- Latest available (Revised)
- Original (As made)
The Payment Services Regulations 2009
You are here:
- UK Statutory Instruments
- 2009 No. 209
- PART 6
- Authorisation of payment transactions
What Version
More Resources
Status:
This is the original version (as it was originally made). This item of legislation is currently only available in its original format.
Authorisation of payment transactions
Consent and withdrawal of consent
55.—(1) A payment transaction is to be regarded as having been authorised by the payer for the purposes of this Part only if the payer has given its consent to—
(a)the execution of the payment transaction; or
(b)the execution of a series of payment transactions of which that payment transaction forms part.
(2) Such consent—
(a)may be given before or, if agreed between the payer and its payment service provider, after the execution of the payment transaction; and
(b)must be given in the form, and in accordance with the procedure, agreed between the payer and its payment service provider.
(3) The payer may withdraw its consent to a payment transaction at any time before the point at which the payment order can no longer be revoked under regulation 67.
(4) Subject to regulation 67(3) to (5), the payer may withdraw its consent to the execution of a series of payment transactions at any time with the effect that any future payment transactions are not regarded as authorised for the purposes of this Part.
Limits on the use of payment instruments
56.—(1) Where a specific payment instrument is used for the purpose of giving consent to the execution of a payment transaction, the payer and its payment service provider may agree on spending limits for any payment transactions executed through that payment instrument.
(2) A framework contract may provide for the payment service provider to have the right to stop the use of a payment instrument on reasonable grounds relating to—
(a)the security of the payment instrument;
(b)the suspected unauthorised or fraudulent use of the payment instrument; or
(c)in the case of a payment instrument with a credit line, a significantly increased risk that the payer may be unable to fulfil its liability to pay.
(3) The payment service provider must, in the manner agreed between the payment service provider and the payer and before carrying out any measures to stop the use of the payment instrument—
(a)inform the payer that it intends to stop the use of the payment instrument; and
(b)give its reasons for doing so.
(4) Where the payment service provider is unable to inform the payer in accordance with paragraph (3) before carrying out any measures to stop the use of the payment instrument, it must do so immediately after.
(5) Paragraphs (3) and (4) do not apply where provision of the information in accordance with paragraph (3) would compromise reasonable security measures or is otherwise unlawful.
(6) The payment service provider must allow the use of the payment instrument or replace it with a new payment instrument as soon as practicable after the reasons for stopping its use cease to exist.
Obligations of the payment service user in relation to payment instruments
57.—(1) A payment service user to whom a payment instrument has been issued must—
(a)use the payment instrument in accordance with the terms and conditions governing its issue and use; and
(b)notify the payment service provider in the agreed manner and without undue delay on becoming aware of the loss, theft, misappropriation or unauthorised use of the payment instrument.
(2) The payment service user must on receiving a payment instrument take all reasonable steps to keep its personalised security features safe.
Obligations of the payment service provider in relation to payment instruments
58.—(1) A payment service provider issuing a payment instrument must—
(a)subject to regulation 57, ensure that the personalised security features of the payment instrument are not accessible to persons other than the payment service user to whom the payment instrument has been issued;
(b)not send an unsolicited payment instrument, except where a payment instrument already issued to a payment service user is to be replaced;
(c)ensure that appropriate means are available at all times to enable the payment service user to notify the payment service provider in accordance with regulation 57(1)(b) or to request that the use of the payment instrument is no longer stopped in accordance with regulation 56(6);
(d)on request, provide the payment service user at any time during a period of 18 months after the alleged date of notification under regulation 57(1)(b) with the means to prove that such notification to the payment service provider was made;
(e)prevent any use of the payment instrument once notification has been made under regulation 57(1)(b).
(2) The payment service provider bears the risk of sending a payment instrument or any of its personalised security features to the payment service user.
Notification of unauthorised or incorrectly executed payment transactions
59.—(1) A payment service user is entitled to redress under regulation 61, 75, 76 or 77 only if it notifies the payment service provider without undue delay, and in any event no later than 13 months after the debit date, on becoming aware of any unauthorised or incorrectly executed payment transaction.
(2) Where the payment service provider has failed to provide or make available information concerning the payment transaction in accordance with Part 5 of these Regulations, the payment service user is entitled to redress under the regulations referred to in paragraph (1) notwithstanding that the payment service user has failed to notify the payment service provider as mentioned in that paragraph.
Evidence on authentication and execution of payment transactions
60.—(1) Where a payment service user—
(a)denies having authorised an executed payment transaction; or
(b)claims that a payment transaction has not been correctly executed,
it is for the payment service provider to prove that the payment transaction was authenticated, accurately recorded, entered in the payment service provider’s accounts and not affected by a technical breakdown or some other deficiency.
