Legal provisions of COM(2023)366 - Payment services and electronic money services in the Internal Market - Main contents
Please note
This page contains a limited version of this dossier in the EU Monitor.
| dossier | COM(2023)366 - Payment services and electronic money services in the Internal Market. |
|---|---|
| document | COM(2023)366 |
| date | June 28, 2023 |
TITLE I
SUBJECT MATTER, SCOPE AND DEFINITIONS
Article 1
Subject matter and scope
1. This Directive lays down rules concerning:
(a) access to the activity of providing payment services and electronic money services, within the Union, by payment institutions;
(b) supervisory powers and tools for the supervision of payment institutions.
2. Member States may exempt the institutions referred to in Article 2 (5), points (4) to (23), of Directive 2013/36/EU from the application of all or part of the provisions of this Directive.
3. Unless specified otherwise, any reference to payment services shall be understood in this Directive as meaning payment and electronic money services.
4. Unless specified otherwise, any reference to payment service providers shall be understood in this Directive as meaning payment service providers and electronic money service providers.
Article 2
Definitions
For the purposes of this Directive, the following definitions apply:
(1) ‘home Member State’ means either of the following:
(a) the Member State in which the payment service provider has its registered office; or
(b) if the payment service provider has, under its national law, no registered office, the Member State in which the payment service provider has its head office;
(2) ‘host Member State’ means the Member State other than the home Member State in which a payment service provider has an agent, a distributor, or a branch or provides payment services;
(3) ‘payment service’ means any business activity set out in Annex I;
(4) ‘payment institution’ means a legal person that has been granted authorisation in accordance with Article 13 to provide payment services or electronic money services throughout the Union;
(5) ‘payment transaction’ means an act of placing, transferring or withdrawing funds, based on a payment order placed by the payer, or on his behalf, or by the payee, or on his behalf, irrespective of any underlying obligations between the payer and the payee;
(6) ‘execution of a payment transaction’ means the process starting once the initiation of a payment transaction is completed and ending once the funds placed, withdrawn, or transferred are available to the payee;
(7) ‘payment system’ means a funds transfer system with formal and standardised arrangements and common rules for the processing, clearing or settlement of payment transactions;
(8) ‘payment system operator’ means the legal entity legally responsible for operating a payment system;
(9) ‘payer’ means a natural or legal person who holds a payment account and places a payment order from that payment account, or, where there is no payment account, a natural or legal person who places a payment order;
(10) ‘payee’ means a natural or legal person who is the intended recipient of funds which are the subject of a payment transaction;
(11) ‘payment service user’ means a natural or legal person making use of a payment service or of an electronic money service in the capacity of payer, payee, or both;
(12) ‘payment service provider’ means a body referred to in Article 2(1) of Regulation XXX [PSR] or a natural or legal person benefiting from an exemption pursuant to Articles 34, 36 and 38 of this Directive;
(13) ‘payment account’ means an account held by a payment service provider in the name of one or more payment service users which is used for the execution of one or more payment transactions and allows for sending and receiving funds to and from third parties;
(14) ‘payment order’ means an instruction by a payer or payee to its payment service provider requesting the execution of a payment transaction;
(15) ‘payment instrument’ means an individualised device or devices and/or set of procedures agreed between the payment service user and the payment service provider which enables the initiation of a payment transaction;
(16) ‘account servicing payment service provider’ means a payment service provider providing and maintaining a payment account for a payer;
(17) ‘payment initiation service’ means a service to place a payment order at the request of the payer or of the payee with respect to a payment account held at another payment service provider;
(18) ‘account information service’ means an online service of collecting, either directly or through a technical service provider, and consolidating information held on one or more payment accounts of a payment service user with one or several account servicing payment service providers;
(19) ‘payment initiation service provider’ means a payment service provider providing payment initiation services;
(20) ‘account information service provider’ means a payment service provider providing account information services;
(21) ‘consumer’ means a natural person who, in payment service contracts covered by this Directive, is acting for purposes other than his or her trade, business or profession;
(22) ‘money remittance’ means a payment service where funds are received from a payer, without any payment accounts being created in the name of the payer or the payee, for the sole purpose of transferring a corresponding amount to a payee or to another payment service provider acting on behalf of the payee, or where such funds are received on behalf of and made available to the payee;
(23) ‘funds’ means central bank money issued for retail use, scriptural money and electronic money;
(24) ‘technical service provider’ means a provider of services which, although not being payment services, are necessary to support the provision of payment services, without the provider of technical services entering at any time into possession of the funds to be transferred;
(25) ‘sensitive payment data’ means data which can be used to carry out fraud, including personalised security credentials;
(26) ‘business day’ means a day on which the payment service provider of the payer or of the payee involved in the execution of a payment transaction is open for business as required for the execution of a payment transaction;
(27) ‘Information and technology (ICT) services’ means ICT Services as defined in Article 3, point 21, of Regulation (EU) 2022/2554;
(28) ‘agent’ means a natural or legal person who acts on behalf of a payment institution in providing payment services;
(29) ‘branch’ means a place of business other than the head office which is a part of a payment institution, which has no legal personality and which carries out directly some or all of the transactions inherent in the business of a payment institution; all of the places of business set up in the same Member State by a payment institution with a head office in another Member State shall be regarded as a single branch;
(30) ‘group’ means a group of undertakings that are linked to each other by a relationship as referred to in Article 22(1), points (2) or (7) of Directive 2013/34/EU of the European Parliament and of the Council51, or undertakings as referred to in Articles 4, 5, 6 and 7 of Commission Delegated Regulation (EU) No 241/201452, which are linked to each other by a relationship as referred to in Article 10(1) or Article 113(6), first subparagraph, or 113(7), first subparagraph of Regulation (EU) No 575/2013;
(31) ‘acquiring of payment transactions’ means a payment service provided by a payment service provider contracting with a payee to accept and process payment transactions, which results in a transfer of funds to the payee;
(32) ‘issuing of payment instruments’ means a payment service by a payment service provider contracting to provide a payer with a payment instrument to initiate and process the payer’s payment transactions;
(33) ‘own funds’ means funds as defined in Article 4(1), point 118, of Regulation (EU) No 575/2013 where at least 75 % of the Tier 1 capital is in the form of Common Equity Tier 1 capital as referred to in Article 50 of that Regulation and Tier 2 capital is equal to or less than one third of Tier 1 capital;
(34) ‘electronic money’ means electronically, including magnetically, stored monetary value as represented by a claim on the issuer which is issued on receipt of funds for the purpose of making payment transactions and which is accepted by other natural or legal persons than the issuer;
(35) ‘average outstanding electronic money’ means the average total amount of financial liabilities related to electronic money in issue at the end of each calendar day over the preceding six calendar months, calculated on the first calendar day of each calendar month and applied for that calendar month;
(36) ‘distributor’ means a natural or legal person that distributes or redeems electronic money on behalf of a payment institution;
(37) ‘electronic money services’ means the issuance of electronic money, the maintenance of payment accounts storing electronic money units, and the transfer of electronic money units;
(38) ‘ATM deployer’ means operators of automated teller machines who do not service payment accounts.
(39) ‘payment institution providing electronic money services’ means a payment institution which provides the services of issuance of electronic money, maintenance of payment accounts storing electronic money units, and transfer of electronic money units, whether or not it also provides any of the services referred to in Annex I.
TITLE II
PAYMENT INSTITUTIONS
CHAPTER I
Licensing and supervision
S e c t i o n 1
G e n e r a l r u l e s
Article 3
Applications for authorisation
1. Member States shall require undertakings other than the undertakings referred to in Article 2(1), points (a), (b), (d), and (e), of Regulation XXX [PSR], and other than natural or legal persons benefiting from an exemption pursuant to Articles 34, 36, 37 and 38 of this Directive, that intend to provide any of the payment services referred to in Annex I, or electronic money services, to obtain authorisation from the competent authorities of the home Member Sate for the provision of those services.
2. The authorisation referred to in the first subparagraph shall only be required for those payment services that the applicant payment institutions actually intend to provide.
