Upcoming CESOP reporting deadline: Where do banks stand?

Deadlines for the initial reporting to the Central Electronic System of Payment Information (CESOP) are scheduled for 30 April (EU) and 31 July (Germany). Banks are subject to high fines if they do not submit a report or if they provide incorrect information. What is the level of preparation among payment service providers obligated to submit reports (in Germany)? And how can EU specifications still be fulfilled in a timely manner? This article provides a compact overview of answers to these questions.

The start date for the record-keeping obligation, defined in the new EU specifications intended to fight VAT fraud, was 1 January 2024. As of 31 July 2024, payment service providers (PSP) in Germany are required to submit relevant transaction data to the Federal Central Tax Office (Bundeszentralamt für Steuern – BZSt). In addition to classic banks, savings banks and credit unions, specialised banks and e-financial institutions, as well as online marketplaces and intermediaries offering payment services, are obligated to meet the reporting obligations.


CESOP timeline since the start of the recording obligation on 1 January 2024

Level of preparation

The levels to which financial institutions located in Germany are prepared for the CESOP differ to a surprising extent. After multiple discussions between DPS and banks, supported by internal surveys, we have found that almost half of participating PSPs believe they will not be able to submit their reports promptly or believe there is a certain risk they will miss the deadline, which has already been delayed for Germany. This level of preparation is likely to be similar for banks in other EU countries.

We are also receiving feedback from market observers that major financial institutions are well behind schedule. Often, one problem is achieving a correct connection to core banking systems, through which customer data with tax IDs must be delivered. Other challenges include combining different payment methods and cross-account aggregation.

Other banks have already completed their preparations and are using the BZSt’s testing environment, which has now been reliably available since early April. Tobias Münsterberg, Product Manager for the CESOP Compliance Service of DPS, has a positive outlook on the project work completed thus far with participating banks: “The institutions are happy with our solution. The front end, for instance, allows for simple and targeted corrections of data sets with faults. I think we can certainly call the CCS a ‘feel-good solution’ for financial institutions”.

Threats of sanctions

Currently, national tax authorities are clarifying potential CESOP sanctions only on a step-by-step basis. In Germany, institutions can suffer penalties of up to 5,000 euros for each transaction that is not reported, or that is reported incorrectly. Only in view of the fact that major banks may process relevant transactions in the millions every day does the massive compliance risk resulting from CESOP become apparent.

Each EU country handles sanctions for missing or incorrect reports differently: In Austria, payment service providers who intentionally violate their record-keeping, submission, reporting or retention obligations can be punished with a fine of up to 50,000 euros. In France, failure to make a submission, inaccuracies or omissions can be sanctioned with a fine of 15 euros per individual transaction, up to a maximum limit of 500,000 euros per institution and calendar quarter.

Feedback from tax authorities as a litmus test

A review of these definitions underscores the prevailing opinion on the market that feedback from national tax authorities will become a litmus test for payment service providers’ CESOP applications. The BZSt, for instance, can accept reports, but can also reject them in whole or in part. Different error codes are possible for the rejection. The PSP is required to correct the report in whole or in part based on the response of the tax authority and submit it again if necessary.

Financial institutions that previously used in-house solutions (for instance via Excel and Access), in particular, may be confronted with complicated extra work. The need to manually process individual transactions can tie up significant personnel resources.


Further information on the CESOP reporting obligations and the CESOP Compliance Service of DPS is available here.

Are you interested in our CESOP Compliance Service?

Would you like to find out more about the CESOP Compliance Service from DPS? Let’s have an initial discussion to find out how DPS can support you.

You have question about our expertise, our services or products? You are looking for support in a specific mission? Please feel free to contact us.