Acm.nl uses cookies to analyze how the website is used, and to improve the user experience. Read more about cookies

ACM enforces competition with regard to payment service directive ‘PSD2’

PSD2 is the abbreviation of the revised Payment Services Directive (Payment Services Directive II). This is a European Directive, which promotes more competition and innovation in the payment market. The rules in the directive came into force in the Netherlands on 19 February 2019. As a result thereof, companies that enter the payment market get the opportunity to offer payment services to consumers. This means that consumers will have more options when paying online and offline. For example, paying through your bank will no longer be the only option, but now you can also pay through third parties that offer apps or digital wallets, for instance. In addition, consumers can, if they give their explicit consent, grant companies access to the information of their bank accounts, allowing those companies to make a personal finance book, for example.

With regard to PSD2, the Netherlands Authority for Consumers and Markets (ACM) is responsible for access to payment systems and bank account services of financial institutions such as banks. ACM also oversees the calculation of surcharges for the use of payment methods. In addition, ACM enforces compliance with the competition rules in this sector.

Competition between companies, also on the financial market

New entrants to the payment market have to be able to compete with existing banks on the basis of fair conditions: openness, transparency, and non-discrimination. Recently, ACM has been receiving tip-offs from new competitors on the payment market that getting access to the systems of existing banks is not that easy sometimes, even though it is currently technologically possible or that banks already offer similar services themselves. That is why ACM will closely examine several of those tip-offs.  

What does ACM do?

ACM is charged with oversight of part of PSD2 in the Netherlands. Below, we explain the most important changes to ACM’s regulatory activities:

  • Access to bank accounts

Oversight of access to bank accounts. In order to be able to provide payment services (including new ones), companies need access to individual bank accounts. We check whether banks treat everyone equally when providing that access, and whether such access to the bank accounts is extensive enough in order to offer payment services.

  • Surcharging: calculating extra charges for the use of payment methods

For the majority of payment transactions, retailers are no longer allowed to charge fees for using specific payment methods such as debit cards, direct debit, most credit cards or wire transfers. For payments that do not fall under this surcharge prohibition, such as PayPal or iDEAL (a widely-used online payment method in the Netherlands), retailers are only allowed to charge the actual costs.

  • Access to payment systems

We oversee access to payment systems. In order to be able to offer payment services, it is necessary to get access to the payment systems underpinning those services. We make sure that this access is not unnecessarily restricted or denied.

In addition to the rules laid down in the PSD2, the competition rules (in Dutch), which ACM already enforces, continue to be in force.

Do you have a tip-off or report regarding companies that are impeding fair competition? Submit your tip-off to ACM.

What do other regulators do?

The Dutch central bank (DNB)

DNB issues licenses to banks, payment institutions and electronic-money institutions. Furthermore, DNB oversees the financial positions of banks and payment institutions, the safe access to bank accounts, risk control, and authentication (the way in which you make yourself known to the bank and give permission to access the account).

The Dutch Authority for the Financial Markets (AFM)

AFM oversees the provision of information by payment service providers. It makes sure that payment service providers treat their customers with care.

The Dutch Data Protection Authority (AP)

The AP enforces the protection of people’s privacy. In its enforcement, the AP uses  the requirements laid down in the General Data Protection Regulation (GDPR) and the requirements that have been included in the PSD2. The AP makes sure that consumers are asked for their explicit consent before giving payment service providers access to personal data that is necessary for offering their payment services.

These regulators work together so that oversight of payment service providers that are active on the Dutch market is conducted well.