3. Member States shall ensure that undertakings that apply for an authorisation as referred to in paragraph 1 provide the competent authorities of the home Member State with an application for authorisation, together with the following:
(a) a programme of operations setting out in particular the type of payment services envisaged;
(b) a business plan including a forecast budget calculation for the first 3 financial years which demonstrates that the applicant is able to employ the appropriate and proportionate systems, resources and procedures to operate soundly;
(c) evidence that the applicant holds initial capital as provided for in Article 5;
(d) for the undertakings applying to provide services as referred to in Annex I, points (1) to (5), and electronic money services, a description of the measures taken for safeguarding payment service users’ funds in accordance with Article 9;
(e) a description of the applicant’s governance arrangements and internal control mechanisms, including administrative, risk management and accounting procedures, and a description of the applicant’s arrangements for the use of ICT services as referred to in Articles 6 and 7 of Regulation (EU) 2022/2554, which demonstrates that those governance arrangements, internal control mechanisms and arrangements for the use of ICT services are proportionate, appropriate, sound and adequate;
(f) a description of the procedure in place to monitor, handle and follow up a security incident and security related customer complaints, including an incident reporting mechanism which takes account of the notification obligations of the payment institution laid down in Chapter III of Regulation (EU) 2022/ 2554;
(g) a description of the process in place to file, monitor, track and restrict access to sensitive payment data;
(h) a description of business continuity arrangements including a clear identification of the critical operations, a description of the ICT business continuity plans and ICT response and recovery plans, and a description of the procedure to regularly test and review the adequacy and efficiency of such ICT business continuity and ICT response and recovery plans, as required by Article 11(6) of Regulation (EU) 2022/2554;
(i) a description of the principles and definitions applied for the collection of statistical data on performance, transactions and fraud;
(j) a security policy document, including:
(i) a detailed risk assessment in relation to the applicant’s payment and electronic money services;
(ii) a description of security control and mitigation measures to adequately protect payment service users against the risks identified, including fraud and the illegal use of sensitive and personal data;
(iii) for applicant institutions wishing to enter information sharing arrangements with other payment service providers for the exchange of payment fraud related data as referred to in Article 83(5) of Regulation XXX [PSR], the conclusions of the data protection impact assessment referred to in Article 83(5) of Regulation XXX [PSR] and pursuant to Article 35 of Regulation (EU) 2016/679 and, where applicable, the outcome of the prior consultation of the competent supervisory authority pursuant to Article 36 of that Regulation;
(k) for applicant institutions that are subject to the obligations in relation to money laundering and terrorist financing under Directive (EU) 2015/849 of the European Parliament and of the Council53 and Regulation (EU) 2015/847 of the European Parliament and of the Council54, a description of the internal control mechanisms which the applicant has established to comply with that Directive and Regulation;
(l) a description of the applicant’s structural organisation, including, where applicable, a description of:
(i) the intended use of agents, distributors or branches;
(ii) the off-site and on-site checks that the applicant undertakes to perform on those agents, distributors or branches at least annually;
(iii) a description of outsourcing arrangements;
(iv) the applicant’s participation in a national or international payment system;
(m) the identity of the persons that hold in the applicant, directly or indirectly, qualifying holdings within the meaning of Article 4(1), point (36), of Regulation (EU) No 575/2013, the size of their holdings and evidence of their suitability to ensure the sound and prudent management of the applicant;
(n) the identity of directors and other persons responsible for the management of the applicant payment institution and, where relevant:
(i) the identity of the persons responsible for the management of the payment services activities of the payment institution;
(ii) evidence that the persons responsible for the management of the payment services activities of the payment institution are of good repute and possess appropriate knowledge and experience to perform payment services as determined by the home Member State of the applicant;
(o) where applicable, the identity of the statutory auditors and audit firms as defined in Article 2, points 2 and 3, of Directive 2006/43/EC of the European Parliament and of the Council55;
(p) the applicant’s legal status and articles of association;
(q) the address of the applicant’s registered office;
(r) an overview of EU jurisdictions where the applicant is submitting or is planning to submit an application for authorisation to operate as a payment institution.
(s) a winding-up plan in case of failure, which is adapted to the envisaged size and business model of the applicant.
For the purposes of the first subparagraph, points (d), (e), (f) and (l), Member States shall ensure that the applicant provides a description of its audit arrangements and of the organisational arrangements it has set up to protect the interests of its users and to ensure continuity and reliability in the performance of payment or electronic money services.
The security control and mitigation measures referred to in the first subparagraph, point (j), shall indicate how the applicant will ensure a high level of digital operational resilience as required by Chapter II of Regulation (EU) 2022/2554, in particular in relation to technical security and data protection, including for the software and ICT systems used by the applicant or the undertakings to which it outsources its operations.
4. Member States shall require undertakings that apply for authorisation to provide payment services as referred to in Annex I, point (6), as a condition of their authorisation, to hold a professional indemnity insurance, covering the territories in which they offer services, or some other comparable guarantee against liability to ensure that:
(a) they can cover their liabilities as specified in Articles 56, 57, 59, 76, and 78 of Regulation XXX [PSR];
(b) they cover the value of any excess, threshold or deductible from the insurance cover or comparable guarantee;
(c) they monitor the coverage of the insurance or comparable guarantee on an ongoing basis.
5. The EBA shall develop draft regulatory technical standards specifying:
(a) the information to be provided to the competent authorities in the application for the authorisation of payment institutions, including the requirements laid down in paragraph 3, points (a), (b), (c), (e) and (g) to (k) and (r);
(b) a common assessment methodology for granting authorisation as a payment institution, or registration as an account information service provider or ATM deployer, under this Directive;
(c) what is a comparable guarantee, as referred in paragraph 4, first subparagraph, which should be interchangeable with a professional indemnity insurance;
(d) the criteria on how to stipulate the minimum monetary amount of the professional indemnity insurance or other comparable guarantee as referred in paragraph 4.
6. When developing those draft regulatory technical standards referred to in paragraph 5, the EBA shall take account of the following:
(a) the risk profile of the undertaking;
(b) whether the undertaking provides other payment services as referred to in Annex I or is engaged in other businesses;
(c) the size of the activity of the undertaking;
(d) the specific characteristics of comparable guarantees, as referred in paragraph 4, and the criteria for their implementation.
The EBA shall submit those draft regulatory technical standards referred to in paragraph 5 to the Commission by [ OP please insert the date= 1 year after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the regulatory technical standards in accordance with Article 10 to 14 of Regulation (EU) No 1093/2010.
Article 4
Control of the shareholding
1. Any natural or legal person who has taken a decision to acquire or to further increase, directly or indirectly, a qualifying holding within the meaning of Article 4(1), point (36), of Regulation (EU) No 575/2013 in a payment institution, as a result of which the proportion of the capital or of the voting rights held would reach or exceed 20 %, 30 % or 50 %, or so that the payment institution would become its subsidiary, shall inform the competent authorities of that payment institution in writing of their intention in advance. The same applies to any natural or legal person who has taken a decision to dispose, directly or indirectly, of a qualifying holding, or to reduce its qualifying holding so that the proportion of the capital or of the voting rights held would fall below 20 %, 30 % or 50 %, or so that the payment institution would cease to be its subsidiary.
2. The proposed acquirer of a qualifying holding in the payment institution shall inform the competent authority about the size of the intended holding and relevant necessary information as referred to in Article 23(4) of Directive 2013/36/EU.
3. Member States shall require that where the influence exercised by a proposed acquirer, as referred to in paragraph 1, is likely to operate to the detriment of the prudent and sound management of the payment institution, the competent authorities shall express their opposition or take other appropriate measures to bring that situation to an end. Such measures may include injunctions, penalties against directors or the persons responsible for the management of the payment institution in question, or the suspension of the exercise of the voting rights attached to the shares held by the shareholders or members of this payment institution.
Similar measures shall apply to natural or legal persons who fail to comply with the obligation to provide prior information, as laid down in paragraph 2.
4. Where a holding as referred to in paragraph 1 is acquired despite the opposition of the competent authorities, Member States shall, regardless of any other penalty to be adopted, provide for the exercise of the corresponding voting rights to be suspended, the nullity of votes cast or the possibility of annulling those votes.
Article 5
Initial capital
Member States shall require payment institutions to hold, at the time of authorisation, initial capital, comprised of one or more of the items referred to in Article 26, points (1)(a) to (e), of Regulation (EU) No 575/2013 as follows:
(a) where the payment institution provides only the payment service referred to in Annex I, point (5), its capital shall at no time be less than EUR 25 000;
(b) where the payment institution provides the payment service referred to in Annex I, point (6), its capital shall at no time be less than EUR 50 000;
(c) where the payment institution provides any of the payment services referred to in Annex I, points (1) to (4), its capital shall at no time be less than EUR 150 000;
(d) where the payment institution provides electronic money services, its capital shall at no time be less than EUR 400 000.
Article 6
Own funds
1. Member States shall require that the payment institution’s own funds does not fall below the amount of initial capital referred to in Article 5, or the amount of own funds either calculated in accordance with Article 7 for payment institutions that do not offer electronic money services, or calculated in accordance with Article 8 for payment institutions that offer electronic money services, whichever is the highest.
2. Member States shall take the necessary measures to prevent the multiple use of elements eligible for own funds where the payment institution belongs to the same group as another payment institution, credit institution, investment firm, asset management company or insurance undertaking. The same shall also apply where a payment institution has a hybrid character and carries out activities other than providing payment or electronic money services.
3. Where the conditions laid down in Article 7 of Regulation (EU) No 575/2013 are met, Member States or their competent authorities may choose not to apply Articles 7 or 8 of this Directive, as applicable, to payment institutions which are included in the consolidated supervision of the parent credit institution pursuant to Directive 2013/36/EU.
Article 7
Calculation of own funds for payment institutions not offering electronic money services
1. Notwithstanding the initial capital requirements set out in Article 5, Member States shall require payment institutions, other than payment institutions that either only offer payment initiation services as referred to in Annex I, point (6), or only offer account information services as referred to in Annex I, point (7), or both, and other than payment institutions offering electronic money services, to hold own funds calculated in accordance with paragraph 2 at all times.
2. Competent authorities shall require payment institutions to apply, by default, method B as laid down in point b) below. Competent authorities may however decide that, in light of their specific business model, in particular where they only execute a small number of transactions but of a high individual value, payment institutions shall rather apply method A or C. For the purposes of methods A, B and C, the preceding year is to be understood as the full 12-month period prior to the moment of calculation.
(a) Method A
The payment institution’s own funds shall amount to at least 10 % of its fixed overheads of the preceding year. The competent authorities may adjust that requirement in the event of a material change in a payment institution’s business since the preceding year. Where a payment institution has not completed a full year’s business at the date of the calculation, payment institution’s own funds shall amount to at least 10 % of the corresponding fixed overheads as projected in its business plan, unless the competent authorities have required an adjustment to that plan.
(b) Method B
The payment institution’s own funds shall amount to at least the sum of the following elements multiplied by the scaling factor k referred to in paragraph 3, where payment volume (PV) represents one twelfth of the total amount of payment transactions executed by the payment institution in the preceding year:
(i) 4,0 % of the slice of PV up to EUR 5 million;
plus
(ii) 2,5 % of the slice of PV above EUR 5 million up to EUR 10 million;
plus
(iii) 1 % of the slice of PV above EUR 10 million up to EUR 100 million;
plus
(iv) 0,5 % of the slice of PV above EUR 100 million up to EUR 250 million;
plus
(v) 0,25 % of the slice of PV above EUR 250 million.
