Main regulatory topics about payment services

Web Payment Interest Group - Regulatory Issues Task Force

A first mapping of main regulatory topics

Approach statement

An attempt for mapping regulatory issues shall proceed starting form a mapping the different jurisdictions in order to list the main relevant topics, creating mandatory requirements for payment services.

These main topics ratione materiae may be relative to some major technical, legal or practical areas :

• Does it exist legal restrictions to such activities? or is any authorization required prior to provide such services in the juridiction?
• AML regulations and requirements: which are the mandatory rules to comply with?
• Technical requirements: does it exist any restriction or obligatioon about messaging standards? authentication? encryption? sensitive data protection?
• Consumer protection:

And it may be submitted to additional regulations, with a broader scope than payment services but strongly impacting such activities, such as : currency convertibility regulation, prevention of money laundering, data protection, ...

Scope of the first mapping

In order to keep such an inventory efficiently usable and feasable, it seems relevant to establish some common taxonomy for such requirements, a simple one distinguishing main topics and only one level of subtopics may be efficient for the first draft.

Such rules must be listed in accordance to the rules applying in each juridiction, this area being refferred to through the basic mapping established by the task force.

As a second output of these two mapping, the one about the geographical juridictions and the other about main regulatory topics, it will be possible to create "regional maps" listing mains rules to be comply with, about these main topics, in each of the main juridictions.

As a first example, there is a first scope of the Payment Services Regulation in the EU considered as the Single Euro Payment Area for Payment Services (the SEPA Aera is broader than the EU stricto sensu)

Draft inventory of main regulatory topics

This is a first draft, provided as a work in progress to be discussed. The goal at this stage is to list which questions may be relevant (or mandatory) in each jurisdiction. Such a list will help to focus on key points to be checked in reviewing the future standard, in order to prevent regulatory hindrances for a wider adoption. A good practice should be to make the framework of this list as much parallel as possible to the flow analysis diagram and the overview documents

• Definition of regulated Payment service activities
  • Sub definitions of payment services
    • payment transfer (push)
    • payment direct debit (pull)
    • card issueing/acquiring
    • payment account keeping
  • Regulatory limitation for providing such payment services
    • mandatory enrolment(s)
    • preliminary authorization(s)
    • initial requirements
    • ...

• Environmental regulations
  • Exchange control
  • Payment limitations to be guaranteed
  • AML
    • KYC
    • SAR's
    • Payment limitations
    • Mandatory information and data to provide inside messaging
  • ...

• Payment execution
  • Standard for messaging
  • Sensitive data regulations
  • Authentication
  • Encryption
  • Biometrics
  • Liability of the PSP
  • Liabilty toward the PSP

• Consumer protection
  • Privacy
  • Information
  • Repudiation of a payment order
  • Litigation

• Merchant's protection
  • Competition
  • Choice of the payment instrument
  • Information on each transaction
  • ...