Payment Services Directive (PSD)

The Payment Services Directive (PSD) is a maximum harmonisation directive due to be implemented in all EU and EEA Member States by 1 November 2009. In the UK, it is being implemented through the Payment Services Regulations 2009 (PSRs) and is the first law to impact domestic sterling payments.

The original intention behind the Directive was to create a legal framework to facilitate the development of the Single Euro Payments Area (SEPA). However, in the process of arriving at the final text of the PSD, a number of other drivers were identified, and the final PSD has four overarching aims:

• To facilitate the development of SEPA;
• The regulation of payment institutions (i.e. those institutions providing payment services which are not banks and are not currently regulated);
• Consumer protection and increased transparency; and
• Increased competition.

The Payment Services Regulations

The Payment Services Regulations 2009 (PSRs) will come fully into force on 1 November 2009. HM Treasury has appointed the Financial Services Authority (FSA) as the competent authority responsible for the monitoring and enforcement of the PSRs. The Office of Fair Trading (OFT) will deal with the competition issues concerning access to payment systems.

Scope and definitions

The PSRs set out what payment services are within scope (and what are not) and provides definitions of key terms used throughout the Regulations.

Definitions are important as a clear and consistent understanding is required for the implementation of the conduct of business requirements. Examples of such definitions are:

• “Payment account” – determines what accounts fall within scope of the Regulations
• “Business day” – central to understanding how to interpret the provisions on execution timescales and value dating
• “Unique identifier” – the information that a customer must provide for a payment transaction to be processed

The key payment services activities that will be regulated are:

• Cash deposits and withdrawals
• Execution of payment transactions
• Credit transfers, including standing orders
• Direct debits, including one-off direct debits
• Payment card transactions
• Issuing payment instruments or acquiring payment transactions
• Money remittance
• Execution of payment transactions through the intermediary of a telecom, IT system or network operator

The Regulations also list activities excluded from scope, including:

• Cash only transactions (but any cash transaction involving movement to or from a payment account will be caught);
• Cheques and paper instruments (this removes cheque clearing and UK giro credit clearing from scope);
• Cash transportation (e.g. cash deliveries by commercial security companies);
• Payment transactions related to securities asset servicing;
• Technical services including independent ATM deployers.

The Regulations apply to payments where the payment service providers (PSP) of both the payer and the payee are in the EEA and the transaction is being made in euro or another Member State currency (e.g. sterling). The only exception to this is Regulation 73, which concerns value dating and availability of funds, and also applies to transactions where the payer’s PSP is outside of the EEA (but still in euro or another Member State currency).

A key section of the PSRs is the conduct of business requirements, which are set out in Parts 5 and 6. The provisions in these Parts essentially govern the relationship between the payment service provider and the payment service user, setting common standards across the EU. However, PSPs are always able to offer preferential services to their customers provided that they do not risk non-compliance with the Regulations and can, for example, choose to apply the requirements to products and services that are outside of scope. It is also important to note the applicability of the corporate opt-out here, which is explained under the section on the treatment of different customers.

Where there is an overlap in the requirements with those under the Consumer Credit Act (CCA) for regulated agreements, the CCA takes precedence. 

Information requirements (Part 5 of the PSRs)

The PSRs are clear on what information must be provided to a customer before the conclusion of a contract and before and after a payment transaction takes place; increased transparency and clarity for the customer are key drivers of this new law. Such information includes:

• The main characteristics of the payment service(s) to be provided;
• The specific information or unique identifier required to make payments;
• The maximum execution time for payments;
• A reference enabling the payment service user to identify the transaction; and
• The amount of any charges for the payment transactions.

Rights and obligations (Part 6 of the PSRs)

This Part is important because it clearly sets out the rights and obligations of both the payment service provider and payment service user in respect of payment transaction processing.

