EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Document 52001DC0066

Communication from the Commission to the Council and the European Parliament - E-commerce and financial services

/* COM/2001/0066 final */


Communication from the Commission to the Council and the European Parliament - E-commerce and financial services /* COM/2001/0066 final */


Executive Summary

The Lisbon European Council's deadline of 2005 to establish an integrated European market in financial services is central to the Community's employment and growth agenda.

Providing an environment conducive to the development of e-commerce in the Community is of crucial importance in meeting that objective. The e-commerce Directive is designed to ensure that on-line services can be freely provided throughout the Community. Its cornerstone is the "internal market clause", which enables on-line providers to supply services throughout the Union based on the rules of the Member State where they are established. The Directive provides for a number of derogations from the internal market clause and creates a distinct regime in respect of electronic cross-border trade from that using other distance selling modes.

How the e-commerce Directive interacts with existing financial services legislation is of central significance to the development of a clear and coherent policy for cross-border trade in financial services. We must: build on the approach set out in the directive to establish a fully functioning internal market for retail financial services; secure coherence between financial services legislation and the e-commerce Directive; secure coherence also between on-line and more traditional provision of financial services; and examine how the internal market clause will apply in areas where national rules significantly diverge, to avoid exposing consumers and investors to legal regimes that may differ substantially from their own.

To assist Member States and service providers, and to ensure compliance with the e-commerce Directive, the Commission will conduct an analysis, in the course of this year (for review in 2003), indicating certain types of national provisions that Member States may apply to incoming services. To prepare this analysis, the Commission will undertake a review, paying particular attention to the way the derogations in the directive will be applied to on-line financial services offered from another Member State. Any restriction to the free provision of services, which can be justified under the derogations by the need to protect consumers and investors, must not be disproportionate with regard to the Union's objective of free movement of information society services.

More generally, there are significant divergences in national rules and they fragment the financial services internal market. A new policy framework will be developed, covering three policy areas:

- a programme of convergence covering contractual and non-contractual rules. To pave the way for a country of origin approach to work in practice covering all financial services sectors and distance trading modes, further convergence is required in core marketing rules and at the service or sector specific level to provide high quality and comparable information to consumers. For contractual obligations, consideration will be given to how retail financial services can be freely offered throughout the Community in a framework of legal certainty;

- targeted steps to encourage consumer confidence in cross-border redress and internet payments. A Community-wide network of financial services complaints bodies will be established to provide effective and rapid out of court redress on a cross-border basis. Steps will be taken to improve security and provide consumers with legislative safety when making payments on-line within the Union;

- enhanced supervisory co-operation. Host state authorities are increasingly dependent on the authorities in the country where the provider is established. The Commission, together with Member States, will keep the arrangements for the monitoring of cross-border services under continuous review.



1. Introduction

The Financial Services Action Plan sets out the Commission's goal of building by 2005 a fully integrated European financial services market to complement the introduction of the euro. Achieving that objective will significantly benefit the Union: more jobs, stronger economic growth and a dynamic, innovative financial services industry that will better serve the consumer's and investor's interests and the development of European companies, large and small. At the wholesale level a more efficient allocation of capital will lead to lower borrowing costs for business and higher investment and pension returns for citizens. At the retail level direct access to cross-border providers has the potential, provided consumers have sufficient confidence, to lead to increased choice and competition.

New technology is already having a profound impact on the financial services industry. It is revolutionising the operation of, and access to, wholesale markets; it is transforming cross-border service provision; and acting as a catalyst for the creation of new financial services and new business models, often triggering new alliances involving telecommunications, information technology, retail, and financial services providers.

An environment conducive to the development of both the European Union's financial services industry and the information society is of vital importance for the Union's future competitiveness. The Commission recently issued a Communication outlining its strategy to respond to the Lisbon Council's call for urgent action to harness the benefits of e-commerce. The Lisbon Council also set the completion of the internal market for financial services as a priority, in particular by implementing the Financial Services Action Plan.

The present Communication examines the steps that are required to tackle the interface between e-commerce and financial services, end the fragmentation of the market for retail financial services and boost consumer confidence. Its main focus is on business to consumer issues where barriers to the establishment of an integrated market tend to be greater than with the provision of services to business or professional clients (business-to-business).

The defining characteristic of e-commerce is its borderless nature. For the first time consumers themselves can initiate contacts with service providers throughout the Community despite the barriers that remain to the cross-border provision of financial services. Financial services are, in theory, perfectly adapted to e-commerce. However, many consumers remain hesitant about shopping across borders, particularly doubting the use of the internet. Concerns such as these need to be addressed to foster consumer confidence. As well as making it as easy for providers to sell across borders as domestically, it has to be as attractive for consumers to buy across borders as domestically, if the internal market is to reach its full potential.

Much of the Union's existing legislative framework was developed before the on-line revolution. There remain diverging rules governing consumer and investor protection (contractual and non-contractual) and thus fragmented markets persist, depriving European consumers of the benefits of increased choice, more competitive prices and economies of scale.

