Question ID:
Legal Act:
Directive 2015/2366/EU (PSD2)
Strong customer authentication and common and secure communication (incl. access)
COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations:
Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
33, § 6
Disclose name of institution / entity:
Type of submitter:
Competent authority
Subject Matter:
Fall back exemption

Article 33, § 6 of the RTS for strong customer authentication and common and secure open standards of communication (the “RTS”) provides that “Competent authorities, after consulting EBA to ensure a consistent application of the following conditions, shall exempt the account servicing payment service providers that have opted for a dedicated interface from the obligation to set up the contingency mechanism […]” (the “fall back exemption”). a) Which authority - the home authority or the host authority ?- is the compentent authority under article 33, § 6 of the RTS, when the “fall back exemption request” concerns the dedicated interface used in a Member state where a branch of the ASPSP is located? b) Does the answer differ if the same dedicated interface is used in the home member state and in the host member state where a branch is located?

Background on the question:

We have been approached by the Belgian branch of a bank (ASPSP) established in another member state who intends to benefit from the “fall-back exemption” for the dedicated interface intended to be used in Belgium

Date of submission:
Published as Final Q&A:
Final Answer:

Article 4 (39) of PSD2 defines a branch as ‘a place of business other than the head office which is part of a payment institution, which has no legal personality and which carries out directly some or all of the transactions inherent in the business of a payment institution’. Furthermore, in accordance with point 17 of Article 4(1) of the Commission Delegated  Regulation No 575/2013, a ‘branch’ is defined as ‘a place of business which forms a legally dependent part of an institution and which carries out directly all or some of the transactions inherent in the business of institutions’.

The EBA’s Final report on the Guidelines on the conditions to benefit from an exemption from the contingency mechanism under Article 33(6) of Commission Delegated Regulation (EU) 2018/389 (EBA/GL/2018/07), clarified that because a branch does not have legal personality, an Account Servicing Payment Service Provider (ASPSP) should always have to apply for an exemption from the fall back mechanism with the competent authority of the Member State where its head office is located (the ‘home Member State’). The competent authority of the home Member State remains the competent authority under the PSD2 and the Regulation (EU) 2018/389 for granting an exemption where the ASPSP has branches in other Member States that will use the same, or a different dedicated interface as that used by the head office.

Final Q&A
Answer prepared by:
Answer prepared by the EBA.