Who does not know them, the proud national anthems of the individual countries of our European community of states. And not infrequently, these usually catchy melodies are also accompanied by eloquent lyrics, which are supposed to characterize the respective country and the people. We Germans, of course, also have such a “jewel” lying in the drawer and boast, despite the dark stains in the history, to document exactly this text with our liberal and peaceful view of society.
Now, however, the question immediately arises as to how far the heroic intro of our German anthem “Einigkeit und Recht und Freiheit” (“unity and justice and freedom”) has really penetrated our daily life and the processes associated with it. At this point, I do not want to shed light on the social adaptation of this maxim – which would certainly go beyond the scope of this article – but rather question our European payment landscape in the change of the last months/years against this background.
Many aspects, caused not least by the Corona pandemic, have quickly acquired a “taint”, especially with regard to payments, if one takes a deeper look at the latest decisions of various supervisory bodies and their implementation or adaptation to the current payment processes.
The European financial and payment supervisors
The EBA (“European Banking Authority”), as the supreme supervisory body for European payment serbices, has set itself the task of enabling banks and payment service providers, among others, to compete fairly within the EU. This is an ambitious goal – not at least because of the still strongly national payment preferences of European citizens. However, in order to give wings to this eagle of “cross-border payment services”, it is not enough to simply give the European payment service providers a well-known energy drink from the “Austrian Alps”, no, clearly more far-reaching measures and also their control are required in order to create truly uniform conditions and thus promote competition.
For this purpose, the EBA drafts pan-European requirements (such as the SCA – “Strong Customer Authentication” – as the last major measure), which are then to be converted into national law by the national supervisory bodies (BaFin in Germany). BaFin (or its European equivalents) is not only the national implementing body, but also the national supervisory body.
From these remarks it already becomes clear that law is supposed to produce unity. And it is also clear that control of this right always costs a little freedom. To what extent this has succeeded so far and whether it can also succeed in the future, we want to take a closer look in the following.
Unfortunately, the European payments market is far from unified. The multiple national payment methods and their operators are far from using standardized procedures (both procedural and in terms of liability law). Favoured by the mostly market-dominating position, it is then also these national (local) payment methods which usually enjoy the greatest popularity with the nationally resident user. Thus, the market power clearly lies with exactly these local payment methods. And since the hen chases the egg – or was it perhaps rather the other way round? – non-national providers have an even harder time winning the favor of those willing to pay outside their own country’s borders.
It is therefore not surprising that an internationalisation of the girocard has never taken place, although this was already foreseen in the protocols as well as in the settlement definitions (e.g. the fee calculation and settlement phase 2 of the girocard). However, this is not a purely German phenomenon, as other European examples such as iDEAL (Netherlands), Multibanco (Portugal) or Bancontact (Belgium) have also remained at national level.
We in Germany in particular have also learned from the experience of the paydirekt implementation that disagreement between the operators (banks) leads to innovations not being able to develop as desired (if paydirekt could even be described as such at the time of its introduction). On the contrary, the still ongoing disagreement e.g. on efforts like “#DK” lead to parallel initiatives on a European level such as “European Payment Initiative” (EPI) gaining more and more importance and threatening to overtake national efforts. So as long as the chef does not provide a uniform recipe for the soup, not much more than a lean porridge can emerge.
There is an undisputed consensus on the need to protect national payment methods from “hostile attacks”. And in doing so, you don’t look at the size or combat equipment of the attackers. But that’s exactly the weakness that attackers like the major credit card organizations exploit. We have seen such a fight to the detriment of a national debit card system, when in March 2011 the last Switch/Solo cards in the UK finally disappeared – and that through a clever takeover of MasterCard into their Maestro portfolio.
The national operators must therefore be warned that the disunity they themselves cause also permanently incites the wolf lurking in the bushes, just waiting for a moment to take over that is favourable for him. Sometimes this does not even require a special hunting trick. No, sometimes also the national operators are so disunited in their strategy finding among themselves that said wolf comes with a little patience automatically to his victory and/or his booty. For example, the girocard has thoroughly missed the move into e-commerce, even though the workaround via ApplePay at the savings banks has been providing quasi-e-commerce functionality since July of this year. Such failures not only weaken national payment systems, they also make them vulnerable. And in such a case, the wolf likes to tear the weakening sheep.