The Union needs to update its legislative and non-legislative policy framework. At its core we need a transparent and coherent legislative environment for cross-border services, which delivers an effective prudential and consumer protection regime that fosters consumer confidence and systemic stability. The challenge is to develop a policy for financial services in line with the demanding Lisbon European Council deadline of 2005.

To achieve this objective the Commission explores three policy areas in the Communication, particularly in the context of the adoption of the electronic commerce Directive which has to be implemented by 17 January 2002:

* Policy Area I: to adapt present rules and regulations, notably to bring about convergence in consumer and investor protection rules for both contractual and non-contractual obligations;

* Policy Area II: to develop measures to provide secure payment systems and out-of-court redress on a cross-border basis;

* Policy Area III: to achieve enhanced supervisory cooperation that can meet the new cross-border challenges.

2. Legislative Foundations - The Community's E-Commerce Policy

Three years ago, the Commission's initiative in electronic commerce defined the broad lines of the Commission's policy. Good progress has been made since then. A series of directives has been adopted, including those on a transparency notification procedure, electronic signatures, and electronic money. To speed up the provision of cheaper and faster internet access, the Council has reached a political agreement on a regulation to unbundle the local loop. The directive on copyright and related rights in the information society is also near to adoption. And the eEurope initiative has succeeded in raising the information society to the top of the Union's policy agenda.

Scope and relation of the e-commerce Directive with sectoral directives

A coherent and appropriate legislative framework is essential to develop electronic commerce within the European Union. Of central importance is the recently adopted e-commerce Directive. That directive is designed to ensure that information society services can be freely provided throughout the Community. It lays the foundations on which further policy developments, including those for financial services, will be based.

The e-commerce Directive is a horizontal framework directive that applies to all information society services: those provided at a distance and by electronic means (so-called "on-line" services). Off-line activities are not within the directive's scope even if connected with an "on-line service". Thus where financial services are provided in part off-line and in part on-line, different legal regimes will be applied to each part. So, when a service is promoted on-line but provided off-line, only the on-line promotion is covered by the e-commerce Directive. However, the Commission's overall objective is to establish a coherent set of internal market rules for all modes of trade (on or off line). Several initiatives contained in the Financial Services Action Plan, notably the review of the Investment Services Directive and the proposal for a Directive on the Distance Marketing of Financial Services are designed to secure that coherence.

The e-commerce Directive applies only to service providers established within a Member State. It does not cover service providers from third countries nor does it allow them to benefit from the free movement of information society services. Each Member State may define its policy with respect to those third country service providers, provided that policy conforms with international trade agreements. The Union may well need to develop a co-ordinated approach to third country providers.

The e-commerce Directive also does not affect the existing level of protection resulting from general interest objectives that are set down in existing Community law, including those relating to the level of consumer protection. However national measures cannot restrict the free movement of information society services as defined in the e-commerce Directive.

The e-commerce Directive complements sector-specific financial services legislation, including the information requirements in the Consumer Credit Directive, certain insurance directives, and the proposed Directive on the Distance Marketing of Financial Services. The information requirements in the e-commerce Directive supplement others established by Community law. Importantly, where the proposed Distance Marketing Directive does not prescribe information requirements (notably in respect of promotional sites which do not offer the possibility to transact on-line), the provisions of the e-commerce Directive play a crucial role.

Central to the understanding of the e-commerce Directive is the so-called "internal market clause". This enables information society providers to supply services throughout the Union on the basis of the rules and regulations prevailing in the Member State in which they are established (ie. country of origin). The e-commerce Directive also removes legal obstacles: complementing the electronic signatures Directive, it obliges Member States to ensure that their legal system allows contracts to be concluded by electronic means.

The e-commerce Directive seeks to guarantee the freedom to provide information society services in accordance with Article 49 of the Treaty. Member States must ensure that service providers established on their territory comply with the national requirements falling within the directive's "co-ordinated field". Member States may not restrict the freedom to provide services - that is to say they may not take measures which hamper or otherwise make less attractive the provision of information society services from other Member States. Such restrictions are justifiable only if they are covered by one of the derogations in the Annex to Article 3 of the directive or are notified by a Member State under Article 3(4-6).

Policy objectives of the directive

The approach developed in the e-commerce Directive reflects the new reality of electronic commerce. Services available over a web-site are automatically and simultaneously accessible in all Member States. It would be unjustifiably burdensome if a financial service provider had to comply with fifteen different sets of rules and regulations. If that were the case, service providers would be forced to design different services in order to comply with different Member State requirements, discouraging the use and take up of e-commerce throughout the European Union. Customer choice would be limited. Worse still, providers may tend to concentrate on the major markets, to the detriment of the smaller Member States. And EU consumers would look elsewhere in the world to trade electronically. The existence of a wide variety of legal rules and practices is also likely to undermine attempts to convince consumers to be confident in conducting transactions outside their national market or with unfamiliar brands.

