All about entering SEPA: Interview with the expert from the Bank of Lithuania

2024 03 22 · 4 min read

CENTROlink enables financial transactions across Europe, allowing financial institutions to access SEPA and offer payment services. With its growing transaction volume each year, CENTROlink solidifies its role in the European fintech landscape. 

This is why we spoke about CENTROlink with Evaldas Ruzgys, the Director of the Market Infrastructure Department at the Bank of Lithuania. In this interview, we discuss why it is crucial for financial institutions to stay informed about CENTROlink’s upgrades, challenges, and technical maintenance. 

Growth drivers of the CENTROlink payment system 

The number of payments in CENTROlink managed by the Bank of Lithuania has surged over 10 times since 2018, reaching 228.3 million payments totalling EUR 456 billion in 2023. Instant payments, representing 55% of all transactions on CENTROlink, are increasingly popular. Lithuania leads the euro area in instant payments, with its providers handling 64% of interbank credit transfers, surpassing the euro area average. Analysing these numbers, Evaldas discusses the main factors driving CENTROlink’s expansion:  

“Overall growth is mainly impacted by EU-licensed PSPs that provide SEPA payment services via CENTROlink across the continent. While new players are entering the SEPA via CENTROlink, they don’t have the same impact as the major financial companies. For new payment market players, the use of CENTROlink opens up the possibility of providing SEPA payment services on the same terms as other financial institutions in the eurozone. It’s challenging to enter the market due to intense competition and the similar services offered by many fintechs.”   

Evaldas continues by saying: 

“Although the number of payments in the banking sector isn’t increasing, the volume and value of payments executed by non-bank PSPs are growing substantially. The fintech market is maturing, with early entrants gaining strength and experiencing significant growth in business volumes. So, we see that interest in CENTROlink remains strong in Europe.” 

The expansion of CENTROlink indeed reflects the dynamism and competitiveness of the fintech market in Lithuania and Europe. However, financial institutions should recognise that connecting to SEPA via CENTROlink may not always be a quick process. It requires thorough preparation for both the authorisation and IT integration phases. 

CENTROlink integration hassles that fintechs should consider 

While CENTROlink integration may initially appear highly technical, not a single fintech can jump into the integration process right away. Financial institutions must first undergo a thorough and complete risk assessment process, which in some cases could be even more complex than the integration itself, according to Evaldas:  

“Obtaining authorisation can often be more challenging. Having a PSP license is not sufficient to start providing SEPA payment services through CENTROlink. Sound management of risks related to money laundering and financing of terrorism, proper governance arrangements and procedures, compliance with regulatory requirements and impeccable reputation are key. Fintech companies may be granted authorisation only after demonstrating proficiency in these areas. And then they are ready for a technical integration phase.”  

The complexity and duration of technical readiness depend on the SEPA payment services each company plans to offer via CENTROlink. Financial institutions also need to consider their existing IT capabilities.  

“Larger financial institutions, having sufficient technological capabilities and resources, usually face a less complicated technical integration process when connecting to SEPA through CENTROlink. Although the timeframe may vary, such PSPs may expect to complete the integration and testing processes within 3 to 6 months. On the other hand, smaller institutions with limited IT capabilities may face greater challenges and take longer, particularly if they try to complete the integration phase without external help. They often don’t have the staff or expertise to focus solely on CENTROlink integration. In these cases, it’s advised to partner with experienced integration partners for a smoother process”, says Evaldas.  

For example, the technological requirements are lower if you aim to offer SEPA credit transfer services without SEPA instant payment services. However, the IT demands will be higher if you intend to provide more comprehensive services. Once connected to SEPA via CENTROlink, financial institutions should prioritise effective maintenance. It is essential to ensure compliance with the payment system’s processes and to stay updated on upgrades. 

