The New Electronic Payment Services Landscape: Developments in EU Legislation

by Orrick, Herrington & Sutcliffe LLP

On July 24, 2013, the European Commission issued legislative proposals to update and complement the current EU legal framework on payment services to develop further an EU-wide single market by promoting more competition, security and innovation in the field of electronic payments. The Commission noted that this move may be worth billions in savings for the European economy in the coming years, which will result in new business opportunities for a fast growing market.

Proposed New Payment Services Directive

Directive 2007/64/EC (the so-called PSD) introduced a harmonised regulatory regime for the provision of electronic payment services across the EU. The Commission has reviewed the operation of the 2007 PSD and proposes to replace it with a new directive (PSD2, available here) to broaden its scope of application and to fill the legal vacuum for certain newly emerged Internet service providers. It also addresses the inconsistency of application of existing rules by Member States, which has contributed to the fragmentation of the retailer payment market along national lines.

Positive scope. Compared to the PSD, the scope of the PSD2 is extended to include those transactions to third countries where the sole payer’s or the sole payee’s payment services provider is established in the EU (so-called “one-leg transactions”). In addition, the transparency and information requirements provided for by the PSD will apply to payments made with all currencies; it is not limited to EU currencies only.

Negative scope.  The proposed PSD2 also has redrafted the rules that exempt certain payment services from the PSD regime to ensure e-commerce platforms, large merchant networks and telecom operators do not escape the regulatory framework. Thus, under the PSD2, the “commercial agent exemption” will apply only to commercial agents that act on behalf of either the payer/buyer or the payee/seller, but not to those that act on behalf of both (as e-commerce platforms generally do). Moreover, the “limited network exemption” has been re-defined so that it will no longer apply to large networks involving high payment volumes and ranges of products and services (e.g., large supermarket and store chains that offer payment cards to customers). Furthermore, payment transactions exceeding certain value thresholds carried out by telecom operators for their subscribers in relation to the purchase of digital ancillary products will no longer be exempt from the PSD2 regime.

Lighter regime for small payment institutions. Member States will be allowed to introduce a “light regime” that reduces the regulatory burden for a larger number of “small payment institutions” with a view to finding the right balance between facilitating business and protecting consumers.

New market entrants. Over the past few years, so-called Third Party Providers (i.e., non-banking institutions, or TPPs) have emerged offering consumers low cost e-payment solutions (e.g., so-called “account information services” and “payment initiation services”) that do not require a credit card and have direct access to the customer’s bank accounts. Such services are not currently regulated by the PSD and many barriers are preventing TTPs from offering their solutions on a large scale across the EU. Under PSD2, these barriers will be removed and TTPs will be subject to the same standards of regulation and supervision as all other payment institutions. In addition, refined and harmonised rules on non-discriminatory access to payment systems, security and interoperability will oblige all payment institutions to align technical and security standards around online payments. This will ensure a level playing field and more competition between banking and non-banking providers and among different payment services across the EU.

Safeguarding requirements. The current safeguarding and licensing requirements for payment institutions will be streamlined and harmonised further, in particular by reducing current possibilities for Member States to limit safeguarding requirements to enhance a level playing field and improve legal certainty.

Consumers’ rights. Under the PSD2, consumers’ rights and protections will be enhanced by introducing an unconditional refund right in case of unauthorised direct debits as a general binding rule in all Member States. Moreover, the PSD2 will strengthen the position of consumers in case of disputes with banks and other payment service providers by imposing upon Member States an obligation to implement adequate enforcement measures to ensure effective compliance with the regulatory framework. Such measures include the appointment of competent authorities with investigative and sanctioning powers, as well as out-of-court redress and dispute settlement procedures.

Surcharging. In line with the proposal for a regulation on interchange fees for card-based payment transactions (see below), the proposed PSD2 includes a prohibition on merchants across the EU surcharging their customers for using Multilateral Interchange Fees (MIFs)-regulated payment cards. Under the current rules, it was up to Member States to decide whether to prohibit such surcharging, and this has led to fragmentation of the Union retail payment market along national lines. The prohibition does not apply to cards that are not subject to the regulation of interchange fees, i.e., three-party card schemes and corporate cards, as long as the surcharge corresponds to the real cost incurred.