Key provisions under rights and obligations include:

• The corporate opt-out recognises the differing positions of consumers and businesses, with the option, in relation to certain Regulations, that “the parties may agree” that they do not apply.
• PSPs may not charge customers for providing information required under the Regulations, or for taking certain corrective or preventative measures specified.
• There is a legal obligation on the customer to use any payment instrument (e.g. a credit card) in accordance with its terms and conditions of issue, to take all reasonable steps to keep it secure, and to notify the issuer without undue delay of its loss, theft, misappropriation or unauthorised use.
• PSPs issuing payment instruments are subject to various obligations such as ensuring that the personalised security features are not accessible to other persons and not sending unsolicited payment instruments (except as a replacement).
• The PSRs introduce a long-stop 13-month time limit after the date of debit for a customer to claim that a transaction was unauthorised or incorrectly executed; these claims should in any event be made without undue delay. However, in the UK a policy decision was taken not to change the unlimited period of the Direct Debit Guarantee.
• Where a transaction is found to be unauthorised, the PSP has an obligation to immediately refund the amount of the transaction and, where applicable, restore the account to the state it would have been in had the transaction not happened. 
• For payments in euro; in the domestic currency of the EU member state concerned (i.e. sterling for UK transactions); or where there is only one currency conversion between euro and the domestic currency, and the transfer is cross-border and denominated in euro, the PSRs introduce a default maximum timescale for execution of D+1, but PSPs can agree up to D+3 until 1 January 2012 with their customers.
• For transactions in a Member state currency other than those listed above (e.g. a Danish kroner transfer between accounts in the UK) the Regulations allow agreement between PSP and customer of an execution time of up to four business days.

The PSRs aim to remove “float” by requiring that the credit value date for the payee’s payment account must be no later than the business day on which the amount is credited to the account of the payee’s PSP.

Treatment of different customers

The PSD was written predominantly with consumer protection in mind. However, it also applies to banking relationships with corporates, which can have very different needs and requirements to those of consumers.

Therefore, the option of a ‘corporate opt-out’ exists for certain provisions, which can be agreed between a PSP and its corporate customer. The optional opt-out applies to all of Part 5 (in whole or in part) and to certain provisions in Part 6 such as consent and withdrawal of consent, liability for unauthorised transactions and refunds. The full list of the Regulations under Part 6 that can be agreed as not applying to corporate customers can be found in Regulation 51. The option for Part 5 is set out in Regulation 33.

The application of the corporate opt-out is decided at bank level and is therefore up to individual PSPs to discuss and agree with their corporate customers. This should be seen as an area where banks can particularly compete in their offerings to customers.

The PSD contains a Member State derogation that allows national transposition to mandate that micro-enterprises should be treated as consumers. The definition of a micro-enterprise is an enterprise that has an annual turnover and/or balance sheet total that does not exceed €2 million and employs fewer than 10 people. The Treasury chose to exercise this derogation when transposing the Directive into national law and also extended it to small charities (those with an annual income of less than £1 million).

This wider group of ‘consumers’ will have access to the Financial Ombudsman Service (FOS) for complaints concerning payment services.

Where to find more information 

• The FSA hosts a section on its website concerning the PSRs. The information includes a set of FAQs and links to various documents, including its Approach Document. This outlines the FSA’s approach to its role in payment services regulation and provides guidance on understanding the requirements placed upon payment service providers. http://www.fsa.gov.uk/Pages/About/What/International/psd/
• HM Treasury’s website contains policy documents concerning the transposition of the Directive as well as the Regulations themselves.http://www.hm-treasury.gov.uk/fin_payment_services_directive.htm
• The OFT has a selection of Q&As on its website dealing with its oversight of access to payment systems (Part 8 of the PSRs). http://www.oft.gov.uk/shared_oft/enforcement_regs/qanda.pdf
• The European Commission’s website keeps a track on Member States’ progress and provides a substantial number of FAQs that have been submitted to the Commission for answer. http://ec.europa.eu/internal_market/payments/framework/index_en.htm