(c) Method C
The payment institution’s own funds shall amount to at least the relevant indicator referred to in point (i), multiplied by the multiplication factor referred to in point (ii) and by the scaling factor k referred to in paragraph 3.
(i) The relevant indicator shall be the sum of the following:
(1) interest income;
(2) interest expenses;
(3) commissions and fees received; and
(4) other operating income.
Each element shall be included in the sum with its positive or negative sign. Income from extraordinary or irregular items shall not be used in the calculation of the relevant indicator. Expenditure on the outsourcing of services rendered by third parties may reduce the relevant indicator where the expenditure is incurred from an undertaking subject to supervision under this Directive. The relevant indicator shall be calculated on the basis of the 12-monthly observation at the end of the previous financial year. The relevant indicator shall be calculated over the previous financial year.
Own funds calculated in accordance with method C shall not fall below 80 % of the average of the previous 3 financial years for the relevant indicator. When audited figures are not available, business estimates may be used.
(ii) The multiplication factor shall be:
(1) 10 % of the slice of the relevant indicator up to EUR 2,5 million;
(2) 8 % of the slice of the relevant indicator from EUR 2,5 million up to EUR 5 million;
(3) 6 % of the slice of the relevant indicator from EUR 5 million up to EUR 25 million;
(4) 3 % of the slice of the relevant indicator from EUR 25 million up to 50 million;
(5) 1,5 % above EUR 50 million.
3. The scaling factor k to be used in methods B and C shall be:
(a) 0,5 where the payment institution provides only the payment service as referred to in point (5) of Annex I;
(b) 1 where the payment institution provides any of the payment services as referred to in any of points (1) to (4) of Annex I.
4. Member States shall require that payment institutions other than payment institutions that either only offer payment initiation services as referred to in Annex I, point 6, or only offer account information services as referred to in Annex I, point 7, or both, and other than payment institutions offering only electronic money services that also engage in the activities referred to in Article 10 ensure that the own funds held for the services listed in Annex I, points 1 to 5, are not considered as own funds held for the purpose of Article 10, paragraph 4, point (d) or other services not regulated under this Directive.
5. Competent authorities may, based on an evaluation of the risk-management processes, risk loss data base and internal control mechanisms of the payment institution, require the payment institution to hold an amount of own funds which is up to 20 % higher than the amount which would result from the application of the method chosen in accordance with paragraph 2. Competent authorities may permit the payment institution to hold an amount of own funds which is up to 20 % lower than the amount which would result from the application of the method to be applied in accordance with paragraph 2.
6. The EBA shall develop draft regulatory standards in accordance with Article 16 of Regulation (EU) No 1093/2010 concerning the criteria to determine when the payment institution’s business model is such that they only execute a small number of transactions, but of a high individual value, as referred in paragraph 2 of this Article.
The EBA shall submit those draft regulatory technical standards to the Commission by [ OP please insert the date= 1 year after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the regulatory technical standards in accordance with Article 10 to 14 of Regulation (EU) No 1093/2010.
Article 8
Calculation of own funds for payment institutions offering electronic money services
1. Notwithstanding the initial capital requirements set out in Article 5, Member States shall require payment institutions offering both payment services and electronic money services to hold, at all times, own funds calculated in accordance with Article 7 for their payment services activity.
2. Notwithstanding the initial capital requirements set out in Article 5, Member States shall require payment institutions only offering electronic money services to hold, at all times, own funds calculated in accordance with Method D as set out in point (3) below.
3. Method D: The own funds for the activity of providing electronic money services shall amount to at least 2 % of the average outstanding electronic money.
4. Member States shall require that payment institutions offering both payment services and electronic money services hold at all times own funds that are at least equal to the sum of the requirements referred to in paragraphs 1 and 2.
5. Member States shall allow payment institutions providing both payment services and electronic money services which carry out any of the activities referred to in Annex I that are not linked to the electronic money services, or any of the activities referred to in Article 10 paragraphs 1 and 4, to calculate their own funds requirements on the basis of a representative portion assumed to be used for the electronic money services, provided that such a representative portion can be reasonably estimated on the basis of historical data and to the satisfaction of the competent authorities, where the amount of outstanding electronic money is unknown in advance. Where the payment institution has not completed a sufficient period of business, its own funds requirements shall be calculated on the basis of projected outstanding electronic money evidenced by its business plan subject to any adjustment to that plan required by the competent authorities.
6. Paragraphs 4 and 5 of Article 7 shall apply mutatis mutandis to payment institutions providing electronic money services.
Article 9
Safeguarding requirements
1. Member States shall require a payment institution which provides payment services as referred to in Annex I, points (1) to (5), or electronic money services, to safeguard all funds it has received from payment service users or through another payment service provider for the execution of payment transactions, or where applicable the funds received in exchange for electronic money that has been issued, in either of the following ways:
(a) those funds shall not be commingled at any time with the funds of any natural or legal person other than the payment service users on whose behalf the funds are held;
(b) those funds shall be covered by an insurance policy or some other comparable guarantee from an insurance company or a credit institution, which does not belong to the same group as the payment institution itself, for an amount equivalent to the amount that would have been segregated in the absence of the insurance policy or other comparable guarantee, payable in the event that the payment institution is unable to meet its financial obligations.
For the purposes of the first subparagraph, point (a), where the payment institution still holds the funds and has not yet by the end of the business day following the day when the funds have been received, delivered those funds to the payee or transferred those funds to another payment service provider, the payment institution shall do either of the following:
(a) deposit those funds either in a separate account in a credit institution authorised in a Member State, or at a central bank at the discretion of that central bank;
(b) invest those funds in secure, liquid low-risk assets, as determined by the competent authorities of the home Member State;
Payment institutions shall insulate those funds in accordance with national law in the interest of the payment service users against the claims of other creditors of the payment institution, in particular in the event of insolvency.
2. Payment institutions shall avoid concentration risk to safeguarded customer funds by ensuring that the same safeguarding method is not used for the totality of their safeguarded customer funds. In particular, they shall endeavour not to safeguard all consumer funds with one credit institution.
3. Where a payment institution is required to safeguard funds under paragraph 1 and a portion of those funds is to be used for future payment transactions with the remaining amount to be used for services other than payment services, that portion of the funds to be used for future payment transactions shall also be subject to the requirements of paragraph 1. Where that portion is variable or not known in advance, Member States shall allow payment institutions to apply this paragraph on the basis of a representative portion assumed to be used for payment services, provided that such a representative portion can be reasonably estimated on the basis of historical data to the satisfaction of the competent authorities.
4. Where a payment institution provides electronic money services, funds received for the purpose of issuing electronic money need not be safeguarded until the funds are credited to the payment institution’s payment account or are otherwise made available to the payment institution in accordance with the execution time requirements laid down in Regulation XXX [PSR]. In any event, such funds shall be safeguarded by no later than the end of the business day following the day when the funds have been received, after the issuance of electronic money.
5. Where a payment institution provides electronic money services, for the purpose of application of paragraph 1, secure, low-risk assets are asset items falling into one of the categories set out in Table 1 of Article 336(1) of Regulation (EU) No 575/2013 for which the specific risk capital charge is no higher than 1,6 %, but excluding other qualifying items as defined in Article 336(4) of that Regulation.
For the purposes of paragraph 1, secure, low-risk assets are also units in an undertaking for collective investment in transferable securities (UCITS) which invests solely in assets as specified in the first subparagraph.
In exceptional circumstances and with a proper justification, the competent authorities may, based on an evaluation of security, maturity, value or other risk elements of the assets as specified in the first and second subparagraphs, determine which of those assets shall not be considered as secure, low-risk assets for the purposes of paragraph 1.
6. A payment institution shall inform the competent authorities in advance of any material change in measures taken for safeguarding of funds received for payment services provided and in case of electronic money services in exchange for electronic money issued.
7. The EBA shall develop regulatory technical standards on safeguarding requirements, laying down in particular safeguarding risk management frameworks for payment institutions to ensure protection of users’ funds, and including requirements on segregation, designation, reconciliation and calculation of safeguarding funds requirements.
The EBA shall submit those draft regulatory technical standards to the Commission by [ OP please insert the date= 1 year after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with Articles 10 to 14 of Regulation (EU) No 1093/2010.
Article 10
Activities
1. In addition to the provision of payment services or electronic money services, payment institutions shall be entitled to engage in the following activities:
(a) the provision of operational and closely related ancillary services, including ensuring the execution of payment transactions, foreign exchange services, safekeeping activities, and the storage and processing of data;
(b) the operation of payment systems;
(c) business activities other than the provision of payment services or electronic money services, having regard to applicable Union and national law.
2. Payment institutions that provide one or more payment services or electronic money services, shall only hold payment accounts which are used exclusively for payment transactions.
3. Any funds received by payment institutions from payment service users to provide payment or electronic money services shall not constitute a deposit or other repayable funds within the meaning of Article 9 of Directive 2013/36/EU.
4. Payment institutions may grant credit relating to the payment services referred to in Annex I, point 2, only where all of the following conditions have been met:
(a) the credit is ancillary to, and granted exclusively in connection with, the execution of a payment transaction;
(b) notwithstanding national rules, if any, on providing credit by issuers of credit cards, the credit granted in connection with a payment and executed in accordance with Article 13(6) and Article 30 is to be repaid within a short period, which shall in no case exceed 12 months;
(c) the credit granted does not come from the funds received or held for executing a payment transaction or from the funds which have been received from payment services users in exchange of electronic money and held in accordance with Article 9, paragraph 1;
(d) the own funds of the payment institution are at all times and to the satisfaction of the supervisory authorities appropriate in view of the overall amount of credit granted.
5. Payment institutions shall not take deposits or other repayable funds within the meaning of Article 9 of Directive 2013/36/EU.
