Source: OJ L 150, 9.6.2023, pp. 1–39

Current language: EN

Article 8 Transfers of funds with missing or incomplete information on the payer or the payee


Summary What does Article 8 of the Transfer of funds regulation (TFR) say?

This article sits on the receiving end of the transfer chain, placing obligations squarely on the payment service provider of the payee.

It builds directly on the information requirements established in Articles 4, 5, 6, and 7, setting out what the payee's payment service provider must do when those requirements are not met.

The core thrust is that receiving providers cannot be passive: they must have risk-based procedures in place to decide what to do with incoming transfers that carry missing or incomplete payer and payee information, with options ranging from rejecting the transfer outright to requesting the missing details.

The article also addresses the scenario of repeat non-compliance by a sending payment service provider, escalating the required response up to and including termination of the business relationship, with any such failure to be reported to the relevant competent authority.

Important points:

  • Implement effective risk-based procedures to determine whether to execute, reject, or suspend incoming transfers of funds that lack the required payer and payee information.
  • Where a sending payment service provider repeatedly fails to provide the required information, take escalating steps — up to rejecting future transfers or restricting or terminating the business relationship with that provider.
  • Report any such repeated failure, and the steps taken in response, to the competent authority responsible for monitoring anti-money laundering and counter-terrorist financing compliance.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

    1. The payment service provider of the payee shall implement effective risk-based procedures, including procedures based on the risk-sensitive basis referred to in Article 13 of Directive (EU) 2015/849 for determining whether to execute, reject or suspend a transfer of funds lacking the required complete payer and payee information and for taking the appropriate follow-up action.

    2. Where the payment service provider of the payee becomes aware, when receiving a transfer of funds, that the information referred to in Article 4(1), points (a), (b) and (c), Article 4(2), points (a) and (b), Article 5(1), or Article 6, is missing or incomplete or has not been filled in using characters or inputs admissible in accordance with the conventions of the messaging or payment and settlement system as referred to in Article 7(1), the payment service provider of the payee shall, on a risk-sensitive basis:

      1. reject the transfer; or

      2. request the required information on the payer and the payee before or after crediting the payee’s payment account or making the funds available to the payee.

    1. Where a payment service provider repeatedly fails to provide the required information on the payer or the payee, the payment service provider of the payee shall:

      1. take steps, which may initially include the issuing of warnings and setting of deadlines, before proceeding to a rejection, restriction or termination in accordance with point (b) if the required information is still not provided; or

      2. directly reject any future transfers of funds from that payment service provider, or restrict or terminate its business relationship with that payment service provider.

    2. The payment service provider of the payee shall report that failure, and the steps taken, to the competent authority responsible for monitoring compliance with anti-money laundering and counter-terrorist financing provisions.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod