Malta: Is The Payee Information Provided To The Payer Accurate And Meaningful? – A PSP's Obligation Under The PSD

"A payer's PSP is required to provide that payer with information enabling the payee who benefited from a payment transaction to be identified and not only the information which that PSP, after making its best efforts, has available with regard to that payment transaction" – judgement of the Court of Justice (CJEU) of the 16 March 2023.

In a judgement of the Court of Justice (Fifth Chamber) (the "Court") of 16 March 2023, C-351/21 in connection with a reference for a preliminary ruling, the Court dealt with the extent of the obligation of a payment service provider ("PSP") to provide a payer with information relating to the payee.¹ Additionally, it is interesting to note that this point was being considered vis-à-vis "unauthorised transactions. (Although this judgement was given with reference to a framework contract considered to be regulated by Directive 2007/64/EC ("PSD1"), the relative quoted PSD1 provisions are likewise applicable under Directive 2015/2366 on payment services (the "PSD2").

The facts of the case were briefly as follows: ZG, a Belgian resident held a bank account and a debit card with Beobank SA (the "Bank") in Belgium. He made a payment using his debit card in an entertainment venue located in Valencia, Spain. This payment was followed by two more payments on the same mobile payment terminal for the amounts of EUR 991 and EUR 993 respectively. ZG contended that the latter two payments were unauthorised and sought a refund from the Bank. ZG claimed that he had been the victim of fraud facilitated by the administration of a drug and he would not even remember the events of the evening in question including the name of the venue where he was at. The Bank refused however, to refund the payments contending that ZG authorised them or at the very least that ZG was 'grossly negligent'.

The Magistrate's Court for the Canton of Forest, Belgium (the "referring court") commented that the Bank provided only the digital reference and the geolocation of the payment terminal without stating the identity of the payee, other than the following words: 'Com Su Valencia Esp' and that the Bank refused to provide further clarification stating that it had received no additional information from ATOS, the manager of that payment terminal. According to the Bank, it was the payee's bank in Spain, Sabadell, which refused to pass on the information identifying the trader concerned.

The referring court asked the Court of Justice (the "Court") whether Article 47(1)(a) of PSD1² must be interpreted as meaning that a payer's PSP is required to provide that payer with information enabling the natural or legal person who benefited from a payment transaction debited from that payer's account to be identified and not only the information which that PSP, after making its best efforts, has available with regard to that payment.

Article 47(1)(a) provides that, after the amount of an individual payment transaction has been debited from a payer's account the payer's PSP is to provide the payer with certain information without delay, including a reference enabling the payer to identify each payment transaction and 'where appropriate, information relating to the payee'. The 'information' which is to be provided, pursuant to the payee of the payment transaction concerned is not specified further. In particular, the wording of Article 47(1)(a) does not make it possible to determine, whether the obligation to provide that information constitutes an obligation to use best endeavours or an obligation to achieve a certain result, in particular, because of the words 'where appropriate' in that provision.

The Court held that in the light of harmonisation intended by PSD1, it must be held that the information obligations provided for in Article 47(1) are necessarily obligations which the Member States must implement without derogating from them or in any manner categorising them as obligations to use best endeavours and not as obligations as to the result to be achieved. Article 47(1) contrasts to certain other provisions (of PSD1 and PSD2) where deployment of efforts is sufficient to comply with the requirements of those provisions. For instance, in other provisions one notes wording such as make 'reasonable efforts' or 'immediate efforts' to recover funds or trace a non-executed or incorrectly executed payment transaction.³

As regards the phrase 'where appropriate' that wording cannot be understood as meaning that the PSP must provide the payer with information enabling the identification of the payee of a payment transaction only if, after making efforts in that regard, it has that information. By contrast, that phrase must be understood as meaning, that the information relating to the payee of a payment transaction which the PSP must provide to the payer concerned after the amount of a payment transaction has been debited from that payer's account, includes information which that PSP has or should have at its disposal in accordance with EU law.

The Court contends that one of the objectives pursued by PSD1 was to ensure that users can easily identify payment transactions by having 'the same high level of clear' information, both necessary and sufficient with regard to payment transactions themselves and which is proportionate to the needs of those users. In the Court's view, PSD1 sought to establish a high 'standard' as regards the information that PSPs are required to transmit to users. The Court decreed the information which the PSP had to provide to the payer concerned had to be sufficiently accurate and meaningful. In the absence of such a description, the payer would not be able, with the help of that information, to identify with certainty the payment transaction concerned. In addition, the provision of the other information such as the amount of the transaction concerned and the value date or the date of receipt of that transaction were of no interest to the payer, since he would not be able to link that information to a specific payment transaction.

In so far as the 'reference enabling the payer to identify each payment transaction', although that reference is suitable for integrated automated processing, it does not put the payer concerned in a position to link that refers to a specific payment transaction, It is therefore necessarily in the context of the additional element referred to in the second limb of Article 47(1)(a), namely the 'information relating to the payee', that the PSP of the payer concerned had to provide to the payer the information necessary to meet fully the requirements stemming from that provision.

Furthermore, the Court argued that it is the payer's PSP that exercises control throughout the various stages of the execution of a payment transaction and this enables it to request intermediaries to provide it with appropriate information regarding the payee concerned, in particular where, as in the present case, that payment transaction is carried out by means of technical infrastructure owned by such an intermediary.

The Court therefore decided that a payer's PSP is required to provide that payer with information enabling the payee who benefited from a payment transaction to be identified and not only the information which that PSP, after making its best efforts, has available with regard to that payment transaction.

Footnotes

1. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A62021CJ0351

2. Article 57(1)(a) under PSD2 and Paragraph 33(1) of the Central Bank of Malta Directive no. 1

3. See Articles 88(3) and 89(1) of PSDII and Paragraph 63(3) and 64(5) of CBM Directive no. 1

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.