6. Payment institutions that provide electronic money services shall exchange any funds, including cash or scriptural money, received by that payment institution from payment service users for electronic money without delay. Such funds shall neither constitute a deposit, nor other repayable funds received from the public within the meaning of Article 9 of Directive 2013/36/EC.
7. This Directive shall be without prejudice to Directive 2008/48/EC, other relevant Union law or national measures regarding conditions for granting credit to consumers not harmonised by this Directive that comply with Union law.
Article 11
Accounting and statutory audit
1. Council Directive 86/635/EEC56, Directive 2013/34/EU and Regulation (EC) No 1606/2002 of the European Parliament and of the Council57, shall apply to payment institutions mutatis mutandis.
2. Unless exempted under Directive 2013/34/EU and, where applicable, Directive 86/635/EEC, the annual accounts and consolidated accounts of payment institutions shall be audited by statutory auditors or audit firms as defined in Article 2, points 2 and 3, of Directive 2006/43/EC.
3. For supervisory purposes, Member States shall require that payment institutions provide separate accounting information for, on the one hand, payment services or electronic money services, and, on the other hand, the activities referred to in Article 10(1), which shall be subject to an auditor’s report. That report shall be prepared, where applicable, by the statutory auditors or an audit firm.
4. The obligations laid down in Article 63 of Directive 2013/36/EU shall apply mutatis mutandis to the statutory auditors or audit firms of payment institutions in respect of payment services or electronic money services.
Article 12
Record-keeping
Member States shall require payment institutions to keep all appropriate records for the purpose of this Title for at least 5 years, without prejudice to Directive (EU) 2015/849 or other relevant Union law. When such records include personal data, the payment institution shall not keep those records for longer than necessary for the purpose of this Title. Where there is a withdrawal of the authorisation of the payment institution in accordance with Article 16, records that include personal data shall not be kept more than 5 years after the authorisation has been withdrawn.
Article 13
Granting of authorisation
1. Member States shall authorise an applicant payment institution for the payment services and electronic money services it intends to provide, provided that the applicant payment institution:
(a) is a legal person established in a Member State;
(b) has submitted to its competent authorities the information referred to in Article 3(3);
(c) has taken into account the need to ensure the sound and prudent management of the applicant payment institution, robust governance arrangements for the payment services or electronic money services it intends to provide, including:
(i) a clear organisational structure with well-defined, transparent and consistent lines of responsibility;
(ii) effective procedures to identify, manage, monitor and report the risks to which the applicant payment institution is or might be exposed;
(iii) adequate internal control mechanisms, including sound administration and accounting procedures.
(d) has the initial capital referred to in Article 5;
(e) complies with Article 3(4).
The governance arrangements and control mechanisms referred to in point (c) shall be comprehensive and proportionate to the nature, scale and complexity of the payment services or electronic money services the applicant payment institutions intend to provide.
The EBA shall adopt guidelines on the arrangements, processes and mechanisms referred to in this paragraph.
2. Competent authorities of the home Member State shall grant an authorisation if the information and evidence accompanying the application complies with all of the requirements laid down in Article 3 and if the competent authorities’ overall assessment, having scrutinised the application, is favourable. Before granting an authorisation, the competent authorities may, where relevant, consult the national central bank or other relevant public authorities.
3. A payment institution which, under the national law of its home Member State, is required to have a registered office, shall have its head office in the same Member State as its registered office and shall carry out a part of its payment service or electronic money business there. The competent authorities of the Member State where the payment institution is to have its registered office shall however not require the payment institution to carry out the majority of its business in the country where it will have its registered office.
4. Competent authorities may, as a condition for authorisation, require that the applicant payment institution establishes a separate entity for the provision of the payment services referred to in Annex I, points 1 to 6, where the applicant payment institution is engaged in other business activities that may impair, or is likely to impair, either the financial soundness of the applicant payment institution or the ability of the competent authorities to monitor the applicant payment institution’s compliance with this Directive.
5. Competent authorities shall refuse to authorise an applicant payment institution in any of the following cases:
(a) where, taking into account the need to ensure the sound and prudent management of the payment institution, those competent authorities are not satisfied as to the suitability of the shareholders or members that have qualified holdings;
(b) where there are close links as defined in Article 4(1), point (38), of Regulation (EU) No 575/2013 between the payment institution and natural or legal persons that do prevent the effective exercise of the supervisory functions of the competent authorities;
(c) where the laws, regulations, or administrative provisions of a third country governing one or more natural or legal persons with which the payment institution has close links as defined in Article 4(1), point (38), of Regulation (EU) No 575/2013, or difficulties involved in the enforcement of those laws, regulations or administrative provisions, prevent the effective exercise of the supervisory functions of the competent authorities.
6. An authorisation shall be valid in all Member States and shall allow the payment institution concerned to provide the payment or electronic money services that are covered by the authorisation throughout the Union, pursuant to the freedom to provide services or the freedom of establishment.
Article 14
Communication of the decision to authorise or refuse authorisation
Within 3 months of receipt of an application for authorisation as referred to in Article 3, or, where such application is incomplete, of all of the information referred to in Article 3(3), the competent authorities shall inform the applicant whether the authorisation is granted or refused. The competent authority shall give reasons where it refuses an authorisation.
Article 15
Maintenance of the authorisation as a payment institution
Member States shall require payment institutions to inform their competent authority of any change in the information and evidence provided in accordance with Article 3 which may affect the accuracy of that information or evidence.
Article 16
Withdrawal of the authorisation as a payment institution
1. Competent authorities of the home Member State may withdraw an authorisation issued to a payment institution only where:
(a) the payment institution has not made use of its authorisation within 12 months after it has obtained that authorisation, or has not provided any of the services for which it has been authorised for more than six successive months;
(b) the payment institution has explicitly renounced that authorisation;
(c) the payment institution no longer meets the conditions for granting the authorisation or fails to inform the competent authority on major developments in this respect;
(d) the payment institution has obtained the authorisation based on false statements or any other irregular means;
(e) the payment institution has breached its obligations in terms of money laundering or terrorist financing prevention under Directive (EU) 2015/849;
(f) the continued provision of the payment services or electronic money services by the payment institution would threaten the stability of, or the trust in, the payment system;
(g) the payment institution falls within one of the cases where national law provides for such withdrawal.
2. The competent authority shall give reasons for any withdrawal of an authorisation and shall inform those concerned accordingly.
3. The competent authority shall make public the withdrawal of an authorisation, including in the registers or lists referred to in Articles 17 and 18.
Article 17
Register of payment institutions in the home Member State
1. Member States shall operate and maintain a public electronic register of payment institutions, including entities registered in accordance with Articles 34, 36, 38, and of their agents or distributors. Member States shall ensure this register contains all of the following information:
(a) payment institutions authorised in accordance with Article 13 and their agents and their agents or distributors, if any;
(b) natural and legal persons registered in accordance with Articles 34(2), 36(1) or 38(1) and their agents or distributors, if any;
(c) the institutions referred to in Article 1(2) that are entitled under national law to provide payment or electronic money services.
Branches of payment institutions shall be entered in the register of the home Member State if those branches provide services in a Member State other than their home Member State.
2. The public register referred to in paragraph 1 shall:
(a) identify the payment and electronic money services and the respective brands for which the payment institution has been authorised, or for which the natural or legal person has been registered;
(b) include the agents or distributors, as applicable, through which the payment institution provides payment or electronic money services, except electronic money issuance, and specify the services these agents or distributors carry out on behalf of the payment institution;
(c) include the other Member States where the payment institution is active and indicate the date when these passported activities started.
3. Member States shall ensure that payment institutions are listed in the register referred to in paragraph 1 separately from natural and legal persons registered in accordance with Articles 34, 36 or 38, and that that register is publicly available for consultation, accessible online, and updated without delay.
4. Competent authorities shall enter in the public register dates of authorisation or registration, any withdrawal of authorisation, suspension of authorisation, and any withdrawal of a registration pursuant to Articles 34, 36 or 38.
5. Competent authorities shall notify the EBA without any undue delay of the reasons for the withdrawal of the authorisation or registration, suspension of authorisation or registration, or of any exemptions pursuant to Article 34, 36 or 38.
Article 18
EBA register
1. The EBA shall operate and maintain an electronic central register of payment institutions, including entities registered in accordance with Articles 34, 36 and 38, and their agents or distributors, and branches where applicable. That electronic central register shall contain the information as notified by the competent authorities in accordance with paragraph 3. The EBA shall be responsible for the accurate presentation of that information.
2. The EBA shall make the electronic central register publicly available on its website, and shall allow for easy access to and easy search for the information listed, free of charge.
3. Competent authorities shall provide the EBA with the information entered in their national public registers in accordance with Article 17 at the latest within one business day after they entered that information in the national public registers.
4. Competent authorities shall be responsible for the accuracy of the information contained in their national registers and provided to the EBA, and for keeping that information up to date. Companies listed in the Register shall be given means to correct any inaccuracies concerning themselves.
5. The EBA shall develop draft regulatory technical standards on the operation and maintenance of the electronic central register referred to in paragraph 1 and on access to the information contained therein to ensure that only the competent authority concerned or the EBA may modify the information contained in the register.
The EBA shall submit those draft regulatory technical standards to the Commission by [ OP please insert the date= 18 months after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the regulatory technical standards in accordance with Article 10 to 14 of Regulation (EU) No 1093/2010.
6. The EBA shall develop draft implementing technical standards on the details and structure of the information to be notified pursuant to paragraph 1, including the data standards and formats for the information, as set out in Commission Implementing Regulation (EU) 2019/41058.
The EBA shall submit those draft implementing technical standards to the Commission by [ OP please insert the date= 18 months after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 15 of Regulation (EU) No 1093/2010.
