Consultation reply on the proposal for a Council directive amending Directive 2006/112/EC as regards introducing certain requirements for payment services providers (COM (2018) 812 final
Commentary from March 2019
The PVD supports the Commission’s efforts to curb VAT fraud in cross-border e-commerce through appropriate measures. For several reasons, however, we are of the opinion that the regulatory approaches mentioned in the proposal with regard to the collection of data to be provided by PSPs are not suitable for achieving this objective.
The main arguments against the proposal are:
- The proposal displays a serious lack of understanding of the payment market, in particular with respect to payment instruments used by consumers in cross-border e-commerce.
- The proposed methodology of data capture is not suitable for the most important payment instruments used in cross-border e-commerce.
- For card payments in 4-party schemes, the information about the location of the counterpart PSP is not available at PSP-level.
- Accordingly, the data requirements should be differentiated with respect to the PSP of the payer and the PSP of the payee.
- Payment methods that are not relevant for the purpose of the proposed Directive, for instance money remittances and card-present payments, should be excluded.
The proposal displays a serious lack of understanding of the payment market, in particular with respect to payment instruments used by consumers in cross-border e-commerce.
In order to combat cross-border e-commerce VAT fraud the proposal focusses on credit transfers, direct debits and card payments:
“In recent years, more than 90 % of online purchases by European customers were made through credit transfers, direct debits and card payments, i.e. through an intermediary involved in the transaction (a payment service provider), and this is a trend that will continue in the future.” (Proposal p.3)
“The payment data in the regulatory option will refer to data on credit transfers, direct debits and cards payments because – as mentioned above – they represent almost the totality of the purchases online. Therefore, the providers of that kind of payment services will be in the scope of the regulatory option.”
(Impact Assessment SWD(2018) 488 final, p. 24).
Except for cash transactions, regulated Payment Service Providers (PSPs) are usually always involved in payment transactions. The role of PSPs is not restricted to the payment instruments credit transfers, direct debits and card payments – as suggested in the text of the proposal quoted above. PSPs are also involved in almost all other (legal) cashless payments. This is not a trend (as indicated in the Proposal),it is simply the consequence of payment regulation within the EU.
Therefore, all cashless payments in European-wide cross-border e-commerce are involving regulated PSPs according the definition of the Proposal (Art. 243a Par. 1). Only cash transactions can be carried out without involvement of a PSP. But while cash plays a minor role in domestic e-commerce (e.g. Cash-on-Delivery), in cross-border e-commerce cash can be neglected.
The Proposal states that credit transfers, direct debits and card payments would cover almost the totality of online purchases. However, both sources referred to in the first quote above are contradicting this assumption.
The cited “e-shopper barometer 2017” of the DPD group says, the preferred payment methods in European e-commerce are digital wallets (PayPal and Alipay) with 43%, Visa/Mastercard (35%) and domestic card schemes (23%). Only 20% of the interviewed consumers mentioned credit transfers as preferred payment method (20%). Only 11% are preferring direct debits. These figures are related to the total e-commerce activities of consumers (domestic and cross-border). Figures for cross-border e-commerce (currently unknown) would probably display even higher preferences for digital wallets and international card schemes, because domestic cards and domestic e-payments schemes (like iDeal) are rarely accepted outside the country (if at all).
The report of A.T. Kearny (European Payments Strategy Report 2013) which is cited, as well, predicts “the increased use of alternative payments, coupled with fewer cash and ACH transactions” in general
(not only e-commerce). The report defines alternative payments methods as “payments not initiated through a bank account and conducted between mobile phones, through m- or e-wallets, or other non-standard arrangements” (p.5).
Citing these studies, the conclusions of the Proposal should be: credit transfers and direct debits are not the most relevant payment methods in e-commerce, their market shares will decline. Apart from card payments, we have to consider alternative payment instruments as most important payment methods for (cross-border) e-commerce.
Recommendation: In order to find a suitable methodology of payment data collection for the specific instruments most widely used it is essential to get a better understanding of the preferred payment methods of consumers in cross-border e-commerce.
The proposed methodology of data capture is not suitable for the most important payment instruments used in cross-border e-commerce.
Therefore, the methodology for the selection of the available payment data, which should be already held by PSP (according Recital 5) should be focused on the specific data eco-systems of card payments and “alternative payments” (not initiated through a bank account). In its proposal, however, the Commission follows exactly the opposite methodology. According the proposed Art. 243c the preferred methodology for data selection is based on the standardized identification information of traditional payment accounts (IBAN), currently mainly held at credit institutions. This approach would only fit for credit transfers and directs debits, where funds are transferred directly between the payment accounts of the payer and the payee. Even for these transactions most of the required records according Art. 243d are only available at the PSP of the payee, if the payee is a VAT-liable company. A credit transfer can be initiated successfully by the bank of the payer without correct name of the payee, its address, VAT-identification number, etc. The only “hard” data linked to the transaction and kept by the PSP of the payer are the IBANs of the payer and the payee and the transferred amount.
However, credit transfers and direct debits are not the most important instruments when it comes to cross-border e-commerce payments initiated by consumers. For all other kind of transactions (the majority) the envisaged payment data collection must be confined to the BIC of both PSPs as “second level” (first level: IBAN) of aggregation according 243c Par. 1 (b) and Par. 2 (b).
