Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 894

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 817

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 894

Notice: Undefined index: target in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 302

Notice: Undefined index: data in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 302

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 302

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 894

Notice: Undefined index: target in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 302

Notice: Undefined index: data in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 302

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 302

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 894

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 894

Notice: Undefined index: class in /var/www/plugins/system/ws_shortsystem/ws_shortsystem.php on line 817
ADVAPAY Payment Institutions. Practical Guide - Advapay
Jurisdiction of the European Union

The Pôle de compétitivité FINANCE INNOVATION aims to contribute to the development of innovation in the financial sector. It therefore explores the way and the means to bring out innovative projects such as to improve the financial ecosystem for the benefit of the real economy. In the payment area, a study group has been created in relation with other institutions (TES, PICOM) in order to shed light on the appropriate trends and to promote and accompany new innovations so as to allow France to participate successfully in the current competition.

In this context, the agreement of payment institutions appears to be a key issue.

We appreciate your visit to our site.

You can download a full version of the document in PDF (0.4 Mb)

Download PDF file

Following the first project, it therefore appears necessary to identify the best practices enabling the most efficient approach of the Autorité de contrôle prudentiel (ACP) process of authorization concerning innovative projects accredited by the Pôle, in a good mutual understanding between the parties.

This guide has been written with the participation of Pole Finance Innovation (Mr. Edouard F. de Lencquesaing), the French Association of Payment Institutions and Electronic Money (Association Francaise des Etablissments de paiement et de monnaie électronique, Mr. Thibault Lanxade), the law firm Wragge & Co (Mrs Laetitia de Pellegars, Mr. Pierre-Emmanuel Chevalier), Eurogroup Consulting (Mr. Régis Bouyala) and FACO University (Mrs. Sabine Lepic).

We would like to thank: Mr. Didier Peny (Aurorité de controle prudentiel) and Mr. Jerome Fanouillère (Banque de France) for their contribution.

Date of publication: April 2012


Any entity willing to provide one or more payment services in the European Economic Area, must be authorized as a payment institution and be granted the authorization before the start of the regulated activity. This guide is intended to facilitate the authorization process by outlining the main regulatory requirements as well as the best practices in order to develop this activity.

What is the purpose of this guide?
  • Clarifying the payment services and regulated transactions.
  • Informing newcomers about the requirements to meet in order to be be authorized as a payment institution.
  • Guiding the entrepreneur through the different steps of the authorization procedure and providing information on the passport allowing to provide services in Europe.
  • Reminder: This guide shall be considered as a general information document outlining the main legal requirements. It is not intended to be a support for decision making. We invite you to make contact to specialists for a personalized assessment of your situation and your business.

    Context: Emergence of new entities

    Since 1st November 2009, payment services can be provided in the European Economic Area by new entities and are no longer exclusively covered by the monopoly of credit institutions.

    Harmonised regulation also implies harmonised operational rules of payment in the 27 countries of the European Union (+ Lichtenstein, Norway, Iceland), orchestrated by the Single Euro Payments Area (SEPA) concerning up to date credit transfers and direct debits.

    For information, the second Electronic Money Directive provisions concerning electronic money issuers have not been transposed so far into the French national legislation.

    What is a payment service?

    Payment services include all activities rendered by an intermediary and relating to the transfer of funds registered on a payment account or of cash for the account of a third party (except for legal cases falling within the scope of another regulation).

    Schematically speaking, the different payment services fall into two broad categories: services which consist in the execution of payment transaction combined with a payment account and those made without account.

    Payment services combined with a payment account

    Payment services combined with a payment Payment services provided without the account opening of a payment account

    Cash placing on a payment account, cash Money remittance withdrawal on a payment account

    Money remittance

    Execution of payment transaction including the execution of credit transfers, direct debits, execution of payment transaction through payment card (or similar instruments)

    Execution of payment transactions where the consent of the payer to execute a payment transaction is given by means of any telecommunication, digital or IT device and the payment is made to the telecommunication, IT system or network operator, acting as intermediary between the payment service user and the supplier of the goods and services.