7. The EBA shall develop, operate and maintain a central, machine-readable list of the payment service providers offering the payment services listed in Annex I, points 6 and 7, based on the most recent information contained in the EBA register referred to in paragraph 1 and on the EBA Credit Institution Register created pursuant to Article 8(2), point (j) of Regulation (EU) No 1093/2010. That list shall contain the name and identifier of those payment services providers and their authorisation status.
Section 2
Use of agents, distributors, branches and outsourcing
Article 19
Use of agents
1. Payment institutions that intend to provide payment services through agents shall communicate to the competent authorities in their home Member State all of the following information:
(a) the name and address of the agent;
(b) an up-to-date description of the internal control mechanisms that the agent will use to comply with Directive (EU) 2015/849;
(c) the identity of directors and the other persons responsible for the management of the agent and, where the agent is not a payment service provider, evidence that those persons are fit and proper for their tasks;
(d) the payment services provided by the payment institution for which the agent is mandated;
(e) where applicable, the unique identification code or number of the agent.
2. Member States shall ensure that the competent authorities of the home Member State communicate to the payment institution within 2 months of receipt of the information referred to in paragraph 1 whether the agent has been entered in the register referred to in Article 17. Upon entry in the register, the agent may commence providing payment services.
3. Before listing the agent in the register referred to in Article 17, the competent authorities shall, where they consider that the information referred to in paragraph 1 is incorrect, take further action to verify the information.
4. Where, after having verified the information referred to in paragraph 1, the competent authorities are not satisfied that that information is correct, they shall refuse to list the agent in the register referred to in Article 17 and shall inform the payment institution thereof without undue delay.
5. Member States shall ensure that payment institutions that wish to provide payment services in another Member State by engaging an agent, or that intend to provide payment services in a Member State other than its home Member State via an agent located in a third Member State, follow the procedures set out in Article 30.
6. Member States shall ensure that payment institutions inform their payment service users of the fact that an agent is acting on their behalf.
7. Member States shall ensure that payment institutions communicate to the competent authorities of their home Member State any change regarding the use of agents, including about additional agents, without undue delay and in accordance with the procedure provided for in paragraphs 2, 3 and 4.
Article 20
Distributors of electronic money services
1. Member States shall allow payment institutions that provide electronic money services to distribute and redeem electronic money through distributors.
2. Member States shall ensure that payment institutions that intend to provide electronic money services through a distributor apply the requirements laid down in Article 19 mutatis mutandis.
3. Where the payment institution intends to distribute electronic money services in another Member State by engaging a distributor, Articles 30 to 33, with exception of Article 31(4) and (5) of this Directive, including the delegated acts adopted in accordance with Article 30(5) of this Directive, shall apply mutatis mutandis to such payment institution.
Article 21
Branches
1. Member States shall require from payment institutions that intend to provide payment services in another Member State by establishing a branch, or that intends to provide payment services in a Member State other than their home Member State via a branch located in a third Member State, follow the procedures set out in Article 30.
2. Member States shall ensure that payment institutions require the branches that act on their behalf to inform payment service users of this fact.
Article 22
Entities to which activities are outsourced
1. Member States shall ensure that payment institutions that intend to outsource operational functions of payment or electronic money services inform the competent authorities of their home Member State thereof.
Member States shall ensure that payment institutions do not outsource important operational functions, including ICT systems, in such way that the quality of the payment institution’s internal control and the ability of the competent authorities to monitor and retrace the payment institution’s compliance with all of the obligations laid down in this Directive is materially impaired.
An operational function shall be important where a defect or failure in its performance would materially impair the continuing compliance of a payment institution with the requirements of its authorisation, its other obligations under this Directive, its financial performance, or the soundness or the continuity of its payment or electronic money services.
Member States shall ensure that when payment institutions outsource important operational functions, they shall meet all of the following conditions:
(a) the outsourcing does not result in the delegation by senior management of its responsibility;
(b) the relationship and obligations of the payment institution towards its payment service users under this Directive is not altered;
(c) the conditions with which the payment institution is to comply to be authorised and remain so is not undermined;
(d) none of the other conditions subject to which the payment institution’s authorisation was granted is removed or modified.
2. Member States shall ensure that payment institutions communicate without undue delay to the competent authorities of their home Member State any change regarding the use of entities to which activities are outsourced.
Article 23
Liability
1. Member States shall ensure that payment institutions that rely on third parties for the performance of operational functions take reasonable steps to ensure that the requirements of this Directive are complied with.
2. Member States shall require that payment institutions remain fully liable for any acts of their employees, or any agent, distributor, branch or entity to which activities are outsourced.
S e c t i o n 3
Competent authorities and supervision
Article 24
Designation of competent authorities
1. Member States shall designate as the competent authorities responsible for the authorisation and prudential supervision of payment institutions which are to carry out the duties provided for under this Title either public authorities, or bodies recognised by national law or by public authorities expressly empowered for that purpose by national law, including national central banks. Member States shall not designate payment institutions, credit institutions, or post office giro institutions as competent authorities.
The competent authorities shall be independent from economic bodies and avoid conflicts of interest.
Member States shall provide the Commission with the name and the contact details of the competent authority designated in accordance with the first subparagraph.
2. Member States shall ensure that the competent authorities designated under paragraph 1 possess all powers necessary for the performance of their duties.
Member States shall ensure that competent authorities have the necessary resources, notably in terms of dedicated staff, to exercise their tasks.
3. Member States that have appointed more than one competent authority for matters covered by this Title, or that have appointed as competent authorities competent authorities that are responsible for the supervision of credit institutions, shall ensure that those authorities cooperate closely to discharge their respective duties effectively.
4. The tasks of the competent authorities designated under paragraph 1 shall be the responsibility of the competent authorities of the home Member State.
5. Paragraph 1 shall not imply that the competent authorities are required to supervise business activities of the payment institutions other than the provision of payment services and the activities referred to in Article 10(1), point (a).
Article 25
Supervision
1. Member States shall ensure that the controls exercised by the competent authorities for checking continued compliance with this Title are proportionate, adequate and responsive to the risks to which payment institutions are exposed.
To check compliance with this Title, the competent authorities shall, in particular, be entitled to take the following steps:
(a) require the payment institution to provide any information needed to monitor compliance specifying the purpose of the request, as appropriate, and the time limit by which the information is to be provided;
(b) carry out on-site inspections at the business premises of the payment institution, of any agent, distributor or branch providing payment services or electronic money services under the responsibility of the payment institution, or at the business premises of any entity to which activities are outsourced;
(c) issue recommendations, guidelines and, if applicable, binding administrative provisions;
(d) to suspend or to withdraw an authorisation pursuant to Article 16.
2. Without prejudice to Article 16 and any national provisions of criminal law, Member States shall provide that their competent authorities may impose penalties or measures aimed specifically at ending observed infringements, and removing the causes of such infringements, upon payment institutions or those who effectively control the business of payment institutions which breach the provisions transposing this Directive.
3. Notwithstanding the requirements of Article 5, Article 6(1) and (2), Article 7, and Article 8, Member States shall ensure that the competent authorities can take the steps referred to in paragraph 1 of this Article to ensure sufficient capital for payment institutions, in particular where activities other than payment services or electronic money services impair or are likely to impair the financial soundness of the latter.
Article 26
Professional secrecy
1. Without prejudice to cases covered by national criminal law, Member States shall ensure that all persons who work or who have worked for the competent authorities, and any experts acting on behalf of the competent authorities, are bound by the obligation of professional secrecy.
2. The information exchanged in accordance with Article 28 shall be subject to the obligation of professional secrecy by both the sharing and recipient authority to ensure the protection of individual and business rights.
3. Member States may apply this Article taking into account, mutatis mutandis, Articles 53 to 61 of Directive 2013/36/EU.
Article 27
Right to apply to the courts
1. Member States shall ensure that decisions taken by the competent authorities in respect of a payment institution pursuant to the laws, regulations and administrative provisions adopted in accordance with this Directive may be contested before the courts.
2. Paragraph 1 shall apply also in respect of a failure to act.
Article 28
Cooperation and exchange of information
1. The competent authorities of the different Member States shall cooperate with each other and, where appropriate, with the ECB and the national central banks of the Member States, the EBA and other relevant competent authorities designated under Union or national law applicable to payment service providers.
2. Member States shall allow for the exchange of information between their competent authorities and:
(a) the competent authorities of other Member States responsible for the authorisation of applicant payment institutions and the supervision of payment institutions;
(b) the ECB and the national central banks of Member States, in their capacity as monetary and oversight authorities, and, where appropriate, other public authorities responsible for overseeing payment and settlement systems;
(c) other relevant authorities designated under this Directive, and other Union law applicable to payment service providers, including Directive (EU) 2015/849;
(d) the EBA, in its capacity of contributing to the effective and consistent functioning of supervising mechanisms as referred to in Article 1(5), point (a), of Regulation (EU) No 1093/2010.
Article 29
Settlement of disagreements between competent authorities of different Member States
1. A competent authority of a Member State that considers that, in a particular matter, cross-border cooperation with competent authorities of another Member State as referred to in Articles 28, 30, 31, 32 or 33 does not comply with the conditions set out in those provisions may refer the matter to the EBA and request its assistance in accordance with Article 19 of Regulation (EU) No 1093/2010.
2. Where the EBA has been requested to assist pursuant to paragraph 1, it shall take a decision under Article 19(3) of Regulation (EU) No 1093/2010 without undue delay. The EBA may also assist the competent authorities in reaching an agreement on its own initiative in accordance with Article 19(1), second subparagraph, of that Regulation. In either case, the competent authorities involved shall defer their decisions pending resolution under Article 19 of that Regulation.
