Quick Jump

Corporate Advisory Legal

How can we help you?


The revised Payment Services Directive (PSD2) aims to further modernise Europe's payment services for the benefit of consumers and businesses. It promotes the development of innovative online and mobile payments, more secure payments and better consumer protection. At the same time, the directive aims to improve the level-playing field for payment service providers - including new players or FinTechs - and contribute to a more integrated and efficient European payments market. Overall, the updated rules will help to facilitate innovation, competition and efficiency in the EU online payments market. PSD2 also marks another step towards the completion of the digital single market in the EU andgives consumers more and better choices when it comes to retail payments

Many elements of the PSD2 already entered into application across the EU on 13 January 2018 and more improvements come into application on September 14.

PSD2 brings several major consumer benefits, such as:

  • PSD2 tackles fraud in online payments: PSD2 introduces strong security requirements for electronic payments and for the protection of consumers' financial data to ensure their privacy is respected by all market operators. These rules should boost consumer confidence when buying online (as of September 2019);
  • PSD2 opens the EU payment market to competition: PSD2 sets the stage for the future. With online financial services constantly evolving, the new rules will apply equally to traditional banks and to innovative payment services and new providers, such as FinTechs. These players, also called third party payment service providers (TPPs), will now be regulated under EU rules. They will be able to bring a wealth of consumer benefits. For instance, they can initiate payments on behalf of customers. They give assurance to retailers that the money is on its way, or give an overview of available accounts and balances to their customers (as of September 2019);
  • PSD2 increases consumers' rights in numerous areas. These include reducing consumers' liability for unauthorised payments and introducing an unconditional ("no questions asked") refund right for direct debits in euro (in application since January 2018);
  • PSD2 prohibits surcharging, which is additional charges for payments with consumer credit or debit cards, both in shops or online. These rules are applicable since January 2018;
  • PSD2 improves complaints procedure - PSD2 obliges Member States to designate competent authorities to handle complaints from payment service users and other interested parties, such as consumer associations, if they consider their rights established by the Directive have not been respected. Payment service providers should put in place a complaints procedure for consumers which can be used before seeking out-of-court redress or before launching court proceedings. Payment service providers are obliged to respond in written form to any complaint within 15 business days (since January 2018).


  • Low corporate income tax rate of 12.5%
  • EU & OECD Compliant
  • Access to EU directives (e.g. Parent-Subsidiary)
  • Extensive double tax treaty network with over 60 countries
  • Dividend participation exemption (subject to conditions)
  • Exemption from tax on gains from the disposal of securities (e.g. shares, bonds)
  • Notional interest deduction on equity applies to all taxpayers and all business activities
  • No withholding taxes on interest and dividends
  • No taxation of capital gains (except for disposal of real estate in Cyprus or shares of company holding real estate in Cyprus)
  • No succession taxes
  • No Controlled Foreign Company (CFC) rules
  • Tax neutrality on foreign exchange differences unless they arise from trading in currencies or currency derivatives
  • Foreign tax relief on income subject to both Cypriot and overseas tax
  • Exemption on profits of foreign permanent establishments (subject toc onditions)
  • Company reorganisation rules based on the EU Mergers Directive allow for tax-neutral group restructuring
  • Attractive Intellectual Property regime in line with “modified nexus approach” (OECD Action 5)
  • No exit tax rules
  • 50% exemption on employment income exceeding €100,000 per annum for non-residents taking up employment in Cyprus
  • No tax on dividends, interest and rental income of non-domiciled individuals

1.The name of the Company

This must first be approved by the Registrar of Companies – a special form must be submitted to the Registrar of Companies for this purpose.

2.A brief description of the Company’s objects

The “Objects” of a Company indicate the activities which a Company may choose to engage in; they are inserted in the Memorandum of Association of the Company.

3.The amount of the authorized and issued share capital of the Company and its currency and par value

Please note that as of 1st of January 2008, the share capital of Cyprus companies which used to be in Cypriot pounds must be converted into EURO. It is thus advisable to use either EURO or USD as the nominal capital of Cyprus Companies.

4.The names, addresses, occupation, passport details, date of birth and nationality of the proposed shareholders and the proposed percentage of shares each will hold

5.In case we are asked to act as nominee shareholders holding the shares in the Company on trust for the beneficial owner/s, we require the names, contact details, passport details, date of birth and nationality of the proposed beneficial owners and the proposed percentage of shares which will be held on trust for each of the above

6.The names, addresses, occupation, passport details, date of birth and nationality of the proposed directors and secretary of the Company;

It is advisable to use Cypriot directors so as to satisfy the ‘management and control’ test of Cypriot tax residency and thus gain benefits under the double tax treaties between Cyprus and various other countries, such as Russia [please see link “Status of Tax Residence”].

7.The proposed address of the registered office of the Company. It is advisable to use the registered office of our law firm for the purposes of practicality and communication with the Cypriot authorities.


The General Data Protection Regulation is a European Union law that was implemented May 25, 2018, and requires organizations to safeguard personal data and uphold the privacy rights of anyone in EU territory. The regulation includes seven principles of data protection that must be implemented and eight privacy rights that must be facilitated. It also empowers member state-level data protection authorities to enforce the GDPR with sanctions and fines. The GDPR replaced the 1995 Data Protection Directive, which created a country-by-country patchwork of data protection laws. The GDPR, passed in European Parliament by overwhelming majority, unifies the EU under a single data protection regime.

Any organization that processes the personal data of people in the EU must comply with the GDPR. “Processing” is a broad term that covers just about anything you can do with data: collection, storage, transmission, analysis, etc. “Personal data” is any information that relates to a person, such as names, email addresses, IP addresses, eye color, political affiliation, and so on. Even if an organization is not connected to the EU itself, if it processes the personal data of people in the EU (via tracking on its website, for instance), it must comply. The GDPR is also not limited to for-profit companies.

The GDPR allows the data protection authorities in each country to issue sanctions and fines to organizations it finds in violation. The maximum penalty is €20 million or 4% of global revenue, whichever is higher. Data protection authorities can also issue sanctions, such as bans on data processing or public reprimands.