4.1 Scope
As drafted in COM (2023a), the DE is to be a retail currency; cf. Recital (1). Article 16(1) empowers the ECB to impose holding limits. In light of G5 (preserve the functioning of the monetary system), ECB authors like Bindseil (2020) or Meller and Soon (2023) have argued that these limits must be low to prevent destabilization of commercial banks through deposit outflows. In this context, limits of €3,000 for individuals and zero for companies have been proposed, effectively restricting the DE to retail use.
With zero limits for companies, DE business-to-business (B2B) transactions would require conversion of commercial bank money into DEs, immediate transfer via the DE infrastructure, and prompt reconversion by the payee. Why should firms engage in this? It would be simpler to bypass the DE and transfer the commercial bank money directly. There is thus no compelling reason for DE B2B payments or transactions from businesses to consumers (B2C) — unless the DE infrastructure proves significantly safer or cheaper than current options. But cost advantages are unlikely, as the ECB must maintain the competitiveness of the TARGET/TIPS system if it intends to preserve it. And since private infrastructure is widely regarded as secure, B2B and B2C transactions are likely to continue relying on commercial bank money.
Zero holding limits for companies apply offline as well; cf. Article 16(4). Hence, companies can receive offline payments only via internet-connected devices that instantly convert DEs into commercial bank money. This contradicts the claim that the offline DE serves payments “in rural or remote areas without a (stable) communication network” (Recital 5), and the ECB’s (2024a) assertion that “offline functionality would enable payments to be made without an internet connection … in locations with limited network coverage, and in the event of power cuts.” Unlike cash, the DE appears ill-suited for such cases.
Also due to the holding limits, the DE falls short of a classical monetary function: storing value. This increases the likelihood that customers will prefer commercial bank money as a (likewise digital) means of payment, but without holding limits and with broader functionality.
Another limitation of the DE’s functionality arises from its restricted geographic reach; cf. Articles 18 and 19. As proposed, the DE would function as an internal currency within the Eurozone. Unless non-Eurozone countries—whether EU Member States or third countries—sign an agreement with the EU ensuring alignment of their national legislation with all relevant EU rules on the DE, Eurozone residents will generally be unable to make or receive DE payments when transacting with non-Eurozone residents. This stands in sharp contrast to euros in the form of commercial bank money or cash, which are widely accepted outside the Eurozone, especially in countries with many Eurozone tourists.
The Explanatory Memorandum refers to the DE serving “future use cases in industry 4.0 and web3,” and Recital 55 mentions “payments between machines.” However, both the prescribed account-based architecture with holding limits tied to legal entities and the fact that the DE is not programmable (Art. 24(2)) contradict this. The DE thus fails to support additional use cases that could give it an edge over cash or commercial bank money, or position it as a competitor to innovative programmable payment solutions.
Takeaway 1:
In terms of scope, the DE offers no advantage and faces four major limitations compared to cash or commercial bank money: it is confined to retail payments, lacks a meaningful store-of-value function, cannot serve as retail payment system in offline scenarios and is unusable outside the Eurozone unless a bilateral agreement is in place. These constraints make cash and commercial bank money more functional and widely accepted, casting doubt on whether the DE will achieve broad acceptance (G8 and IG5).
4.2 Risks
4.2.1 Insolvency risk and risks to financial stability
One reason the DE might be preferred to commercial bank money (though not to cash) is the absence of issuer insolvency risk. Under Article 4(2), the DE is a direct liability of the Eurosystem, like banknotes. In a banking crisis or run on private institutions, DE holdings are immune to the insolvency risk of the private banking sector. In this respect, DE is equivalent to cash.
But how does the DE affect banks’ insolvency risk? Besides banknotes, the DE introduces a second form of central bank money available to customers—another outlet for deposit conversions during a crisis. Any such conversion into DE or cash reduces bank reserves and increases insolvency risk. Article 13(3) grants users the right to convert cash and commercial bank money into DE at full face value —a process known as “funding” (the reverse being “defunding”). For the latter case this is explicitely stated to be possible “at any point in time, on a continuous basis.” As a result, depositors can shift commercial bank funds into central bank money instantly—subject only to the DE holding limit.
By contrast, if banknotes were the only available form of central bank money, deposit conversions would require physical visits to ATMs or bank branches. In a crisis, this may involve queues, closed branches, or empty ATMs. Reserve outflows would be slower without an instant digital method for converting deposits. In this sense, Article 13(3)(a) undermines goal G6 (stability of the monetary system).