Proposed Regulation on Multilateral Interchange Fees for Card-based Payment Transactions

In parallel with the PSD2 proposal, the Commission also presented a draft regulation (here) that endorses the outcome of the Commission’s proceedings against Visa and Mastercard by capping the level of the MIFs and setting forth measures to unblock competition in the “acquiring” market (i.e., the market in which banks compete to operate card-based payments for the merchants).

Capping the MIFs. The proposed regulation caps the MIFs at 0.2 percent of the value of the transaction for debit card transactions and at 0.3 percent for credit card transactions within the EU. The capped MIFs will apply to cross-border transactions within two months from the entry into force of the regulation and will be extended also to domestic transactions within two years, but will not apply to three-party payment card schemes (such as Amex and Diner’s) or  to corporate cards (i.e., those issued for businesses or other entities as opposed to individuals).

Cross-border acquiring. At present, specific rules applied by card schemes (e.g., Visa, Mastercard) prescribe the application of the interchange fee of the country of the retailer for each payment transaction. This prevents acquiring banks from successfully offering their services on a cross-border basis and retailers from reducing their payment costs to the benefit of consumers. The proposed regulation prohibits card schemes from including any territorial restrictions within the EU in licensing agreements for issuing payment cards or acquiring payment card transactions. Notably, this measure will enable merchants to choose an acquiring bank outside their own Member State at a regulated price rather than a bank for each Member State in which they operate.

Separation between scheme and processing. The regulation establishes that an organisational separation shall be in place between the card schemes and the entities that are processing (i.e., authorising, settling and clearing) the transactions. It also prohibits territorial discrimination in processing rules whilst mandating technical interoperability of processing entities' systems within the EU. This measure will prevent card companies from forcing clients, such as banks or retailers offering payment accounts, to buy their cards together with a specific processing service; this is a practice that has contributed to the territorial fragmentation of the internal market as well as to higher processing costs.

Other pro-competitive measures. To improve competition among and between card-based payment instruments and innovative low-cost payment solutions, the proposed regulation ensures that merchants are allowed to steer their customers towards preferred means of payments by discounting or surcharging mechanisms (so-called “steering”); this is a practice that is currently prohibited by rules imposed by card schemes or by the acquiring banks. Moreover, under the new regulation, the issuer of a payment instrument (e.g., a bank) will be entitled to issue a single card or wallet hosting more brands or payments instruments (so-called “co-badging”), provided that the user is always granted the choice of which application to use for every transaction. Furthermore, acquiring banks will no longer be allowed to apply a single price to different categories and brands of payment cards, but will be obliged to charge the merchants individually for each category and brand and to provide the relevant information in advance (so-called “unblending”).


The boom of smartphones and tablets combined with that of e-commerce is pushing new actors—such as mobile network operators, app developers, phone makers, e-commerce platforms and other non-banking institutions—to develop innovative payment services that are easier and cheaper than payment cards and offer an enhanced and cost-saving experience for both customers and merchants.

To keep pace with this fast-growing market, market incumbents such as banks and traditional card schemes are exploring technical and commercial partnerships with Internet and mobile players to preserve their market shares. Such joint ventures will have to carefully follow the rules on merger control and the guidelines and case law of the Commission on cooperation agreements to avoid incurring in burdensome public investigations or private litigation for breach of competition rules.

The legislative measure outlined above will certainly facilitate the achievement of a more competitive single market for the payment services, but EU rules on competition and free movement of services may serve to achieve certain results even before the approval and entry into force of these proposals.


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Orrick, Herrington & Sutcliffe LLP | Attorney Advertising

Written by:

Orrick, Herrington & Sutcliffe LLP

Orrick, Herrington & Sutcliffe LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.