] without being required to seek authorisation under Article 5 or 27 of this Directive, or to comply with the other provisions laid down or referred to in Title II of this Directive. Any persons who have not received authorisation or have not been granted a waiver within this period under this Directive, shall be prohibited to provide payment services in accordance with Article 30 of this Directive.

Article 98 Amendments to Directive 2002/65/EC

In Article 4 of Directive 2002/65/EC paragraph 5 is replaced by the following:

‘5. Where Directive [OP please insert No of this Directive] of the European Parliament and of the Council* is also applicable, the information provisions under Article 3(1) of this Directive, with the exception of paragraphs (2)(c) to (g), (3)(a), (d) and (e), and (4)(b), shall be replaced with Articles 37, 38, 44 and 45 of that Directive.’»

* Directive … of the European Parliament and of the Council of [insert full title](OJ L..).

Article 99 Amendment to Directive 2013/36/EU

In Annex I to Directive 2013/36/EU of the European Parliament and of the Council[50], point 4 is replaced by the following:

         ‘(4)    Payment services as defined in Article 4(3) of Directive 2014/XX/EU of the European Parliament and of the Council* [OP please insert name and number of this Directive once adopted]

*Directive … of the European Parliament and of the Council of …

Article 100 Amendments to Directive 2009/110/EC

In Article 18 of Directive 2009/110/EC, the following paragraph 4 is added:

‘4. Member States shall allow electronic money institutions that have taken up, before the adoption of Directive [OP please insert No of this Directive] of the European Parliament of the Council *, activities in accordance with this Directive and Directive 2007/64/EC in the Member State in which their head office is located, to continue those activities in that member State or in another Member State without being required to seek authorisation in accordance with Article 3 of this Directive or to comply with the other requirements laid down or referred to in Title II of this Directive until[OP please insert final transposition date + 6 months] .

Member States shall require legal persons referred to in the first subparagraph to submit all relevant information to the competent authorities in order to allow the later to assess, [OP please insert final transposition date + 6 months], whether those legal persons comply with the requirements laid down in Title II of this Directive, and if not, which measures need to be taken in order to ensure compliance or whether a withdrawal of authorisation is appropriate.

Legal persons referred to in the first subparagraph, which upon verification by the competent authorities comply with the requirements laid down in Title II of this Directive, shall be granted authorisation and shall be entered in the register. Where those legal persons do not comply with the requirements laid down in Title II of this Directive by [OP please insert final transposition date + 6 months], they shall be prohibited from issuing electronic money.’

* Directive … of the European Parliament of the Council of … [insert full title] (OJ L …)

**                                                          

Article 101 Repeal

Directive 2007/64/EC is repealed with effect from [OP please insert date – day after the date set out in the first subparagraph of Article 102(2)].

Any reference to the repealed Directive shall be construed as a reference to this Directive and shall be read in accordance with the correlation table in Annex II.

Article 102 Transposition

1.           Member States shall adopt and publish, by [two years after adoption] at the latest the laws, regulations and administrative provisions necessary to comply with this Directive. They shall forthwith communicate to the Commission the text of those provisions.

2.           They shall apply those provisions from […].

When Member States adopt those provisions, they shall contain a reference to this Directive or shall be accompanied by such reference on the occasion of their official publication. Member States shall determine how such reference is to be made.

3.           Member States shall communicate to the Commission the text of the main provisions of national law which they adopt in the field covered by this Directive.

Article 103

This Directive shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

Article 104

This Directive is addressed to the Member States.

Done at Brussels,

For the European Parliament                       For the Council

The President                                                 The President

ANNEX I PAYMENT SERVICES (DEFINITION 3 IN ARTICLE 4)

1.           Services enabling cash to be placed on a payment account as well as all the operations required for operating a payment account.

2.           Services enabling cash withdrawals from a payment account as well as all the operations required for operating a payment account.

3.           Execution of payment transactions, including transfers of funds on a payment account with the user's payment service provider or with another payment service provider:

(a) execution of direct debits, including one-off direct debits,

(b) execution of payment transactions through a payment card or a similar device,

(c) execution of credit transfers, including standing orders.

4.           Execution of payment transactions where the funds are covered by a credit line for a payment service user:

(a) execution of direct debits, including one-off direct debits,

(b) execution of payment transactions through a payment card or a similar device,

(c) execution of credit transfers, including standing orders.

5.           Issuing of payment instruments and/or acquiring of payment transactions.

6.           Money remittance.

7.           Services based on access to payment accounts provided by a payment service provider who is not the account servicing payment service provider, in the form of:

(a) payment initiation services;

(b) account information services.