Moreover, Article 13(3) is not fully consistent with Articles 8 and 12(1). While Article 12(1) affirms that DE and cash are always equal in value and Article 8 grants both legal tender status, Article 13(3)(a) gives customers a legal right to receive DE—rather than cash—up to the holding limit. Banks cannot meet this obligation by offering cash as a substitute. If they could, they might slow reserve loss during a crisis by avoiding instant, digital disbursements.
Lawmakers might consider amending Article 13(3) to allow banks—under exceptional circumstances and with ECB approval—to require that DE funding occur via cash. This would relieve them of the obligation under 13(3)(a) to provide DE funding continuously, letting them invoke 13(3)(b) instead. While customer claims on banks would remain unchanged, such a measure could significantly slow reserve depletion in acute crises.
Takeaway 2:
The digital euro, like cash, is free from issuer risk, as it is a direct liability of the Eurosystem, whereas commercial bank money carries the insolvency risk of the issuing bank. However, the DE’s seamless convertibility from deposits slightly increases the risk that financially strained banks become illiquid.
4.2.2 Security risks and risks to privacy—offline version
Article 23(1) requires that “the digital euro shall be available for both online and offline digital euro payment transactions.” Offline DEs, intended for payments “in close physical proximity” (Recital 75), are to be stored on local devices such as smartphones, tablets, or smartwatches (Article 2(31)). We first examine risks associated with offline use.
Offline payments are settled instantly by updating DE holdings on local devices (Article 30(1) and (3)) without connection to the payment infrastructure. The security of offline DE thus depends on the tamper resistance of hardware. Article 35(1)(c) tasks the Eurosystem with “safeguarding the security and integrity of … local storage devices.” Whether it can meet this obligation is uncertain. Grothoff and Dold (2021) note that “hardware protections typically fail against well-equipped adversaries” and cite successful attacks on all major architectures, including Intel, Samsung, ARM, AMD, and SIM cards.
Once compromised, devices could enable multi-spending.Footnote 1 Unlike counterfeit cash, which typically exhibits detectable flaws, unauthorized copies of DEs are exact and indistinguishable. Moreover, such copies could be used without limit, rendering potential financial damage unbounded. Note that any multi-spending event would remain undetected until the recipient reconnects to the internet to deposit the DE. (It is unclear how this aligns with the concept of instant settlement in Article 30(1).)
The risk of multi-spending and undue money creation due to attacks on hardware security is underscored by a formal result from Gilbert and Lynch (2002), who proved the impossibility of designing a distributed system that simultaneously ensures consistency, availability, and partition tolerance (CAP). Applied to DE, consistency prevents multi-spending, availability ensures continuous payment functionality, and partition tolerance allows operation during offline periods. The CAP theorem thus implies that offline DE, by enabling partition tolerance, must compromise either consistency or availability—or both.
In simple terms: offline DE cannot be both fully protected against multi-spending and reliably available at all times. Whether the Commission is unaware of the CAP theorem or chose to disregard it is unclear. In any case, the inherent conflict between CAP properties makes cash a more reliable bearer-based instrument, undermining goal G8. It is also hard to see how goal G4 (resilience of payment systems) can be achieved with a currency that is either sometimes unavailable or vulnerable to fraud.
We suggest that consistency and availability should take precedence over partition tolerance. This would mean either abandoning offline DE altogether—simplifying the system to a single online variant—or limiting it to an emergency fallback when online payments are unavailable or insecure.
In principle, measures might be devised that allow retroactive identification of fraudulent users. But this seems incompatible with the cash-like privacy of the offline DE established by Article 34(1): No personal data of payer or payee is recorded—except during funding or defunding.
Moreover, it remains unclear whether the personal identification of offline DE users—whether as victims or suspects of fraud—would be permitted under Article 37(2). Nor is it certain whether funding and defunding data alone, however detailed, would suffice to detect DE forgery.Footnote 2 ECB (2024b) vaguely refers to a “minimum amount of data compatible with the need to detect forgery,” leaving open whether, despite Article 34(1), storing transaction data and disclosing it in suspicious cases will be necessary.
In any case, the owner of a compromised device may indefinitely avoid reconnection. If he exploits someone else’s device and transfers the DEs from there, anonymity may render the fraud untraceable. The design of offline DE thus severely impedes fraud detection, undermining G10. Notably, Article 32 explicitly limits fraud detection to online DE.
