Payment Institutions

The tasks performed by payment institutions address a broad range of aspects relating to payment services. Each type of activity requires a separate licence, which is granted by the respective supervisory authority. Payment services that require a licence are defined in Article 1 para. 2 ZaDiG 2018:

• Incoming payment transactions (no. 1)
• Outgoing payment transactions (no. 2)
• Payment transactions (no. 3)
  • Direct debit transactions
  • Payment card transactions
  • Credit transfer transactions
• Payment transactions involving the granting of credit (no. 4)
  • Direct debit transactions
  • Payment card transactions
  • Credit transfer transactions
• Payment instrument transactions (no. 5)
  • Issuing of payment instruments (Issuing)
  • Acquiring of payment transactions (Acquiring)
• Money remittance transactions (no. 6)
• Payment initiation services (no. 7)
• Account information services (no. 8)

In addition to payment institutions, among other entities credit institutions, electronic money institutions as well as the Oesterreichische Nationalbank, the Government of the Republic of Austria and the provinces are also permits to provide payment services within their administrative jurisdiction. In the case of credit institutions, which services they are allow to provide depends upon which banking transactions they are authorised to conduct. Unlike credit Institutions, payment institutions are not permitted to conduct other services over and above those listed above. Other business, which requires a banking licence, in particular deposit-taking business, is not permitted to be conducted by payment institutions.

Increased security in payment transactions and increasing consumer protection

Security in payment transactions is consequently increased, with the security requirements for the execution of online payments being increased (“strong customer authentication”) as the rules in relation to liability in the case of unauthorised payments being defined in a clear and customer-friendly manner. Chapters 3 and 4 of ZaDiG 2018 stipulate the transparency of the contractual conditions and information requirements for payment services. Customers must be information about all fees that are incurred. Similarly, in the case of an error occurring in relation to a transfer or a payment transaction, clear rules on liability have been established. These rules in principle apply to all providers of payment services (primarily credit institutions, payment institutions and electronic money institutions).

There have been numerous technical innovations in recent years in the field of payments. The European legislator views there to be a sizeable potential for competition and innovation in this field, it therefore wishes to reinforce legislation accordingly.

This is intended to happen by means of the new rules that have been added to the SEPA Regulation (Regulation (EU) 260/2012), that have been added by means of the Instant Payments Regulation, (IPR) in Regulation (EU) 2024/886.

The objective of the new rules is for transfer business to become even faster and more secure within the EEA and for all the accompanying rules to be applied in a uniform manner throughout the EEA.

To achieve this objective, the European legislator has defined the following measures within the Instant Payments Regulation:

• Every payment service provider in the EU that offers transfers in Euro (= sending and receiving), is also obliged to offer them as instant transfers.
• Payment service providers are not permitted to demand additional charges for instant transfers in Euro that for normal Euro transfers.
• Payment service providers are required to check whether the details provided by the payer match the account number (International Bank Account Number, IBAN) and the name of the payment recipient (payee verification).
• Payment service providers are now only required to conduct a sanctions list screening at least once a day for instant transfers.
• In relation to the Instant Payments Regulation, payment service providers are required to submit a report every 12 months to the Oesterreichische Nationalbank (OeNB) (covering price developments as well as payments that have been refused to be conducted).

For further information, please consult the information document “Informationen zur Verordnung über Echtzeitüberweisungen (Verordnung (EU) 2024/886)” which can be downloaded here. The information is intended in particular to provide assistance for the addressees of this regulation.

Information zur Verordnung über Echtzeitüberweisungen (Verordnung (EU) 2024/886) (Format: pdf, Size: 254,4 KB, Language: German)

Following the Payment Services Act 2009 (ZaDiG 2009) having transposed the European Directive 2007/64/EC, the Payment Services Directive (PSD ), the second Payment Services Directive (PSD2) entered into force in early 2016. The PSD2 has been transposed by ZaDiG 2018. New market participants (so-called “FinTechs”) in the form of payment initiation service providers or account information service providers are now also subject to a clear legal framework and supervision by the Financial Market Authority (FMA), with consumer protection thereby being strengthened. Security in payment transactions is consequently increased, by virtue of security requirements for the execution of online payments being increased as the rules in relation to liability in the case of unauthorised payments being defined in a clear and customer-friendly manner.

SEPA

Following the entry into force of the Single European Payment Area (SEPA) transfers within Europe have become quicker and cheaper. Credit institutions are only allowed to process transactions using IBAN and BIC .