Can the impossibility for a Third Party Provider (TPP) to add new beneficiaries for payment initiation, coupled with the impossibility to initiate payments for unregistered beneficiaries, be considered as an obstacle? Besides, as a subsequent question, are delays up to 48 hours in the registration of new beneficiaries an obstacle?
Some Account Servicing Payment Service Providers (ASPSPs) have implemented on their online banking environment specific features for a Payment Service User (PSU) to initiate payments that prevent the development of Payment Initiation Services (PIS).
These features may be summarised as follows: -
To initiate a payment in their online environment, a Payment Services User (PSU) must first pre-register the payee details. These pre-registered beneficiaries are not trusted beneficiaries as foreseen in the PSD2, but the PSU can only issue credit transfers to payees included in the list of pre-registered beneficiaries.
In order to prevent fraud, ASPSPs have included a period of verification before a new preregistered beneficiary is included in the list. (it can be up to 48 hours). The combination of these features makes it impossible for a PSU to issue instantly a credit transfer to a new payee online. Due to these restrictions on their online environment, ASPSPs have implemented the same rules on their Application Programming Interface (APIs), preventing therefore PIS to initiate payments to payees unless the PSU has already pre-register the payee in the list of pre-registered beneficiaries. According to EBA Q&A 2018_4076, ASPSPs prevent TPPs from adding new payees in the list of pre-registered beneficiaries, preventing them from initiating payment to new payees. This in practice limits the capacity for a PSU to pay online via an PIS providers.
Q&A 2018_4076 clarified that the creation or amendment of lists of trusted beneficiaries through the services of payment initiation service providers (PISPs) is not possible. While Q&A 2018_4076 relates to the trusted beneficiaries exemption from strong customer authentication (SCA) under Article 13 of the Commission Delegated Regulation (EU) 2018/389, the question posed by the submitter in this Q&A relates to adding a payee to a list of pre-registered beneficiaries (payees) and does not relate to the trusted beneficiaries exemption from SCA.
Therefore, the specific case described by the submitter where initiating a payment transaction requires the new payee to be added to a list of pre-registered beneficiaries and where the payment service user (PSU) is not able to add the new payee to the list of pre-registered beneficiaries through a PISP and subsequently is not able to initiate a payment transaction through a PISP, would not be in line with the requirements of Article 66(1) of PSD2 and would therefore constitute an obstacle in the meaning of Article 32(3) of the Delegated Regulation.
Therefore, should the PSU be required to add a new payee to a list of pre-registered beneficiaries before initiating a payment transaction directly with its account servicing payment service provider (ASPSP), the PSU should be able to add a new payee to a list of pre-registered beneficiaries in a payment initiation service (PIS) journey and to do so without any additional and unnecessary steps compared to when the PSU is adding the new payee directly with its account servicing payment service provider (ASPSP).
In any case, it should be noted that adding a new payee to the list of pre-registered beneficiaries in a PIS journey may require the application of SCA in accordance with Article 97(1)(c) PSD2 if SCA is also required when the PSU is adding the new payee directly with its ASPSP.
On the time needed for a new payee to be included in the list of pre-registered beneficiaries, PSD2 and the Delegated Regulation do not prescribe a specific timeframe. However, in accordance with Article 66(4)(c) PSD2, the same conditions should apply irrespective of whether the PSU is initiating the payment transaction directly with the ASPSP, or using a PISP.