There is a substantial risk that offline DE anonymity may facilitate other types of criminal activity. Relay attacks (cf. Tu & Piramuthu, 2020) could simulate proximity payments over the Internet, enabling transfers between devices that are not physically close. This would allow criminals to coerce victims into transferring offline DE to a perpetrator’s device. If anonymity holds, the perpetrator would be untraceable and would face lower detection risk than with cash or commercial bank money.
Digital crime can be automated and scaled, targeting many victims at once. Low holding limits per device do not prevent substantial criminal gains: small individual amounts can add up. Moreover, if blackmail involves sensitive information and minor financial loss, a significant share of such crime may remain undetected.
Tampering with offline DE devices—by foreign attackers or organized crime—could cause far greater harm than banknote forgery. Lower privacy standards may thus be justified. Cash will likely be perceived as less vulnerable to fraud and more reliable in terms of privacy, reinforcing concerns that achieving goal G8 (wide acceptance) for offline DE may be difficult.
Also, note that any holding or transaction limit places offline DE at a disadvantage relative to cash. Even if similar limits were imposed on cash, they would be hard to enforce and easy to bypass. Cash enables private holdings and payments at amounts that offline DE cannot match due to regulatory limits. Yet both are free of issuer risk. Thus, privacy concerns may seriously hinder goal G8 (wide acceptance), as individuals may prefer cash to offline DE.
Last but not least, the draft regulation is silent on liability: Would responsibility for fraud lie with the user, the device manufacturer, or the Eurosystem—and under what conditions? To foster DE adoption, lawmakers should consider explicit liability rules that exempt users except in cases of intent or gross negligence. While such protection may already follow from general legal principles and the privacy guarantees of Article 34(1), codification would reduce uncertainty and reassure users. The same may hold true for device manufacturers.
Takeaway 3:
Offline DE offers cash-like privacy within stricter holding limits than cash. Since hardware is inherently vulnerable, offline DE entails higher liability risks for users and possibly for the Eurosystem – with no reduction in issuer risk. It also cannot be both reliably available and immune to fraud, undermining G4 and G10. Therefore, users may prefer cash. Criminals, however, might value digital anonymity for scalable extortion and blackmail.
4.2.3 Security risks and risks to privacy—online version
The online DE depends almost entirely on PSPs for distribution. Under Article 13, PSPs must offer customers the ability to open DE payment accounts (DEPAs) and manage DE payments through their services. Customers may enable automatic transfers of excess DE holdings to a non-DE payment account (NDEPA) (“waterfall”) and automatic coverage of excess DE payments from this NDEPA (“reverse waterfall”). As Article 13(6) excludes any contractual relationship between users and the Eurosystem, PSPs remain users’ sole point of contact.
The security of online DE payments matches that of commercial bank money, as both rely on the PSP’s existing systems. PSPs will integrate DE management into their platforms and protect its integrity using the same mechanisms applied to commercial bank transactions. They will also connect to the Eurosystem’s DE infrastructure as they do when managing reserves. Thus, security neither incentivizes nor discourages the use of online DE.
The situation is different with respect to privacy. For online DE transactions, PSPs must collect and store the same non-anonymized data as for commercial bank money, with storage decentralized across PSPs. Unlike commercial bank money, however, the ECB’s digital euro infrastructure will also record all individual transactions centrally (cf. Article 30(2)). These records must not contain personal data that “directly identify individual digital euro users” (cf. Articles 34(4) and 35(4)). But Article 30(1) and (2) require that online DE transactions be settled instantaneously “at the moment of recording the transfer of the digital euros concerned from the payer to the payee.” This implies that the ECB will see all transactions and the corresponding DEPA identifiers.
