The Ministry of Finance of the Czech Republic (MFCR) has several concerns about the implementation of PSD2 through the draft Guidelines.
Guideline 9.1 requires PISPs and AISPs to review and if necessary recalculate the minimum monetary amount of PII or other comparable guarantee they are required to hold at least on an annual basis. Considering the dynamics of the sector (providers might expand their business significantly in a short time) the annual basis seems to be inadequate. We however understand that each review increases administrative costs. Solution to this problem could be requiring PISPs and AISPs to review the amount:
a) at least once a year;
b) or in a case one of the key criterions (e.g. size of activity which could be tracked in a real time) changes significantly in a short time (e.g. by more than 20 % from month to month).
According to provisions of the PSD2, “Payment initiation services are based on direct or indirect access for the payment initiation service provider to the payer’s account.” Formula and criterions proposed by the EBA do not take the distinction between direct and indirect PIS into account. However it is clear that the providers with direct access to payer’s account represent a much greater risk and therefore should be required to hold a higher amount of PII.
MFCR does not consider value of indemnity claims as a suitable indicator for the risk profile of PISPs or AISPs. In many cases – as results of the EBA questionnaire suggest – complaints and lawsuits received by PISPs and AISPs do not lead to any monetary compensation actually paid. PISPs and AISPs might face complaints and lawsuits regardless of their conduct or misconduct. Value of indemnity claims does not automatically mean that the specific PISP or AISP was not following provisions of the PSD2 and it is therefore inappropriate to use it as an indicator of risky and undesirable behavior.
According to the provisions of the Guideline 6.5, PISPs and AISPs engaged in other business than providing payment services are obliged to add 50 000 euros to their PII scheme. MFCR considers this obligation to be inappropriate. The fact that the company is engaged in other business than providing payment services does not automatically mean that the other business presents a risk from which the company has to be protected. For example – company might be obliged by regulations different from PSD2 to have insurance scheme for its other business. We recommend using provision similar to Guideline 5.7 to solve this problem.
Guideline 8.1 states that the undertakings should hold either PII, or a comparable guarantee. According to this PII and comparable guarantee are interchangeable but not combinable. Company has to choose whether to hold PII or comparable guarantee; it cannot use them to cover for potential risks both at the same time. MFCR does not see any reason for such a provision. In many cases, companies hold assets which might be used as a comparable guarantee (e.g. real estate) but which are not valuable enough to on their own provide guarantee demanded by the Guidelines. According to current provisions of the Guidelines, these companies would have to arrange PII without regard to amount of comparable guarantee available and their expenses for following the Guidelines would be unnecessarily high. We recommend that the PII and comparable guarantee are to be made combinable.