Directive 2007/64/EC of the European Parliament and of the Council (repealed)Show full title

CHAPTER 2Authorisation of payment transactions

Article 54Consent and withdrawal of consent

1.Member States shall ensure that a payment transaction is considered to be authorised only if the payer has given consent to execute the payment transaction. A payment transaction may be authorised by the payer prior to or, if agreed between the payer and his payment service provider, after the execution of the payment transaction.

2.Consent to execute a payment transaction or a series of payment transactions shall be given in the form agreed between the payer and his payment service provider.

In the absence of such consent, a payment transaction shall be considered to be unauthorised.

3.Consent may be withdrawn by the payer at any time, but no later than the point in time of irrevocability under Article 66. Consent to execute a series of payment transactions may also be withdrawn with the effect that any future payment transaction is to be considered as unauthorised.

4.The procedure for giving consent shall be agreed between the payer and the payment service provider.

Article 55Limits of the use of the payment instrument

1.In cases where a specific payment instrument is used for the purposes of giving consent, the payer and his payment service provider may agree on spending limits for payment transactions executed through that payment instrument.

2.If agreed in the framework contract, the payment service provider may reserve the right to block the payment instrument for objectively justified reasons related to the security of the payment instrument, the suspicion of unauthorised or fraudulent use of the payment instrument or, in the case of a payment instrument with a credit line, a significantly increased risk that the payer may be unable to fulfil his liability to pay.

3.In such cases the payment service provider shall inform the payer of the blocking of the payment instrument and the reasons for it in an agreed manner, where possible, before the payment instrument is blocked and at the latest immediately thereafter, unless giving such information would compromise objectively justified security reasons or is prohibited by other relevant Community or national legislation.

4.The payment service provider shall unblock the payment instrument or replace it with a new payment instrument once the reasons for blocking no longer exist.

Article 56Obligations of the payment service user in relation to payment instruments

1.The payment service user entitled to use a payment instrument shall have the following obligations:

(a)to use the payment instrument in accordance with the terms governing the issue and use of the payment instrument; and

(b)to notify the payment service provider, or the entity specified by the latter, without undue delay on becoming aware of loss, theft or misappropriation of the payment instrument or of its unauthorised use.

2.For the purposes of paragraph 1(a), the payment service user shall, in particular, as soon as he receives a payment instrument, take all reasonable steps to keep its personalised security features safe.

Article 57Obligations of the payment service provider in relation to payment instruments

1.The payment service provider issuing a payment instrument shall have the following obligations:

(a)to make sure that the personalised security features of the payment instrument are not accessible to parties other than the payment service user entitled to use the payment instrument, without prejudice to the obligations on the payment service user set out in Article 56;

(b)to refrain from sending an unsolicited payment instrument, except where a payment instrument already given to the payment service user is to be replaced;

(c)to ensure that appropriate means are available at all times to enable the payment service user to make a notification pursuant to Article 56(1)(b) or request unblocking pursuant to Article 55(4); on request, the payment service provider shall provide the payment service user with the means to prove, for 18 months after notification, that he made such notification; and

(d)to prevent all use of the payment instrument once notification pursuant to Article 56(1)(b) has been made.

2.The payment service provider shall bear the risk of sending a payment instrument to the payer or of sending any personalised security features of it.

Article 58Notification of unauthorised or incorrectly executed payment transactions

The payment service user shall obtain rectification from the payment service provider only if he notifies his payment service provider without undue delay on becoming aware of any unauthorised or incorrectly executed payment transactions giving rise to a claim, including that under Article 75, and no later than 13 months after the debit date, unless, where applicable, the payment service provider has failed to provide or make available the information on that payment transaction in accordance with Title III.

Article 59Evidence on authentication and execution of payment transactions

1.Member States shall require that, where a payment service user denies having authorised an executed payment transaction or claims that the payment transaction was not correctly executed, it is for his payment service provider to prove that the payment transaction was authenticated, accurately recorded, entered in the accounts and not affected by a technical breakdown or some other deficiency.