Such access raises privacy concerns. While Article 34(4) requires PSPs to separate names and other personal data from DEPA identifiers, preventing direct identification, it remains unclear whether indirect identification based on DEPA identifiers is possible. Scientific evidence suggests that pseudonymized payment data can allow individual re-identification (cf. Lubarsky, 2017). Kikuchi (2021) shows that the likelihood increases with the number of records linked to a pseudonym. Such indirect identification would be legally permissible, as the draft regulation prohibits only direct identification.Footnote 3
While the ECB likely has no intention of re-identifying users, some—perhaps many—users may remain skeptical. As ECB (2024a, 2024b) notes: “The public consider privacy and data protection to be two of the most important design elements of a digital euro.” The mere fact that re-identification is legally and technically feasible may fuel fears of secret surveillance, undermine trust in the DE and harm the wide acceptance goal (G8).Footnote 4
Such concerns could be addressed by excluding any form of identification, including indirect re-identification, and by ensuring that the Eurosystem cannot link transactions to fixed pseudonyms. For example, the Eurosystem could be informed that a transfer is taking place between two PSPs, identified only by a random transaction ID. The associated DEPA numbers would be exchanged exclusively between the PSPs, bypassing the Eurosystem. The receiving PSP would learn only the amount and the account to be credited, remaining unaware of the payer’s account.
As a result, the ECB would not know which accounts are involved, but would merely register a transfer between PSPs (cf. Chaum et al. (2021)). This setup would closely mirror current commercial bank money transfers, where the Eurosystem moves reserves between banks without information on the underlying customer accounts. It would even offer stronger privacy than today, as the payer’s identity would no longer be disclosed to the payee’s PSP.
Takeaway 4:
Online DE and commercial bank money offer equal security. They have similarly low privacy at the PSP level, but central storage of pseudonymized transaction data raises re-identification concerns unique to the DE, possibly undermining goal G11 (ensure protection of personal data).
4.2.4 Legal liability in case of security breaches
A striking omission in the Commission’s proposal is its silence on liability in cases of theft, security breaches, or malfunctions—whether in online or offline DE use. Unlike commercial bank money, the DE is a direct liability of the ECB (Article 4(2)), not of the PSP providing access. Hence, the liability rules of PSD2, which govern PSP responsibilities in cases of fraud or unauthorised payments, cannot be directly applied.
This raises fundamental questions: If a criminal hacks a DE-enabled device or account, replicates digital euros, and spends them multiple times before detection, who bears the loss? The user—despite no negligence? The PSP—despite neither issuing nor holding the DE? The device manufacturer? Or the Eurosystem—as the issuing authority?
Article 35(1)(c) assigns the Eurosystem responsibility for safeguarding offline devices but is silent on liability if protection fails. Article 13(6) excludes any contractual relationship between users and the ECB or national central banks, leaving unclear how compensation claims could be pursued.
European law defines PSP liability in detail under PSD2 (Articles 73–92) but offers virtually no guidance on the ECB’s liability toward private actors. Under Article 340(3) TFEU, the ECB is liable only “in accordance with the general principles common to the laws of the Member States” and only for damage “caused by its servants in the performance of their duties.” This creates doubt about ECB liability for systemic flaws, institutional negligence, or failure to address known vulnerabilities. Without explicit liability rules, legal uncertainty may erode the very trust in central bank money that the DE aims to strengthen.
Takeaway 5:
The introduction of the DE raises unresolved questions about liability in cases of theft, malfunction, or security breaches. Since the DE is a direct liability of the ECB—not the PSP—existing PSD2 rules may not apply, be justified, or proportionate. The draft regulation does not clarify whether users, PSPs, or the Eurosystem would be liable for resulting financial losses. Such legal ambiguity could seriously undermine confidence in the DE, i.e. goal G8 (wide acceptance).
4.3 Costs
The costs associated with the introduction and use of the digital euro (DE) can be either direct or indirect. Direct costs can be divided into four categories: those borne by the Eurosystem, PSPs, merchants (retailers), and households (customers).
Regarding the latter, Recital 40 explicitly states that “natural persons …should not bear any direct fees for their basic access to and basic use of the digital euro.”Footnote 5 Basic DE usage is defined in Annex 2 of the draft regulation (COM (2023c)) and includes, among other features, waterfall and reverse waterfall functionalities as well as point-of-sale (POS) DE transactions.
It is unclear why Article 17(2) explicitly allows merchant service charges—defined as “a fee paid by the payee to a payment service provider when acquiring a digital euro payment transaction”—while PSPs are prohibited from charging natural persons for DE usage. Clearly, merchants could avoid charges by having natural persons handle the company’s DE transactions free of charge. Waterfall and reverse waterfall mechanisms could then convert digital euros into or from commercial bank money at no cost, with final settlement between the individual and the company taking place entirely in commercial bank money.
Merchants and PSPs would ultimately pass on uncovered DE costs via higher prices, making customers bear them indirectly. As most users may remain unaware of this, the perception of DE as cost-free could support—or at least not hinder—goal G8 (wide acceptance).