ANNEX II CORRELATION TABLE

This Directive || Directive 2007/64/EC ||

Article 1 (1) || Article 1 (1) ||

Article 1 (2) || Article 1 (2) ||

Article 2 (1) || Article 2 (1) ||

Article 2 (2) || Article 2 (2) ||

Article 2 (3) || Article 2 (3) ||

Article 3 o) deleted || Article 3 ||

Article 4 Definitions added || Article 4 ||

|| || Article 5 - Rules added for applications for authorisations || Article 5

Article 6 || Article 6 ||

Article 7 (1) || Article 7 (1) ||

Article 7 (2) || Article 7 (2) ||

Article 7 (3) || Article 7 (3) ||

Article 8 (1) || Article 8 (1) ||

Article 8 (2) || Article 8 (2) ||

Article 8 (3) || Article 8 (3) ||

Article 9(1) || Article 9(1) ||

|| || Article 9(2) Article 9(3) & (4) deleted || Article 9(2)

Article 10 (1) || Article 10 (1) ||

Article 10 (2) || Article 10 (2) ||

Article 10 (3) || Article 10 (3) ||

Article 10 (4) || Article 10 (4) ||

Article 10 (5) || Article 10 (5) ||

Article 10 (6) || Article 10 (6) ||

Article 10 (7) || Article 10 (7) ||

Article 10 (8) || Article 10 (8) ||

Article 10 (9) || Article 10 (9) ||

Article 11 || Article 11 ||

Article 12 (1) || Article 12 (1) ||

Article 12 (2) || Article 12 (2) ||

Article 12 (3) || Article 12 (3) ||

Article 13 || Article 13 ||

Article 14 (1) || ||

Article 14 (2) || ||

Article 14 (3) || ||

Article 14 (4) || ||

Article 15 || Article 14 ||

Article 16 (1) || Article 15 (1) ||

Article 16 (2) || Article 15 (2) ||

Article 16 (3) || Article 15 (3) ||

Article 16 (4) || Article 15 (4) ||

Article 17 (1) || Article 16 (1) ||

Article 17 (2) || Article 16 (2) ||

Article 17 (3) || ||

Article 17 (4) || Article 16 (3) ||

Article 17 (5) || Article 16 (4) ||

Article 17 (6) || Article 16 (5) ||

Article 18 (1) || Article 17 (1) ||

Article 18 (2) || Article 17 (2) ||

Article 18 (3) || Article 17 (3) ||

Article 18 (4) || Article 17 (4) ||

Article 18 (5) || Article 17 (5) ||

Article 18 (6) || Article 17 (6) ||

Article 18 (7) || Article 17 (7) ||

Article 18 (8) || Article 17 (8) ||

Article 18 (9) || ||

Article 19 (1) || Article 18 (1) ||

Article 19 (2) || Article 18 (2) ||

Article 20 || Article 19 ||

Article 21 (1) || Article 20 (1) ||

Article 21 (2) || Article 20 (2) ||

Article 21 (3) || Article 20 (3) ||

Article 21 (4) || Article 20 (4) ||

Article 21 (5) || Article 20 (5) ||

Article 22 (1) || Article 21 (1) ||

Article 22 (2) || Article 21 (2) ||

Article 22 (3) || Article 21 (3) ||

Article 23 (1) || Article 22 (1) ||

Article 23 (2) || Article 22 (2) ||

Article 23 (3) || Article 22 (3) ||

Article 24 (1) || Article 23 (1) ||

Article 24 (2) || Article 23 (2) ||

Article 25 (1) || Article 24 (1) ||

Article 25 (2) - d) deleted || Article 24 (2) ||

Article 26 (1) || Article 25 (1) ||

Article 26 (2) || Article 25 (2) ||

Article 26 (3) || Article 25 (3) ||

Article 26 (4) || Article 25 (4) ||

Article 26 (5) || Article 25 (5) ||

Article 26 (6) || ||

Article 26 (7) || ||

Article 26 (8) || ||

Article 26 (9) || ||

Article 27 (1) || Article 26 (1) ||

Article 27 (2) || Article 26 (2) ||

Article 27 (3) || Article 26 (3) ||

Article 27 (4) || Article 26 (4) ||

Article 27 (5) || Article 26 (5) ||

Article 27 (6) || Article 26 (6) ||

Article 28 || Article 27 ||

Article 29 (1) || Article 28 (1) ||

Article 29 (2) – c) deleted || Article 28 (2) ||

Article 30 (1) || Article 29 ||

Article 30 (2) || ||

Article 31 (1) || Article 30 (1) ||

Article 31 (2) || Article 30 (2) ||

Article 31 (3) || Article 30 (3) ||

Article 32 || Article 31 ||

Article 33 (1) || Article 32 (1) ||

Article 33 (2) || Article 32 (2) ||

Article 33 (3) || Article 32 (3) ||

Article 34 || Article 33 ||

Article 35 (1) || Article 34 (1) ||

Article 35 (2) || Article 34 (2) ||

Article 36 (1) || Article 35 (1) ||

Article 36 (2) || Article 35 (2) ||

Article 37 (1) || Article 36 (1) ||

Article 37 (2) || Article 36 (2) ||

Article 37 (3) || Article 36 (3) ||

Article 38 (1) || Article 37 (1) ||

Article 38 (2) || ||

Article 38 (3) || Article 37 (2) ||

Article 39 || ||

Article 40 || ||

Article 41 || Article 38 ||

Article 42 || Article 39 ||

Article 43 || Article 40 ||

Article 44 (1) || Article 41 (1) ||

Article 44 (2) || Article 41 (2) ||

Article 44 (3) || Article 41 (3) ||

Article 45 (1) || Article 42 (1) ||

Article 45 (2) || Article 42 (2) ||

Article 45 (3) || Article 42 (3) ||

Article 45 (4) || Article 42 (4) ||

Article 45 (5) || Article 42 (5) ||

Article 45 (6) || Article 42 (6) ||

Article 45 (7) || Article 42 (7) ||

Article 46 || Article 43 ||

Article 47 (1) || Article 44 (1) ||

Article 47 (2) || Article 44 (2) ||

Article 47 (3) || Article 44 (3) ||

Article 48 (1) || Article 45 (1) ||

Article 48 (2) || Article 45 (2) ||

Article 48 (3) || Article 45 (3) ||

