The Europpean Commission has proposed a maximum interchange fee that banks can charge retailers to process certain credit and debit card transactions and a revised Payment Services Directive (PSD) to replace the 2007 Directive. The Commission wants to bring the PSD up to date and ensure that it takes account of new types of payment services such as payment initiation services that you might find in a mobile wallet, and to ensure a level playing field.
This guide outlines the proposed changes. To find out how they will impact businesses and how the Commission will struggle to meet its own timetable, read our focus piece analysing the proposals.
Regulation on Interchange Fees
The proposed Regulation will apply only to transactions within the EU, where both the payer’s Payment Service Provider (PSP) and the payee’s PSP is established within the EU. It would not apply to payment instruments that can only be used within a limited network such as store cards.
Cap on interchange fees for consumer debit or credit transactions
The Commission proposes a cap on cross-border debit card transactions of 0.2% of transaction value, with a cap of 0.3% for cross-border credit card transactions. After a transitional period of 22 months, these caps will apply to domestic card transactions within the EU as well.
These rules will apply only to consumer cards and not to transactions with commercial cards, cash withdrawals at ATMs or transactions with cards issued by three party payment schemes, save where the payment scheme licenses other PSPs to issue cards under their brand and/or to acquire payment cards. That means that the cap would apply to American Express’s GNS cards as well as to, in the Commission’s view, all Diners Club transactions.
The interchange cap will not apply to cards issued by a non-EU bank to a non-EU cardholder who uses that card for payments in the EU, but the Commission indicates that it will regard the issuing of cards by non-EU banks or branches to EU based cardholders as a circumvention measure and they would therefore be likely to be caught by the cap.
In addition to regulating interchange rates, the draft legislation contemplates the regulation of a number of other business rules which are considered to impede competition or which could, if not addressed, undermine the interchange caps.
Separation of Scheme and Processing
The Regulation also proposes that four party schemes be required to separate their processing functions from the scheme function in terms of corporate structure, organisation and decision making. Both the scheme and processing company will have to deal with third parties on a non-discriminatory basis, and they will not be permitted to make the provision of any service conditional on the acceptance by the third party of any other service.
Schemes must permit authorisation and clearing of single card transactions to be separated and processed by different processing entities. Furthermore, processing entities within the EU must ensure their systems are technically interoperable with other EU systems and it is envisaged that standards will be developed by international or European standardisation bodies to ensure this can happen.
The deadline for implementation of this aspect of the proposal is extremely tight with no leeway envisaged after the Regulation enters into force.
Other business rules
The following rules will apply to all schemes including three party schemes.
Licensing The draft Regulation will prohibit any territorial restrictions within the EU in licensing agreements for issuing payment cards or acquiring payment transactions. Such restrictions shall also be prohibited in four party payment card scheme rules. Similarly any requirements to obtain country specific licences to operate on a cross-border basis will be prohibited.
Co-badging and choice of application Issuers will be permitted to co-badge cards with two or more different brands and, if there is any difference in treatment as between issuers or acquirers concerning co-badging on a card, telecommunication, digital or IP device, this has to be objectively justified and non-discriminatory.
The Regulation will prohibit schemes from acquiring information in relation to the use of any other brand on a given card where their own scheme is not used. It will be up to the payer to choose which brand to use at point of sale, subject to merchants’ ability to steer users to particular cards in certain cases.
Unblending Unless retailers specifically request blended rates, acquiring PSPs will have to charge retailers individually for different types of card, distinguishing between credit, debit, prepaid and commercial cards, and individually for different brands, with transparency on the different charges involved.
Honour all cards The Commission is seeking to limit a merchant’s obligation to accept all cards that are marketed under the same brand or as part of the same overarching scheme. Issuers will be required to make clear the type of card by product, as above. Under the new rules, merchants will only be obliged to accept all cards within a given scheme if they are subject to the same regulated interchange fee. However, schemes will still be permitted to prohibit merchants from discriminating between issuers within the same category of cards. Merchants may also decide not to accept particular schemes at all but must then make this clear to the consumer.
Steering Merchants will be permitted to steer customers to their own preferred choice of payment method and in principle treat payment devices in relation to a particular scheme more or less favourably than others. They must also be free to tell users about interchange fees and the merchant service charges that they have to pay. However, merchants will not be able to impose a surcharge for use of consumer debit or credit cards, save in relation to cards where no regulated interchange fee applies and even then only provided the surcharge does not exceed the costs incurred. This is likely to discourage the use of commercial cards in particular.
Enforcement and sanctions Member States will be required to designate competent authorities to enforce the Regulation with investigation and enforcement powers and the power to impose appropriate sanctions. The UK Government is already consulting on the establishment of a UK Payment Systems Regulator which would enforce the EU Regulation and would also have concurrent powers to enforce the UK competition rules. It would also be able to impose lower interchange caps at a domestic level.
Revised Payment Services Directive
The Commission has proposed a number of measures to bring the Payment Services Directive up to date and rather than issue an amending Directive, propose to replace the existing Directive altogether with a longer and more wide-ranging version. The focus is on ensuring regulatory and consumer protection measures apply to all forms of payment transactions, including internet and mobile payments, and to ensure a level playing field. So while the Commission is keen to ensure market access for non-bank players, this means that security, data protection and consumer protection measures must equally be observed and tightened across the board as online and mobile payments become increasingly important.
The proposal sits alongside the Commission’s investigation (now closed) into the standardisation process for payments over the internet (e-payments) carried out by the European Payments Council (EPC) which the Commission considered could have created barriers to entry. The key changes proposed are as follows:
The Commission intends to limit the scope of the exceptions currently applied under the PSD, for example by removing the exception in relation to independent ATM deployers, and by clarifying the exception for cards and payment instruments used in the context of limited groups. It will also increase protection, and narrow the exception, in relation to payments for digital content made through devices like mobile phones by introducing a value threshold above which the regulations will apply. The Directive will be extended to cover new forms of payment service, for example so-called ‘payment initiation services’ that operate between the merchant and the purchaser’s bank without the use of a credit card and which the Commission considers are just one example of an innovative service offering a more economic and efficient service.
Other new services not covered by the existing Directive include account information services which offer the facility for customers to see their consolidated financial position across a range of financial institutions.
The revised Directive seeks to clarify the rules concerning access to designated payment systems for those using indirect means of access in order to ensure that where such indirect access is granted, other PSPs in the same situation should benefit from the same non-discriminatory treatment.
Consumer protection measures
The Commission proposes to extend consumer protection against fraud, possible abuses and payment incidents by limiting the extent of losses that cardholders will be required to bear, taking this down from €150 to €50 in the case of unauthorised card payments save where there has been fraud or gross negligence. This will impact the current £50 limit set in the UK.
Other enhanced consumer protection measures include:
- Consumers will be able to ask for an unconditional refund even in the case of a disputed payment transaction, save in exceptional circumstances.
- Banks will be obliged to respond in writing to any complaint within 15 business days.
- The rules on transparency and information requirements will be extended to so-called ‘one leg’ transactions where transfers and money remittances are sent outside the EU (but in relation to the EU leg of the transaction only) and to payments in non EU currencies.
- Member states will be obliged to designate a competent authority to deal with complaints from users and other stakeholders, such as consumer associations, in relation to alleged infringements of the Directive’s requirements.
The revised PSD anticipates a number of measures to enhance the security of electronic payments, with an assessment of operational and security risks on an annual basis. Robust customer authentication measures (similar to current measures like Verified by Visa, and MasterCard SecureCode) will be required for ‘card not present’/electronic transactions (e.g. online).