May the exemption for transactions to trusted beneficiaries (‘white-listing’) set out in Article 13 of Regulation (EU) 2018/389 (RTS on strong customer authentication and secure communication) apply to face-to-face transactions?

PSPs are allowed not to apply SCA where the payer initiates a payment transaction and the payee is included in a list of trusted beneficiaries previously created by the payer (Article 13 of Regulation (EU) 2018/389 (RTS on strong customer authentication and secure communication), the so-called ‘white-list’ exemption).

Regulation (EU) 2018/389 does not limit white-listing to remote transactions. The RTS only states that SCA can be by-passed when 'the payer initiates a payment transaction’ to trusted beneficiaries. This would include both remote and face-to-face transactions. Whenever the RTS limits the application of an exemption to remote transactions, they do it so expressly. The exemption for low-value remote transactions (Article 16 RTS) and the Transaction Risk Analysis (TRA) exemption, for example, are expressly limited to ‘remote’ transactions.

Article 13 of the Commission Delegated Regulation (EU) 2018/389 does not limit the application of the exemption to remote transactions only (by contrast for instance with the transaction risk analysis exemption under Article 18 of the Delegated Regulation). Accordingly, the exemption could apply to non-remote transactions provided this is technically feasible to do so.