2.Where a payment service user denies having authorised an executed payment transaction, the use of a payment instrument recorded by the payment service provider shall in itself not necessarily be sufficient to prove either that the payment transaction was authorised by the payer or that the payer acted fraudulently or failed with intent or gross negligence to fulfil one or more of his obligations under Article 56.

Article 60Payment service provider's liability for unauthorised payment transactions

1.Member States shall ensure that, without prejudice to Article 58, in the case of an unauthorised payment transaction, the payer's payment service provider refunds to the payer immediately the amount of the unauthorised payment transaction and, where applicable, restores the debited payment account to the state in which it would have been had the unauthorised payment transaction not taken place.

2.Further financial compensation may be determined in accordance with the law applicable to the contract concluded between the payer and his payment service provider.

Article 61Payer's liability for unauthorised payment transactions

1.By way of derogation from Article 60 the payer shall bear the losses relating to any unauthorised payment transactions, up to a maximum of EUR 150, resulting from the use of a lost or stolen payment instrument or, if the payer has failed to keep the personalised security features safe, from the misappropriation of a payment instrument.

2.The payer shall bear all the losses relating to any unauthorised payment transactions if he incurred them by acting fraudulently or by failing to fulfil one or more of his obligations under Article 56 with intent or gross negligence. In such cases, the maximum amount referred to in paragraph 1 of this Article shall not apply.

3.In cases where the payer has neither acted fraudulently nor with intent failed to fulfil his obligations under Article 56, Member States may reduce the liability referred to in paragraphs 1 and 2 of this Article, taking into account, in particular, the nature of the personalised security features of the payment instrument and the circumstances under which it was lost, stolen or misappropriated.

4.The payer shall not bear any financial consequences resulting from use of the lost, stolen or misappropriated payment instrument after notification in accordance with Article 56(1)(b), except where he has acted fraudulently.

5.If the payment service provider does not provide appropriate means for the notification at all times of a lost, stolen or misappropriated payment instrument, as required under Article 57(1)(c), the payer shall not be liable for the financial consequences resulting from use of that payment instrument, except where he has acted fraudulently.

Article 62Refunds for payment transactions initiated by or through a payee

1.Member States shall ensure that a payer is entitled to a refund from his payment service provider of an authorised payment transaction initiated by or through a payee which has already been executed, if the following conditions are met:

(a)the authorisation did not specify the exact amount of the payment transaction when the authorisation was made; and

(b)the amount of the payment transaction exceeded the amount the payer could reasonably have expected taking into account his previous spending pattern, the conditions in his framework contract and relevant circumstances of the case.

At the payment service provider's request, the payer shall provide factual elements relating to such conditions.

The refund consists of the full amount of the executed payment transaction.

For direct debits the payer and his payment service provider may agree in the framework contract that the payer is entitled to a refund from his payment service provider even though the conditions for refund in the first subparagraph are not met.

2.However, for the purposes of point (b) of the first subparagraph of paragraph 1, the payer may not rely on currency exchange reasons if the reference exchange rate agreed with his payment service provider in accordance with Articles 37(1)(d) and 42(3)(b) was applied.

3.It may be agreed in the framework contract between the payer and the payment service provider that the payer has no right to a refund where he has given his consent to execute the payment transaction directly to his payment service provider and, where applicable, information on the future payment transaction was provided or made available in an agreed manner to the payer for at least four weeks before the due date by the payment service provider or by the payee.

Article 63Requests for refunds for payment transactions initiated by or through a payee

1.Member States shall ensure that the payer can request the refund referred to in Article 62 of an authorised payment transaction initiated by or through a payee for a period of eight weeks from the date on which the funds were debited.

2.Within ten business days of receiving a request for a refund, the payment service provider shall either refund the full amount of the payment transaction or provide justification for refusing the refund, indicating the bodies to which the payer may refer the matter in accordance with Articles 80 to 83 if he does not accept the justification provided.

The payment service provider's right under the first subparagraph to refuse the refund shall not apply in the case set out in the fourth subparagraph of Article 62(1).