The European Commission has published a Q&A titled "Clarifications of requirements of the Instant Payments Regulation". Kjeld Herreman, Head of Strategy Advisory at RedCompass Labs, explains what it means for the industry.
On the 23rd of July 2024, the European Commission published "Clarifications of requirements of the Instant Payments Regulation". The document provides much-needed clarity on several pressing issues for the industry and addresses major changes and challenges payment service providers (PSPs) face.
To save you from reading 203 questions across 82 pages, we’ve highlighted the most impactful updates for banks and financial institutions.
Here are five things you need to know about the European Commission’s Q&A on Instant Payment Regulation implementation:
The first thing to note is the reduction in end-to-end instant payment processing from 25 to 10 seconds.
Question 29 (Article 5a(3) IPR)"The starting point is the time of receipt by the payer’s PSP of a payment orderfor an instant credit transfer (see Article 5a(4), point (c)). However, that particularmoment of receipt might differ depending on the situation (see Article 5a(3))."
The new rules mean the bank’s entire instant payment process needs to be tightened up. Not only will this increase the demand on the bank's IT systems to further reduce latency and processing times, but it also makes the indirect participation model more challenging.
In this model, a payment goes through a direct participant (an entity with access to the payment system operator that can settle payments) to an indirect participant (an entity that does not have access to the payment system operator and cannot settle payments) and then back to the direct participant for clearing.
The extra step – using a direct participant to settle a payment instead of settling directly – adds time to an already economically strained model.
We believe this change may alter the set-up and offerings envisioned by some banks. Some may be forced to establish direct connections to clearing systems as a result.
The Q&A suggests end-to-end instant payment processing will now be as follows:
The European Payments Council (EPC) will need to update its rulebook to reflect these new requirements, ensuring that the payment process is streamlined to meet the new 10-second mandate.
Another major update is the increase in transaction limits. The current cap of 100,000 euros for instant payments will be removed, aligning it with traditional payment methods.
Question 67 (Recital (19), Article 5a(6) IPR)
"The regulation does not set any transaction-level limits for instant credit transfers in euro.
That reflects the co-legislator’s position that there should be no ‘default’ transaction-based
limits (like the €100,000 limit in the current rulebook of the SCT Inst Scheme) set by PSPs
specifically for instant credit transfers in euro."
This change opens instant payments to a broader range of business-to-business (B2B) use cases. No longer constrained by a 100,000 euro cap, businesses will be free to make much bigger instant payments. This may be particularly useful for industries such as manufacturing, where payments are large, cash flow is king, and the supply chain is long and complex.
However, it will be challenging for financial institutions in terms of liquidity management and fraud prevention.
With such large payments leaving at any moment, banks will be less certain about the deposit limits they need to maintain in pre-funded dedicated cash accounts to cover the settlement of instant payments. Financial institutions will need to adapt their systems to handle larger transaction volumes instantly and around the clock.
This adjustment poses a potential risk, as fraudsters could exploit the increased limits. The UK, for example, has seen a noticeable spike in authorized-push-payment fraud since increasing its faster payment limits from £250,000 to £1 million. The EU will certainly want to avoid the same fate.
A notable point of contention is the availability and reliability of updated sanctions lists.
As part of the new regulations, PSPs must screen their customers against the EU sanctions list at least daily. The EU has gone as far as to prohibit screening individual transactions.
The European Commission acknowledges the challenge banks face in meeting this requirement but does not seem to offer any support to ease the burden. Banks are instead explicitly told to navigate these complexities on their own, ensuring their systems can handle real-time payments without falling afoul of regulatory requirements.
Question 161 (Article 5d(1) IPR)
"Firstly, the consolidated list published by the Commission is not envisioned to serve the
purpose of PSPs’ obligation referred to in Article 5d(1).
Secondly, ensuring immediate compliance with targeted financial restrictive measures is
already required by the Council Regulations adopted in accordance with Article 215 TFEU,
otherwise the restrictive measures would not be effective. Such compliance is to be
ensured by PSPs regardless of the type of screening put in place (e.g., transaction based or
screening of own clients as required by Article 5d(1)).
PSPs are responsible for and must put in place the necessary measures to comply with this
obligation. Therefore, fulfilment of their obligations to effectively comply with targeted
financial restrictive measures cannot be dependent on the Commission’s ability to provide
updates to its list."
So if someone is added to the EU sanctions list, PSPs must immediately screen their client base to ensure compliance.
And if a sanctioned person has been flagged in their system, PSPs are also expected to suspend the provision of instant credit transfer services to that client until the alert is resolved.
What's more, the prohibition on transaction-based screening applies specifically to EU-wide sanctions lists. PSPs may still need to comply with other sanctions regimes (e.g., United Nations Security Council sanctions) and national laws. They must also consider entities owned or controlled by designated persons, as required by EU sanctions regulations.
The lack of reliable, up-to-date sanctions lists adds to the compliance challenges. Financial institutions must develop robust internal mechanisms to manage these risks.
The new regulations also address the need for instant currency conversion. Banks will be required to perform real-time currency conversions, even during times when FX markets are closed. This stipulation introduces a significant challenge for financial institutions, as they must manage the risk of currency fluctuations without the ability to trade in the open market.
With transaction limits uncapped, banks face the dual pressures of regulatory compliance and financial risk management. They must balance the necessity of instant currency conversion with the potential exposure to adverse FX movements, particularly during weekends and non-business hours. This could force banks to hold larger reserves or develop sophisticated hedging strategies to mitigate these risks.
The regulation mainly applies to banks that provide payment accounts, which can send or receive money from third parties. This creates a loophole for certain savings and private banks that do not offer payment accounts, potentially exempting them from the requirement to implement instant payments.
For banks without a significant client use case for instant payments, this exemption could mean substantial savings, as they won't need to invest heavily in new infrastructure to comply with the regulation. However, this also means that not all banks will be equally prepared to support instant payments, creating disparities in the market.
The European Commission’s clarifications on the instant payments regulation provide essential guidance for financial institutions. The reduction in processing times, increased transaction limits, identified exceptions, compliance challenges, and currency conversion requirements are critical areas that banks must address to comply with the new regulations.
At RedCompass Labs, we understand the complexities these changes bring to your institution. Have you assessed how these Q&A responses impact your operations? If not, contact us for an in-depth analysis and tailored solutions to navigate these regulatory changes effectively.
[Editors note: this article was updated on 30/07/2024. Verification of Payee was moved from third to first place in the payment initiation process in section one.]