Article 48 (4) || Article 45 (4) ||

Article 48 (5) || Article 45 (5) ||

Article 48 (6) || Article 45 (6) ||

Article 49 || Article 46 ||

Article 50 (1) || Article 47 (1) ||

Article 50 (2) || Article 47 (2) ||

Article 50 (3) || Article 47 (3) ||

Article 51 (1) || Article 48 (1) ||

Article 51 (2) || Article 48 (2) ||

Article 51 (3) || Article 48 (3) ||

Article 52 (1) || Article 49 (1) ||

Article 52 (2) || Article 49 (2) ||

Article 53 (1) || Article 50 (1) ||

Article 53 (2) || Article 50 (2) ||

Article 54 (1) || Article 51 (1) ||

Article 54 (2) || Article 51 (2) ||

Article 54 (3) || Article 51 (3) ||

Article 54 (4) || Article 51 (4) ||

Article 55 (1) || Article 52 (1) ||

Article 55 (2) || Article 52 (2) ||

Article 55 (3) || Article 52 (3) ||

Article 55 (4) || ||

Article 56 (1) || Article 53 (1) ||

Article 56 (2) || Article 53 (2) ||

Article 56 (3) || Article 53 (3) ||

Article 57 (1) || Article 54 (1) ||

Article 57 (2) || Article 54 (2) ||

Article 57 (3) || Article 54 (3) ||

Article 57 (4) || Article 54 (4) ||

Article 58 (1) || ||

Article 58 (2) || ||

Article 58 (3) || ||

Article 58 (4) || ||

Article 59 (1) || ||

Article 59 (2) || ||

Article 59 (3) || ||

Article 60 (1) || Article 55 (1) ||

Article 60 (2) || Article 55 (2) ||

Article 60 (3) || Article 55 (3) ||

Article 60 (4) || Article 55 (4) ||

Article 61 (1) || Article 56 (1) ||

Article 61 (2) || Article 56 (2) ||

Article 62 (1) || Article 57 (1) ||

Article 62 (2) || Article 57 (2) ||

Article 63 (1) || Article 58 ||

Article 63 (2) || ||

Article 64 (1) || Article 59 (1) ||

Article 64 (2) || Article 59 (2) ||

Article 65 (1) || Article 60 (1) ||

Article 65 (2) || ||

Article 65 (3) || Article 60 (2) ||

Article 66 (1) || Article 61 (1) & (2) ||

Article 66 (2) || Article 61 (4) & (5) ||

Article 67 (1) || Article 62 (1) ||

Article 67 (2) || Article 62 (2) ||

Article 67 (3) || Article 62 (3) ||

Article 68 (1) || Article 63 (1) ||

Article 68 (2) || Article 63 (2) ||

Article 69 (1) || Article 64 (1) ||

Article 69 (2) || Article 64 (2) ||

Article 70 (1) || Article 65 (1) ||

Article 70 (2) || Article 65 (2) ||

Article 70 (3) || Article 65 (3) ||

Article 71 (1) || Article 66 (1) ||

Article 71 (2) || Article 66 (2) ||

Article 71 (3) || Article 66 (3) ||

Article 71 (4) || Article 66 (4) ||

Article 71 (5) || Article 66 (5) ||

Article 72 (1) || Article 67 (1) ||

Article 72 (2) || Article 67 (2) ||

Article 72 (3) || Article 67 (3) ||

Article 73 (1) || Article 68 (1) ||

Article 73 (2) || Article 68 (2) ||

Article 74 (1) || Article 69 (1) ||

Article 74 (2) || Article 69 (2) ||

Article 74 (3) || Article 69 (3) ||

Article 75 || Article 70 ||

Article 76 || Article 71 ||

Article 77 || Article 72 ||

Article 78 (1) || Article 73 (1) ||

Article 78 (2) || Article 73 (2) ||

Article 79 (1) || Article 74 (1) ||

Article 79 (2) || Article 74 (2) ||

Article 79 (3) || Article 74 (2) ||

Article 79 (4) || Article 74 (2) ||

Article 79 (5) || Article 74 (3) ||

Article 80 (1) || Article 75(1) ||

Article 80 (2) || Article 75 (2) ||

Article 80 (3) || Article 75 (3) ||

Article 81 || Article 76 ||

Article 82 (1) || Article 77 (1) ||

Article 82 (2) || Article 77 (2) ||

Article 83 || Article 78 ||

Article 84 || Article 79 ||

Article 85 (1) || ||

Article 85 (2) || ||

Article 85 (3) || ||

Article 85 (4) || ||

Article 86 (1) || ||

Article 86 (2) || ||

Article 86 (3) || ||

Article 86 (4) || ||

Article 87 (1) || ||

Article 87 (2) || ||

Article 87 (3) || ||

Article 88 (1) || Article 80 (1) ||

Article 88 (2) || Article 80 (2) ||

Article 89 (1) || ||

Article 89 (2) || ||

Article 89 (3) || Article 82 (2) ||

Article 89 (4) || ||

Article 90 (1) || ||

Article 90 (2) || ||

Article 90 (3) || ||

Article 91 (1) || Article 83 (1) ||

Article 91 (2) || Article 83 (2) ||

Article 92 (1) || ||

Article 92 (2) || ||

Article 93 || Article 84 ||

Article 94 (1) || ||

Article 94 (2) || ||

Article 94 (3) || ||

Article 94 (4) || ||

Article 94 (5) || ||

Article 95 (1) || Article 86 (1) ||

Article 95 (2) || Article 86 (2) ||

Article 95 (3) || Article 86 (3) ||

Article 96 || Article 87 ||

Article 97 || Article 88 ||

Article 98 (1) || ||

Article 98 (2) || ||

Article 99 (1) || ||

Article 99 (2) || ||

|| ||

Article 101 || ||

Article 102 (1) || Article 94 (1) ||

Article 102 (2) || Article 94 (1) ||

Article 102 (3) || Article 94 (2) ||

Article 103 || Article 95 ||

Article 104 || Article 96 ||

Annex I || Annex ||

ANNEX III Legislative financial statement ‘Agencies’

1.           FRAMEWORK OF THE PROPOSAL/INITIATIVE

1.1.        Title of the proposal/initiative

1.2.        Policy area(s) concerned in the ABM/ABB structure

