Question ID:
2021_5763
Legal Act:
Directive 2015/2366/EU (PSD2)
Topic:
Strong customer authentication and common and secure communication (incl. access)
Article:
Article 98
COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations:
Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
Article/Paragraph:
Article 32.3
Disclose name of institution / entity:
No
Type of submitter:
Competent authority
Subject Matter:
Obstacle to the provision of payment initiation and account information services
Question:

Should Article 32.3 of Regulation (EU) 2018/389, read together with paragraphs 33 to 41 of the Opinion of the European Banking Authority on obstacles under Article 32(3) of the RTS on SCA and CSC, be interpreted so as to consider that interface implementations that require, in a redirection approach, Payment Initiation Services Providers (PISPs) to always transmit the payer’s IBAN to initiate a payment order, are an obstacle to the provision of payment initiation services because the payment service user is required to manually enter their IBAN while in the PISP’s domain? Should Article 32.3 of Regulation (EU) 2018/389 be interpreted identically where the interface implementations require Account Information Service Providers (AISPs) to always transmit the IBAN(s) of the account(s) to be accessed, therefore requiring the payment service user to manually enter their IBAN(s) while in the AISP’s domain?

Background on the question:

The European Banking Authority clarified in paragraph 34 of its Opinion on obstacles to the provision of third party provider services under PSD2, EBA/Op/2020/10, of 4 June 2020 that interface implementations that, in a redirection approach, require Payment Service Users (PSUs) to manually input their IBAN into the Account Servicing Payment Service Provider (ASPSP)’s domain in order to be able to use AISPs/PISPs services, are an obstacle. There are ASPSPs that are of the view that paragraphs 33 to 41 of this EBA Opinion cannot be construed as prohibiting interface implementations that require Third Party Providers (TPPs) to provide the IBAN for either or both AIS or PIS purposes. These ASPSPs are of the view that such interface implementations, which cause both PISPs and AISPs to have to request manual IBAN entry from PSUs into their own domain, do not create an obstacle within the meaning of Article 32.3 of Regulation (EU) 2018/389. The EBA should clarify the existence or inexistence of an obstacle for Payment Initiation Services (PIS) and Account Information Services (AIS) journeys separately.

Date of submission:
04/03/2021
Published as Final Q&A:
23/04/2021
EBA Answer:

Directive 2015/2366/EU (PSD2) and the Commission Delegated Regulation (EU) 2018/389 do not require payment service users (PSUs) to enter the international bank account number (IBAN) manually into the domain of payment initiation service providers (PISPs) or account information service providers (AISPs) when executing a payment initiation service or an account information service respectively.

Article 32(3) of the Delegated Regulation prescribes that ‘account servicing payment service providers that have put in place a dedicated interface shall ensure that this interface does not create obstacles to the provision of payment initiation and account information services’.

Q&A 2019_4854 clarified that account servicing payment service providers (ASPSPs) ‘should not reject the requests received from PISPs in a redirection or decoupled approach, simply because the PISP has not transmitted to the ASPSP the relevant account details’.

In accordance with the requirement of Article 36(1)(a) of the Delegated Regulation and the clarification provided in paragraph 34 of the EBA Opinion on obstacles under Article 32(3) of the RTS on SCA and CSC (EBA/OP/2020/10), the same principle applies to the provision of account information services.

Accordingly, ASPSPs should not reject the requests received from AISPs simply because the AISP has not transmitted to the ASPSP the relevant account details.

Status:
Final Q&A
Answer prepared by:
Answer prepared by the EBA.
Image CAPTCHA