On-line services can be provided to other Member States without any physical presence or activity. This can raise concerns about how such services will be satisfactorily monitored or controlled. Given the nature of such on-line services, control may be exercised more rapidly and more efficiently in the Member State where the service provider is established and from which it operates its website (the Member State of origin). Another Member State could, in practice, find it difficult to enforce measures against a service provider located outside its borders. The state where the service is received will therefore rely on measures taken by the authorities in the Member State of origin.

Mutual confidence and cooperation between Member States is thus of central importance and the e-commerce Directive, through Article 19, obliges not only the Member State of origin to exert efficient control for services provided to consumers in other Member States. It also provides the Member State where the service is received with the right to obtain any relevant information.

Derogations to the internal market clause of the e-commerce Directive

There are significant derogations in the e-commerce Directive from the internal market approach described above. They fall into two categories - first, general derogations and, second, specific case by case derogations.

A number of general derogations (listed in the directive's annex) reflect different legal solutions provided by other general instruments and include certain provisions that are specific to existing Community financial services legislation. These include the provisions laid down in the insurance directives regarding the taking up and the carrying out of insurance business, the advertising of UCITS and the issue of electronic money by institutions which do not benefit from a European passport . More derogations from the internal market clause had been sought by some Member States, in particular for financial services and more specifically in respect of investment services. However, the Council and the Parliament agreed to limit the number of derogations to those originally proposed by the Commission.

There are other general derogations which relate to the law applicable to contracts and which are important for the provision of financial services. These concern the freedom of the parties to choose the law applicable to their contract, the law applicable to contractual obligations in consumer contracts, and the formal validity of contracts creating or transferring rights in real estate.

Essentially the parties are free to choose the law applicable. In the absence of choice, the law of the state to which the contract has the closest connection will govern the contract. It is presumed that this is the state where the party performing the characteristic obligation is established. An exception to these basic rules is for consumer contracts so that when the acquirer of goods or services under a contract is a consumer (i.e. acting outside his trade or profession), an express choice of law cannot exclude the protection of the 'mandatory rules' of the law of the country of his habitual residence; and in the absence of a choice of law, the whole contract is governed by the law of the consumer's habitual residence. However the application of this exception is subject to the condition that the conclusion of the contract was preceded by a specific invitation addressed to the consumer or by advertising in the consumer's Member State, and that the consumer had taken in his Member State all the steps necessary for the conclusion of the contract. The effect of the derogation in the field of contract law is to allow Member States other than the State in which a service provider is established to apply rules which restrict the freedom to provide information society services, subject to compatibility of such measures with Article 49 of the EC Treaty.

The second category of derogation permits a Member State, on a case by case basis, to apply restrictions to an information society service from another Member State under the conditions outlined in Article 3(paragraphs 4 to 6) of the e-commerce Directive which allows Member States to take measures to protect general interest objectives, in particular to protect consumers and investors. This derogation is subject to a Community procedure, which requires, inter alia, the notification of the proposed action to the Commission for examination, in particular to avoid cases of disproportionate and unjustified restrictions to the free movement of information society services.

An outline of the Commission's approach in the coming years

The application of the e-commerce Directive from 17 January 2002 raises important issues if the Community is to maintain a coherent legislative framework for an internal market in financial services. First, the directive provides for a number of derogations from the internal market clause, concerning financial services, which merit review in order to establish a fully functioning internal market in retail financial services. The objective of that review must be to deliver a sufficiently high degree of convergence in consumer protection rules to pave the way for a country of origin approach. Second, where the internal market clause applies, it creates a distinct regime in respect of electronic cross-border trade from that using other distance selling modes. This may create an uneven playing field between trading modes. And third, the internal market clause will apply in some areas where national rules continue to diverge significantly, notably, in non-harmonised areas. This may expose consumers and investors to regimes which may differ substantially from that with which they are familiar.

Consumer confidence requires that there are sufficiently harmonised levels of consumer protection throughout the Union - so that they are as effectively and transparently protected in other Member States as they are in their own. Similarly, suppliers need to be able to operate across the Union without being confronted with widely differing legal requirements. This will clearly require further convergence of national rules particularly in key areas such as conduct of business rules for investment services and pre-contractual information requirements covered by the proposed Directive on the Distance Marketing of Financial Services.

To achieve such convergence will require a mix of different policies: legislative proposals to guarantee high levels of harmonised consumer protection throughout the Union, and where appropriate and necessary the possibility for mutual recognition within such a framework by Member States of any other respective arrangements. These issues are explored more fully in the next section along with consideration of the impact of the e-commerce Directive during the limited period required to deliver that policy mix.

3. Policy area i: ensuring coherence in the Legislative Framework for Financial Services

The Union's financial services legislation is in large part geared toward providing financial institutions with access to Community markets on the basis of a European passport. However, in practice, firms operating in a number of Member States tend to do so through branches which usually comply with the rules of the Member State where the branch is based. This tends to reinforce market fragmentation. Moreover, where national rules diverge significantly, notably in non-harmonised areas, a host Member State usually applies its domestic rules for reasons of general good in respect of incoming services.