However, if one observes the efforts of the European nationally operated payment systems, one can unfortunately only draw one conclusion in terms of unity: “So there is still cross-border agreement to remain disunited. “
When Herr von Fallersleben wrote the “Song of the Germans” in 1841, he may have deliberately put unity before right. Perhaps also with the truly pious wish that a people living in unity must lead a community in a right way – and here “right” has nothing to do with geographical orientation! But this idea remains, from historical experience, for the majority a really “pious wish”. Especially in payments with its derivative “e-commerce” there are so many grey areas in which banks, payment service providers, merchants and also buyers “creatively live out” their freedoms that it is or was inevitable to put the law as a regulating authority before unity.
And this is where the supervisory bodies come into play, which, with their specifications and rights, want to or should enable at least an approximately uniform understanding and implementation of payment-relevant processes. These national supervisory authorities, which are orchestrated by the EBA, are the bodies that must implement the technical requirements in national law. However, history also shows that not all implementations into national law are equal. For example, the German financial and payment supervisor BaFin is considered a very restrictive institution in a European comparison, which tends to apply “thumbscrews” in addition to the “EBA handcuffs”, whereas other supervisory bodies would perhaps only apply a loose shackle instead of the “EBA handcuffs”. As we can see, law does not always create unity, especially when European law can be implemented differently or at least differently from one another at national level.
In the past, the EBA has repeatedly formulated a wide variety of requirements and justified them mostly with the protection and/or uniform/comparable use of the payment users, i.e. the purchasers. These requirements were then mostly to be implemented by the processors in the payment processing, even if the requirements themselves were directed at the payment institution providers (because only these are also regulated by the corresponding supervisory bodies). However, if we now look at the result of these requirements on the European payment’s market, we unfortunately have to conclude that, despite these “regulatory measures”, there is still a great deal of inhomogeneity, as we have also justified in the previous section. Of course, there are also positive examples of such regulations, such as the interchange regulation, which made interchange fees at the European level comparable with non-national/European payment procedures or schemes. Another positive example is the introduction of SEPA, although in this example, too, the market has again put a spanner in the works of the EBA’s timetable for the introduction date (similar to the SCA mentioned above).
In the implementation of the legal requirements, however, the scheme operators are still of decisive importance. Although they have to follow the national legal requirements, they often also retreat to their “golf club character” by trying to retreat to the “golf club” member rules defined by themselves. And those rules do not always follow the EBA rulebook 100% of the time. Last but not least, interchange regulation was only introduced across Europe in December 2015 because the major credit card organisations did not want to submit to the coercion of a European commission and took legal action against interchange caps all the way to the highest European court.
It remains to be said, then, that unity is not a good that matures by itself. It can only come about if there is a regulating body that describes and controls this agreement – at least this applies to the European payment market. It is therefore up to the legislature to keep potential room for interpretation as small as possible. And the EBA, as a central body, must fulfil precisely these tasks.
Freedom is a precious good and – as in all areas of life – it is exploited both positively and negatively. Payment service providers are and have always been very creative in the interpretation (or also “expansion”) of payment-relevant specifications. It is precisely this creativity that makes use of possible freedoms in payments to create new products as well as sometimes borderline interpretations of legal requirements, which can then provide (sometimes niche) markets with “market-friendly” solutions. The freedoms in European payments, which result intentionally or unintentionally from the legal requirements, can be used for two different motivations:
Positive use of freedom
New regulations defined by the EBA and implemented into national law via the national supervisors usually serve two objectives:
The introduction of the SCA has shown, for example, that a United Kingdom, which was still a member of the EU at the time, manifested a delayed introduction of the SCA compared to the EBA requirement in order to be able to provide the market with more and perhaps also better possibilities for SCA application in the transitional phase. Equally, when defining new products, payment service providers can also introduce new technologies that can bring a market advantage, especially regarding the first objective. A good example here is certainly Apple, which, for example, created an additional and then new identification option in the payment process with Apple Pay with Face ID in September 2017.
