2021_6315 Transactions initiated via electronic mail (email)

Question ID:

2021_6315

Legal Act:

Directive 2015/2366/EU (PSD2)

Topic:

Strong customer authentication and common and secure communication (incl. access)

Article:

Paragraph:

Subparagraph:

(b)

COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations:

Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Article/Paragraph:

Disclose name of institution / entity:

Type of submitter:

Competent authority

Subject Matter:

Transactions initiated via electronic mail (email)

Question:

Do transactions initiated via electronic mail (email) qualify as initiations pursuant to Article 97 para. 1 (b) PSD2 and are therefore subject to the RTS SCA requirements?

Background on the question:

In the banking sector, it is common to sign an email clause granting the possibility to initiate transactions by email. Therefore, the payer oftentimes initiates a transaction by sending an email (including the amount, recipient and purpose of the payment) to the payment service provider. The payment is then processed by an employee of the payment service provider.

We consider that transactions initiated by electronic mail are excluded from the PSD2/RTS SCA. These transactions are executed by an employee of the payment service provider after receiving the email. The service provider is still able to interfere in the payment process, since it is not fully automated. In the Final report on the draft RTS on SCA and CSC the EBA was already asked, if "payments via e-mail" are considered within the scope of the SCA under PSD2 (EBA/RTS/2017/02, 23 February 2017, Question 90 page 94). Since the matter of email initiated transactions was not explicitly addressed in the answer (“[…] anything initiated via paper or telephone is out of the scope”), it is not clear how the EBA interprets Article 97 para. 1 (b) PSD2 and the scope of the SCA in relation to transactions initiated via email.

The medium through which the payer's payment order is transmitted to the payment service provider is not the sole determining factor as to whether the transmission of the order constitutes the initiation of an electronic payment transaction within the meaning of Article 97 para. 1 (b) PSD2. In our view, the decisive factor is whether the payment order can be issued electronically by the payer and processed automatically in the payment system in order to qualify as an initiation of an electronic payment transaction pursuant to Article 97 para. 1 (b) PSD2.

Furthermore, the purpose of Article 97 PSD2 is to reduce the risk fraud and to enable secure electronic payment services (recital 95). The risk of fraud in relation to a payment initiation via email is sustainably reduced compared to online banking, as payment service providers can interfere in the payment process and verify the payer, who initiated a transaction via email.

Date of submission:

15/12/2021

Published as Final Q&A:

06/01/2023

Final Answer:

This question is related to other Q&As: 4031, 4058, 4788, and 5534.

When a payer tasks its payment service provider to execute a payment transaction via e-mail, this action is similar to a Mail-Order payment. The payment initiation itself is not performed by the payer. In this particular example, the payer only orders its payments service provider to initiate and process the payment, providing instructions including the required transaction information. The payment is then processed by an employee of the payment service provider. The payer is not initiating the electronic payment itself in this situation, and therefore, does not qualify as “where the payer initiates an electronic transaction” as per Article 97(1)(b) of Directive (EU) 2366/2015 (PSD2).

Status:

Final Q&A

Answer prepared by:

Answer prepared by the European Commission because it is a matter of interpretation of Union law.