The inherent borderless nature of e-commerce brings a new dimension to the operation of the internal market. Consumers have access to the providers of services throughout the Community. However, on-line supply and demand for cross-border financial services will only develop in an environment of legal clarity and certainty that fully safeguards the interests of consumers and investors. To produce such an environment means addressing the issues that arise from the development of e-commerce, and in particular the introduction of the e-commerce Directive. This requires a major policy initiative for the financial services sector.

The Commission will launch a three-strand policy to secure increased levels of convergence in respect of consumer and investor protection rules. First, a strategy of high level harmonisation will be introduced in respect of core marketing rules. Second, steps will be taken towards achieving further convergence in sector-specific or service-specific rules, in particular to standardise the content and presentation of the information consumers receive, to allow easy comparison of prices and conditions between cross-border and domestic services. To pave the way for a country of origin approach to work in practice covering all financial sectors and distance trading modes, this convergence of rules must be at a sufficiently high level. And thirdly, the Commission will undertake a review of national rules relating to retail financial services contracts. This review will provide an analytical basis for possible future measures aimed at creating legal certainty in relation to cross-border trade of financial services. Separately, in response to the European Council of Tampere and a request of the European Parliament, the Commission is preparing a Communication launching a debate on the possible harmonisation of contract law in order to improve the functioning of the internal market.

An ambitious policy such as this will, inevitably, take time to develop and require a high degree of political commitment. Given that the e-commerce Directive will come into effect on 17 January 2002 the Commission will conduct an analysis on the way the directive should be applied pending further convergence. This analysis is described later in this section.

Legislative and Co-Regulatory Initiatives

This section sets out on-going and new initiatives that are designed to achieve high levels of harmonised protection within the Community. They fall into horizontal initiatives, sector-specific policies, and possible future measures in the area of contract law.

Strand I Horizontal Issues

(i) Commercial Communications: The services involved in commercial communications include advertising, direct marketing, sponsorship, sales promotions and public relations.

They are already subject to some harmonisation at Community level: misleading advertising has been banned, comparative advertising has been regulated and strict conditions have been set for TV advertising in the Television without Frontiers Directive. Television advertising - including of financial services - is submitted to the application of the country of origin principle (where the broadcaster is established). A similar approach is also taken in the e-commerce Directive which includes additional transparency requirements for all on-line advertising. Commercial communications are required to be identifiable as such; make clear on whose behalf the commercial communication is being undertaken; and set out clearly and unambiguously the conditions either for qualifying for promotional offers (such as discounts, premiums and free gifts) or for entering promotional competitions. The Commission is examining these issues to establish whether or not further initiatives are necessary in this area.

(ii) Marketing

Significant divergences remain in the national rules that govern the marketing of financial services. They are addressed in the proposed Directive on the Distance Marketing of Financial Services, in particular through harmonisation of key marketing rules in respect of all modes of marketing (including withdrawal rights, cold calling and the provision of generic information prior to the conclusion of the contract). The Commission calls for the directive's rapid adoption to demonstrate the Union's commitment to consumer protection, especially in the on-line environment.

Strand II Sectoral Issues

Further initiatives will also be needed at the sectoral or service-specific level. Recent analyses of the divergences in prior information requirements at the national level have identified a number of priorities for further work (set out in Table 1). An analysis of Member States' conduct of business rules has also revealed significant differences throughout the Community in the level of protection afforded to retail investors.

A number of initiatives - some underway, some new - are targeted at improving convergence of consumer and investor protection rules. They are briefly discussed below. In most cases, these initiatives are in line with the strategy outlined in this Communication. Where they are not, action will be taken. With regard to information requirements concerning the most commonly used financial services, the Commission believes the consumer to be best served with as high a degree of standardisation as practicable to facilitate understanding and comparison between service providers.

(i) Banking

For mortgage credit, a European voluntary code of conduct for the marketing of home loans will shortly be agreed between consumer and industry representative organisations. It will aid comparison of cross-border offers. The Commission will shortly issue a Recommendation calling for its implementation.

For consumer credit, the Commission will propose a revision to the 1987 Consumer Credit Directive. This will widen its scope, establish a high and exhaustive level of consumer protection, and streamline the existing rules on Annual Percentage Rate of Charge (APRC). That approach will complement the introduction of generic prior information requirements in the proposed Distance Marketing Directive.

Table 1: Additional information requirements - breakdown by financial service


In the context of the negotiations on the Distance Marketing Directive, Member States submitted a list of additional national prior-information requirements. These are indicated by financial service in the above chart. Some of the greatest divergences occur with respect to non-harmonised funds, UCITS, life assurance and mortgage credit.

