Skip to main content
Version status: Entered into force | Document consolidation status: Updated to reflect all known changes
Version date: 12 January 2016 - onwards
Version 2 of 2

Article 70 Obligations of the payment service provider in relation to payment instruments

DRAFT To be repealed Article 48 Repeal of the Proposal for a Directive of the European Parliament and of the Council on payment services and electronic money services in the Internal Market amending Directive 98/26/EC and repealing Directives 2015/2366/EU and 2009/110/EC (COM(2023) 366 final / 2023/0209 (COD)) (PSD3) (updated 19 April 2024 with Information Note)

1. The payment service provider issuing a payment instrument shall:

(a) make sure that the personalised security credentials are not accessible to parties other than the payment service user that is entitled to use the payment instrument, without prejudice to the obligations on the payment service user set out in Article 69;

(b) refrain from sending an unsolicited payment instrument, except where a payment instrument already given to the payment service user is to be replaced;

(c) ensure that appropriate means are available at all times to enable the payment service user to make a notification pursuant to point (b) of Article 69(1) or to request unblocking of the payment instrument pursuant to Article 68(4); on request, the payment service provider shall provide the payment service user with the means to prove, for 18 months after notification, that the payment service user made such a notification;