Article 30
Application to exercise the right of establishment and freedom to provide services
1. Member States shall ensure that any payment institution wishing to provide payment or electronic money services for the first time in a Member State other than its home Member State, including via an establishment in a third Member State, in the exercise of the right of establishment or the freedom to provide services, shall communicates the following information to the competent authorities in its home Member State:
(a) the name, the address and, where applicable, the authorisation number of the payment institution;
(b) the Member State(s) in which the payment institution intends to operate and planned date of commencement of operations in this Member State;
(c) the payment or electronic money service(s) that the payment institution intends to provide;
(d) where the payment institution intends to make use of an agent or distributor, the information referred to in Articles 19(1) and 20(2);
(e) where the payment institution intends to make use of a branch:
(i) the information referred to in Article 3(3), points (b) and (e), with regard to the payment or electronic money service business in the host Member State;
(ii) a description of the organisational structure of the branch;
(iii) the identity of those responsible for the management of the branch.
Member States shall ensure that payment institutions that intend to outsource operational functions of the payment or electronic money services to other entities in the host Member State, inform the competent authorities of their home Member State thereof.
2. Within 1 month of receipt of all of the information referred to in paragraph 1, the competent authorities of the home Member State shall send that information to the competent authorities of the host Member State. Where the services are provided via a third Member State, the Member State to be notified shall be the one where the services are provided to payment service users.
Within 1 month of receipt of the information from the competent authorities of the home Member State, the competent authorities of the host Member State shall assess that information and provide the competent authorities of the home Member State with relevant information about the intended provision of payment or electronic money services by the relevant payment institution in the exercise of the freedom of establishment or the freedom to provide services. The competent authorities of the host Member State shall inform the competent authorities of the home Member State of any grounds for concern in connection with the intended engagement of an agent, distributor or establishment of a branch with regard to money laundering or terrorist financing within the meaning of Directive (EU) 2015/849. Before doing so, the competent authority of the host Member State shall liaise with the relevant competent authorities as referred to in Article 7(2) of Directive (EU) 2015/849 to establish whether such grounds exist.
Competent authorities of the home Member State that do not agree with the assessment of the competent authorities of the host Member State shall provide the competent authorities of the host Member State with the reasons for their disagreement.
Where the assessment of the competent authorities of the home Member State, in light of the information received from the competent authorities of the host Member State is not favourable, the competent authority of the home Member State shall refuse to register the agent, branch or distributor, or shall withdraw the registration if already made.
3. Within 3 months of receipt of the information referred to in paragraph 1, the competent authorities of the home Member State shall communicate their decision to the competent authorities of the host Member State and to the payment institution.
Upon entry in the register referred to in Article 17, the agent, distributor or branch may commence its activities in the relevant host Member State.
Member States shall ensure that the payment institution notifies to the competent authorities of the home Member State the start date of the activities conducted on the payment institution’s behalf through the agent, distributor or branch in the host Member State concerned. The competent authorities of the home Member State shall inform the competent authorities of the host Member State thereof.
4. Member States shall ensure that the payment institution communicates to the competent authorities of the home Member State any relevant change regarding the information communicated in accordance with paragraph 1 without undue delay, including additional agents, distributors, branches or entities to which activities are outsourced in the host Member States in which the payment institution operates. The procedure provided for under paragraphs 2 and 3 shall apply.
5. The EBA shall develop draft regulatory technical standards specifying the framework for cooperation, and for the exchange of information, between competent authorities of the home and of the host Member State in accordance with this Article. Those draft regulatory technical standards shall specify the method, means and details of cooperation in the notification of payment institutions operating on a cross-border basis and, in particular, the scope and treatment of information to be submitted, including common terminology and standard notification templates to ensure a consistent and efficient notification process.
The EBA shall submit those draft regulatory technical standards to the Commission by [ OP please insert the date= 18 months after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the regulatory technical standards in accordance with Article 10 to 14 of Regulation (EU) No 1093/2010.
Article 31
Supervision of payment institutions exercising the right of establishment and freedom to provide services
1. When carrying out the controls and take the necessary steps provided for in this Title in respect of the agent, distributor or branch of a payment institution located in the territory of another Member State, the competent authorities of the home Member State shall cooperate with the competent authorities of the host Member State, including by informing the competent authorities of the host Member State of where they intend to carry out an on-site inspection in the territory of that host Member State.
The competent authorities of the home Member State may delegate to the competent authorities of the host Member State the task of carrying out on-site inspections of the payment institution concerned.
2. The competent authorities of the host Member States may require that payment institutions having agents, distributors or branches within their territories report to them periodically about the activities carried out in their territories.
Such reports shall be required for information or statistical purposes and, as far as the agents, distributors or branches provide payment services or electronic money services, to monitor compliance with Titles II and III of Regulation XXX [PSR]. Such agents, distributors or branches shall be subject to professional secrecy requirements that are at least equivalent to those referred to in Article 26.
The competent authorities of the host Member State may request ad hoc information from payment institutions where those authorities have evidence of non-compliance with this Title or with Titles II and III of Regulation XXX [PSR].
3. The competent authorities of the home and host Member States shall provide each other with all essential or relevant information, in particular in the case of infringements or suspected infringements by an agent, a distributor or a branch, and where such infringements occurred in the context of the exercise of the freedom to provide services. Competent authorities shall communicate, upon request, all relevant information and, on their own initiative, all essential information, including on the compliance of the payment institution with the conditions laid down in Article 13(3).
4. Member States may require payment institutions operating on their territory through agents, the head office of which is situated in another Member State, to appoint a central contact point in their territory to ensure adequate communication and information reporting in compliance with Titles II and III of Regulation XXX [PSR], and to facilitate supervision by competent authorities of home Member State and host Member States, including by providing competent authorities with documents and information on request.
5. The EBA shall develop draft regulatory technical standards to specify the criteria to be applied when determining, in accordance with the principle of proportionality, the circumstances under which the appointment of a central contact point referred to in paragraph 4 is appropriate, and the functions of those contact points.
Those draft regulatory technical standards shall, in particular, take account of:
(a) the total volume and value of transactions carried out by the payment institution in host Member States;
(b) the type of payment services provided;
(c) the total number of agents established in the host Member State.
The EBA shall submit those draft regulatory technical standards to the Commission by [ OP please insert the date= 18 months after the date of entry into force of this Directive].
Power is delegated to the Commission to adopt the regulatory technical standards in accordance with Article 10 to 14 of Regulation (EU) No 1093/2010.
Article 32
Measures in case of non-compliance, including precautionary measures
1. Where a competent authority of a host Member State considers that a payment institution having agents, distributors or branches in its territory does not comply with this Title or with Titles II and III of Regulation XXX [PSR], that competent authority shall inform the competent authority of the home Member State thereof without undue delay.
The competent authority of the home Member State, after having evaluated the information received pursuant to the first subparagraph, shall, without undue delay, take all appropriate measures to ensure that the payment institution concerned puts an end to its failure of compliance. The competent authority of the home Member State shall communicate those measures to the competent authority of the host Member State and to the competent authorities of any other Member State concerned without delay.
2. In emergency situations, where immediate action is necessary to address a serious threat to the collective interests of the payment service users in the host Member State, the competent authorities of the host Member State may, in parallel to the cross-border cooperation between competent authorities and pending measures by the competent authorities of the home Member State as set out in Article 31, take precautionary measures.
3. Any precautionary measures as referred to in paragraph 2 shall be appropriate and proportionate to their purpose to protect against a serious threat to the collective interests of the payment service users in the host Member State. Those measures shall not result in a preference for payment service users of the payment institution in the host Member State over payment service users of the payment institution in other Member States.
Precautionary measures shall be temporary and shall be terminated when the serious threats identified have been addressed, including with the assistance of or in cooperation with the home Member State’s competent authorities or with the EBA as provided for in Article 29(1).
4. Where compatible with the emergency situation, the competent authorities of the host Member State shall inform the competent authorities of the home Member State and those of any other Member State concerned, the Commission and the EBA of the precautionary measures taken under paragraph 2 and of their justification in advance and in any case without undue delay.
Article 33
Reasons and communication
1. Any measure taken by the competent authorities pursuant to Article 25, 30, 31 or 32 involving penalties or restrictions on the exercise of the freedom to provide services or the freedom of establishment shall be properly justified and communicated to the payment institution concerned.
2. Articles 30, 29 and 32 shall be without prejudice to the obligation of competent authorities under Directive (EU) 2015/849 and Regulation (EU) 2015/847, in particular under Article 47(1) of Directive (EU) 2015/849 and Article 22(1) of Regulation (EU) 2015/847, to supervise or monitor the compliance with the requirements laid down in those instruments.
CHAPTER II
Exemptions and notifications
Article 34
Optional exemptions
1. Member States may exempt, or allow their competent authorities to exempt, natural or legal persons providing payment services as referred to in Annex I, points 1 to 5, or providing electronic money services from the application of all or part of the procedures and conditions set out in Chapter I, Sections 1, 2 and 3, with the exception of Articles 17, 18, 24, 26, 27 and 28, where:
(a) in the case of payment services, the monthly average of the preceding 12 months’ total value of payment transactions executed by the person concerned, including any agent for which the person concerned assumes full responsibility, does not exceed a limit set by the Member State but that, in any event, amounts to no more than EUR 3 million; or
(b) in the case of electronic money services, the total business activities generate an average amount of outstanding electronic money that does not exceed a limit set by the Member State but that, in any event, does not exceed EUR 5 million; and
(c) in the case of payment services and electronic money services, none of the natural persons responsible for the management or operation of the business has been convicted of offences relating to money laundering or terrorist financing or other financial crimes.
For the purposes of the subparagraph, point (a), the assessment of whether the limit has been exceeded shall be based on the projected total amount of payment transactions in its business plan, unless the competent authorities have required an adjustment to that plan.