(ii) Investment Services

The Investment Services Directive (ISD) imposes host country requirements on services provided within the territory of the host country in a number of areas, key amongst which are the conduct of business rules under Article 11. In its Communication on Article 11 of the ISD, the Commission concluded that, while national conduct of business regimes offer sufficient protection to allow professional investors to enter into investment service transactions subject only to the rules in force in the home country of the service provider, significant differences persist in the level of protection afforded retail investors by national rules. Thus host countries impose local business rules for such investors in accordance with Treaty principles and secondary legislation. However, the widespread application of host country rules can also act as a potential barrier to the cross-border provision of investment services. The task of designing and implementing an amended ISD must thus ensure that there is a smooth transition to a home country approach. This will be based on sufficient convergence in the content and enforcement of national conduct of business rules for retail investors. A (non-binding) process of approximation of the substance of conduct of business rules for both retail and professional investors is already well advanced within the Forum of European Securities Commissions (FESCO). The Commission's analysis will take full account of this work.

For UCITS (harmonised funds), the second proposal introduces a simplified prospectus based on a maximum harmonisation approach for the marketing of harmonised funds.

For Prospectuses, the Commission will shortly propose a directive to introduce an effective single European passport for issuers based on an obligation to accept the prospectus approved by the home competent authority. Until the date of the entry into force of this new directive the existing directives on listing particulars (80/390/EEC) and public offer of securities (89/298/EEC) will be fully applicable.

(iii) Insurance

Greater convergence of pre-contractual information is needed for the insurance sector. For non-life insurance, the need for, and the content of, specific rules on prior information will be explored. For life assurance, the Commission will consider whether further rules are needed in addition to existing rules on information requirements which currently provide for a minimum harmonisation approach. The proposed Insurance Intermediaries Directive already sets out minimum requirements required for potential customers (mainly concerning the relationship the intermediary has with insurance companies, the obligation to clarify the needs of the customer and the reasons underpinning the advice). The Commission will consider whether these requirements need to be strengthened by full harmonisation or mutual recognition.

(iv) Non-harmonised areas

The Commission does not envisage action for those non-harmonised fields that relate, primarily, to the provision of services to professionals (for example the supply of analytical research for investment purposes or similar market information). Whilst there is no comprehensive list of other non-harmonised areas, non-harmonised funds and certain non-core services under the ISD are of particular concern. They include financial advisors and/or financial planners, commodity brokers, and dealers and market-makers on futures and options markets. The Commission will examine, on the basis of input from Member States, whether further initiatives for these, and other non-harmonised areas, are necessary.

Strand III Reviewing Financial Service Contracts

Financial services - particularly banking and insurance services - are contract based (for example, the terms of a bank loan - fixed or variable interest, duration or possibility for early repayment). The contractual terms and conditions determine, along with the price, what makes a product more (or less) attractive to consumers and investors. Over time, Member States have developed diverging contractual rules for the protection of consumers and investors and they play a significant role in determining the shape of the financial service offered. Services accepted as standard in some Member States (for example, an interest bearing current account) may be illegal in others. Such rules, if not essential for the protection of the general good, inhibit the establishment of an internal market in retail financial services.

The Commission will carry out a review, the objective of which is to minimise the risk of market fragmentation from many different sets of mandatory obligations relating to consumer contracts. In the review, how consumers access retail financial services governed by the law of another Member State will be examined. As with marketing rules, further convergence of consumer protection measures may be needed in order to balance the need for greater uniformity between convergence of national rules with the need to maintain product innovation and choice.

Application of article 3(4)

Until an adequate level of convergence of national rules is achieved, Member States may, in certain areas, need to continue to apply their domestic rules to consumers and retail investors.However, that application would have to be in conformity with the derogations provided in the e-commerce Directive, in particular the derogation under Article 3.

To assist Member States and service providers and to ensure compliance with the directive, the Commission intends to identify certain types of legal provisions in respect of which Member States may wish to use the derogation. The Commission will consult Member States and interested parties during the course of 2001. The objective of this consultation is to analyse the divergences in the level of protection between certain national provisions which Member States might wish to continue to impose on incoming services, and to facilitate the examination of such provisions with respect to their proportionality under Article 3 (paragraphs 4-6).

This analysis would, of course, not be legally binding nor prejudice any interpretation by the ECJ, nor affect the derogations under the electronic commerce Directive. It will, however, be of great assistance in the assessment of the necessity and proportionality of certain measures which may be taken by Member States under Article 3(4-6). It will thus aid Member States in identifying which, if any, of their national consumer and retail investor protection rules they wish to apply to incoming services and to inform service providers accordingly.

Such analysis would evolve with the operation of the Directive, with market developments, progress in achieving greater convergence and in the light of the 2005 deadline set for the completion of the Financial Services Action Plan."

4. policy area II: Building Consumer Confidence in redress and internet payment systems

This section briefly considers a number of additional measures (many non-legislative) designed to enhance consumer confidence in the provision of financial services on-line. They fall under two broad headings. First, the need for effective and rapid access to redress in the event of problems. Second, consideration of a number of concerns specific to the use of new technology, including the security and reliability of internet payments.