    Issuing of payment instrument

    Credit granted exclusively in connection with the execution of payment transactions, credit transfers, direct debits, execution of payment transactions through payment card (or similar instruments), execution of payment transactions as an telecommunication, IT system or network operator.

    Acquiring of payment orders


    Criteria for distinction between payment services and other activities

    In order to help you to determine whether your business requires prior authorization, we invite you to ask yourself the following questions:

    Do you receive funds from a third party?

    If not, you do not provide a payment service.
    If so, you need to determine in which context you receive such funds.

    Are the funds received in consideration of your activity of goods or services provided to the customer who has transferred the funds?

    If so, you do not provide a payment service.
    If not, you must determine under which qualification you are acting on behalf of a third party to collect these funds.

    Are these funds received in consideration of the practice of any other regulated activity (bailiffs, lawyers, recovery, ...)?

    If so, you do not provide a payment service.
    If not, you need to determine the legal and contractual framework of your intermediation activity.

    If so, you must probably receive the funds:

    As an intermediary between a payer and a payee,
    Or as an intermediary between a Payment Service Provider (or an electronic money issuer) and a payer or payee.

    In both cases, you provide a payment or an electronic money service in your name or in the name of a Payment Service Provider.

    You should make contact to a lawyer in order to determine the appropriate legal status to develop this activity. The payment institution licence is not always required in order to provide these payment services. The legislation provides simplified legal licences, special cases falling without of the scope of the Payment Services Providers’ monopoly (this category includes payment and credit institutions) and exemption cases.

    The various statuses of payment service providers

    Payment service providers may be:

    Payment institutions, credit institutions and credit institutions with a restricted authorization (French “société financière”) duly authorized for providing payment services.

    Moreover, companies benefiting of an exemption granted by the ACP are allowed to provide payment services as a regular business activity. These companies must provide payment services based on instruments that can be used to acquire goods or services only in the premises used by the issuer or under a commercial agreement with the issuer either within a limited network of service providers or for a limited range of goods or services. According to the applicable legislation, these companies are not qualified as payment institutions.

    Intermediaries in payment services:

    Payment agents must be registered in order to provide payment services on behalf of a payment service provider within the limit of the granted authorization.

    The Intermediaries in Banking Operations and Payment Services (French “Intermédiaires en operations de banque et services de paiement”, referred as IOBSP) are allowed to develop marketing activities and assist the client for the conclusion of electronic money operations (issuing and managing).

    Following the transposition of the second Electronic Money Directive (referred as 2EMD) in France, entities acting on behalf of electronic money issuers as distributors will be allowed to collect funds and to refund the electronic money on behalf of the issuer.

    Relationships with investors

    Becoming a payment service provider requires a reorganization of the ownership structure of the company.

    In fact, the regulation requires the service provider to comply with a minimum level of own funds requirement (see page 11). Except when the initial founders or shareholders have enough money in order to provide additional proper funds, it will be necessary for the company to invite new partners to join the project. From a practical point of view, the structure will be in the obligation to raise capital.

  • Typology of investors: regulated investment funds (venture capital mutual investment funds (French “Fonds Commun de Placement à Risque), Innovation UCITS (French “Fonds Commun de Placement dans l'Innovation”),...)) or unregulated investment funds (venture capital company [French “société de capital-risque”], family office, French or foreign investors (a special attention should be paid to the nationality of investors with regard to the authorization requirements), business angels and founders.
  • Method of fund raising: share capital increase subscribed with convertible bonds, bonds refundable in shares, bonds and warrants enabling the founders and employees to benefit from the growth of the company (BSA/BSPCE).
  • Contractual framework: amendment of the statutes of the company in order to take into account shareholder’s rights, conclusion of a shareholder agreement which aims at regulating the relationships between shareholders, the transfers of shares between the previous ones and the exit process of investors. This shareholders' agreement should not include any clause that could block the activity of the company.
  • Management control: most of the time, the fundraising comes along with the creation of collegial organs in charge of advising the management on strategic issues and monitoring the decisions through authorizations within a variable scope of application. These collegial bodies may be created either on statutory or contractual basis (shareholders agreement) and can take any denomination (Strategy board, Board of censors). (Source: Wragge & Co, Private Equity Team)
  • The authorization application form

