EFA- ETPPA joint proposition paper on the AMLR

You can find the PDF version of the position paper here.

The EFA and the ETPPA associations recommend the exclusion of PISPs from the scope of the AMLR.

  • PISPs are “technical service providers” providing software tools by which payment orders
    are transmitted by the Payment Service User (PSU) to his or her bank.
  • PISPs are not carrying out (executing) payments, which is done exclusively by the banks and
    are not touching any funds.
  • PISPs are essentially just software providers filling in a credit transfer form (rather than
    requesting the payer to do it manually online).
  • Therefore, they cannot be considered “financial institutions” as they do not hold or handle
    funds and do not conduct any “financial activity” – it is the Bank that carries out the
  • PISPs cannot provide any additional information to the data already controlled by the credit
    institutions they work with. Therefore, including TPPs as “obliged entities” would not be riskproportionate and would duplicate banks’ AML efforts.
  • It should be noted that PISPs, as an unnecessary witness, are not adding, but reducing the risk
    of AML. They have even less information than AISPs about users’ accounts and transactions.
    The EFA and ETTPA welcome the exclusion of AISPs from AMLR and recommend also the exclusion of PISPs. Find below the suggested amendments to Article 2. This would exclude PISPs as well as AISPs.
    If the exclusion of PISPs is not accepted:
    The EFA and the ETPPA recommend strengthening the text of Recital 34, to make clear that PISPs
    serving merchants under no circumstances have to perform CDD on payers. Otherwise, this would
    kill the PISP business model altogether.
  • The established practice in Europe is that the account-servicing payment service provider
    (typically a bank) performs CDD on its customers, the account holders while merchant-facing
    payment services providers perform CDD on their customers which are the merchants. This
    makes sense since the payer is the customer of the bank and in all instances, the payment
    comes directly from the payer’s bank account.
  • The current AML legislation does not address the PIS case explicitly and leaves room for
    interpretation with some national competent authorities taking the view that under current
    legislation payers can become customers of PISPs.
  • Such interpretation would make it very difficult for PISPs to carry out the mandate given to
    them in PSD2 to compete with cards and other payment solutions. Why would any consumer
    take the time and effort to scan and submit their passport copies and pay slips when paying
    from their bank account using PIS, if they never have to think about this when paying with
    debit or credit cards, or iDeal and similar solutions?
  • The EBA Q&A 2021_6048 (published on 17 Mar-2023) brought payer-CDD into scope for
    occasional transactions. This clarification is of utmost importance, otherwise, PISPs could not
    compete with card payments, where neither Card Acquirers nor Card Processors (nor their
    facilitators like ApplePay or GooglePay) have any obligation to CDD the payer, neither for the
    establishment of a business relationship nor for occasional transactions.
  • EFA and ETPPA call on to ensure in AMLR trialogues that Recital 34 of the AML Regulation
    makes it 100% clear that merchant-facing PISPs should perform CDD on the payee only, both
    in terms of the establishment of a customer relationship and for occasional transactions,
    and no matter whether they touch payee (merchant) funds or not. This is required to put PIS
    on a level playing field with cards, online banking payment solutions

More Positions