Cross-Border Redress

Consumers must have both confidence and trust in cross-border transactions in financial services. E-Commerce has transformed the current situation. Consumers and providers from different countries come together in a single market. Access to effective cross-border redress in the event of a dispute is of fundamental importance. All consumers must have access to justice through a Member State's legal system. The recent transposition of the Brussels Convention into a Community regulation should provide the consumer, subject to certain conditions, with a choice of jurisdiction in the event of a dispute. However, the cost of litigation compared to the value of the product or service, as well as the time and effort frequently involved in mounting court proceedings, tend to make action through the courts a last resort.Therefore, if consumers are to have sufficient confidence in other markets than their own, they need assurance that if things go wrong they can seek cheap, simple and effective redress.

For those consumers that do not obtain satisfaction from the provider, some form of third party resolution is essential. Alternative Dispute Resolution (ADR) systems could offer an effective way of meeting that need, accepting that such systems must not compromise access to judicial review in a court of law. The Lisbon European Council called for the establishment of ADR at Community level to promote consumer confidence in e-commerce within the EU. The pivotal role of ADR in an on-line environment has also been recognised internationally (for example, by the OECD and the Global Business Dialogue). There are encouraging market driven ADR initiatives (for example, those being developed by Eurochambers, Webtrader, ECODIR, Cybercourt, e-Mediator and ODR.NL).

The Commission has also launched a number of initiatives. They include the EEJ-NET (European Extra Judicial Network) which establishes a network of ADRs notified to the Commission as applying with core principles to guarantee their fairness and effectiveness. The EEJ-Net will provide a communication and support structure made up of national contact points (or 'Clearing Houses') established by each Member State. If a consumer has a dispute with an enterprise he can then contact his Clearing House for advice and support to assist him in filing a complaint with a notified body where that enterprise is located. In cross-border disputes the Clearing Houses will address existing barriers to seeking extra-judicial redress such as language differences and lack of information and then pass the complaint through the network to the appropriate body.

For financial services, FIN-NET (FINancial Services complaints NETwork) has recently been launched providing a specific redress network for disputes involving financial services. It links together the schemes that are responsible for alternative dispute resolution for financial services at national level to form a Community-wide network. Unlike other commercial areas, there are structures already in place in every Member State. Thus FIN-NET builds on an established tradition of providing out-of-court solutions using the knowledge and experience at national level. Consumers can seek redress in a flexible manner, particularly through redress bodies in their own country. Information exchange between redress bodies is enhanced and participants have agreed on procedures of cooperation throughout the Union. The form of each participating scheme varies, but it must comply with Commission Recommendation 98/257 which sets out principles applicable to bodies responsible for out-of-court settlement of consumer disputes, and guarantees a fair and impartial process that is reasonably comparable to court proceedings. The practical day-to-day co-operation of the network is underpinned by a voluntary Memorandum of Understanding (MoU) between participating schemes. The MoU sets out the basic principles of the cooperation and its procedural framework.

The Commission will continue to encourage the development of redress bodies at national level and their membership of FIN-NET. Separately, the Commission is funding a research programme to develop on-line methodologies for use by cross-border networks in order to make the access to and operation of ADR as efficient as possible.

Secure Internet Payment Systems

Secure electronic payments are essential for the development of business to consumer e-commerce. Today, there is no widespread, effective, secure and cheap way to make cross-border internet payments. Consumers lack confidence in the security of internet payments - a concern that has been heightened by a number of high profile errors in the provision of on-line financial services.

There is Community legislation designed to provide consumer protection in the area of electronic payments (see Table 2). Payment cards are currently the most commonly used on-line payment instrument whilst other forms of electronic payment system include those based on digital cash on the internet ("cyber cash") and those on book entries. The present legislative framework provides consumers with some protection but it does not meet many of the concerns associated with on-line trade within the Community. The patchwork of national provisions similarly accentuates the risk of legislative fragmentation in the internal market. Improvements are needed in technical security and in the establishment of a legislative "safety net" in the event of payment problems.

On technical security the Commission's e-Europe initiative promotes the use of new technologies, including a smart card action plan, and plans further work on identification and authentication techniques. As smart cards are a personal possession, they are perceived to be private and secure and thus a trusted means of holding and transferring data. Smart cards also provide access to electronically based applications and services. The proposed Framework Decision on combating fraud and counterfeiting proposes the criminalisation of these activities throughout the Union. In a linked Communication, the Commission proposes a series of measures (study of security features of new payment solutions for e-commerce, exchange of information, training, and provision of educational material) to deter fraudsters and raise consumer confidence.

Building consumer confidence in electronic payments may well require a legislative framework that provides reassurance that a refund will be made if problems occur. In the US, under framework legislation, the major international payment card companies play a central role in meeting consumer protection objectives through their "chargeback" system. In the Union, with a few exceptions, such industry schemes are not generally grounded in Member State law, but instead are governed by the contract between the card issuing bank and the merchant's bank under the card company scheme. The decision on whether to trigger a chargeback on a cardholder's complaint rests with the issuing bank. There is thus a lack of a coherent legislative basis to support refunds in the internal market. This undoubtedly inhibits chargeback from operating, particularly in respect of cross-border transactions.