Mandatory acceptance (Articles 7(2), 9(a)) requires enterprises of a certain size, and all firms accepting “comparable digital means of payment”, to install and operate the technology needed for DE payments and to cover related costs. PSPs may charge merchants for DE services, up to specified limits (cf. Article 17(2), (6)). Unlike voluntary systems like credit cards, DE must be accepted. Undesirably, cost pressures may compel firms to abandon alternative voluntary systems, even if these offer superior functionality or better match customer preferences.
Mandatory acceptance supports G2 (reduce fragmentation) and G8 (wide acceptance), but may undermine G3 (payment system efficiency) and G1 (promote innovation). Among implicit goals, it furthers IG2 (EU control over payment infrastructure) and IG3 (reducing foreign PSPs’ market share), yet likely conflicts with IG1 (increasing competition).
Like merchants, PSPs face potentially significant costs when providing DE services. Article 14(1) obliges retail credit institutions to offer all basic DE functions, requiring software integration, maintenance, customer support, and compliance with AML/CFT rules under Directive (EU) 2015/849 (KYC). PSPs also serve as users’ sole point of contact, while the ECB and NCBs—though ultimately liable for the DE—remain uninvolved. Yet under Article 13(1), PSPs may not charge natural persons for basic services.
The regulation leaves unresolved how PSPs can recover costs for managing a liability that is not theirs. Without Eurosystem compensation, they may be forced to cross-subsidize DE services by raising other fees or lowering deposit rates. Since basic DE payment services are free, most DE users will perceive the DE as costless, and even those who do not use it will indirectly finance it through higher fees or lower rates.
Cross-subsidization could trigger a substitution effect: customers may favor the cost-free DEPA over NDEPAs or other deposit accounts if the latter become less attractive. While this promotes G8 (wide acceptance), it undermines the appeal of traditional banking. Holding limits under Article 16(1) may thus be needed to avert risks to G6 (monetary stability).
Turning to Eurosystem costs, Recital 41 states that it will not charge PSPs “for the costs it bears to support their provision of digital euro services.” PSPs, however, may view this as entirely inverted: DEs are neither assets nor liabilities on their balance sheets, and basic DE services are commercially unprofitable. From their perspective, they provide these services solely to fulfil a legal duty—serving the Eurosystem’s interests, not their own. In fact, the Eurosystem outsources core CBDC functions to private institutions—responsibilities that, in the eyes of PSPs, should lie with the central bank itself.
Even if the Eurosystem covers its own costs—e.g. for DE development, infrastructure, and clearance—this would reduce NCB profits and, by extension, national budget contributions. Therefore, the DE would be no free lunch for taxpayers: it adds to payment system costs, ultimately borne by private agents—either via higher prices or reduced public resources.
Alternatively, the Eurosystem may offset costs by drawing on PSPs. Recital 9 suggests issuing DE by converting their central bank reserves. Since most reserves are held in the ECB’s deposit facility and earn the deposit facility rate (DFR), this would lower the ECB’s interest expenses—cutting into banks’ risk-free income.
For example, if the DFR is 2% and €1 trillion in DEs are issued (as in Bindseil & Panetta, 2020), this would yield €20 billion annually—far exceeding DE-related costs. However, under traditional reserve scarcity, the ECB could not offset these costs merely by lowering reserve remuneration.
Takeaway 6:
Wide acceptance (G8) is legally enforced by prohibiting PSP fees for basic DE services and requiring most merchants to accept DE. Yet who bears direct costs matters little, as all expenses ultimately fall on private agents.
Takeaway 7:
Although users may believe the DE is cost-free, this is a misperception. Unless other payment systems are drastically scaled back or removed, the DE adds another layer of costs for private agents.
4.4 Convenience and inclusiveness
Convenience is crucial for the wide acceptance of the DE (G8). The online DE will likely match commercial bank money in ease of use—assuming users have sufficient digital skills and their DEPAs are linked to NDEPAs via waterfall mechanisms. However, for users who dislike waterfall options, DE holding limits make payments less convenient than those via commercial bank money, cards, or private systems like PayPal.