(2) In paragraph (1) “authenticated” means the use of any procedure by which a payment service provider is able to verify the use of a specific payment instrument, including its personalised security features.
(3) Where a payment service user denies having authorised an executed payment transaction, the use of a payment instrument recorded by the payment service provider is not in itself necessarily sufficient to prove either that—
(a)the payment transaction was authorised by the payer; or
(b)the payer acted fraudulently or failed with intent or gross negligence to comply with regulation 57.
Payment service provider’s liability for unauthorised payment transactions
61. Subject to regulations 59 and 60, where an executed payment transaction was not authorised in accordance with regulation 55, the payment service provider must immediately—
(a)refund the amount of the unauthorised payment transaction to the payer; and
(b)where applicable, restore the debited payment account to the state it would have been in had the unauthorised payment transaction not taken place.
Payer’s liability for unauthorised payment transaction
62.—(1) Subject to paragraphs (2) and (3), the payer is liable up to a maximum of £50 for any losses incurred in respect of unauthorised payment transactions arising—
(a)from the use of a lost or stolen payment instrument; or
(b)where the payer has failed to keep the personalised security features of the payment instrument safe, from the misappropriation of the payment instrument.
(2) The payer is liable for all losses incurred in respect of an unauthorised payment transaction where the payer—
(a)has acted fraudulently; or
(b)has with intent or gross negligence failed to comply with regulation 57.
(3) Except where the payer has acted fraudulently, the payer is not liable for any losses incurred in respect of an unauthorised payment transaction—
(a)arising after notification under regulation 57(1)(b);
(b)where the payment service provider has failed at any time to provide, in accordance with regulation 58(1)(c), appropriate means for notification; or
(c)where the payment instrument has been used in connection with a distance contract (other than an excepted contract).
(4) In paragraph (3)(c) “distance contract” and “excepted contract” have the meanings given in the Consumer Protection (Distance Selling) Regulations 2000(1).
Refunds for payment transactions initiated by or through a payee
63.—(1) Where the conditions in paragraph (2) and the requirement in regulation 64(1) are satisfied, the payer is entitled to a refund from its payment service provider of the full amount of any authorised payment transaction initiated by or through the payee.
(2) The conditions are that—
(a)the authorisation did not specify the exact amount of the payment transaction when the authorisation was given in accordance with regulation 55; and
(b)the amount of the payment transaction exceeded the amount that the payer could reasonably have expected taking into account the payer’s previous spending pattern, the conditions of the framework contract and the circumstances of the case.
(3) The payer and payment service provider may agree in the framework contract, in respect of direct debits, that the conditions in paragraph (2) need not be satisfied in order for the payer to be entitled to a refund.
(4) For the purposes of paragraph (2)(b), the payer cannot rely on currency exchange fluctuations where the reference exchange rate provided under regulation 36(2)(d) or paragraph 3(b) of Schedule 4 was applied.
(5) The payer and payment service provider may agree in the framework contract that the right to a refund does not apply where—
(a)the payer has given consent directly to the payment service provider for the payment transaction to be executed; and
(b)if applicable, information on the payment transaction was provided or made available in an agreed manner to the payer for at least four weeks before the due date by the payment service provider or by the payee.
Requests for refunds for payment transactions initiated by or through a payee
64.—(1) The payer must request a refund under regulation 63 from its payment service provider within 8 weeks from the date on which the funds were debited.
(2) The payment service provider may require the payer to provide such information as is reasonably necessary to ascertain whether the conditions in regulation 63(2) are satisfied.
(3) Subject to paragraph (4), the payment service provider must either—
(a)refund the full amount of the payment transaction; or
(b)provide justification for refusing to refund the payment transaction, indicating the bodies to which the payer may refer the matter if the payer does not accept the justification provided.
(4) Where an agreement in accordance with regulation 63(3) applies, the payment service provider must, notwithstanding that a condition in regulation 63(2) is not satisfied, refund the full amount of the payment transaction.
(5) Any refund or justification for refusing a refund must be provided within 10 business days of receiving a request for a refund or, where applicable, within 10 business days of receiving any further information requested under paragraph (2).
(1)
Options/Help
Print Options
PrintThe Whole Instrument
PrintThe Whole Part
PrintThis Cross Heading only
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As Enacted or Made): The original version of the legislation as it stood when it was enacted or made. No changes have been applied to the text.
Opening Options
Different options to open legislation in order to view more content on screen at once
Explanatory Memorandum
Explanatory Memorandum sets out a brief statement of the purpose of a Statutory Instrument and provides information about its policy objective and policy implications. They aim to make the Statutory Instrument accessible to readers who are not legally qualified and accompany any Statutory Instrument or Draft Statutory Instrument laid before Parliament from June 2004 onwards.
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as enacted version that was used for the print copy
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as made version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.