Table 2: Consumer protection in the area of payment

Recommendation 97/489/EC covers transactions by electronic payment instruments. It includes provisions on liability in case of unauthorised transactions and covers electronic transfer of funds, including home banking.

Directive 87/102/EEC on consumer credit provides that the consumer can, under certain circumstances, exercise claims against the grantor of the credit ("connected lender liability"). It does not apply to debit or charge cards.

Directive 97/7/EC protects consumers in respect of distance contracts and provides that they have the right to request cancellation and be refunded with their payment where fraudulent use has been made of their payment card. However the scope of payment protection offered is limited and wider issues concerning remote payments have arisen. For financial services, similar protection is envisaged in the proposed Directive on the Distance Marketing of Financial Services.

Directives 2000/28/EC & 2000/46/EC on e-money provide that electronic money may be issued only by supervised institutions meeting certain legal and financial conditions, ensuring technical security.

Directive 97/5/EC on cross-border credit transfers contains rules regarding the execution of cross-border transfers and transparency of conditions.

The Communication on fraud prevention, inter alia, calls for use of the highest economically viable level of security for payment instruments and establishes a Fraud Prevention Action Plan setting out comprehensive preventative measures aimed at reducing fraud.

The Proposed Framework Decision proposes harmonisation of certain Member State criminal law provisions relating to fraud and counterfeiting involving all non-cash means of payment so that they are recognised as criminal offences throughout the Union and punished with appropriate sanctions.

Directive 99/93/EC establishes rules on the legal recognition of electronic signatures and certification procedures.

Directives 95/46/EC and Directive 97/66/EC - the Data Protection Directives - deal with the protection of individuals with regard to the processing of personal data and the right to privacy in the context of electronic commerce.

Legislative backing for a refund system that establishes a right and basic conditions for refunds in the event of non-authorised transactions and non-delivery on a Community level is needed urgently. Such an approach would be reinforced with other non-legislative measures. These could define the objectives and framework on which the industry could decide how best to meet their obligations, for example, by building on existing chargeback schemes. There should be an active involvement of the payments industry (particularly when there is a problem with the payment itself - a processing error or fraudulent use of the payment instrument on the internet). Industry also needs to be involved in resolving disputes between the consumer and the merchant about the non-delivery (but not quality) of the product or service for which the consumer has already paid. The burdens on those involved in the payment process also need to be kept to a minimum. Systems that enable merchants in one Member State to verify the identity of consumers in another are essential if abuse of a refund system is to be minimised.

5. policy area III: Enhanced Supervisory Cooperation

The legislative convergence of regulatory requirements and their enforcement in the internal market has been underpinned by a comprehensive system of memoranda of understanding between the Union's financial supervisors as well as cooperation bilaterally and through existing Community committees. These arrangements provide the basis for prudential supervision in the internal market in financial services. Host country supervisors are increasingly dependent on the supervisor in the country of establishment of the financial service provider to monitor the provision of financial services at source. The changes that are occurring as a result of e-commerce necessitate the closest monitoring and appropriate adaptation of those arrangements to ensure that they remain equal to the task of ever closer integration in financial markets. Indeed, the interim report of the Lamfalussy Group proposed institutional changes in rule making and implementation in order to adapt to rapid market developments.

Responsibility for Prudential Supervision and Applicable Prudential Framework

The e-commerce Directive does not change the existing arrangements for the prudential supervision of financial service institutions. The directive places responsibility for the enforcement of rules with the public authorities in the country of establishment of the information society service provider. Generally, this coincides with the "home country" as prescribed in the financial services directives. For insurance, the derogation from Article 3(1) and (2) leaves the existing approach to supervision unchanged. For banking and investment services, however, the definition of establishment in the e-commerce Directive might not in all cases be the same country as the "home country" within the meaning of the sectoral directives.

This is true in respect of how branches are supervised. Although, the e-commerce Directive places responsibility for the enforcement of rules with the public authorities in the country of establishment of the information society service provider, for branches, this does not affect transfers of responsibilities between Member States which are dealt with by existing financial services legislation. So, the existing transfers of competence from host to home country (for example, of licensing, prudential control, deposit guarantee, and supervision of branches) remain entirely valid. Consequently, as a result of previous express transfers made by the EU sectoral directives, prudential control of branches remains with the "home country" in the meaning of these sectoral directives.

Oversight of the firm/client relationship

At the Community level, banking and insurance supervisors are concerned principally with prudential issues. Responsibility for handling complaints in the firm/client relationship frequently rests with banking and insurance Ombudsmen. Securities supervisors or delegated authorities oversee conduct of business rules which deal with the relationship between the provider and the client. A coherent approach in dealing with cross-border trade needs to be developed: rules, and the responsibility for their enforcement, should increasingly shift to the country of origin of the service provider. However, whilst this switch is taking place, existing procedures for handling oversight of conduct of business rules in cross-border cases will remain. Those rules will also be updated in line with the Commission's Communication on Article 11 of the ISD.

