On Friday (23 November), the Spanish Council of Ministers finally approved the implementation in Spain of the Directive (EU) 2015/2366, of 25 November, on payment services in the internal market ("PSD2"). The implementation was made with a delay of almost 11 months through a Royal-Decree Law 19/2018, of 23 November, on payment services and urgent measures on financial matters (the "Royal-Decree").
Although, the Royal-Decree was published in the Spanish Official Journal (“Boletin Oficial del Estado”) on Saturday (24 November), and entered into force one day after its publication, it grants a transitional period of 3 months for most of its provisions. In relation to the access to payment accounts ("Open Banking") and strong customer authentication ("SCA") requirements, the Royal Decree specifies that they will only be applicable when the RTS on SCA and CSC are enforced, i.e. as of 14 September 2019.
In relation to the content, the Royal Decree expands the scope of the consumer protection provisions - in relation to transparency and information - to "microenterprises" for the first time in Spain.
The Spanish transposition of PSD2 also walks the extra mile in relation to the ban on "surcharging" (which in the text of PSD2 is limited to consumers), by prohibiting merchants to request additional charges for paying with any mean of payment, including corporate cards.
Although the PSD2 was approved on December 2015, and has been transposed in almost all EU Member States, its implementation still leaves a lot of unclear and unanswered questions. In particular, the requirements under which banks will give access to accounts to third party providers (so-called TPPs), as well as the specific information that they will have to make available, as well as different aspects related to strong customer authentication measures.
Please follow the link to the Royal-Decree: https://www.boe.es/buscar/act.php?id=BOE-A-2018-16036