Question ID:
Legal Act:
Directive 2015/2366/EU (PSD2)
Strong customer authentication and common and secure communication (incl. access)
COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations:
Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
Disclose name of institution / entity:
Type of submitter:
Industry association
Subject Matter:
Consumer mandate under Merchant Initiated Transactions

Terms and Conditions to outline future charges (under Merchant Initiated Transactions (MITs)) may be disclosed by the booking entity (such as online travel agent or brand/hotel group) instead of the hotel merchant. Does the consumer acknowledgement of these terms through a party other than the merchant (in this case, the hotel) meet the MIT requirement? Will the merchant in this situation continue to be the hotel, instead of the intermediary?

Background on the question:

In the hotel sector, payments are often not completed or able to be completed at the time of the reservation with credit card details taken only as a guarantee of future payment. At the time of booking, the customer will be asked to agree to the booking Terms and Conditions which protects the interests of all parties involved; the guest, the booking agent and the hotel. Given the high degree of intermediation in the hotel industry, bookings are often concluded by an intermediary (such as a brand/hotel group or an Online Travel Agent), who will ask the customer to agree to the hotel’s booking policy on the involved party’s behalf. Accepting the T&Cs should be considered an affirmative act, providing a “customer mandate” as mentioned in the Merchant Initiated Transaction Exemption –which should not be dependent on potential parties involved in completing the booking on the hotel’s behalf.

Date of submission:
Published as Final Q&A:
Final Answer:

Q&A 2019_4791 clarifies that where payment card details are taken as a guarantee at the time of making a reservation, in order for potential further payments initiated by the payee (the hotel) to be considered as payee-initiated transactions, strong customer authentication (SCA) would need to be applied when providing the mandate and the all other conditions in Q&A 2018_4031 should be met.

Directive 2015/2366/EU (PSD2) does not exclude a situation where a mandate of the payer to the payee to initiate a payment transaction, is provided through a remote channel to an intermediary, who is acting on behalf of the payee on the basis of a contractual agreement between the payee and that intermediary, provided that the name of the payee is specified in the mandate. In this case, the payer should also be made aware that the intermediary is acting on behalf of the payee.



The answers clarify provisions already contained in the applicable legislation. They do not extend in any way the rights and obligations deriving from such legislation nor do they introduce any additional requirements for the concerned operators and competent authorities. The answers are merely intended to assist natural or legal persons, including competent authorities and Union institutions and bodies in clarifying the application or implementation of the relevant legal provisions. Only the Court of Justice of the European Union is competent to authoritatively interpret Union law. The views expressed in the internal Commission Decision cannot prejudge the position that the European Commission might take before the Union and national courts.

Final Q&A
Answer prepared by:
Answer prepared by the European Commission because it is a matter of interpretation of Union law.