Where a payment institution providing electronic money services also offers any payment service or any of the activities referred to in Article 10, and the amount of outstanding electronic money is unknown in advance, the competent authorities shall allow that payment institution to apply the first subparagraph point (b), on the basis of a representative portion assumed to be used for the electronic money services, provided that such a representative portion can be reasonably estimated on the basis of historical data and to the satisfaction of the competent authorities. Where a payment institution has not completed a sufficiently long period of business, that requirement shall be assessed on the basis of projected outstanding electronic money evidenced by its business plan subject to any adjustment to that plan required by the competent authorities.
Member States may also provide for the granting of the optional exemptions to be subject to an additional requirement of a maximum storage amount on the payment instrument or payment account of the consumer where the electronic money is stored.
A natural or legal person benefitting from an exemption under paragraph 1, first subparagraph, point (b), may provide payment services not related to electronic money services only in accordance with paragraph 1, first subparagraph, point (a).
2. Member States shall require any natural or legal person exempted from the application of the procedures and conditions referred to in paragraph 1 to register with the competent authority of the home Member State. Member States shall determine the documentation which shall accompany such request for registration, from the elements listed in Article 3(3) points (a) to (s).
3. Member States shall require any natural or legal person registered in accordance with paragraph 2 to have its head office or place of residence in the Member State in which it actually carries out its business.
4. The persons exempted from the application of the procedures and conditions referred to in paragraph 1 shall be treated as payment institutions. Article 13(6) and Articles 30, 31 and 32 shall not apply to those persons.
5. Member States may provide that any natural or legal person registered in accordance with paragraph 2 may engage only in certain activities listed in Article 10.
6. The persons exempted from the application of the procedures and conditions referred to in paragraph 1 shall notify the competent authorities of any change in their situation which is relevant to the conditions specified in that paragraph, and at least annually, on the date specified by the competent authorities, report on the following:
(a) the average of the preceding 12 months’ total value of payment transactions where they provide payment services;
(b) the average outstanding electronic money where they provide electronic money services.
7. Member States shall take the necessary steps to ensure that where the conditions set out in paragraphs 1, 3 or 5 of this Article are no longer met, the persons concerned shall seek authorisation within 30 calendar days in accordance with Article 13. Member States shall ensure that their competent authorities are sufficiently empowered to verify continued compliance with this Article.
8. Paragraphs 1 to 6 of this Article shall be without prejudice to Directive (EU) 2015/849 or of national laws on anti-money laundering or terrorist financing.
Article 35
Notification and information
A Member State that decides to grant an exemption as referred to in Article 34 shall inform the Commission of all of the following:
(a) its decision to grant such an exemption;
(b) any subsequent change to this exemption;
(c) the number of natural and legal persons concerned;
(d) on an annual basis, the total value of payment transactions executed as of 31 December of each calendar year, as referred to in Article 34(1), point (a), and of the total amount of outstanding electronic money issued, as referred to in Article 34(1), point (b).
Article 36
Account information service providers
1. Natural or legal persons providing only the payment service referred to in Annex I, point (7), shall not be subject to authorisation but shall register with the competent authority of the home Member State before taking up activity.
2. Such registration request shall be accompanied by the information and documentation referred to in Article 3(3), points (a), (b), (e) to (h), (j), (l), (n), (p) and (q).
For the purposes of the documentation referred to in Article 3(3), points (e), (f) and (l), the natural or legal person registering shall provide a description of its audit arrangements and of the organisational arrangements it has set up with a view to taking all reasonable steps to protect the interests of its users and to ensure continuity and reliability in the performance of the payment service as referred to in Annex I, point (7).
3. The security control and mitigation measures referred to in Article 3(3), point (j), shall indicate how the natural or legal person registering will ensure a high level of digital operational resilience in accordance with Chapter II of Regulation (EU) 2022/2554, in particular in relation to technical security and data protection, including for the software and ICT systems used by the natural or legal person registering or the undertakings to which it outsources the whole or part of its operations.
4. Member States shall require persons as referred to in paragraph 1, as a condition of their registration, to hold a professional indemnity insurance covering the territories in which they offer services, or some other comparable guarantee, and that they ensure that:
(a) they can cover their liability vis-à-vis the account servicing payment service provider or the payment service user resulting from non-authorised or fraudulent access to or non-authorised or fraudulent use of payment account information service;
(b) they can cover the value of any excess, threshold or deductible from the insurance or comparable guarantee;
(c) they monitor the coverage of the insurance or comparable guarantee on an ongoing basis.
5. Sections 1 and 2 of Chapter I shall not apply to the persons providing the services referred to in paragraph 1 of this Article. Section 3 of Chapter I shall apply to the persons providing the services referred to in paragraph 1 of this Article, with the exception of Article 25(3).
As an alternative to holding a professional indemnity insurance as required in paragraphs 3 and 4, the undertakings as referred to in paragraph 1 shall hold an initial capital of EUR 50 000, which can be replaced by a professional indemnity insurance after those undertakings have commenced their activity as a payment institution, without undue delay.
6. The persons referred to in paragraph 1 of this Article shall be treated as payment institutions.
Article 37
Services where cash is provided in retail stores without a purchase
1. Member States shall exempt from the application of this Directive natural or legal persons providing cash in retail stores independently of any purchase provided the following conditions are met:
(a) the service is offered at its premises by a natural or legal person selling goods or services as a regular occupation;
(b) the amount of cash provided does not exceed EUR 50 per withdrawal.
2. This Article shall be without prejudice to Directive (EU) 2015/849 or any other relevant Union or national anti-money-laundering/terrorist financing laws.
Article 38
Services enabling cash withdrawals offered by ATM deployers not servicing payment accounts
1. Natural or legal persons providing cash withdrawal services as referred to Annex I, point 1, and who do not service payment accounts and do not provide other payment services referred to in Annex I, shall not be subject to authorisation but shall register with a competent authority of the home Member State before taking up activity.
2. The registration referred to in paragraph 1 shall be accompanied by the information and documentation referred to in Article 3(3), points (a), (b), (e) to (h), (j), (l), (n), (p) and (q).
For the purposes of the documentation referred to in Article 3(3), points (e) (f) and (l), the natural or legal person registering shall provide a description of its audit arrangements and of the organisational arrangements it has set up to taking all reasonable steps to protect the interests of its users and to ensure continuity and reliability in the performance of the payment service as referred to in point (1) of Annex I.
The security control and mitigation measures referred to in Article 3(3), point (j), shall indicate how the natural or legal person registering will ensure a high level of digital operational resilience in accordance with Chapter II of Regulation (EU) 2022/2554, in particular in relation to technical security and data protection, including for the software and ICT systems used by the natural or legal person registering or the undertakings to which it outsources the whole or part of its operations.
3. Sections 1 and 2 of Chapter 1 shall not apply to the persons providing the services referred to in paragraph 1 of this Article. Section 3 of Chapter 1 shall apply to the persons providing the services referred to in paragraph 1 of this Article, with the exception of Article 25(3).
4. The persons providing the services referred to in paragraph 1 of this Article shall be treated as payment institutions.
Article 39
Duty of notification
1. Member States shall require service providers that carry out either of the activities referred to in Article 2(1), points (j), (i) and (ii), of Regulation XXX [PSR] or carrying out both activities, for which the total value of payment transactions executed over the preceding 12 months exceeds EUR 1 million, to inform the competent authorities about the services offered, specifying under which exclusion as referred to Article 2(1), points (j), (i) and (ii), of Regulation XXX [PSR] the activity is considered to be carried out.
On the basis of that notification, the competent authority shall take a duly motivated decision on the basis of criteria referred to in Article 2(1), point (j), of Regulation XXX [PSR] where the activity does not qualify as a limited network, and inform the service provider thereof.
2. Member States shall require service providers that carry out an activity as referred to in Article 2(1), point (j), of Regulation XXX [PSR] to send a notification to competent authorities and provide competent authorities an annual audit opinion, testifying that the activity complies with the limits set out Article 2(1), point (j), of Regulation XXX [PSR].
3. Member States shall ensure that competent authorities shall inform the EBA of the services notified pursuant to paragraph 1, stating under which exclusion the activity is carried out.
4. The description of the activity notified under paragraphs 2 and 3 shall be made publicly available in the registers referred to in Articles 17 and 18.
TITLE III
DELEGATED ACTS AND REGULATORY TECHNICAL STANDARDS
Article 40
Delegated acts
The Commission shall be empowered to adopt delegated acts in accordance with Article 41 to update the amounts referred to in Article 5, Article 34(1), and Article 37 to take account of inflation.
Article 41
Exercise of the delegation
1. The power to adopt delegated acts is conferred on the Commission subject to the conditions laid down in this Article.
2. The power to adopt delegated acts referred to in Article 40 shall be conferred on the Commission for an undetermined period of time from the date of entry into force of this Directive.
3. The delegation of power referred to in Article 40 may be revoked at any time by the European Parliament or by the Council. A decision to revoke shall put an end to the delegation of the power specified in that decision. It shall take effect on the day following the publication of the decision in the Official Journal of the European Union or on a later date specified therein. It shall not affect the validity of any delegated acts already in force.
4. As soon as it adopts a delegated act, the Commission shall notify it simultaneously to the European Parliament and to the Council.
5. A delegated act adopted pursuant to Article 40 shall enter into force only if no objection has been expressed either by the European Parliament or the Council within a period of 3 months of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by 3 months at the initiative of the European Parliament or of the Council.
TITLE IV
FINAL PROVISIONS
Article 42
Full harmonisation
1. Without prejudice to Article 6(3) and Article 34, insofar as this Directive contains harmonised provisions, Member States shall not maintain or introduce provisions other than those laid down in this Directive.
2. A Member State that uses any of the options referred to in Article 6(3) or Article 34, shall inform the Commission thereof and of any subsequent changes. The Commission shall make the information public on a website or other easily accessible means.
3. Member States shall ensure that payment service providers do not derogate, to the detriment of payment service users, from the provisions of national law transposing this Directive except where explicitly provided for therein. However, payment service providers may decide to grant more favourable terms to payment service users.
