On 19 December 2017, the European Banking Authority ("EBA") published an Opinion addressed to national competent authorities on the transition from the first payment service directive ("PSD1") to the revised payment service directive ("PSD2").

The intention of the EBA Opinion is to clarify transitional issues and their implications for payment service providers and competent authorities resulting from transitional periods provided for in PSD2 as well as from the delayed adoption of some of the guidelines and technical standards developed by the EBA under PSD2. The EBA also proposes certain supervisory actions to support the transition.

The Opinion clarifies in particular the exemptions from the immediate requirement for PSD2 authorisation. In a nutshell:

  • providers that used to perform account information services and/or payment initiation service-like activities may continue to perform the same activities in the same territories before being authorised or registered under PSD2, but will not be able to benefit from the full set of rights under PSD2 (including the right to passport their services) until they obtain authorisation;
  • existing payment institutions and electronic money institutions awaiting re-authorisation may continue to offer services during the transitional period until 13 July 2018. However, institutions that intend to provide payment services for which they were not authorised under PSD1 or account information services and/or payment initiation services under PSD2 will need authorisation under PSD2 from the date they start providing these additional services (unless they benefit from the first exemption above);
  • payment institutions which benefited from an exemption under PSD1 have until 13 January 2019 to be authorised or to seek exemption under PSD2.

The Opinion also details the conditions for accessing payment account information during the transitional period starting on 13 January 2018 and ending from the application of the regulatory technical standards on strong customer authentication and common secure communication ("RTS").

During this transitional period, account information service providers and payment initiation service providers can access payment accounts even using existing methods such as screen scraping while not being subject to certain obligations and security measures required under PSD2. The EBA advises competent authorities to encourage all providers to comply early with the latest version of the RTS and relevant security measures under PSD2.

To avoid any gap in applicable security requirements during the relevant transitional period, the EBA intends to repeal in stages the guidelines on the security of internet payments adopted under PSD1. The Opinion provides a detailed table showing the instrument superseding each guideline and the application date.

In its Opinion, the EBA also addresses the issue of cross-border services offered by payment service providers established in Member States that have not transposed PSD2 by 13 January 2018 while these providers have already obtained a valid passport notification under PSD1.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.