1.3.        Nature of the proposal/initiative

1.4.        Objective(s)

1.5.        Grounds for the proposal/initiative

1.6.        Duration and financial impact

1.7.        Management mode(s) envisaged

2.           MANAGEMENT MEASURES

2.1.        Monitoring and reporting rules

2.2.        Management and control system

2.3.        Measures to prevent fraud and irregularities

3.           ESTIMATED FINANCIAL IMPACT OF THE PROPOSAL/INITIATIVE

3.1.        Heading(s) of the multiannual financial framework and expenditure budget line(s) affected

3.2.        Estimated impact on expenditure

3.2.1.     Summary of estimated impact on expenditure

3.2.2.     Estimated impact on [body]'s appropriations

3.2.3.     Estimated impact on [body]'s human resources

3.2.4.     Compatibility with the current multiannual financial framework

3.2.5.     Third-party contributions

3.3.        Estimated impact on revenue

LEGISLATIVE FINANCIAL STATEMENT

1.           FRAMEWORK OF THE PROPOSAL/INITIATIVE

1.1.        Title of the proposal/initiative

Directive of the European Parliament and the Council on payment services in the internal market amending Directives 2002/65/EC, and 2013/36/EU and repealing Directive 2007/64/EC.

1.2.        Policy area(s) concerned in the ABM/ABB structure[51]

Internal Market – retail financial services

Consumer protection – financial services

1.3.        Nature of the proposal/initiative

¨ The proposal/initiative relates to a new action

1.4.        Objective(s)

1.4.1.     The Commission’s multiannual strategic objective(s) targeted by the proposal/initiative

Promote smart and inclusive growth

Foster economic, social and territorial cohesion

1.4.2.     Specific objective(s) and ABM/ABB activity(ies) concerned

Develop an EU-wide market for electronic payments, which will enable consumers, retailers and other market players to enjoy the full benefits of the EU internal market

Address standardisation and interoperability gaps for card, internet and mobile payments.

Eliminate hurdles for competition, in particular for card and internet payments.

Align charging and steering practices for payment services across the EU.

Ensure that emerging types of payment services and instruments are covered by the regulatory framework for retail payments in the EU.

Ensure a consistent application of the legislative framework (PSD) and align the practical operation of the licensing and supervisory rules for payment services across Member States.

Ensure adequate and consistent protection of consumer interests in the context of payment transactions, including extending regulatory protection to new channels and innovative payment services.

1.4.3.     Expected result(s) and impact

Specify the effects which the proposal/initiative should have on the beneficiaries/groups targeted.

The proposed amendments will bring more legal clarity and a level playing field, leading to downward convergence of costs and prices for payment services users, more choice and transparency of payment services, facilitating the provision of innovative payment services, and to ensure secure and transparent payment services. The proposed measures seek to do so in a technologically neutral manner that will remain relevant as payment services evolve further. These objectives will be achieved by updating and complementing the existing framework on payments services; providing for rules that enhance transparency, innovation and security in the field of retail payments and improving consistency between national rules, with a particular emphasis on the legitimate needs of consumers.

1.4.4.     Indicators of results and impact

Once the Directive has been implemented by at least a large majority of Member States, the Commission shall assess the implementation and impact of this Directive, on the basis of a conformity assessment of the national implementing measures and a study on the impact of the Directive on the market. It shall report to the European Parliament, the Council, the European Economic and Social Committee and the European Central Bank on the results and the proposed follow up.

1.5.        Grounds for the proposal/initiative

1.5.1.     Requirement(s) to be met in the short or long term

The Directive will improve the functioning of the internal market for payment services and more broadly for all goods and services given the need for innovative, efficient and secure means of payments to exist. In particular it aims to:

¨         Ensure a competitive level playing field between all categories of payment service providers, including new emerging providers, which in turn increases the choice, efficiency, transparency and security of retail payments.