Article 43
Review clause
1. The Commission shall, by [ OP please insert the date = 5 years after entry into force of this Directive], submit to the European Parliament, the Council, the ECB and the European Economic and Social Committee, a report on the application and impact of this Directive, and in particular on:
(a) the appropriateness of the scope of this Directive, in particular regarding the possibility of extending it to certain services, including the operation of payment systems and the provision of technical services including processing or the operating of digital wallets, which are not covered in the scope;
(b) the impact of the revision of Directive 2014/49/EU on the safeguarding of customer funds by payment institutions.
Where appropriate, the Commission shall submit a legislative proposal together with its report.
2. The Commission shall, by [ OP please insert the date= three years after the date of application of the PSR] submit to the European Parliament, the Council, the ECB and the European Economic and Social Committee, a report on the scope of this Directive, with regard in particular to payment systems, payment schemes and technical service providers. Where appropriate, the Commission shall submit a legislative proposal together with that report.
Article 44
Transitional provisions
1. Member States shall allow payment institutions that have been authorised pursuant to Article 11 of Directive (EU) 2015/2366 by [OP please insert the date = 18 months after the date of entry into force of this Directive] to continue to provide and execute the payment services for which they have been authorised, without having to having to seek authorisation in accordance with Article 3 of this Directive or to comply with the other provisions laid down or referred to in Title II of this Directive until [OP please insert the date = 24 months after the date of entry into force of this Directive].
Member States shall require such payment institutions as referred to in the first subparagraph to submit to the competent authorities all information that enables those competent authorities to assess, by [OP please insert the date = 24 months after the date of entry into force of this Directive], either of the following:
(a) whether those payment institutions comply with Title II and, where not, which measures need to be taken to ensure compliance;
(b) whether the authorisation should be withdrawn.
Payment institutions as referred to in the first subparagraph which upon verification by the competent authorities comply with Title II shall be authorised as payment institutions pursuant to Article 13 of this Directive and shall be entered in the registers referred to in Articles 17 and 18. Where those payment institutions do not comply with the requirements laid down in Title II by [OP please insert the date = 24 months after the date of entry into force of this Directive], they shall be prohibited from providing payment services.
2. Member States may provide for payment institutions as referred to in paragraph 1 to be authorised automatically and be entered in the register referred to in Articles 17 if the competent authorities have evidence that those payment institutions already comply with Articles 3 and 13. The competent authorities shall inform the payment institutions concerned of such automatic authorisation before the authorisation is granted.
3. Member States shall allow natural or legal persons who benefited from an exemption pursuant to Article 32 of Directive (EU) 2015/2366 by [OP please insert the date = 18 months after the date of entry into force of this Directive], and provided payment services as referred to in Annex I to that Directive, to do any of the following:
(a) to continue to provide those services within the Member State concerned until [OP please insert the date = 24 months after the date of entry into force of this Directive];
(b) to obtain an exemption pursuant to Article 34 of this Directive or,
(c) to comply with the other provisions laid down or referred to in Title II of this Directive.
Any person as referred to in the first subparagraph who has not, by [OP please insert the date = 18 months after the date of entry into force of this Directive], been authorised or exempted under this Directive shall be prohibited from providing payment services.
4. Member States may grant natural and legal persons who benefited from an exemption pursuant to Article 32 of Directive (EU) 2015/2366 an exemption pursuant to Article 34 of this Directive and enter those persons in the registers referred to in Articles 17 and 18 of this Directive where the competent authorities have evidence that the requirements laid down in Article 34 of this Directive are complied with. The competent authorities shall inform the payment institutions concerned thereof.
Article 45
Transitional provision – electronic money institutions authorised under Directive 2009/110/EC
1. Member States shall allow electronic money institutions which were defined in Article 2, point 1, of Directive 2009/110/EC that have taken up, before [OP please insert the date = 18 months after the date of entry into force of this Directive], activities in accordance with national law transposing Directive 2009/110/EC as electronic money institutions in the Member State in which their head office is located in accordance with national law transposing Directive 2009/110/EC, to continue those activities in that Member State or in another Member State without having to seek authorisation in accordance with Article 3 of this Directive or to comply with the other provisions laid down or referred to in Title II of this Directive.
2. Member States shall require the electronic money institutions referred in paragraph 1 to submit to the competent authorities all information that those competent authorities need to assess, by [OP please insert the date = 24 months after the date of entry into force of this Directive], whether those electronic money institutions comply with this Directive. Where such assessment reveals that those electronic money institutions do not comply with those requirements, the competent authorities shall decide which measures need to be taken to ensure such compliance, or to withdraw the authorisation.
Electronic money institutions as referred to in the first subparagraph which upon verification by the competent authorities comply with Title II shall be authorised as payment institutions pursuant to Article 13 of this Directive, shall be entered in the registers referred to in Articles 17 and 18. Where those electronic money institutions do not comply with the requirements laid down in Title II by [OP please insert the date = 24 months after the date of entry into force of this Directive], they shall be prohibited from providing electronic money services.
3. Member States may allow electronic money institutions as referred to in paragraph 1 to be authorised automatically as payment institutions and entered in the register referred to in Article 17 where the competent authorities have evidence that the electronic money institutions concerned comply with this Directive. The competent authorities shall inform the electronic money institutions concerned thereof before such automatic authorisation is granted.
4. Member States shall allow legal persons that have taken up, before [OP please insert the date = 18 months after the date of entry into force of this Directive], activities in accordance with national law transposing Article 9 of Directive 2009/110/EC, to continue those activities within the Member State concerned in accordance with that Directive until [OP please insert the date = 24 months after the date of entry into force of this Directive], without being required to seek authorisation under Article 3 of this Directive or to comply with the other provisions laid down or referred to in Title II of this Directive. Electronic money institutions as referred to in paragraph 1 which, during that period, have been neither authorised nor exempted within the meaning of Article 34 of this Directive, shall be prohibited from providing electronic money services.
Article 46
Amendments to Directive 98/26/EC
Article 2 of Directive 98/26/EC is amended as follows:
(1) point (b) is replaced by the following:
‘(b) ‘institution’ shall mean any of the following:
— a credit institution as defined in Article 4(1), point (1), of Regulation (EU) No 575/2013 of the European Parliament and of the Council* ;
— an investment firm as defined in Article 4(1), point (1), of Directive 2014/65/EU of the European Parliament and of the Council**), excluding the institutions set out in Article 2(1) thereof ,
— public authorities and publicly guaranteed undertakings,
— any undertaking whose head office is outside the Union and whose functions correspond to those of the Union credit institutions or investment firms [as defined in the first and second indent] ,
which participates in a system and which is responsible for discharging the financial obligations arising from transfer orders within that system ;
— a payment institution as defined in Article 2, point (4), of Directive XXX [PSD3], with the exception of payment institutions benefitting from an exemption pursuant to Articles 34, 36 and 38 of that Directive,
which participates in a system whose business consists of the execution of transfer orders as defined in point (i), first indent, and which is responsible for discharging the financial obligations arising from such transfer orders within that system.
If a system is supervised in accordance with national legislation and only executes transfer orders as defined in point (i), second indent, as well as payments resulting from such orders, a Member State may decide that undertakings which participate in such a system and which have responsibility for discharging the financial obligations arising from transfer orders within this system, can be considered institutions, provided that at least three participants of that system are covered by the categories referred to in the first subparagraph and that such a decision is warranted on grounds of systemic risk; ’;
(2) point (f) is replaced by the following:
‘(f) “participant” shall mean an institution, a central counterparty, a settlement agent, a clearing house, a payment system operator or a clearing member of a CCP authorised pursuant to Article 17 of Regulation (EU) No 648/2012.
According to the rules of the system, the same participant may act as a central counterparty, a settlement agent or a clearing house or carry out part or all of those tasks.
A Member State may, for the purposes of this Directive, consider an indirect participant to be a participant where that is justified on the grounds of systemic risk, which shall, however, not limit the responsibility of the participant through which the indirect participant passes transfer orders to the system;’.
Article 47
Amendment to Directive (EU) 2020/1828
In Annex I to Directive (EU) 2020/1828, the following point is added:
‘(68) Regulation (EU) 20../…. of the European Parliament and of the Council on a framework for Financial Data Access and amending Regulations (EU) No 1093/2010, (EU) No 1094/2010, (EU) No 1095/2010 and (EU) 2022/2554 (OJ L[…], [……….], [p. ..]).’
Article 48
Repeal
Directive (EU) 2015/2366 is repealed with effect from [ OP please insert the date= 18 months after entry into force of this Directive].
Directive 2009/110/EC is repealed with effect from [ OP please insert the date= 18 months after entry into force of this Directive].
All references made to Directive (EU) 2015/2366 and to Directive 2009/110/EC in legal acts that are in force at the time this Directive enters into force shall be construed as references to this Directive or Regulation XXX [PSR] and shall be read in accordance with the correlation table in Annex III to this Directive.
Article 49
Transposition
1. Member States shall adopt and publish, by [ OP please insert the date= 18 months after entry into force of this Directive] at the latest, and within [ OP please insert the date= 6 months after entry into force of this Directive] for Article 46, the laws, regulations and administrative provisions necessary to comply with this Directive. They shall forthwith communicate to the Commission the text of those provisions.
2. They shall apply those measures from [ OP please insert the date= 18 months after entry into force of this Directive] and from [ OP please insert the date= 6 months after entry into force of this Directive] for Article 46.
When Member States adopt those measures, they shall contain a reference to this Directive or be accompanied by such reference on the occasion of their official publication. Member States shall determine how such reference is to be made.
3. Member States shall communicate to the Commission the text of the main measures of national law which they adopt in the field covered by this Directive.
Article 50
Entry into force
This Directive shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
Article 51
Addresses
This Directive is addressed to the Member States.