Essentials for CENTROlink maintenance 

In today’s fintech field, payment systems and their maintenance are naturally rooted in constant technological upgrades. CENTROlink is no exception to that. Evaldas comments on that by saying:  

“We’re considering making CENTROlink integration and tech stack updates easier using new technologies. Yet, this is a natural part of the technology lifecycle as systems age and must be updated and invested in. So, financial institutions should be aware that maintaining the CENTROlink payment system is based on continuous improvement. Additionally, SEPA brings frequent technological changes, often occurring quarterly. Some customers may assume that once connecting to SEPA via CENTROlink, the technical part is completed, but the reality is that maintenance of the payment system at the Bank of Lithuania and implementing of SEPA updates demand continual IT resources.”  

Continuing the discussion, CENTROlink expert explains why financial institutions may consider the regular role of the IT partner or integrator:  

“PSPs, providing SEPA payment services via CENTROlink, are aware of the regular quarterly updates. New customers often prioritise connecting to SEPA and only later realise the need for subsequent updates, as these occur every quarter. While not every change affects all institutions, each financial institution is responsible for reviewing the parameters. While the Bank of Lithuania provides essential updates, requirements, and monitoring guidelines, the responsibilities of IT partners go beyond the primary connection to CENTROlink. They entail continuous efforts to ensure compliance and streamline operations for optimal efficiency.”  

Technological improvements within SEPA are also necessary to guarantee solid resilience against financial fraud, cyber attacks, and other security risks. 

SEPA risks and their prevention 

Assessing and mitigating potential risks are essential components of any financial process. When it comes to SEPA, there are several critical factors, such as anti-money laundering and compliance obligations. These elements help to ensure the integrity and legality of financial transactions and prevent illicit activities. 

Additionally, cyber threats present significant risks to payment processes, with potential consequences ranging from interruptions to complete stoppages, highlighting the critical need for strong cybersecurity measures. 

Alongside these, there is another significant risk – fraud prevention. Protecting payers and verifying payment details, such as IBAN and name matching, is important to fraud mitigation efforts. Delving deeper, navigating these challenges becomes particularly intricate within the European context. Here, Evaldas shares an example: 

“Imagine the challenges that may arise when handling payments for individuals with names that include special letters with symbols above, within or below the letters. Advanced automated verification systems become essential in these cases to ensure accuracy and authenticity.” 

CENTROlink expert also mentions what determines risk management in the context of SEPA: 

“Time sensitivity means everything in SEPA payment transactions, with risks needing immediate prevention or quick resolution within seconds. This is why financial institutions follow multiple layers of risk management protocols, requiring constant monitoring and quick action to maintain payment security and continuity.” 

Plans to make payments more convenient and secure in Europe 

When talking about the existing and future projects that may impact the Lithuanian and European payment landscape, Evaldas shares three core projects, starting with already ongoing project:  

“One of the projects completed last year was the deployment of a new Proxy Lookup Service, a database linking phone numbers to IBANs and maintained by the Bank of Lithuania. This allows payments to be made using only the recipient’s phone number, facilitating retail payments. Currently, only Swedbank and SEB, are connected to the Proxy, but more payment service providers are expected to join in the future, enhancing the service’s accessibility.”  

CENTROlink expert proceeds by introducing one of the forthcoming projects:  

“Another upcoming project is the reconciliation of payer’s IBAN and personal data. We discussed it a bit earlier, but it will become a regulatory requirement that payment service providers must comply with. From an IT perspective, financial institutions will need to implement an additional API call to verify if the payer’s account number and name align, serving as an added security against money laundering.”  

Looking ahead to the second half of the upcoming year, Evaldas outlines one future project from the perspective of CENTROlink:  

“In the second half of 2025, CENTROlink will introduce an EU-wide new type of message called SEPA Request to Pay (SRTP), allowing fund collectors to request payments, addressing the lack of SEPA direct debit usage in Lithuania. This project aims to simplify payment collection processes for institutions.” 

Thank you, Evaldas, for your valuable insights!