¨         Facilitate the provision of innovative card, internet and mobile payment services across borders by ensuring a Single Market for all retail payments

Furthermore, it will strike the right balance between a high level of consumer protection and the competitiveness of enterprises, thereby limiting the discretion of merchants to apply charges on the use of payment instruments to the costs at hand.

It will also facilitate the economic transactions within the Union and this will contribute to the attainment of the wider objectives of the EU 2020 strategy and the promotion of new growth.

1.5.2.     Added value of EU involvement

In accordance with the principles of subsidiarity and proportionality as set out in Article 5 of the TEU, the objectives of the proposal cannot be sufficiently achieved by Member States and can therefore be better achieved at the Union level. An integrated EU market for electronic retail payments market contributes to the aim of Article 3 of the Treaty on the European Union stipulating an internal market. The benefits of market integration include more competition between PSPs and more choice, innovation and security for payment service users, especially consumers. By its nature an integrated payments market, based on networks that reach beyond national borders, requires an EU-wide approach as the applicable principles, rules, processes and standards have to be consistent across all Member States in order to achieve legal certainty and a level playing field for all market participants. The alternative to a Community-wide approach would be a system of multilateral or bilateral agreements the complexity and costs of which would be prohibitive as compared to legislation at European level. A possible intervention at EU level therefore complies with the subsidiarity principle.

1.5.3.     Lessons learned from similar experiences in the past

The analysis of the current regulatory framework and of the Payment Service Directive, in particular, has highlighted the following issues:

- Inconsistent application of the existing rules across Member States due to a high number of options and often very general criteria of application. Notably certain exemptions set out in the PSD appear too general or outdated in respect to market developments and are being interpreted very differently. Gaps in the scope of application also arise for payments with one leg of the transaction located outside the EEA and payments in non-EU currencies, leading to continued market fragmentation, regulatory arbitrage, and distortions of competition.

- Legal vacuum for certain newly emerged internet service providers, such as third party providers offering online banking based payment initiation. These services represent a viable and often cheaper payment alternative to card payments, attractive also for consumers who do not dispose of cards. However, the current business models create some concerns amongst banks and certain Member States as the providers are currently not subject to the current legal framework. The legal vacuum risks impeding innovation and appropriate market access conditions.

- Lack of standardisation and inter-operability between different payments solutions (card, internet and mobile payments) in varying aspects and to different degrees especially at cross-border level, exacerbated by weak governance arrangements for the EU retail payments market.

- Diverse and inconsistent charging practices (for the use of a specific payment instrument applied by merchants) between Member States (where around half of EU Member States allow and the other half forbids surcharging) leading to considerable confusion for consumers when they shop abroad or on the internet and an un-level playing field.

- In the area of payment cards, several restrictive business rules and practices distorting competition (regarding MIFs and rules on choice and flexibility of merchants regarding card acceptance).

The review of the European framework and notably of the PSD and the consultation on the Commission Green Paper on card, internet and mobile payments in 2012 have thus led to the conclusion that further measures and regulatory updates, including adjustments to the PSD are required so that the payments framework can better serve the needs of an effective European payments market, fully contributing to a payments environment which nurtures competition, innovation and security.

1.5.4.     Compatibility and possible synergy with other appropriate instruments

The legal framework established by the PSD, the cross-border payments Regulation (EC) No 924/2009 and the Second Electronic Money Directive 2009/110/EC have already resulted in significant progress regarding the overall integration of the European retail payments market. The SEPA migration end-date Regulation (EU) No 260/2012 sets migration deadlines for pan-European credit transfers and pan-European direct debits, fully replacing national schemes for national and cross border euro payments within the EU as of 2014. The regulatory framework is complemented by a number of investigations and decisions under EU competition law by the Commission over the past years in the field of retail payments.

However, the retail payments market is very dynamic and experienced a significant innovation pace in the last few years. Important areas of the payments market, especially card payments and new means of payments, such as internet and mobile payments, are often still fragmented along national borders making it difficult for innovative and easy-to-use digital payment services to develop efficiently and to provide consumers and retailers with effective, convenient and secure payment methods (with the possible exception of credit cards) at pan-European level to purchase an expanding variety of goods and services. The latest developments in these markets have also highlighted certain regulatory gaps in the current legal framework for payments and market failures in the markets for card, internet and mobile payments which this initiative aims to address.

1.6.        Duration and financial impact

¨ Proposal/initiative of limited duration

¨      Proposal/initiative in effect from [DD/MM]YYYY to [DD/MM]YYYY

¨      Financial impact from YYYY to YYYY

¨ Proposal/initiative of unlimited duration

1.7.        Management mode(s) planned [52]

For the 2015 budget

¨ Centralised indirect management with the delegation of implementation tasks to :

¨ executive agencies

¨ Shared management with the Member States

¨ Indirect management by entrusting budget implementation tasks to:

¨ international organisations and their agencies (to be specified);

¨the EIB and the European Investment Fund;

¨ bodies referred to in Articles 208 and 209;

¨ public law bodies;

¨ bodies governed by private law with a public service mission to the extent that they provide adequate financial guarantees;

¨ bodies governed by the private law of a Member State that are entrusted with the implementation of a public-private partnership and that provide adequate financial guarantees;

¨ persons entrusted with the implementation of specific actions in the CFSP pursuant to Title V of the TEU, and identified in the relevant basic act.

