Payment Institutions
PSD2 Implemented into Maltese Law: What now?
On the 2nd August 2019, Bill 89 of 2019, entitled “Various Financial Services Laws (Amendment) Act, 2019” was published in the Government Gazette to become Act XXVI of 2019. This law will effectively amend the Banking Act (Chapter 371 of the Laws of Malta) and Financial Institutions Act (Chapter 376 of the Laws of Malta), making several amendments to the text of those principal legislative instruments dealing with various elements introduced by the Second Payment Services Directive, or, as it has come to be more affectionately known, “PSD2”, as a preference to the more formal and somewhat more taxing reference: “Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC.”
This legislation represents the end of a lengthy procedure, being almost 19 months after the target implementation date of the 13th January 2018. The Malta Financial Services Authority (MFSA) has, however, been consistent in applying PSD2 principles and requirements as a matter of policy, keeping in mind the legislative process that was underway. The Act also made some very minor amendments to the Malta Financial Services Authority Act, the Financial Markets Act and the Companies Act, unrelated to PSD2.
So what does the implementation of PSD2 into Maltese law effectively mean for banks and payment institutions licensed to carry out such payment services?
The implementation of PSD2 into Maltese law does not trigger any obligation for a bank or financial institution already licensed by the MFSA as home state regulator to provide payment services to seek any re-authorisation of these activities of any passporting rights exercised by the operator prior to the implementation of these amendments. The transition from PSD1 to PSd2 is largely a seamless process. There are, however, some key pointers that should be taken into account by payment services operators, be they banks or financial institutions, which are provided in the transitory provisions of Act XXVI:
- Operators that have been granted a licence to provide the execution of payment transactions in terms of paragraph 7 of PSD1[1] shall retain that licence for the provision of those payment services which are considered to be payment services as referred to in paragraph 2(c) of the second schedule of the amended Financial Institutions Act – which corresponds to paragraph 3 of Annex I to PSD2- where, by January 2020, the MFSA has evidence that the requirements set out in paragraph (c) of Articles 7 and 9 of PSD2 are satisfied.
Any companies being licensed to offer the execution of payment services under paragraph 2(g) of the Second Schedule to the Financial Institutions Act should be aware that this activity has been deleted as a result of these amendments and replaced by paragraph 2(c) of the Second Schedule as amended, which corresponds to paragraph 3 of Annex I to PSD2. Operators must demonstrate to the MFSA that the provisions of Article 7 of PSD2 (initial capital) and article 9 of PSD2 (calculation of own funds) are duly satisfied.
- Operators being legal persons that, before 12 January 2016, performed in Malta activities of payment initiation service providers (PISP) and account information service providers (AISP), shall, until 18 after the date of entry into force of the regulatory technical standards (RTSs) referred to in Article 98 of PSD2, be entitled to continue to perform such activities in Malta in accordance with the applicable regulatory framework.
- Until individual account servicing payment service providers comply with the said RTs, account servicing payment service providers shall not block or obstruct the use of payment initiation services or account information services for the account that they are servicing.
The transitory provisions also require that any operators in possession of a licence on the entry into force of this Act are required to include a statement in any form or medium of marketing activity or communication disseminated to the public, to the effect that the institution is licensed or registered, as applicable, by the competent authority, together with the address of the competent authority, by not later than the 2nd November 2019.
A copy of Act XXVI of 2019 is available here.
For further information about ensuring compliance with PSD2 requirements or to understand how GVZH Advocates can help you with any of your financial services regulatory requirements, please contact us here.
[1] “Execution of payment transactions where the consent of the payer to a payment transaction is transmitted by means of any telecommunication, digital or IT device and the payment is made to the telecommunication, IT system or network operator, acting solely as an intermediary on behalf of the payment service user and the supplier of the goods and services.”