People with limited digital skills or economic knowledge may struggle to distinguish between offline DE, online DE, and commercial bank money, or to grasp complex holding limit rules across accounts and devices and involving waterfall mechanisms. Increasingly demanding and still-unknown security and authentication requirements, along with occasional disruptions on private devices when software is updated, further complicate matters. Finally, the growing number of payment options (e. g. cash, credit card, giro card, online/offline DE, PayPal, Wero, Apple Pay, Google Pay) may leave consumers perceiving the market as fragmented, contrary to goal G2.
For anybody, offline DE payments are likely far less convenient than cash. A proximity connection must be established between devices, which may fail due to technical faults or user error. High-security authentication, such as 2FA, will likely be required, and holding limits on either device may prevent transactions. These hurdles are especially problematic for the elderly and people with disabilities, undermining financial inclusion (G7). In contrast, cash is unaffected by such issues and remains more accessible and reliable in everyday use.
To promote inclusiveness, Article 14(3) and (4) requires that most PSPs and some government-appointed entities provide face-to-face digital support for people with disabilities or limited digital skills. The designated entities must also offer basic DE services to individuals without an NDEPA. These provisions raise several issues that merit further attention:
First, Article 14 should explicitly state that inclusion support and basic DE services must be free of charge, since requiring payment for the former would be unjust and the entities designated by Member States should be bound by the same rule as PSPs.
Second, it remains unclear whether vulnerable third-country nationals such as asylum seekers or migrants without a residence permit are entitled to the (free) services outlined in Article 14(3) and (4). Many of these may just have limited proficiency in the domestic language, but neither a lack of digital skills nor a physical or mental disability.
Third, if digital inclusion and basic DE services are offered free of charge, the financial burden shifts to designated public entities and PSPs. Given the number of beneficiaries and the time required per client, this burden may be significant. Providers may then seek to cut costs, resulting in poor service quality, long waiting times, or access barriers—undermining the goal of inclusiveness (G7).
Takeaway 8:
Offline DE is significantly less user-friendly and far less inclusive than cash. Free support for marginalized or vulnerable individuals will likely suffer from quality shortcomings, making full inclusiveness (G7) difficult to achieve.
4.5 Competition
4.5.1 Competition between DE and private payment solutions
The draft regulation’s implicit goal IG1 (increasing competition in payment services) aligns with the explicit goal G9 (preserving the euro’s role in retail payments) only if the DE holds a competitive edge over private technologies or foreign digital currencies. However, it remains unclear where such an edge would come from.
A framework aimed at promoting competition and innovation (IG1 and G1) should largely remain neutral with respect to the technology or infrastructure used—by the DE or its competitors—as long as payment services are efficient and resilient (G3 and G4). Yet, two major breaches of this neutrality principle stand out.
First, the draft regulation requires the DE to be distributed by PSPs (Article 13). It will be cost-efficient for them to process DEs via their existing infrastructure. But this keeps the DE on equal footing with private euro payment solutions and prevents it from gaining a competitive edge over them at the infrastructure level.Footnote 6
Second, Article 24(2) prohibits the DE from being programmable money. While Article 24(1) allows the ECB to enable conditional payments, more extensive programmability would conflict with the DE’s role as legal tender. To ensure full fungibility, features like time limits or use restrictions to specific goods or services are ruled out.
This design choice, though justified, imposes a significant technological limitation. As Recital (7) notes, demand for programmable money may emerge beyond conditional payments. Even governments might seek broader functionality—for instance, to ensure that social transfers are spent on eligible goods or at trusted merchants who then would be allowed to convert such funds into fully fungible euros.
The prohibition in Article 24(2) places the DE at a technological disadvantage compared to competing currencies with broader programmability. While the restriction could in principle be lifted if greater flexibility proves necessary, competing payment solutions may by then have advanced so far that it will be difficult for the DE to catch up.
Hence, the legal framework prevents the DE from offering superior infrastructure and limits its technological potential by restricting programmability to conditional payments. This places the DE at an inherent competitive disadvantage in pursuing goal G9 (preserving the euro’s role in retail payments). However, this is—perhaps more than fully—offset by the regulation’s grant of legal tender status (Article 8) and the mandatory acceptance requirement (Article 7(2)).
The latter grant the DE an advantage over other payment solutions that would likely be favored in a genuinely open market. The draft regulation implicitly concedes that the DE may not achieve goal G9 without regulatory privileging—being the only digital means of payment with legal tender status and mandatory acceptance. Its success would thus reflect not inherent superiority but the effect of legal design.
