Question ID:
2018_4056
Legal Act:
Directive 2015/2366/EU (PSD2)
Topic:
Strong customer authentication and common and secure communication (incl. access)
Article:
97
COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations:
Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
Article/Paragraph:
Article 13
Disclose name of institution / entity:
No
Type of submitter:
Other
Subject Matter:
Application of the exemption for transactions to trusted beneficiaries to Face-to-Face transactions
Question:

May the exemption for transactions to trusted beneficiaries (‘white-listing’) set out in Article 13 of Regulation (EU) 2018/389 (RTS on strong customer authentication and secure communication) apply to face-to-face transactions?

Background on the question:

PSPs are allowed not to apply SCA where the payer initiates a payment transaction and the payee is included in a list of trusted beneficiaries previously created by the payer (Article 13 of Regulation (EU) 2018/389 (RTS on strong customer authentication and secure communication), the so-called ‘white-list’ exemption).

Regulation (EU) 2018/389 does not limit white-listing to remote transactions. The RTS only states that SCA can be by-passed when 'the payer initiates a payment transaction’ to trusted beneficiaries. This would include both remote and face-to-face transactions. Whenever the RTS limits the application of an exemption to remote transactions, they do it so expressly. The exemption for low-value remote transactions (Article 16 RTS) and the Transaction Risk Analysis (TRA) exemption, for example, are expressly limited to ‘remote’ transactions.

Date of submission:
28/06/2018
Published as Final Q&A:
21/09/2018
Final Answer:

Article 13 of the Commission Delegated Regulation (EU) 2018/389 does not limit the application of the exemption to remote transactions only (by contrast for instance with the transaction risk analysis exemption under Article 18 of the Delegated Regulation). Accordingly, the exemption could apply to non-remote transactions provided this is technically feasible to do so.

Status:
Final Q&A
Answer prepared by:
Answer prepared by the EBA.
Image CAPTCHA