Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

Final Q&As Q&As under review Rejected Q&As Archived Q&As All Q&As

List of Q&A's

Payment account definition

Does an account provided by a payment service provider, linked to a payment instrument that can be used to make payment transactions to [certain] third parties (e.g. merchants) from that account, as well as to withdraw cash from that account (e.g. from an ATM) and receive incoming payments in the respective account from the same payment users to which the funds were transferred (i.e, refunds from merchants) fall under the definition of a payment account in accordance with PSD2, even if the respective account cannot receive funds from third parties via credit transfers?  

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7463
  • Topic: Other topics
  • Date of submission:

Setting limit (daily and/or per transaction) for the execution of payment transaction by PSP

Is PSP allowed, according to the Article 68(1) of PSD2, to set a general limit (daily and/or per transaction) for the execution of payment transaction to the payee with the PSP in another EU Member state, under the certain payment initiation channel (for example mobile banking), in order to mitigate the risk of fraud (to prevent fraud)? Is PSP allowed to set different general limits for national payments and for payments to PSPs in another EU Member state (due to various fraud risk associated to these transactions)? Is PSP obliged to change a limit above the limit that the PSP set - on PSU's request for regular credit transfer?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7425
  • Topic: Other topics
  • Date of submission:

Application of general requirements of Chapter 6 of the Regulation (EU) No 575/2013 regarding the definition of own funds

Does the definition of „own funds“ in Article 4(46) of PSD2 refer to the definition of „own funds“ as defined in point 118 of Article 4(1) of Regulation (EU) No 575/2013 only, or are Articles 26 - 88 of Regulation (EU) No 575/2013, in particular Articles 26 (3), 77 and 78 of Regulation (EU) No 575/2013, also refered to by Article 4(46) PSD2?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7396
  • Topic: Other topics
  • Date of submission:

Application of Instant Payment Regulation (IPR) to Securities Providers

Do you agree on the non-applicability of the obligation to provide instant credit transfers (within a time horizon of 10 seconds), introduced by IPR, to depositaries, custodians, and entities responsible for payments or local facility for foreign CIUs distributed in a Member State, based on the exclusion provided by article 3, paragraph 1, letter i), of directive 2015/2366 (PSD2)?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7249
  • Topic: Authorisation and registration
  • Date of submission:

Payment service user - both payer and payee

Can a payment service user be both payer and payee on a money remittance service?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7184
  • Topic: Other topics
  • Date of submission:

Transactions executed via electronic mail (email)

Do transactions ordered by email and executed by an employee of the payment service provider, e.g., credit transfers orders sent from the e-mail address of the payer to the e-mail address of the payment service provider and executed accordingly qualify as transactions executed through a remote channel, at-distance channel or a payment instrument which may imply a risk of payment fraud or other abuses, pursuant to Article 69, Article 70, Article 72 and Article 97(1)(c) PSD2?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_7150
  • Topic: Strong customer authentication and common and secure communication (incl. access)
  • Date of submission:

Exclusion of cash withdrawal services from PSD2

Is it a prerequisite for an ATM operator,to qualify for the exemption of article 3(o), to co-operate with a Payment Service Provider (authorised within the EEA or with a relative passport where necessasry) offering payment service number 2 of the Annex 1 of the PSD2?  

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7136
  • Topic: Other topics
  • Date of submission:

Providing payment service via Internet banking (web-application)

Is providing payment service via Internet banking (web-application) payment initiation channel considered to be issuing of payment instruments? 

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2017/09 - Guidelines on authorisation and registration under PSD2
  • ID: 2024_7115
  • Topic: Authorisation and registration
  • Date of submission:

Provision of external payroll accounting services to an employer

Does the activity of external payroll processing for an employer constitute a payment service under PSD2, if it consists of receiving funds for wages and related deductions (taxes, health and social insurance) in the payroll processor’s payment account from the employer, and transferring these to employees, tax authorities, insurance companies etc.? Would the answer change depending on whether the payroll processor  maintains an account separately for each employer?   

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7065
  • Topic: Authorisation and registration
  • Date of submission:

Legal requirement for ASPSPs to provide for cancellation of future dated pay-ments through its dedicated payment initiation services interface

Is there a legal requirement for ASPSPs to allow its PSU to cancel/revoke future dated payments via a payment initiation service provider, using the ASPSPs dedicated payment initiation services interface?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_7017
  • Topic: Strong customer authentication and common and secure communication (incl. access)
  • Date of submission:

Application of strong customer authentication (SCA) where Account Information Service users access the Account Information Service Providers’ (AISPs) own channels and the previously retrieved payment account information compiled and stored therein

Are Account Information Service Providers (AISPs) exempt, in respect of their own channels, from the requirements of Article 97(1) of Directive (EU) 2015/2366 and of Article 10 of Regulation (EU) 2018/389, and therefore allowed: to let users of their Account Information Service, access the AISPs’ own channels and the payment account information compiled and stored therein – previously retrieved by AISPs from the users’ respective Account-Servicing Payment Service Providers (ASPSPs) – without applying any strong customer authentication (SCA) upon that access to AISPs’ own channels, irrespective of whether the conditions of Article 10 of Regulation (EU) 2018/389 are satisfied – such that AISPs may, in their own channels, allow users of their service to consult, without SCA, previously retrieved payment account information of a broader scope (more than the last 90 days’ worth of data, and potentially the users’ complete transactional history) as compared to the data that ASPSPs may, without SCA, display to the same users in the ASPSPs’ own channels (maximum the last 90 days’ worth of data, and provided that SCA was applied no more than 90 days prior) – and such that AISPs, despite being payment services providers (PSPs), need not afford users of their services the same level of protection that ASPSPs are required to, and can expose said users to the risks of abuses referred to in Article 97(1)(c) of Directive 2015/2366?  

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2021_6248
  • Topic: Strong customer authentication and common and secure communication (incl. access)
  • Date of submission: