This Regulation establishes uniform rules for the information that must accompany transfers of funds across the European Union. Its objective is to ensure that fund transfers can be traced back to the originator to support the prevention, detection, and investigation of money laundering and terrorist financing. It applies to all payment service providers (PSPs) established in the EU for transfers in any currency.

Information Requirements for Payers

PSPs of the payer must ensure that each transfer of funds includes the payer’s name, address, and account number. The address may be substituted with the payer’s date and place of birth, customer ID number, or national ID number. If no account number is used, a unique identifier that allows the transaction to be traced back to the payer must be included. The information must be verified and retained for five years.

Intra-EU & Cross-Border Transfers

For intra-EU transfers, simplified rules apply. Only the account number or a unique identifier needs to accompany the payment, unless the receiving PSP requests complete payer information, which must then be provided within three working days. Transfers to countries outside the EU must include complete payer information.

Batch Transfers

Batch file transfers from a single payer to multiple payees are permitted to carry only the payer’s account number or identifier in each individual transaction, provided the complete information is included in the overall batch file.

Obligations of Receiving PSPs

Receiving PSPs must check whether the necessary fields for payer information are present in the payment message. If information is missing or incomplete, the PSP must either reject the transfer or request the missing data. They must report persistent failures by other PSPs and may ultimately decide to restrict or terminate business relationships based on repeated non-compliance.

Obligations of Intermediary PSPs

Intermediary PSPs must ensure that all information on the payer that they receive is preserved and passed on with the transfer. If technical limitations prevent this, they must retain the information and make it available to the receiving PSP on request within three working days. These records must also be kept for five years.

Risk-Based Approach & Suspicious Activity

Missing or incomplete information must be treated as a potential red flag for suspicious activity. Receiving PSPs are required to assess whether such deficiencies warrant reporting to authorities, in line with their obligations under anti-money laundering frameworks.

Exemptions & Special Provisions

The Regulation does not apply to certain low-risk transactions, such as ATM withdrawals, debit authorisations between known parties, and small electronic money transfers below EUR 150. Member States may also exempt non-profit organisations from certain data requirements under specific conditions, provided safeguards are in place.

Enforcement & Monitoring

Member States must establish effective, proportionate, and dissuasive penalties for breaches. They must also designate competent authorities to monitor compliance and respond to information requests from authorities involved in combating money laundering and terrorist financing.

Entry into Force

The Regulation came into force on 1 January 2007 and was directly applicable across all EU Member States without the need for national transposition.