This raises the question of whether the DE will actually achieve IG1 (increasing competition in payment services). While the DE is, trivially, a new market participant, the key issue is whether it will stimulate greater competition among non-state digital payment solutions and thereby promote efficiency (G3) and innovation (G1).
It is unclear why this should be the case. A public payment solution—free for users, legally privileged, and entitled to unlimited use of competitors’ infrastructure at no cost—enters a market long served by private PSPs. Their market share and profits are likely to decline, reducing incentives for investment and innovation.
Greatly harmful to innovation is the almost parasitic way in which the DE would utilize private infrastructure. PSPs must expect that all their infrastructure investment will, by law, also benefit the DE—depriving them of competitive advantage through technology or service quality. Yet competition via pricing is equally unviable, as DE usage is free (for basic services) and central banks are under no obligation to operate the DE profitably.
Takeaway 9:
Infrastructure constraints and limited programmability place the DE at a structural disadvantage compared to private solutions, raising doubts about its ability to preserve the euro’s role in retail payments. Despite this potential inferiority, its usage is promoted by legal tender status and mandatory acceptance. This may deter innovation and investment by private PSPs and ultimately weaken competition.
4.5.2 Competition between banks and non-banks
The draft regulation differentiates between banks and non-banksFootnote 7: Banks are required to provide DEPAs and basic DE services upon client request (Article 14(1)), while non-banks may, but are not obliged to do so (Article 13(1); see also Recital 28).
As previously noted, basic DE services are inherently unprofitable for PSPs, as no fees may be charged. Moreover, when customers fund DE by converting deposits, banks lose both the reserves and their remuneration. Funding DE therefore results in bank losses equal to the interest income that would have been earned on the foregone reserves.
If DE in circulation is €1 trillion and the DFR is 2%, total annual funding costs for PSPs would be €20 billion. Yet under Article 13(1), non-banks may opt out of offering DE services, leaving banks to bear the full cost while being unable to earn revenue from basic DE services. This creates an uneven playing field and gives non-banks a regulatory advantage. Since many are foreign-owned (e.g. PayPal, Stripe, Worldpay, Visa or Master Card), this setup runs counter to implicit goal IG3, which seeks to reduce foreign market share and support EU-based PSPs.
Note, however, that competition between banks and non-banks is already severely distorted, as banks receive substantial risk-free interest on their large excess reserves. Lucke and Meyer (2024) argue that this is undeserved income as excess reserves are risk-free and unconnected to any productive activity. The unequal DE funding burden partly offsets this undeserved competitive advantage of banks. In this sense, one distortion is mitigated by another.
If non-banks choose to provide DE services, their DEPAs must be linked to NDEPAs at banks. As a result, banks still bear the funding cost through lost interest income on reserves. To address this, Article 17(2) allows banks to charge non-banks a proportionate inter-PSP fee, which may include a “reasonable margin of profit” but must not exceed fees for comparable digital payment methods. Under Article 17(3) and (4), the ECB must regularly monitor relevant developments.
Inter-PSP fees are a suitable way to ensure that non-banks contribute to DE funding costs. However, there is no need to define proportionality criteria by law or to assign the ECB a supervisory role. Non-banks can opt out of DE provision, leaving the full burden of funding costs to the banks. This gives non-banks strong bargaining power, and banks have clear incentives to offer competitive terms. In this context, concerns about market power abuse by banks appear unwarranted.
Takeaway 10:
The draft regulation creates an uneven playing field by shifting the full burden of DE funding costs onto banks. Since non-banks are often foreign-owned PSPs, this contradicts the implicit goal to reduce the market share of foreign-owned PSPs and support EU-based PSPs. Proportionality rules for inter-PSP fees are unnecessary and should be deleted.
4.5.3 Competition between DE and stablecoins
The explanatory memorandum rightly notes that the euro may eventually compete with third-country CBDCs, crypto-assets, or stablecoins. This paper focuses on one potential competitor from that broad field: a stablecoin issued by Eurozone banks and fully backed by reserves.
Suppose banks label it the private digital euro (PDE). Each bank would issue PDEs by segregating an equivalent amount of euro reserves from its general holdings. Segregation entails placing these reserves under the control of an independent fiduciary tasked with ensuring that their value always matches outstanding PDEs. PDE holders would enjoy contractual priority claims on segregated reserves in the event of bankruptcy and have instant convertibility into cash or DE—even during insolvency. Thus, PDEs would match the DE in terms of issuer risk.