2.           Management measures

2.1.        Monitoring and reporting rules

Specify frequency and conditions

Article 81 of the Regulation establishing the European Banking Authority (EBA) requires the Commission by 2 January 2014, and every 3 years thereafter, to publish a general report on the experience acquired as a result of the operation of EBA. To this end, the Commission will publish a general report that will be forwarded to the European Parliament and to the Council. Management and control system

2.1.1.     Risk(s) identified

In relation to the legal, economical, efficient and effective use of appropriations resulting from the proposal it is expected that the proposal would not bring about new risks that would not be currently covered by an EBA existing internal control framework.

2.1.2.     Control method(s) envisaged

Management and control systems as provided for in the Regulation establishing the European Banking Authority (1093/2010) will apply.

2.2.        Measures to prevent fraud and irregularities

Specify existing or envisaged prevention and protection measures.

For the purposes of combating fraud, corruption and any other illegal activity, the provisions of Regulation (EC) No 1073/1999 of the European Parliament and of the Council of 25 May 1999 concerning investigations conducted by the European Anti-Fraud Office (OLAF) shall apply to the EBA without any restriction.

EBA shall accede to the Interinstitutional Agreement of 25 May 1999 between the European Parliament, the Council of the European Union and the Commission of the European Communities concerning internal investigations by the European Anti-Fraud Office (OLAF) and shall immediately adopt appropriate provisions for all EBA staff.

The funding decisions and the agreements and the implementing instruments resulting from them shall explicitly stipulate that the Court of Auditors and OLAF may, if need be, carry out on-the-spot checks on the beneficiaries of monies disbursed by EBA as well as on the staff responsible for allocating these monies.

Articles 64 and 65 of the Regulation establishing EBA set out the provisions on implementation and control of the EBA budget and applicable financial rules.

3.           Estimated financial impact of the proposal/initiative

3.1.        Heading(s) of the multiannual financial framework and expenditure budget line(s) affected

Existing budget lines

In order of multiannual financial framework headings and budget lines.

Heading of multiannual financial framework || Budget line || Type of expenditure || Contribution

Number [Heading………………………...……………] || Diff./non-diff. ([53]) || From EFTA countries[54] || From candidate countries[55] || From third countries || Within the meaning of Article 21(2)(b) of the Financial Regulation

1.a || 12.03.02 European Banking Authority || Diff. || YES || YES || NO || NO

3.2.        Estimated impact on expenditure

The new tasks will be carried out with the human resources available within the annual budgetary allocation procedure, in the light of budgetary constraints, which are applicable to all EU bodies and in line with the financial programming for agencies.

3.2.1.     Summary of estimated impact on expenditure

EUR million (to three decimal places)

Heading of multiannual financial framework || 1.a || Competiveness for Growth and Jobs

DG MARKT || || || 2015 || 2016 || 2017 || 2018 || 2019 || 2020 || TOTAL

12.03.02 || Commitments || (1) || 0.160 || 0.150 || 0.075 || 0.075 || 0.075 || 0.075 || 0.609

Payments || (2) || 0.160 || 0.150 || 0.075 || 0.075 || 0.075 || 0.075 || 0.609

TOTAL appropriations for DG MARKT || Commitments || =1+1a +3a || 0.160 || 0.150 || 0.075 || 0.075 || 0.075 || 0.075 || 0.609

Payments || =2+2a +3b || 0.160 || 0.150 || 0.075 || 0.075 || 0.075 || 0.075 || 0.609

EUR million (to three decimal places)

|| || || 2015[56] || 2016 || 2017 || 2018 || 2019 || 2020 || TOTAL

TOTAL appropriations under HEADINGS 1 to 5 of the multiannual financial framework || Commitments || 0.160 || 0.150 || 0.075 || 0.075 || 0.075 || 0.075 || 0.609

Payments || 0.160 || 0.150 || 0.075 || 0.075 || 0.075 || 0.075 || 0.609

3.2.2.     Estimated impact on [body]’s aprropriations

¨         The proposal/initiative does not require the use of operational appropriations

3.2.3.     Estimated impact on [body]’s human resources

3.2.3.1.  Summary

¨         The proposal/initiative does not require the use of appropriations of an administrative nature

3.2.3.2.  Estimated requirements of human resources for the parent DG

¨         The proposal/initiative does not require the use of human resources.

3.2.4.     Comptability with the current multiannual financial framework

¨         Proposal/initiative is compatible the current multiannual fiancial framework.

3.2.5.     Third-party contributions

The proposal/initiative provides for the co-financing estimated below:

Appropriations in EUR million (to 3 decimal places)

|| 2015 || 2016 || 2017 || 2018 || 2019 || 2020 || Total

Member States || 0.240 || 0.225 || 0.112 || 0.112 || 0.112 || 0.112 || 0.913

TOTAL appropriations cofinanced || 0.240 || 0.225 || 0.112 || 0.112 || 0.112 || 0.112 || 0.913

3.3.        Estimated impact on revenue

¨         Proposal/initiative has no financial impact on revenue.