    When a project is sufficiently mature, the first contact must be made with the Agreement and Regulation Department of the ACP (Direction des agreements des autorisations et de la Réglementation referred as DAAR), by phone or email in order to schedule a presentation meeting:

    ACP- Direction des agréments des autorisations et de la Réglementation 61 rue Taitbout
    75436 PARIS Cedex 09
    Tel: + 33 1 42 92 39 75
    Fax: + 33 1 42 92 30 80

    The DAAR will set up an appointment in order to present the project and determine a schedule. It will therefore be necessary to send in advance a briefing paper (5-10 pages) enabling to:

  • confirm the need for an authorization or the possibility of exemption;
  • answer questions concerning among other things legal issues and the initiators of the project;
  • provide the applicant with a first informal assessment of the acceptability of the project;
  • make easier the preparation of the application form;
  • In case of validation of the project at the end of this first meeting, it will be necessary to fill in the corresponding authorization application form and to enclose all supporting documents. The authorization application form (including a list of all necessary supporting documents) is available on the ACP website:

    The complete application form must be sent in three copies to the DAAR.

    So as to facilitate the process, the DAAR will be the sole interlocutor of the applicant. As such, after receiving the application form, the DAAR may ask further information or additional documents considering the specificities of the project.

    The processing track of an authorization application form (processing duration: between 3 and 6 months)

    The processing track of an authorization application form (processing duration: between 3 and 6 months)

    Content of the authorization application form

    Standard application form is available on the ACP website: autorisations/fr/toutes_procedures/toutes_procedures.htm

    If the payment institution carries on an hybrid activity, the ACP may require the creation of a separate legal entity to provide the payment services (art. L.522-8 of the French Monetary and Financial Code). The head office of the payment institution shall be located in the same Member State as the registered office (art. L.522-8 II of the French Monetary and Financial Code).

    The 6 main points of assessment:
  • The program of activities;
  • Own funds and the financial structure;
  • Safeguarding requirements;
  • The shareholding;
  • Corporate governance and internal control;
  • Anti money laundering and anti terrorism financing measures;
  • Operational security (the Banque de France point of view).
  • The experience shows that the last two points need a particular attention: see more detail in parts 8 and 9.

    A. Description of the activity (“The program of activity”)

    It is important to determine the relevant qualification of the payment services and to describe them as precisely as possible in legal, regulatory and operational words. This stage helps to determine the requirements applicable to the institution such as the need to hold payment accounts, reporting obligations, customer identification requirements, etc.

    The following documents must be enclosed with the presentation:

  • drafted versions of the contracts to be concluded with customers and providers chosen by the institution for outsourcing services regarded as important, including the pricing policy.
  • a presentation of the prospective customers, new customers acquisition methods, intermediaries;
  • an analysis of the competition: comparative analysis of advantages and disadvantages;
  • a description of the estimated volumes of the payment operations.
  • This information must be taken into account to build a business plan.

    B. Own funds requirements and financial structure
    Goals of the regulation applicable to own funds:

    The legal requirements relating to the own funds is not only seen by the legislator and supervision authority, as simple legal requirements.

    They reflect the need for the entrepreneur to devote initial investments properly sized to ensure the launch of activity under optimal conditions in terms of durability and security.

    Calculation of the legal own funds:

    Legal own funds = own funds – nil value fixed assets – intangible fixed assets

    Minimum capital requirements:

    From 20.000 to 125 000 € depending on the payment services provided

    Determination of the legal requirements concerning own funds:

    3 methods defined by the decree of October 29, 2009:

  • Method A: calculation based on general fees
  • Method B: calculation based on the payment operations volume (volume of payments and provided services)
  • Method C: calculation based on the exploitation profitability.
  • In most cases, the B method appears to be most relevant. The authorization application form must include a simulation of the requirement according the three methods. The initial funds must be properly sized to meet the legal requirements (minimum level of capital and prudential ratios) for launching the project. In fact, from a prudential perspective, it’s not advisable for a company to turn to its shareholders or to new investors in order to raise more capital during the launching phase or, at least, during the first 12 months following the authorization.

    In order to meet these capital requirements, the provisional accounts must be determined in accordance with a target activity forecast as well as a deteriorated level of activity scenario. It is important to take into account appropriate assumptions, which should be closer to -50% than - 10%.

    C. Safeguarding requirements

    The funds received either from payment service users or via another payment service provider for the execution of payment transactions shall be registered on an escrow account within no more than one day following the day when the funds have been received (art. L.522-17 of the French Monetary and Financial Code). The escrow account convention must be enclosed.


    The funds received shall be covered by an insurance contract. The contract must be enclosed.

    D. The shareholding

    The ACP shall assess the status of shareholders holding a participation of 10% or more in the capital (Art. L. 522-6 of the French Monetary and Financial Code): reputation, financial structure and ability to provide financial support.

    Ownership structure must be sufficiently transparent and shall not be an obstacle to the control (for instance: chain of holding companies or special purpose vehicles of investment located in tax havens, etc..).

    When several shareholders are in situation to act in concert and hold together the control of the future company, a shareholder agreement is necessary in order to provide, amongst other thing, a solution in case of disagreement between shareholders.

    E. Governance requirements and internal control
    Accountable managers:
  • Two managers are required: they must be responsible for the activity and meet honorability, skill and experience requirements
  • At least one of them must have experience in the banking or payment area
  • Internal control and risk management (art L.522-6 of the French Monetary and Financial Code and CRBF regulation n°97-02):

  • Efficient procedures for detecting, managing, monitoring and declaring the risks and to identify, manage, control and report the risks, adequate internal auditing system, including sound administrative and accounting procedures
  • This system and these procedures shall be proportionate to the nature and the complexity of the payment services provided by the payment institution.
  • Outsourcing of essential services:

    The responsibility for payment services can not be outsourced.

    Outsourcing contracts must be enclosed and the payment institution must ensure in particular that:

  • subcontractors commit themselves to provide a standard of quality enabling a normal functioning of the service;
  • subcontractors commit themselves to implement a safety process that enables the continuity of the payment service;
  • subcontractors ensure the protection of confidential data relating to the company and its customers;
  • it can obtain all information on the service, even by accessing to the premises of the subcontractor, within the limits of the applicable legislation
  • The ACP or any foreign competent authority can have access to information on the outsourced activities necessary for the performance of its mission, including by having access to the premises of subcontractors.
  • Anti-money laundering and anti-terrorism financing requirements

    Payment institutions shall implement anti-money laundering and anti-terrorist financing procedures in application of Title VI of book V of the French Monetary and Financial Code (MFC), to which they are subjects (art. L. 561-2 1 ° bis of the French Monetary and Financial Code).

    They can read for this purpose all official documents adopted by the ACP concerning anti-money laundering and anti-terrorist financing requirements and download them in the corresponding section of the ACP website at the following address:

    In the context of a consultation group with professional actors, a Consultative Commission for the struggle against money laundering (French “Commission Consultative de Lutte contre le Blanchiment”) has been established by a decision of the Collége of the ACP, including AFEPAME.

    The Commission is in charge to give an opinion to the Collége about the instructions adopted by the ACP concerning the entities subject to its control in the anti-money laundering and anti- terrorist financing area. The Commission can also be asked to give an opinion on the drafts of guidelines (French “lignes directrices”, referred as LD), which aim at explaining the ACP expectations (see in particular the joint guidelines adopted by the ACP and TRACFIN on the reporting of suspicions of money laundering and the guidelines on the notion of beneficial owner).

    When assessing the authorization application form, the General Secretariat (“Secretariat Général”) of the ACP ask the payment institution to provide it with the description of the anti- money laundering and anti-terrorist financing procedures, which must include:

  • Customer due diligence measures; Identification and identity check of the regular customer (business relationship) or the occasional customer (see art. R.561-10 of the French Monetary and Financial Code) and, if applicable, the beneficial owner. The identification and identity check must be must take place before entering into the business relationship or before carrying out the operation.
  • The legal requirements concerning the money laundering and terrorist financing risk assessment process, the internal organization and procedures (risk classification, written internal process, monitoring process of operations enabling to detect anomalies)
  • The obligation of declaration to TRACFIN: The institution must implement the procedures enabling to declare to TRACFIN the elements mentioned in article L.561-15 of the French Monetary and Financial Code.
  • The obligations to impose restrictive measures against the customer being the subject of financial sanctions (freezing of assets).
  • The expectations regarding the security of means of payment: the opinion of the Banque de France

    A. The opinion of the Banque de France

    The Banque de France is in charge of the security of payment systems. It’s therefore involved in the operational models suggested by relevant actors such as payment institutions. As a result, the opinion of the Banque de France aims at checking the mastery of the activity with regard to security requirements applicable to the technical means already used by the company or to be implemented in the future.

    Prior to delivering its opinion, the Banque de France shall check the security of:

  • The means of payment at the disposal of customers or run by the company in order to provide services of payment;
  • Payment operations carried out in order to provide services of payment;
  • The computing and technical environments implemented in order to provide payments services;
  • Potential or implemented human and organisational recourses to ensure the proper functioning of the payment service activity.
  • B. Risk analysis

    Analysis of the risks in relation to the security of technical means

    Security of the means of payment

    Technical and IT environments




    Kinematics of the operations

    Features of the means of payment


    Control of the enforcement of the security policy for the information system

    Production incident management

    Commercial assistance

    Operation traceability

    Evolution management

    Customer service in case of fraud

    Outsourced services

    Safeguard procedure

    Source: Banque de France

    A risk analysis is necessary for the assessment of the application in order to identify and assess the risks (impact/probability) and to implement mitigation processes.

    Means of Payment:

    A) Identification and management of risks(for each means of payment)

    Gross Risk

    Implemented coverage measures & Recommendations from external organisms

    Residual Risks

    B) Prospects and expected evolutions (for each means of payment)

    C) Control (focussed on means of payment)

    Control entity

    Control object

    Frequency of control


    Corrective measures (implemented or to be implemented)

    Source: Banque de France


    Operational processes: all correlated and interacting activities necessary to offer means of payment.

    Operational risk: risk of potential loss caused by an inadequacy or a failure of procedures, persons, systems or external events.

    Gross risks: risks liable to affect the proper functioning and the security of the means of payment, before action, procedures and measurement to prevent such risks.

    C. The expected level of security

    This level will depend on several factors in relation with:

  • the service of payment provided;
  • the categories of relevant users;
  • the context of use (channel of distribution, materialized/dematerialized, mobile use, etc) of the payment services;
  • the size of the deployed network (private or interbank network).
  • For example, the security requirements applicable to a card based on a private network are less restrictive than requirements applicable to card based on an opened network such as an interbank network (PCI Data Security Standard referred as PCI DSS).

    From a practical point of view, the required level of security will be determined during the communication between the applicant and the Banque de France.

    Kinematics of the operations:

    The precise description of the kinematics of flows provides a better insight into:

  • Business processes involved in the payment transaction;
  • The risk areas;
  • The rules applicable to payment transactions. These rules may refer to the execution of payment transactions, the retention period of the funds, ringfencing, reimbursement requirements, the identification of the payer and of the beneficial owner, etc..
  • Key points related to the means of payment:

  • Security measures concerning proximity and distance payments;
  • Adoption and implementation of PCI security measures concerning the whole process of acceptation and acquisition of payment orders;
  • The implementation of measures to ensure the agreement of the holder (eg activating or deactivating new modes of giving orders, validation of payment transactions, etc.).
  • Strengthening the security methods in order to rise the security requirements concerning distance payments at the same level as the security standards concerning proximity payments and payments through automatic machines.
  • Computing and technical environments:

    The service provider must check that the implemented processes ensure a level of confidentiality, integrity, availability of data in line with expectations of the Bank de France.

    In addition, a precise description of the technical architecture must be provided in order to identify the processing concerning, among other things:

  • Firewalls (network protection and application programs);
  • The redundancy of critical servers;
  • Segregation of environments (studies, development, production);
  • Management of logical and physical accesses, etc.
  • Hosting services provided by a specialized subcontractor:

    The service is regarded as an essential service within the meaning of article 4r) of CRBF regulation n°97-02.

