From 1 January 2024, payment service providers in the European Union will have to report information on cross-border payments every quarter.
This obligation stems from a legislative package adopted in February 2020 to amend the EU VAT Directive and the Regulation on administrative cooperation and the fight against fraud in the VAT field. Central Electronic System of Payment Information (CESOP) is the name of the European database where the information reported by payment service providers to their local tax authorities can be centralised and analysed by data experts for anti-fraud purposes. CESOP has similar objectives to DAC7 for digital platforms and DAC8 for cryptocurrencies and e-money.
Which payment service providers are affected?
In principle, almost all payment service providers that offer payment services in an EU member state fall within the scope of application:
- Credit institutions
- Payment institutions
- Post office giro institutions are authorised to provide payment services under national law.
Payment service providers that process payment transactions with an annual value of fewer than 3 million euros also fall within the scope of the application.
Which financial transactions are subject to reporting?
All types of payment transactions are subject to reporting, i.e. card payments (debit and credit), credit transfers and bank transfers (including SWIFT), direct debits (SEPA and non-SEPA), e-money and money transfers provided:
- the originator of the transaction is located in the EU (based on IBAN or BIC)
- it is a cross-border payment, i.e. the payment is made to another EU Member State or a third country outside the EU
- more than 25 cross-border payments were made to the same payee in one calendar quarter.
The payment service providers of the payer and the payee must report, among other things, the following transaction details:
- IBAN or other identifiers of the payee
- BIC or other unique identifiers of the payment service provider of the payee
- Name of the payee
- VAT identification number or national tax number of the payee (if available)
- Address of the payee
- BIC or other business identifiers of the payment service provider of the payer
- Payment details (e.g. date, currency, amount, reference, card available or not …)
- Details of payment refunds
How should the affected banks and payment service providers prepare?
- Identify all payment channels used for transactions in the scope.
- Assess whether the required data for reporting is available, complete, and accurate.
- Understand the intra-group relationships and allocate the payment transactions to the subsidiaries or branches in the different countries (inside or outside the EU).
- Aggregate the data and introduce rules and criteria for selecting the transactions to be reported and the PSPs to report them.
- Implement an end-to-end reporting process to transmit the data in the required format (XML) to the local tax authorities every quarter.
Payment service providers could use the existing data warehouse and data reporting processes developed in the context of PSD2 (fraud reporting) and PSR (reporting of payment statistics). However, these reporting types only include statistics on transactions and do not contain detailed information on a transaction-by-transaction basis.
What are the next steps?
To implement the proposal, the European Commission is working with Member States’ tax administrations and payment service providers in an expert group which will provide input on the following points:
- Creation of the electronic standard form for the transmission of data
- Technical measures for setting up, maintaining and managing CESOP
- Draft guidelines for the reporting obligations
- Cooperation with the payment sector and the Member States
Due to changes in the EU VAT Directive, payment service providers will soon be obliged to report information on cross-border payments according to certain criteria.
Given the tight deadlines (the first report is due in April 2024), the frequency of reporting (quarterly) and the challenges in compiling data and identifying reportable transactions, it is imperative that payment service providers start assessing the impact of CESOP, leveraging other existing reporting obligations and related opportunities (FATCA/CRS, PSD2 and PSR) to the extent possible.