EU rules on payments mean that you and your customers can make and receive electronic transactions easily. This means that banks must charge you the same rate for payment in euros across the EU as they do for an equivalent national transaction. Banks based in EU countries outside the euro area must also apply this rule, and may not charge more for a payment in euros to/within another EU country than they do for a domestic payment in the national currency.
You're not allowed to charge your customers extra for using a credit or debit card. This applies to all card purchases (in shops and online) made throughout the EU.
Dynamic currency conversion
Do you offer customers a choice between paying by card in their own currency rather than the currency of your country or website? You must inform them - at the time of purchase - of all charges related to the currency conversion service that you offer. You should express those charges as percentage mark-ups over the latest available euro foreign exchange reference rates issued by the European Central Bank. Example. Guests at your hotel who hold a foreign payment card can choose to pay for their stay in their home currency. You should convert the bill amount using the ECB rate. And you must inform the guests what percentage mark-up you will charge on top of that amount.
Non-discrimination on payment methods
You are free to accept whatever payment methods you want, but if your customers want to pay electronically (e.g. direct debit or card-based payment) in a currency that you support, you must accept the payment irrespective of where they or their payment service providers are located within the EU.
Multi-factor consumer authentication
By December 2020, you must ensure that your e-business is able to perform strong customer authentication, such as two or multi-factor authentication. This means that for every online payment above 30€, your clients will need to use a combination of at least two authentication elements, such as:
something they have (such as a mobile phone or card reader) AND something they know (such as a PIN or a password)
something they have (such as a mobile phone or card reader) AND something they are (such as their fingerprint)
something they know (such as a PIN or a password) AND something they are (such as their fingerprint)
Check how you can meet this obligation with your payment service provider.
Anti-money laundering and terrorist financing rules Whether acting as a business owner or as an individual, you should apply certain measures when you are entering into a business relationship or carrying out occasional transactions with customers to prevent money laundering and terrorist financing. These measures apply for a single operation or in several operations that appear to be linked if you are:
trading in goods, and payments are made or received in cash for €10 000 or more
carrying out an occasional transaction that amounts to €15 000 or more
a provider of gambling services involved in the collection of winnings or the wagering of a stake, when carrying out transactions amounting to €2000 or more
In these situations you have to apply customer due diligence, including identifying and verifying the identity of the customer as well as the beneficial owner - that is any person who ultimately owns or controls your customers, or on whose behalf the transaction was conducted.