    As a result, the institution shall enclose the contracts concluded with service providers. The Banque de France ensures more precisely that the requirements are met as regards:

  • Good governance of information systems (supervision, evolution management, annual IT plan, monitoring and control of subcontractors, etc.).
  • Terms of assessment, recording, conservation and availability of this information, especially by ensuring the existence of the audit trail;
  • Security policy for the information systems (SPIS): structuring and essential document on which the Banque de France pays particular attention:
  • The policy must cover the whole scope of activities (cross-activity and support functions included), be regularly updated, implemented and controlled in its implementation by the Information Systems Security Manager (ISSM) or if necessary the person in charge of the internal control.

    D. Human and organizational resources

    The Banque de France checks that payment institutions implement the procedures concerning:

  • The control of the enforcement of the security policy of the information system;
  • The traceability of the operations;
  • The execution by the subcontractors of their commitments;
  • Human and organizational resources




    Control of the enforcement of the security policy for the information system

    Production incident management

    Commercial assistance

    Operation traceability

    Life cycle and development of the information system

    Customer service in case of fraud

    Subcontractors’ diligence

    Safeguard procedure

    The Banque de France takes into account the implementation of procedures concerning:
  • The management of production incident;
  • The management of the life cycle and the development of the information system;
  • The running of the company;
  • The safeguard management procedures.
  • The business continuity plan (French “plan de continuité d’activité”, referred as PCA) must be formalized and tested (procedure applicable in case of degraded level of activity, crisis procedures, recovery plan, hosting procedures, etc).

    The Banque de France also checks that the payment institution has set up the means concerning the support and the assistance of the payment services users:
  • Call center;
  • Applicable procedures in fraud cases;
  • Customers’complaints processing track.
  • Reporting and later authorizations

    A. Reporting requirements applicable to payment institutions
  • Quarterly reporting (instruction n°2010-06 relating to the implementation of a unified system of financial reporting applicable to payment institutions) and semi-annual reporting (instruction n°2010-05 relating to the own funds requirements applicable to payment institutions).
  • Reporting on internal control: once a year (CRBF regulation n°97-02).
  • Publication of the accounts within 45 days following their approval:
  • Publication in the BALO (Bulletin des Annonces Légales Obligatoires, the French Official Bulletin of Legal Notices) or by the payment institution itself when the balance sheet total exceeds 450M€.
  • In an official bulletin of legal notice: when the payment institution balance sheet total is < 450M€ (+ mention in the BALO referring to this publication).
  • B. Later notifications and authorizations
    Prior authorization of the ACP in case of modification of:
  • The legal form;
  • The identity of shareholders with unlimited liability for the debts of the payment institution;
  • The payment services provided;
  • Conditions under which the agreement has been granted;
  • Crossing of the thresholds of 10%, 20%, 1/3 of the capital held by the shareholders (increase or decrease in the threshold crossing), acquisition or transfer of control (except for operations inside a group).
  • Notifications to the ACP (including the opposition power of the ACP):
  • Appointment of executives in leading position and liable for the company.
  • Simple Declaration:
  • Termination of the service of executives in leading position
  • Change in the company legal name or commercial name, change in the headquarter’s location, change in the composition of the Board of trustees or of the supervisory board.
  • The European Passport

    European passport and territorial application of the European legislation

    How to develop your business in another EEA country?

    In order to expand its business in the European Economic Area as an authorized payment institution, a company has two legal options: the regime of free provision of services and the regime of freedom of establishment.

    The freedom to provide services: This solution allows an economic entity originally aurhorized in a Member State to provide its services temporarily in another EEA Member State, without having to be established permanently.

    The principle of freedom of establishment allows an operator to develop a stable and continuous economic activity by establishing a branch in the host country (EEA member state).

    The company authorized as a payment institution remains fully liable for any service provided in the host country.

    Legal procedure to follow for a French authorized payment institution willing to provide services in the EEA:

    The form to be sent to the ACP consists either in a declaration of free establishment or in declaration of free provision of services, depending on the chosen solution.

    The declaration forms of freedom of establishment and of freedom to provide services are available for download on the ACP website:

    The corresponding declaration form (declaration of free establishment or of free provision of services) should be completed and returned to the Secretariat of the ACP. After assessment of the application, the ACP will send its decision to the French authorized payment institution by letter.

    The ACP will transmit the notification form to the supervisory authority of the host country within one month after receipt. The payment institution will be allowed to develop its activity as soon as the host country authority acknowledges receipt of this notification.

    Procedure to follow for a payment institution (authorized in an EEA country) willing to provide services in France (art. L.511-22 of the French Monetary Financial Code):

    Prior to establishing a branch or to providing services, the payment institution, duly authorized in its home country, shall send to the authority of its own country the corresponding declaration of freedom of establishment or of freedom to provide services.

    Once this declaration form is completed, the supervisory authorities of the home country will transmit the form to the ACP (supervisory authority of the host country ie France).

    The home country authority will transmit the notification form to the ACP within one month after receipt. As soon as the ACP acknowledges receipt of this notification, the payment institution will be allowed to start its activities in the host country.

    Scope of the Directive on payment services (PSD): European Economic Area (EEA) + 3 countries. Operations in euros and currencies of EEA
    Special case of entities located outside the EEA:

    When payment institution authorized in a EEA member state wishes to establish in a country outside the EU or the EEA, via a subsidiary or a branch.

    The institution will then have to meet the local requirements and be granted the specific authorization by the host country authority.

    Action of the Banque de France concerning payment institutions providing services in France under the European passport legislation

    Pursuant to article L.141-4 of the French Monetary and Financial Code, the Banque de France ensures that the means of payment as defined in Article L.311-3, other than fiduciary currency, are secure and that the regulations applicable thereto are pertinent.

    As a result, if it is not involved in the process of mutual recognition of authorization of European institutions providing services in France under the European passport legislation, the Banque de France is in charge of monitoring payment activities on the French territory. Hence, the Banque de France can ask payment institutions any information (reportings on means of payments for instance) necessary to accomplish its mission.

    What are the legal requirements applicable to a payment institution providing services in France (host country) according the principle of freedom of establishment or of free provision of services?

    The payment institution providing services on the basis of freedom of establishment or of free provision of services will:

  • respect the legislation of its home country
  • be supervised by the authorities of its home country
  • However, some legal provisions of the host country may be applicable on the basis of provisions of the European legislation. We can quote more particularly the provisions relating to the general interest, consumer legislation, rules of good practices, money laundering and terrorist financing control.

    If the ACP has good reasons to suspect that a money laundering or a terrorist financing operation in connection with the establishment of a branch (or agent) has occurred, is currently attempted or is planned, or if the ACP has reasons to believe that this establishment may increase the money laundering or the terrorist financing risk, this authority can refuse to register the branch on the list of institutions authorized on the basis of the freedom of establishment principle.

    Overview of authorized payment institutions in France

    The list of authorized payment institutions is available on the REGAFI website (French “registre des agents financiers”, Register of Financial agents): on=&siren=&cib=&bic=&nom=&siren_agent=&num=&cat=21-TBR07&retrait=0

    Complementary point on electronic money (April 2012)

    In the absence of transposition of 2EMD in 8 out of 27 member states, we would like to clarify the legal framework in which e-money project leaders can develop their business in France.

    What is electronic money?

    Electronic money is currently defined by Article 1 of CRBF regulation n°2002-13 of 21 November 2002. It is a claim on the issuer. It is accepted as means of payment by third parties other than the issuer.

    Practical illustration:

    One example is "Moneo" project which was initiated several years ago by an authorized issuer in France. The consumer can use the electronic money stored on a prepaid card. He can then spend these units with affiliated merchants for purchases of everyday life (eg university restaurants, car parks, etc..)

    Why are we in a transitional phase?

    The legislation applicable to the activity of issuing and managing electronic money in France is going through a transitional phase. In the absence of transposition of the second electronic money Directive (Directive 2009/110/EC of 16 September 2009), the legislation currently applicable in France comes from Directive 2000/46/EC of 18 September 2000 (first Electronic Money Directive) transposed into the national legislation by the CRBF regulation n°2002-13 of 21 November 20002 on electronic money and electronic money institutions.

    These developments are dedicated to entrepreneurs who want to know the main legal options available to develop the business of issuing and managing electronic money in France.

    How to develop an electronic money business in France today?

    There are four possible options:

  • The licence of electronic money issuer authorized in France based on the status of credit institution with limited authorization.
  • The licene of credit institution with limited authorization in France (French “société financière”)
  • The licence of electronic money issuer authorized in an EEA state member under 2EMD
  • The launch of activity: some tips
  • The licence of electronic money issuer authorized in France

    The electronic money issuer subject to above mentioned CRBF regulation n°2002-13, shall have a minimum capital of one million euros. It shall be subject to the whole legislation applicable to credit institutions providing issuing and managing electronic money activities (CRBF regulation n°97-02 among other rules).

    Electronic money issuers must also limit their activities to the issuance and management of electronic money. They are not allowed to provide other banking operations or payment services. Electronic money issuers are allowed carry out commercial activities related to their core business in the limit of 10% of their net banking income.

    The licence of credit institution with limited authorization in France (French “société financière”)

    The “société financière” status (credit institution with limited authorization) first requires a capital of at least 2.2 million euros. This status allows however more flexibility in terms of activities: the company will be authorized to provide a wider range of services. In addition to the activity of issuing and managing electronic money, the duly authorized company will be allowed to provide payment services (eg service enabling cash to be placed on a payment account, cash withdrawals, transfers, direct debits, payment transactions with a credit card combined with a payment account, etc..).

    The licence of electronic money issuer authorized in another EEA member state under 2EMD

    The second Electronic Money Directive has already been transposed in many member states of the European Union (UK, Luxembourg, etc..). It is therefore possible to apply to the authority of one of these states in order to be granted the electronic money issuer authorization. The authorized company shall carry out its business in the country where the authorization has been granted and may also develop its activities in France via a permanent local branch or from its home country without local establishment, having regard to the authorization requirements (Freedom of establishment or Freedom to provide services).

    The electronic money issuer status under 2EMD requires à minimum capital of 350.000 euros. Apart from issuing electronic money, this status enables among other activities to provide payment services (credit transfers, direct debits, etc..), to grant credits for less than 12 months in relation with these services, but also to develop business activities other than issuance of electronic money, having regard to the applicable Community and national law.

    The launch of activity: the possible solutions

    At the early stage of activity, a company may consider developing a simple intermediary activity. In this case, it will sell the electronic money issued by a third party issuer duly authorized to issue and manage electronic money in France according to one of the three statutes mentioned above. The company can therefore "test" the market before making heavier investments.

    The electronic money selling activity is the subject of a specific regulatory framework depending on the nature of the services actually provided by the intermediary. Depending on the case, the

    latter shall have the status of payment agent, intermediary in banking transactions and payment service intermediary (French “intermédiaire en operation de banquet et service de paiement”, referred as IOBSP), canvassers, etc..

    One has to underline that the IOBSP activity is precisely regulated and subject to the ACP control. Two recent decrees provide details about the applicable regime. IOBSP shall be entered in a special register (the register is held by ORIAS). Moreover they have to meet precise requirements concerning professional skill (qualifications, professional experience of employees), morality and good practices (loyalty and information obligations towards customers), insurance and professional training.

    Summary table


    French electronic money institution

    French « Société financière »

    2EMD EMI

    (Authorized in a foreign country)

    Minimum social capital requirements

    1.000.000 euros

    2.200.000 euros

    350.000 euros

    Applicable legislation

    1 EMD

    CRBF regulation n° 2002-13, etc…

    French Monetary and financial Code, legislation applicable to credit institutions within the limit of limited activities carried out.

    Second electronic money directive such as transposed in the home country.

    Possible activities

  • Inssuance of electronic money and management of the electronic money activity
  • Related commercial activities in the limit of 10% of the net banking revenue
  • Inssuance of electronic money and management of the electronic money activity
  • Payment services
  • Related commercial activities in the limit of 10% of the net banking revenue
  • Issuance of electronic money and management of the electronic money activity
  • Payment services
  • Commercial activities other than electronic money issuing with regard to the European and national applicable legislations
  • This document may include general information in relation with legal issues but is not intended to substitute for a legal opinion.