There seems to be a general misconception on PSD2’s introduction of the positive scope of so-called ‘one leg out’ or ‘one leg’ transactions and what it seems to imply. Often people are discussing the extra-territorial scope of PSD2, meaning that payment service providers (PSP) outside the EEA, processing a payment for an EU consumer at a non-EU website would mean that these PSPs need to comply with the requirements of PSD2. But is that really the case? If not, what does it really mean and how to comply? Let’s clear the air.
What Are One Leg Out Transactions?
One leg (out) transactions – as you may have guessed – refer to those payment transactions where one of the PSPs (either of the payer or the payee) is based outside of the EU. Under PSD1, one leg transactions were largely out of scope. Under PSD2 these transactions will fall within scope. The following article 2 (“scope”) is relevant and the following paragraphs must be read in correlation with each other, where paragraph 4 discusses the one leg transactions:
- This Directive applies to payment services provided within the Union. 2. Titles III and IV apply to payment transactions in the currency of a Member State where both the payer’s payment service provider and the payee’s payment service provider are, or the sole payment service provider in the payment transaction is, located within the Union.
- Title III, except for point (b) of Article 45(1), point (2)(e) of Article 52 and point (a) of Article 56, and Title IV, except for Articles 81 to 86, apply to payment transactions in a currency that is not the currency of a Member State where both the payer’s payment service provider and the payee’s payment service provider are, or the sole payment service provider in the payment transaction is, located within the Union, in respect to those parts of the payments transaction which are carried out in the Union.
- Title III, except for point (b) of Article 45(1), point (2)(e) of Article 52, point (5)(g) of Article 52 and point (a) of Article 56, and Title IV, except for Article 62(2) and (4), Articles 76, 77, 81, 83(1), 89 and 92, apply to payment transactions in all currencies where only one of the payment service providers is located within the Union, in respect to those parts of the payments transaction which are carried out in the Union.
So title III and title IV (with some exceptions) apply to these transactions. These titles include the provisions around transparency and information requirements. Title III is called the ‘Transparency of conditions and information requirements for payment services” and Title IV relates to the ‘Rights and obligations in relation to the provision and use of payment services’, Examples of these provisions evolve around prescribed information and conditions to be included in the contract, value dating and availability of funds provisions, the charges (a breakdown thereof) and conditions to be made known to payment service users. The excluded provisions relate to for instance the PSP’s right of recourse against another PSP, liability for non-execution/defective/late execution of transactions, rules around refunds and provision of information around maximum execution times.
Do Non-EU PSPs Need to Comply with the PSD Now?
Most certainly not. The European Commission highlighted in its fact sheet of October 2015, when releasing the PSD2 text: “While the former Directive (2007/64/EC) only applies to intra-EU payments, PSD2 extends a number of obligations, notably information obligations, to payments to and from third countries, where one of the payment service providers is located in the European Union. The extension of the scope has implications primarily for the banks and other payment service providers that are located in the EU. In practice, this means that these financial services providers shall provide information and transparency on the costs and conditions of these international payments, at least in respect of their part of the transaction. They can also be held liable for their part of the payment transaction if something goes wrong that is attributable to them. Moreover, the extension in scope will also have as an effect that the same rules will apply to payments that are made in a currency that is not denominated in Euro or another Member State’s currency.”
Nowhere is any reference of any involved non-EU financial service providers to become subject to the (licensing) requirements of the PSD. And do not forget the first paragraph of the scope article specifically stipulated that the directive applies to payment services within the EU. In lawyer words: in my view article 4 is not a ‘lex specialis’ which overrides the ‘lex generalis’ rule of paragraph 1 and both must be read in the relevant context of the entire scope article.
What Does It Really Mean?
Non-EU PSPs can be relieved. The European legislator aimed to provide transparency over end-to-end charges and delivery terms, providing the customer a better informed position. No extra-territorial effect intended (no US-like movements there yet).
The information and transparency obligations apply to EU-based/licensed financial institutions, who primarily provide their payment services in the EU (see article 4 paragraph 1) and also process transactions for non-EU customers of their merchants, regardless of the currency. Further, any service providers that have relationships with consumers, these information and transparency requirements will extend to (in any currency) transactions they process for their EU customers, regardless whether they purchase from a European (in most cases a two leg transaction, which was already in scope under PSD1) or non-European merchant (a one leg transaction). This only applies to their part of the payment transaction and not the part where the transaction is no longer carried out in the Union, so where the other (non-EU) PSP of the payer or payee gets involved.
A Struggle to Comply?
PSPs need to carry out an impact analysis to asses which part of each transaction qualify as having been ‘’carried out in the Union”, which does not sound like an easy and straight-forward task in the current globalized e-commerce world. Let’s take for instance the PSP’s information obligation towards payment service users under article 45.1 sub c. All charges payable must be provided or made available, and a breakdown of those charges (where applicable). This sounds rather familiar (the interchange+++ model for credit cards). Many PSPs (from a payment institution perspective) ‘buy-in’ a payment method, add it to its own platform and resells it to its merchants. Charges of all involved service providers are largely blended and the cost of the payment method supplier is paid for by the PSP and then marked-up towards the merchant. Not many PSPs would like to give up their actual margin to their merchants, but it becomes particularly interesting for one leg transactions.
If for instance the merchant (and its PSP) is EU-based, the customer (and its PSP) is non-EU based (hence a one leg transaction) and the payment method is also non-EU based, the required charges disclosure and breakdown would not include the payment method supplier’s costs, as that is the part of the transaction that is outside the EU. It would however need to be included if the entire transaction is carried out in the EU, requiring the payment method supplier being based in the Union as well. This will however hardly be the case if the customer is non-EU based, unless a non-EU customer uses a EU based payment method. This example shows how hard this assessment could be. Every factor of a single payment transaction to be considered, including the location of the customer, payment method suppliers/banks and other involved processors. The question is whether systems would be able to differentiate between the many different scenarios that may apply to one merchant or then need to take the strictest rule to apply to all transactions. The more global the merchant, the more difficult it may be. And this is only a fraction of the (information) requirements under title III and IV. Would be interesting to see how PSPs will comply with this.