Annex 1

In the review of the PSD, the following specific responsibilities and tasks have been defined for EBA, established by Regulation (EU) No 1093/2010 of the European Parliament and of the Council.

Article 14 – develop and operate a web portal:

-           Develop and operate a web portal serving as EU electronic access point interconnecting national public registers set out under Article 13 and develop draft regulatory standards setting technical requirements regarding access to the information contained in these public registers.

Article 26 – obligations of EBA in context of "passporting" procedure:

– Preparation of guidelines concerning the question whether the taking up of activities in another Member State under the "passporting" regime constitutes the exercise of the right of establishment or freedom to provide services. Those guidelines shall be issued within two years of the date of entry into force of this Directive.

– Development of draft regulatory technical standards on the co-operation and exchange of information of the competent authorities of the home Member State referred to in Article 26 paragraph 1 with those of the host Member State in accordance with Article 26 and Article 18, specifying the method, means and details of cooperation in the notification of payment institutions operating on a cross border basis and notably the scope and treatment of information to be submitted, including a common terminology and standard notification templates to ensure a consistent and efficient notification process. EBA shall submit those draft regulatory technical standards to the Commission within two years of the date of entry into force of this Directive.

– Development of draft regulatory technical standards on the cooperation and exchange of information of the competent authorities of the home Member State with those of the host Member State in accordance with Article 26 paragraphs 2 to 4 and Article 22, specifying the method, means and details of cooperation in the supervision of payment institutions operating on a cross border basis and notably the scope and treatment of information to be exchanged, to ensure consistent and efficient supervision of payment institutions exercising cross-border provision of payment services. EBA shall submit those draft regulatory technical standards to the Commission within two years of the date of entry into force of this Directive.

Article 86 and 87 – development of security guidelines and issuance of guidelines on the handling of major security incidents by Payment Service Providers (PSPs):

– Development of guidelines with regard to the establishment, implementation and monitoring of the security measures under Article 85, including certification processes when relevant in line with the principles referred to in Article 85(3). It shall, inter alia, take into account the standards and/or specifications published by the Commission under Article 16(2) of the NIS Directive. EBA shall, in close cooperation with the ECB, review the guidelines on a regularly basis, but at least every two years.

– Issuance of guidelines to facilitate payment service providers in qualifying major incidents and the circumstances under which a payment institution is required to notify a security incident. Those guidelines shall be issued within two years of the date of entry into force of this Directive.

– In close cooperation with the ECB, issuance of guidelines addressed to payment service providers as set out in Article 1(1) of this Directive in accordance with Article 16 of Regulation (EU) No 1093/2010 on state of the art customer authentication and any exemption to the use of strong customer authentication. Those guidelines shall be issued within two years from the date of entry into force of this Directive and be updated on a regular basis as appropriate.

[1]               Directive 2007/64/EC of the European Parliament and of the Council of 13 November 2007 on payment services in the internal market (OJ L 319, 5.12.2007, p.1).

[2]               Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).

[3]               Regulation (EC) No 924/2009 of the European Parliament and of the Council of 16 September 2009 on cross-border payments in the Community and repealing Regulation (EC) No 2560/2001 (OJ L 266, 9.10.2009, p. 11).

[4]               Regulation (EU) No 260/2012 of the European Parliament and of the Council of 14 March 2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009 (OJ L 94, 30.3.2012, p.22).

[5]               European Commission Green Paper ‘Towards an integrated European market for card, internet and mobile payments, COM(2011) 941 final.

[6]               European Commission Communication "Single Market Act II - Together for new growth", COM(2012) 573 final.

[7]               European Commission Communication: "A Digital Agenda for Europe", COM (2010) 245 final.

[8]               European Commission “Proposal for a Regulation of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market”, COM (2012) 238 final.

[9]               European Commission “Proposal for a Directive of the European Parliament and of the Council concerning measures to ensure a high common level of network and information security across the Union, COM (2013) 48 final.

[10]             European Commission Communication: "A coherent framework for building trust in the Digital Single Market for e-commerce and online services", COM (2011) 942.

[11]             Directive 2011/83/EU of the European Parliament and of the Council of 25 October 2011 on consumer rights, amending Council Directive 93/13/EEC and Directive 1999/44/EC of the European Parliament and of the Council and repealing Council Directive 85/577/EEC and Directive 97/7/EC of the European Parliament and of the Council (OJ L304, 22.11.2011, p.64).

[12]             http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2011:0941:FIN:EN:PDF.

[13]             http://ec.europa.eu/internal_market/payments/docs/cim/gp_feedback_statement_en.pdf.

[14]             European Parliament resolution of 20 November 2012 on ‘Towards an integrated European market for card, internet and mobile payments’ (2012/2040(INI))

[15]             The study is available at: http://ec.europa.eu/internal_market/payments/framework/transposition/index_en.htm.

[16]             The different policy options and their impacts are discussed in detail in the impact assessment available at [link to be added]

[17]             OJ C , , p. .

[18]             OJ C, , p. .

[19]             Directive 2007/64/EC of the European Parliament and of the Council of 13 November 2007 on payment services in the internal market (OJ L 319, 5.12.2007, p. 1).