Negative use of freedom
Of course, freedom – just as in civil life – also offers potential that inspires the unlawful use of regulations. Often, existing law is also “stretched” in order to be able to expand freedom. And it is precisely this kind of “use of freedom” that enjoys particular popularity as well as creativity in the payment services market. Payments should provide the buyer/user with a wide range of different, secure payment methods as simply and securely as possible (and this is the aim of the EBA with all its guidelines), but let’s be honest, the product development of the payment service providers is oriented towards the merchant and his directive is: “Generate as much revenue as possible with as little risk as possible”. With this in mind, many new payment products are primarily focused on optimizing economies of scale for the merchant and only consider the risk aspect secondarily. Especially in the area of negative use of freedom, this “product strategy” naturally opens up even more potential if the payment service provider leaves the risk out of the product description and unwittingly leaves potential damage limitation or damage assumption to the merchant. Such new products usually only have a limited life span, as their providers or at least the product concerned disappear from the market with the first super-GAU of a merchant default.
The control of freedom
Freedom is always an area defined by borders, and these borders need to be controlled in order to protect freedom. However, it is precisely this control that is an essentially important part of the tasks of the national supervisory bodies. And again, these control duties are carried out in very different ways by the various national supervisory bodies. It should also be noted, however, that the supervisory bodies usually monitor payment service providers that do not hold full banking licences less closely or with less frequency than they do, for example, with companies that hold full banking licences. The Wirecard debacle is an unfortunately prominent, if not very laudable, example of this thesis here. Thus, deducing from historical truth, it is more likely that a payment service provider will “collect” a warning from a credit card organization or even be “deprived” of its license if it defies said credit card organization’s set of rules than that the supervisory body will “deprive” it of its payment service provider license for the same motivation.
Hence – what follows from this or what do we learn?
Freedom is therefore not a guarantee for an optimization of products/features. Rather, it is a guarantee for the creation of new payment methods/features. The rules and regulations of the EBA and its national supervisors are intended above all to restrict creativity in the area of the negative use of freedom without impairing the positive use of freedom. This is not always an easy process that supervisors have to make attractive to the market.
The standardisation of payment processes or systems at EU level is an ambitious idea that is not only intended to stimulate competition within the EU, but also to provide those willing to pay with a pan-European payment function or at least with products that are comparable throughout the EU. However, this project can only succeed if the supervisory authorities, promotes and uniformly regulates this project with sensible legal requirements that are, above all, adapted to the current market conditions.
The legal assessment in the conception of new European payment instructions by the EBA is certainly the basis of any change in the European payment market. However, if the aim is to achieve agreement across the various member states, special emphasis should always be placed on the established payment practice to date when designing and formulating such new payment instructions – and, as we have seen, this can vary greatly from one country to another. A purely legal approach to the implementation of a new set of rules is usually not sufficient. This has also been observed with the introduction of the SCA, where not only the market delayed the introduction, but also many details were subsequently added to the RTS (“Regulatory Technical Standards”) as comments of the EBA, which were not yet available on the introduction date of 14 September 2019 – but which inevitably arose in the course of the implementation.
If the market then succeeds in establishing such new or also amended payment innovations in agreement with the supervisory requirements, then at the latest the national supervisory body must again fulfil its obligation to monitor precisely these innovations. And in this process, the principle of “equal rights for all” must apply, which of course only works if the national legal requirements have also been manifested identically. However, it seems to me that achieving this goal is hardly achievable at the present time, or at least not lived out across the EU.
If today an “amended Mr. Fallersleben” were to write a hymn to the payment services world here in the EU, he would perhaps remember his old ideas of 1841, but then perhaps rather begin with “Equal rights create unity, which give freedom to all, but may also be protected”. And of course, there’s a rapped version of Beethoven’s 9th underneath, so as not to forget the contemporary European idea.
Now, of course, one can say that this maxim is certainly applicable to many areas of life – and that is also undeniably correct. However, a special feature of the payment market makes the implementation of exactly this maxim more difficult than in other cases of application, because in the European payment services universe the “Galaxy Patrol”, i.e. the various national supervisory bodies, is not only legislative, but also judicial and executive. And exactly the last task component is only lived in an insufficient way, which of course inspires the above-mentioned negative idea of freedom and thus counteracts homogenisation.
So, it remains to be seen how the EBA will steer the European payment services ship into a safe, international port…