If clients request to convert cash or deposits into PDEs, banks can issue the corresponding amounts and credit them to a PDE payment account (PDEPA), set up like a DEPA. Waterfall and reverse waterfall functions are not required due to the absence of holding limits but can be implemented if desired.
As long as the ECB operates in an excess reserve regime, banks continue to earn DFR interest on segregated reserves. In terms of interest income, the PDE is thus Pareto-superior to the DE for both banks and clients. If the DFR is 2%, banks could offer 1% on PDEPA holdings, making PDEs more attractive than DEPAs, which earn 0% under Article 16(8). Banks would retain 1% risk-free interest income on reserves that they would lose if the customer opted for the DE.
As noted, PDEPAs do not require holding limits. This makes the PDE more attractive than the DE, as it can be used without restriction as a store of value. Banks would also be free to allow positive PDE holdings for companies, for which a DE holding limit of zero has been proposed. As long as banks hold or can acquire sufficient reserves, no limit on PDEs is needed—and DE holding limits may prove obsolete since PDEs consistently offer better returns.
Moreover, banks do not require a separate settlement infrastructure for PDE transactions. When a customer initiates a PDE payment, the PDEs can be instantly converted into DEs, credited to his DEPA, transferred via the DE infrastructure to the payee’s DEPA, and—if arranged by the payee—converted back into PDEs. Payer and payee may not even notice the use of their DEPAs, which may hold a non-zero balance only for a few milliseconds during the transaction.
Banks would incur minimal costs in establishing a stablecoin like the PDE. Customer interfaces and software can largely be replicated from the DE setup. There are no additional costs for settlement infrastructure, and expenses for KYC, customer support and inclusiveness merely shift from DE to PDE. Costs for regulatory approval and fiduciary services should be small.
Naturally, a stablecoin like the PDE may become unviable if the ECB returns to a regime of reserve scarcity. However, the ECB is expected to maintain excess reserves for the foreseeable future, and PDE setup costs are likely low. Contractual terms could allow banks to discontinue the PDE at any time, with all holdings converted one-to-one into DE or cash. Banks therefore face little risk in launching such a stablecoin. As long as large excess reserves exist, it is a free lunch—profitable for banks and preferable to the DE for their customers.
One aim of the DE is to preserve the ECB’s monetary policy influence as cash use declines. Paradoxically, it may prompt the emergence of private alternatives like the PDE, whose holdings—though potentially central to payments and thus price stability—the ECB might find difficult to control. If the DE does not help maintain the ECB’s possibly slipping control of monetary policy, it would be next to useless for achieving goals G5, G6 and implicit goal IG4.
Takeaway 11:
A stablecoin backed by reserves may outperform the DE and reduce DE usage to almost zero. In that case, the DE would fail to enhance the ECB’s control over transaction-relevant money and be a futile effort to safeguard price stability.
4.5.4 Technological dependencies and implications for competition
The draft regulation promotes innovation and competition (G1, IG1) but is silent on rules regarding openness, patents, or public access to technical documentation. Without such rules, large parts of the DE’s software and hardware are likely to be proprietary and protected as trade secrets. This may impede future improvements and distort competition if only the original vendors can maintain or extend core functionalities.
Proprietary implementations can hinder interoperability and raise integration costs for third-party providers, especially when documentation is incomplete or restricted. Security researchers also face obstacles when evaluating the robustness and privacy of closed systems. Vulnerabilities may go undetected longer, and once disclosed, only the rights holder may be able to fix them—delaying critical responses and increasing systemic risk. Even with contractual update obligations, exclusive control over the code base can prevent timely remediation by others.
Given the regulation’s goals of fostering innovation (G1), ensuring resilience (G4), and increasing competition (IG1), the narrow reference to open standards in Article 26—limited to interoperability with private digital means of payment—appears problematic, especially in the absence of any mention of open-source licensing. Aligning the DE’s implementation with the EU’s Open Source Strategy (COM(2020) 7149 final) would enhance technological sovereignty, reduce long-term dependencies, and create a more level-playing field for providers.
Takeaway 12:
The draft regulation fails to align the DE’s technical implementation with the EU’s open-source strategy. In the absence of clear provisions, proprietary technology may hinder interoperability, restrict independent security review, and reinforce vendor lock-in. Full disclosure of the technical stack would enhance transparency, promote competition, and support Europe’s goal of digital sovereignty.