Minister for Finance, Paschal Donohoe signed the European Union (Payment Services) Regulations 2018 into law today. The 2018 Regulations transpose the revised Payment Services Directive (Directive (EU) 2015/2366) (PSD2) into law just in time for the 13 January 2018 deadline.

PSD2 introduces several important changes for banks and third party payment service providers as well as for consumers using payment instruments, such as credit or debit cards and gift cards, to pay for goods and services. 

Change highlights

The following is a summary of the main changes introduced by the 2018 Regulations:

  • Increased consumer protection measures in the form of strict security requirements for the initiation and processing of electronic payments and the protection of consumers' financial data
  • Reduction in the customer's liability for non-authorised payments to €50, previously €75, and a statutory unconditional refund right in euro for direct debits
  • Prohibition of merchant surcharging on consumer-held credit or debit cards covered by the Interchange Fee Regulation (IFR). The vast majority of consumer credit and debit cards are captured by the IFR. The prohibition on surcharging applies whether the payment instrument is used in shops or online
  • The addition of two new categories of regulated payment services providers, known as "payment information service providers" and "account information service providers", who offer consumer or business-oriented payment services based on access, with the account holder's consent, to payment accounts
  • An extension of the scope of the legislation to payment transactions in non-EEA currencies and to "one-leg" transactions, ie payment transactions where only one of the payment service providers is located within the EEA, and a narrowing of the payment transactions and services which are excluded or outside the scope of the legislation
  • The introduction of new rules on strong customer authentication and secure communication

Conclusion

The vast majority of the provisions of PSD2 come into operation tomorrow, on 13 January 2018. A small number of provisions on strong customer authentication and common and secure open standards of communication will come into operation from the date on which the awaited European regulatory technical standards enter into force which is in approximately 18 months' time.

As a result of PSD2, the EU single market for payments will be more harmonised with greater uniformity in the legal rules applicable to payment services in each country in the EEA. In addition to the increased uniformity across the EEA, the enhancement of the protections afforded to payment service users in light of the transposition of PSD2 is particularly timely given the rapid growth in the number of electronic and mobile payments made by Irish consumers and the continuing evolution of new ways of paying for services in Ireland.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.