As described below, in the card business the PSPs in a four-party scheme (which are dominating in the European market) are not even able to identify the BIC (or any other business identifier code) of the PSP, acting on behalf of the other contracting ecommerce partner (payer or payee). In case of several alternative payment methods, like proprietary wallet-based schemes, all users (payer and payee) are holding their accounts at the same PSP, which could be registered in any member state. The location of the PSP would be without any relevance regarding the location of the payer or payee. If the proposed rules to determine the location were to be applied, payer and payee would be in the same country, because the BIC of the involved PSP is in the same country. As a consequence, these “domestic” transactions would be out of scope.
The methodology of the proposal is based on the assumption that the VAT-relevant location of the payment user would be (more or less) identical with the location of its PSP who is directly involved in the payment transaction. Despite SEPA, most of the account- and cardholders at the consumer side (the payers) still have a contractual relationship with domestic PSPs. In such cases, the proposed methodology can deliver today more or less sound indications for the VAT-relevant location of the payers. However, it is questionable whether this assumption can also be applied in the future if consumer behavior changes. In the segment of alternative payment methods, we already see that there often is no identity of the location of the PSP and the VAT-relevant location of the payment services user.
Conclusion: for the most widely used payment methods in e-commerce both proposed identification levels (IBAN and BIC) are not suitable to indicate the location of the payer and payee.
For card payments in 4-party schemes, the information about the location of the counterpart PSP is not available at PSP-level
Card payments, initiated by cards of the international card schemes (e.g. Mastercard, Visa, American Express) are likely to be the most widely used payment instruments in cross-border e-commerce. About 90% of these card payments are generated in one of the two 4-party schemes (Mastercard & Visa), where the PSP of the cardholder (“Issuer”) is not identical with the PSP of the merchant (“Acquirer”). A card payment is not a straight-forward transaction between the card account of the payer (at the issuer) and the account of the merchant (at the acquirer). The EU Commission proposes that in such cases one might look at the next identification level. However, there is no directransaction between the issuer and the acquirer, who could be identified by a business identifier code. In the clearing and settlement of a card transaction there are several intermediaries (local clearing banks, international clearing banks, the card scheme and local banks of the issuers and the acquirers, if these PSPs are not licensed as credit institutions) involved. The transactions are bundled and cleared daily at a high aggregation level.
Furthermore, cards issued by a PSP could be linked to a bank account of another PSP (“decoupled debit and credit cards”). In this case, the PSP where the bank account of the cardholder is held, has no data related to specific card transactions if these transactions are aggregated and monthly debited to customer accounts (e.g. delayed debit card transactions).
Only the issuer and the acquirer have specific data of each card transaction. However, the issuer has no data of the acquirer and vice versa. The statement of the Impact Assessment
“It should be noted that, in a payment transaction there usually are at least two payment intermediaries: one acting on behalf of the payer and one acting on behalf of the payee. Both must have the information on the payer and payee in order to execute the payment transaction.”
is not applicable for the card business of 4-party-schemes. The involved PSPs have some information about the counterpart of the transaction, however not the information required by the Proposal.
Conclusion: The methodology as proposed in Art. 243c is not suitable for card payments.
Accordingly, the data requirements should be differentiated with respect to the PSP of the payer and the PSP of the payee.
With regard to data collection, the proposal follows a “one size fits all” approach. All the requirements of the Art. 243b, c and d are obviously relevant for both PSPs (of the payer and payee). For efficiency reasons, the requirements should be differentiated for each market side. Several data required according Art. 243d can only be recorded by the PSP of the payee (e.g. VAT identification number and address of the payee). From a logical point of view, the threshold of 25 payments per calendar quarter to the same payee is only applicable to the PSP of the payee and not to thousands of PSPs acting on behalf of the payer. There is no rationale for this threshold to be applied to the PSP of the payer. As an aside, a fraudulent seller can easily circumvent this ceiling by using several PSPs.
According the proposal, the IBAN of the payer should only be used to determine the location of the payer by the PSP of the payee. If the IBAN is not available (e.g. money remittance), the location of the payer can alternatively be determined by the BIC of the PSP. The only rationale behind the Proposal is to fight cross-border e-commerce VAT fraud. Therefore, the collected information only refers to the receipt of funds by the payee at individual payment account-level (Art. 243d Par 1 (d)). Regarding the determination of the location of the payer, the IBAN of the payer’s account has the same level of quality of information as the BIC of the payer’s PSP. According to the principle of data minimization, the record keeping at IBAN-level should be removed for the determination of the location of the payer (Art. 243c Par. 1 (a)).
Payment methods that are not relevant for the purpose of the proposed Directive, for instance money remittances and card-present payments, should be excluded.
Payment transactions with virtual currencies are probably not in scope of the proposed amendments of the Directive. The Impact Assessment states as reason: “cryptocurrencies are at present very rarely used for the type of transaction covered by this initiative and this does not seem likely to change in the near future.” The same argument would apply to money remittance services, which are in scope according Art. 243a Par. 2. The market share of money remittance as payment method in cross-border e-commerce is probably below 1%. Before imposing considerable costs on an entire industry, the effectiveness of the proposed measure should be considered. For this reason, too, payment habits in cross-border e-commerce should be examined first.
All card payments are in scope of the Proposal. Obviously, card payments at the physical POS (card-present transactions) are not a payment method for e-commerce. Therefore, only card-not-present transactions should be in scope.