Notification Procedures

Enhanced cooperation between public authorities will be required to ensure effective control of cross-border on-line services. Article 19 of the e-commerce Directive is intended to provide an appropriate framework for that cooperation: Member States are required to have adequate means in place to supervise at source the provision of all e-commerce cross-border services (including financial services). Article 19 also provides for the transfer of information between public authorities concerning that cross-border provision. In this sense it complements procedures for cooperation foreseen in a number of sectoral directives. The Commission will discuss with Member States where and how the cooperation provided for under Article 19 might be developed to ensure effective oversight of on-line cross-border trade in financial services. However, it is anticipated that the need for notification procedures will decrease as national rules converge. The need for and form of notification procedures will be considered as part of the 2003 review of progress in that convergence.

Money Laundering

Under Community law, a home country approach is taken for money laundering requirements in cross-border cases. In the case of on-line transactions, such requirements are more difficult to meet and therefore, as the Commission's proposal for a revised directive on money laundering recognises, carry a greater risk given the absence of face-to-face contact. In fact, many Member States require that service providers receive documentation from, and in some cases meet with, potential depositors.

There is thus an urgent need to examine the risks associated with on-line and cross-border transfers. Digital signatures and other identification and authentication techniques will certainly contribute towards resolving such issues and the Commission will discuss the potential threats with Member States and other interested parties in, inter alia, the Money Laundering Contact Committee and the Financial Action Task Force.

Prudential Risk Profiles

The emergence of new risk profiles in financial services, associated with electronic business models, has triggered work on prudential issues in a number of fora. A substantial part of these risks adds to the well-known categories of risk including credit, market, interest rate, and insurance risks. Regulatory and supervisory authorities are currently examining a range of issues including those set out in Table 3.

Failures arising from any of the risks associated with the on-line provisions of financial services could lead to significant legal and reputational risk. Such risks are not new, but their relative importance grows given the increasing reliance on technology. To respond to these challenges, there is regular monitoring and ongoing work at Community and international level. The current review of prudential capital is also providing a clearer understanding of the nature and magnitude of such risks and this will be taken into account when drafting the new capital requirements directive for credit institutions and investment companies. For insurance, the so-called Solvency II exercise will involve a wide ranging review of the overall financial position of an insurance undertaking. This review will go well beyond the traditional solvency margin requirements and will also take full account of the new risks posed by e-commerce.

Table 3

* Strategic concerns: The design and implementation of internet strategies needs to be well thought through and the consequences understood by senior management.

* Increased use of technology: New systems are often integrated with legacy systems or the systems of third parties. Financial institutions need to have confidence in the systems provided by external parties, as it is they that will have to take responsibility for the control and management of service delivery. The interaction between systems also raises issues regarding the integrity of data received and transmitted.

* Security: The security of electronic delivery channels and information stored internally needs to be guaranteed. Customer data needs to be safeguarded. Threats posed by hackers or "denial of service" attacks need to be addressed. Increased use of "straight-through processing" needs to be matched by new ways of detecting and correcting errors.

* Availability: Measures, including contingency plans, are needed to guard against system downtime caused by capacity constraints, "denial of service" attacks or technical problems. Financial service providers need to be wary of a gap between customer expectations and what they can in reality guarantee to deliver.

* Outsourcing: Increased reliance on information service providers and the low cost of "off the peg" solutions makes provision of e-financial services relatively cheap. Regulated financial institutions need to conduct due diligence tests and monitor the viability of third party service providers that may lack knowledge of the regulated financial services environment. Third party use of customer data is an issue of particular concern

6. next steps

Rapid progress must be made on the measures outlined in this Communication if an integrated market in retail financial services is to be established by the 2005 deadline set by the Lisbon European Council.

The Commission will immediately meet with Member States' experts to gather information on national requirements in financial services on which to base the analysis on the application of Article 3(4-6) of the e-commerce Directive. Input will also be sought from other interested parties, in particular, industry and consumer organisations.

Extensive consultations will be held to identify where further harmonisation might be necessary and to review national rules protecting consumers in contracts to determine how retail financial services can be freely offered throughout the Community in a framework of legal certainty, delivering increased choice and lower prices.

The supervisory and prudential issues raised in the Communication will be taken forward by the appropriate financial services' committees, in particular, to monitor and contain any new risks which may arise in the e-financial services environment.

Having recently launched FIN-NET to provide Community-wide alternative dispute resolution, the Commission will hold regular meetings of the network in order to provide a forum for the sharing of information and experience.

The proposals concerning internet payments will be discussed initially in the Payment Systems Groups. The Commission will include, on the basis of these discussions, proposals for further action in its report to the European Parliament and Council scheduled for the end of this year.