These requirements appear to have been created to cater for situations whereby there is a 1 to 1 relationship between the card and the cardholder being used to make the purchase - and the associated card issuer has full information relating to the customer concerned. We (Citibank) are a Commercial Card issuer whereby our client is a corporate company and their employees are the cardholders. Therefore, we only have limited information about the cardholders in some cases because the liability for the product resides with their employer (our client) and not the cardholder. In the Commercial Cards world, there are many standard products or use cases where there is not a 1 to 1 relationship between the card and the person using it. For example, a Central Travel Account (previously known as a lodge card") is a single credit card that is held and used by a corporate clients Travel Management Company to book flights and hotels for any/all of that corporate clients employees. The Travel Management Company will also have a number of employees who will/may be executing the travel bookings on behalf of our mutual client/s. Therefore, we struggle to understand how in such cases in the Commercial Card world (in situations where there is not a 1 to 1 relationship between the card and the card user), how it is possible to comply with these new regulations. There are many similar use cases/products in the Commercial Card issuance world to that which I have described - and this challenge will apply to all Commercial Card issuers globally."
[Issuing of payment instruments and/or acquiring of payment transactions"]"