WORLDLINE_REGISTRATION_DOCUMENT_2017

C

The Group’s business Regulation

C.5.2.2

C.5.2.3

Regulations applicable to outsourced credit and payment institution activities

Single Euro Payment Area

Regulations

In the context of the implementation of the Single Euro Payment Area (“SEPA”), the European Union adopted SEPA Regulation n°260/2012/CE of March 14, 2012 (the “SEPA Regulation”). This regulation seeks to create a single domestic market for credit transfers and direct debits in euros. In particular, this regulation, which is directly applicable in European Union member states, harmonizes the format of credit transfers (SEPA Credit Transfer [“SCT”]) and debit transfers (SEPA Direct Debit (“SDD”)). As an example of this harmonization, the bank account information for beneficiaries of credit transfers must now be presented using an International Bank Account Number (IBAN) and a Bank Identifier Code (BIC). The new regulations require a complete migration to the SEPA system as from February 1, 2014. However, credit transfers and direct debits that do not conform to this system continued to be accepted by credit and payment institutions until February 1, 2016. As a provider of e-payment solutions to merchants and Online Banking services to credit institutions, the Group has had to adapt its services offering, including the provision of payment card statements, and has also assisted its customers in their efforts to comply with these new requirements. The SEPA Regulation also seeks to enhance the interoperability of payment infrastructures, so that processing credit transfers and direct debits is not hindered by commercial regulations or technical obstacles, by, in particular, opening payment schemes used by payment services providers to credit transfers and direct debits. For example, the Group participated in the transition of the Bancontact payment scheme in Belgium, as required by the SEPA Regulation. In the past, in order to access the Bancontact payment scheme, it was necessary that the Group and its merchant clients first enter into a payment services contract. Accordingly, a merchant was only able to accept a Bancontact card if it was the Group that undertook the Commercial Acquiring activities in respect of the relevant payment transaction. Now, as required by the SEPA Regulation, the Bancontact scheme would, in such a scenario, be accessible to other licensed commercial acquirers, so long as they make the necessary technical and operational investments to be able to undertake acquiring activities in respect of domestic Bancontact debit cards. Additionally, the Group has collaborated with Dutch banks to render its iDEAL e-payment platform compliant with the SEPA Regulation.

Credit institutions can also be authorized to provide payment services. Like all activities exercised by credit institutions, these services can be outsourced, meaning that the institution entrusts to an external service provider, which may or may not be a regulated entity, the running of its operational activities. In France, such outsourcing activities are regulated by CRBF regulation 97-02 of February 21, 1997 relating to internal controls within credit institutions and investment firms. Under the provisions of this regulation, a credit institution’s external service provider must comply with the credit institution’s established controls procedures in respect of services provided and must communicate any information that could have an impact on its ability to undertake the functions that have been outsourced to it. For example, the Group issues payment cards and bank statements on behalf of its credit institution clients and, as a result, is, in France, subject to the supervision of the French Prudential Supervisory Authority (Autorité de Contrôle Prudentiel et de Résolution). Similarly, a licensed payment institution may outsource some of its activities provided it comply with its internal controls procedures. In this regard Atos Worldline NV/SA entrusts to the company certain operational functions related to the provision of payment services such as managing its data centers, and to equensWorldline SE the acquiring processing services. As a result, Atos Worldline NV/SA is, in Belgium, subject to both the Belgian law of December 21, 2009 regarding the status of payment institutions, access to payment services providers’ activities and access to payment systems and the Belgian Banking, Finance and Insurance Commission’s PPB 2004/5 circular of June 22, 2004 regarding sound management practices regarding subcontracting carried out by credit institutions and investment firms.

Regulation applicable outside of the European Union

C.5.3

The Group is not subject to any particular regulation concerning its activities outside of the European Union, with the exception of India, where the Group conducts Commercial Acquiring and Issuing Processing activities for limited amounts, which are subject to local regulations.

62

Worldline 2017 Registration Document