Feel free to contact us:(+48) 22 113 14 51

New obligations for payment service providers from January 2024

Payment service providers will be required to maintain quarterly records of cross-border payments to payees . The new obligations are connected to the need to implement Directive 2020/284 into the Polish legal system.
Gerard Goliasz
Senior TAX Specialist

The directive is the latest instrument of the European Union for combatting VAT fraud. The new directive is closely tied to the CESOP Regulation (Council Regulation (EU) 2020/283 of 18 February 2020 amending Regulation (EU) No 904/2010 as regards measures to strengthen administrative cooperation in order to combat VAT fraud).

The CESOP Regulation provides for creation of a Central Electronic System of Payment information (CESOP) for the EU, to which member states will provide data concerning payees and payment transactions.

This solution supplements the VAT E-Commerce Package introduced in 2021 and is one of the European Commission’s measures to combat VAT fraud in e-commerce.

As a reminder, the VAT E-Commerce Package, which was introduced in Poland in July 2021:

  • Expanded the so-called “mini one-stop shop” (MOSS) by creating the one-stop shop (OSS), simplifying VAT obligations in e-commerce, reducing the need to register for VAT purposes in the member state of consumption
  • Imposed the VAT payment obligation on e-commerce platforms
  • Introduced a new import procedure (import one-stop shop—IOSS) for distance sales of goods imported from third countries to consumers in the EU, in shipments with a real value of up to EUR 150.

Scope of new obligations

To tighten the VAT E-Commerce Package, the Commission took steps to enable the monitoring of cross-border payments, with the aim of minimizing VAT abuses in e-commerce.

Member states are not in a position to independently obtain information from third parties (e.g. payment service providers) needed for control of cross-border suppliers of goods and services subject to VAT, ensure proper application of the VAT e-commerce regulations, and solve the problem of VAT fraud in the e-commerce sector. Thus cooperation between member states is vital.

Directive 2020/284 was adopted to provide a legal basis enabling the collection of this data. The member states are required to implement the directive by the end of 2023.

This data will be submitted by providers of cross-border payment services to the national system in the form of an xml file, prepared in the manner specified by the XSD scheme. Then the file will be forwarded to the Central Electronic System of Payment information (CESOP).

Payment service providers located in the EU will be required to maintain and submit records after the end of each calendar quarter if both of the following conditions are met:

  • Funds are transmitted from a payer located in a member state (generally the buyer of goods or services) to a payee located in another member state or outside the EU (generally the seller of goods or services)
  • In the course of a calendar quarter, a payment service provider provides payment services corresponding to more than 25 cross-border payments to the same payee.

Who is subject to the obligation?

The record-keeping obligation applies to payment service providers within the meaning of the Payment Services Directive (2015/2366—PSD2), or a natural or legal person benefiting from an exemption under Art. 32 of PSD2.

Payment service providers are thus defined for this purpose (under the relevant sections of PSD2) as:

  • Credit institutions as defined in Art. 4(1)(1) of Regulation (EU) 575/2013, including branches thereof within the meaning of Art. 4(1)(17) of that regulation where such branches are located in the Union, whether the head offices of those branches are located within the Union or, in accordance with Art. 47 of Directive 2013/36/EU and with national law, outside the Union
  • Electronic money institutions within the meaning of Art. 2(1) of Directive 2009/110/EC, including, in accordance with Art. 8 of that directive and with national law, branches thereof, where such branches are located within the Union and their head offices are located outside the Union, in as far as the payment services provided by those branches are linked to the issuance of electronic money
  • Post office giro institutions which are entitled under national law to provide payment services
  • Payment institutions
  • Natural or legal persons benefiting from an exemption under Art. 32 of PSD2.

Important! The record-keeping obligation does not apply to payment service providers located outside the territory of the European Union, as these entities are not covered by PSD2. For purposes of complying with the record-keeping obligation, it should be recognized that a payment service provider is located in a member state if its BIC or other identifying code corresponds to that member state.

What data must be reported?

Not all payment services will be reported under this scheme. The only payment services that will be subject to reporting are those leading to a cross-border transfer of funds to payees (or payment service providers acting on their behalf), when the payer is located in a member state and the payee is located in another member state or in a third country (domestic payments will not be covered by the new regulations).

The payment service provider will have to keep records on each payee, in order to provide the records to the tax administration, only when the total number of payments received by a payee exceeds the threshold of 25 payments in a calendar quarter.

Rules for determining the location of payers and payees

The VAT Directive sets the rules which payment service providers must apply to determine the location of payers and payees. These rules do not refer to determination of the place of taxation (e.g. registered office or residence), but to the location of payees and payers for the purpose of applying the record-keeping obligation.

A payer is deemed to be located in the territory of the member state corresponding to the IBAN of the payer’s payment account or any other identifier which unambiguously identifies, and gives the location of, the payer. In  the absence of such identifiers, the payer’s location is based on the BIC of the payment service provider acting on behalf of the payer (or other code identifying the institution). The same rules apply to determining the location of the payee.

Scope of data contained in records

The records to be kept by payment service providers shall contain information identifying the payment service provider and the payee, the details of the cross-border payments received by the payee (e.g. amounts and dates), and any related payment refunds.

Payment service providers are required to keep these records for a period of three years from the end of the year in which the payment was made.


The records shall be made available no later than the end of the month following the end of the quarter to which the information pertains, using a standard electronic form. As a rule, the payment service provider will submit the records in the member state where it has its registered office.

Skrócony formularz EN
Order online advice

Pursuant to the Personal Data Protection Act of 29 August 1997 (Journal of Laws Dz.U. 2016 item 922, as amended), I consent to receive commercial and marketing information from KR Group sp. z o.o. sp. k. with its registered office at ul. Skaryszewska 7, 03-802 Warsaw, and to introduction into the database and processing by KR Group sp. z o.o. sp. k. of my personal data provided in this form. I also acknowledge that my consent is voluntary and that I have the right to review, correct or remove my data.