Using your credit and debit card - your rights explained!


Customers should be aware that apart from the framework contract which governs the relationship between banker and customer in relation to their payment account (such as the savings and current accounts), other terms and conditions apply in respect of “payment instruments”.
The term “payment instrument” is applied to a diverse range of forms of payment (cheques, payment cards, payment orders, etc.). In the widest sense payment instruments are all means that allow the user (or payer) to make a cashless transfer of funds or a cash withdrawal. There are paper or documentary payment instruments, and electronic instruments, which are a modern phenomenon and have been created on the basis of technological developments and advanced communications. The former include cheques, or money orders, while the electronic instruments include payment cards, electronic payment orders (such as direct debits or credit transfers) and electronic money.
One of the main objectives of the Payment Services Directive (PSD), which has been in force in all Member States - including Malta - since 1 November 2009, is to ensure maximum consumer protection in connection with payment services and instruments. Not all payment instruments fall within the directive’s umbrella of protection. Cheques, which in many Member States (except Malta) are becoming less-used, are excluded for the simple reason that the processing and execution of payments based on paper payment instruments is too expensive and slow. On the other hand, payments made by payment cards, direct debits and credit transfers are growing in popularity as they are considered cost-effective and modern. Such means of payments are covered by the PSD.
The PSD provides a detailed description of the information and conditions which shall be provided to the consumer (the payment services user or payer) in respect of such payment instruments (we repeat, cheques are excluded) and which must cover:-
1. use of the payment service;
2. information on charges, interest rates and exchange rates;
3. the means of communication, manner and frequency;
4. safeguards and corrective measures relative to payment instruments;
5. changes in and termination of framework contracts; and
6. redress procedures in the event of a complaint.
There is an over-arching protection level applicable to payers – a payment transaction can only be considered to be authorised if the payer has given his consent to execute such a transaction. The way such consent is to be given has to be agreed between the payer and the payment provider (such as a bank). The payer may withdraw such consent but only in specific and limited circumstances. It is for the bank to prove how the transaction had been processed. If a payment user denies having authorised an executed payment transaction, the use of a payment instrument recorded by the bank is not sufficient to prove that that transaction was authorised by the payer or that the payer acted fraudulently or that the payer was acting negligently.
Specifically on safeguards and corrective measures, the PSD specifies that the terms and conditions in respect of a payment service should contain an outline of:-

  1. description of steps that the payment service user is to take in order to keep a payment instrument (such as your debit, credit card and electronic key) safe and how to notify the payment service provider (your bank) when becoming aware of its loss, theft or misappropriation or of its unauthorised use. Therefore it is wise if one is aware of the specific telephone number to use in case notification to the bank about any instance mentioned above is to be made – whether you are in Malta or abroad. Customer service centres operated by banks may also help in this regard;

  2. the conditions under which the bank reserves the right to block a payment instrument – typically for objectively justified reasons related to the security of the payment instrument or the suspicion of unauthorised or fraudulent use of the payment instrument;

  3. the liability of the consumer – for example, the consumer shall bear the losses relating to any unauthorised payment transactions, up to a maximum of Euro 150, resulting from the use of a lost/stolen payment instrument or if the payer has failed to keep the personalised security features safe or from the misappropriation of a payment instrument. The payer shall not bear any financial consequences resulting from the use of the lost, stolen or misappropriated payment instrument after notification to his payment provider. On the other hand, the payer would not be entitled to any refund for losses relating to any unauthorised payment transaction if he incurred such losses by acting fraudulently or by failing to fulfil his obligations (see para 1 above) with intent or gross negligence;

  4. how and within what period of time the payment service user is to notify the bank of any unauthorised or incorrectly executed payment transaction. The payment service user shall obtain rectification from the bank only if he notifies his bank without undue delay on becoming aware of any unauthorised or incorrectly executed payment transactions giving rise to a claim no later than 13 months after the debit date (i.e. the date on which the transaction appeared on your statement and hence funds were withdrawn from the account);

  5. the liability of the payment service provider for the execution of payment transactions (already tackled in a previous article);

  6. the conditions for refund if an authorised payment transaction has taken place i.e. has already been executed and initiated by or through a payee. Refunds may be met if :-

  • authorisation did not specify the exact amount of the payment transaction when the authorisation was made; and
  • the amount of the payment transaction exceeds the amount the payer could reasonably have expected taking into account his previous spending pattern, the conditions in his framework contract and relevant circumstances of the case.

Refunds may be requested within a period of eight weeks from the date on which funds were debited.
Finally some general tips:-
• it will remain your responsibility to ensure that a renewed card is in your possession prior to the expiry date of your existing card;
• One must give a pre-determined period of notice prior to the expiry date of the card if renewal is not envisaged;
• Banks require their customers to destroy the PIN notification. One should consider changing the PIN from time to time, if the Bank allows you to do so.
• The banks are committed to send cardholders annual statements of their accounts.
• You are responsible for checking statements of your bank account and to contact the bank immediately if you think a transaction is unauthorised or in any manner incorrect.
• The services provided by your bank are governed by terms and conditions. It is your responsibility to ensure that you abide by such terms.

Last updated: Jun 21, 2017