[20]             Regulation (EC) No 924/2009 of the European Parliament and of the Council of 16 September 2009 on cross-border payments in the Community and repealing Regulation (EC) No 2560/2001 (OJ L 266, 9.10.2009, p. 11).

[21]             Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).

[22]             Regulation (EC) No 260/2012 of the European Parliament and of the Council of 14 March 2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009 (OJ L 94, 30.03.2012, p. 22).

[23]             Directive 2011/83/EU of the European Parliament and of the Council of 25 October 2011 on consumer rights, amending Council Directive 93/13/EEC and Directive 1999/44/EC of the European Parliament and of the Council and repealing Council Directive 85/577/EEC and Directive 97/7/EC of the European Parliament and of the Council (OJ L 304, 22.11.2011, p. 64).

[24]             COM(2012) 941 final.

[25]             Directive XXXX/XX/EU of the European Parliament and of the Council of [date] concerning measures to ensure a high common level of network and information security across the Union (OJ L x, p x)..

[26]             Regulation (EU) No [XX/XX/XX/] of the European Parliament and of the Council [date] on interchange fees for card-based payment transactions (OJ L x, p. x).

[27]             Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity .of credit institutions and the prudential supervision of credit institutions and investment frims, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.06.2013, p. 338).

[28]             Council Directive 78/660/EEC of 25 July 1978 on the annual accounts of certain types of companies (OJ L 222, 14.08.1978, p. 11).

[29]             Council Directive 83/349/EEC of 13 June 1983 on consolidated accounts (OJ L 193, 18.07.1983, p. 1).

[30]             Council Directive 86/635/EEC of 8 December 1986 on the annual accounts and consolidated accounts of banks and other financial institutions (OJ L 372, 31.12.1986, p. 1).

[31]             Directive 2008/48/EC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Council Directive 87/102/EEC (OJ L 133, 22.5.2008, p. 66).

[32]             Directive 98/26/EC of the European Parliament and of the Council of 19 May 1998 on settlement finality in payment and securities settlement systems (OJ L 166, 11.06.98, p. 45).

[33]             Commission Recommendation 2003/361/EC of 6 May 2003 concerning the definition of micro, small and medium-sized enterprises (OJ L 124, 20.5.2003, p. 36).

[34]             Directive 2005/29/EC of the European Parliament and the Council of 11 May 2005 concerning unfair business-to-consumer commercial practices in the Internal Market (OJ L 149, 11.06.2005, p. 22).

[35]             Directive 2000/31/EC of the European Parliament and the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (OJ L 178, 17.07.2000, p. 1).

[36]             Directive 2002/65/EC of the European Parliament and the Council of 23 September 2002 concerning the distance marketing of consumer financial services (OJ L 271, 9.10.2002, p. 16).

[37]             Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, p. 31).

[38]             Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (OJ L 8, 12.01.2001, p.1).

[39]             Regulation (EU) 1093/2010 of the European parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p.12

[40]             Regulation (EC) No 593/2008 of the European parliament and of the Council of 17 June 2008 on the law applicable to contractual obligations (ROME I) (OJ L 177, 4.7.2008, p.6).

[41]             Directive 2006/112/EC of the European Parliament and the Council of 28 November 2006 on the common system of value added tax (OJ L 347, 11.12.2006, p. 1).

[42]             Joint Political Declaration of Member States and the Commission of 28 September 2011 on explanatory documents (OJ C 369, 17.12.2011, p. 14).

[43]             Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012(OJ L 176, 27.6.2013, p. 1).

[44]             Directive 2002/21/EC of the European Parliament of the Council of 7 March 2002 on a common regulatory framework for electronic communications networks and services (Framework Directive) (OJ L 108, 24.4.2002, p.33).

[45]             Directive 2005/60/EC of the European Parliament and of the Council of 26 October 2005 on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing (OJ L 309, 25.11.2005, p.15)

[46]             Regulation (EC) No 1781/2006 of the European Parliament and of the Council of 15 November 2006 on information on the payer accompanying transfers of funds (OJ L 345, 8.12.2006, p.1).

[47]             Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts, amending Council Directives 78/660/EEC and 83/349/EEC and repealing Council Directive 84/253/EEC (OJ L 157, 9.6.2006, p. 87).

[48]             Regulation (EC) 1606/2002 of the European Parliament and of the Council of 19 July 2002 on the application of international accounting standards (OJ L 243, 11.9.2002, p.1).

[49]             Directive 2008/48/RC of the European Parliament and of the Council of 23 April 2008 on credit agreements for consumers and repealing Directive 87/102/EEC (OJ L 133, 22.5.2008, p.66)

[50]             Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338.

[51]             ABM: Activity-Based Management – ABB: Activity-Based Budgeting.

[52]             Details of management modes and references to the Financial Regulation may be found on the BudgWeb site: http://www.cc.cec/budg/man/budgmanag/budgmanag_en.html

[53]             Diff.=Differentiated appropriations / Non-Diff. = Non-differentiated appropriations.

[54]             EFTA: Eurpopean Free Trade Association.

[55]             Candidate countries and, where applicable, potential candidate countries from the Western Balkans.

[56]             Year N is the year in which implementation of the proposal/initiative starts.