Keeping Payment and E-money Agents Compliant

Posted on: 28 September 2020

Written by: James Borley

Whilst commentary on the FCA’s updated guidance for payments firms in July focussed mainly on safeguarding and prudential requirements, there was a further, implicit, message for firms that seems to have passed without much comment. That is, the obligations of payments firms that allow their regulatory permission to be on an agency basis.

These ‘Payment Services Directive (PSD) Agents’ or ‘Electronic Money Directive (EMD) Agents’, collectively ‘Agents’, are able to conduct business, seemingly on behalf of one or more ‘Principal’ firms, to the extent of the permission held by the Principal firm. [Technically, EMD Agents require registration as an Agent only where they are providing unrelated payment services on behalf of a Principal. Where they are only distributing the e-money of the Principal, they are classed as ‘distributors’ and do not require to be registered with the FCA]. Where these arrangements exist, it is the Principal firm that must take responsibility for the actions of its Agent(s), as if it had carried on that business itself.

Thus, we find a specific statement in the FCA’s ‘Dear CEO’ letter of 9 July 2020 which says, “Principal firms should ensure their appointed agents comply with the contents of the letter that are relevant to them.” However, the FCA does not provide much in the way of guidance, other than reminding firms that relevant funds held by Agents are to be treated as funds held by the firm and subject to its safeguarding obligations. This means firms should have appropriate oversight of their Agent(s) with regards to their AML/financial crime processes.

Indeed, there is very little to be found within the Approach Document itself to give any Principal firm a framework through which they can effectively oversee the activities of an Agent. So, we need to look elsewhere across the FCA’s collection of publications for inspiration and possible direction of travel in the payments space.

The Principles for Businesses

In May 2019, the FCA released a ‘Dear CEO’ letter that addressed the failings of firms within the investment management sector. Similar to the comments made to payments firms in July this year, the FCA found that Principal firms failed to appropriately control and oversee their Appointed Representatives (ARs).

But what does the investment management sector and ARs have to do with payments firms and Agents? Well, to begin, they are both subject to the Principles for Businesses (‘the Principles’). The Principles were called out specifically in both 'Dear CEO' letters and there is a natural relationship between them due to the similarities between ARs and Agents. The definitions of ARs and Agents are very similar; both fulfil the specific function of carrying on regulated business activities on behalf of the Principal firm. As a result, ARs and Agents do not therefore need to be authorised in their own right. Indeed, ARs are also specifically exempt from authorisation under the Financial Services and Markets Act (FSMA). The FCA controls this by making the Principal firm completely liable for any regulatory business undertaken on its behalf, and any incident that occurs within the environment of the Agent.

Principles for Principals

Not dissimilar to how the FCA regulates the financial services market through ‘principles-based’ regulation, Principal firms should be regulating their Agent(s) through the Principles for Businesses as well. Many of the Principles for Businesses were called out in the investment firms’ space as clear failings by the Principal firm, and these can form a focus for payment/e-money Principals to evaluate their own controls.

Principal firms should oversee their Agents' compliance with the relevant guidance in the FCA’s Approach Document, however there are some principles that were specifically highlighted by the FCA in the May 2019 'Dear CEO' letter that still read across today, such as:

  • Principle 2 – skill, care, and diligence. The FCA identified that ARs (Agents) were conducting activities outside of their Principal firm’s core area of expertise and, more importantly, their permission. For example, an Agent cannot provide the payment service of money remittance if its Principal firm does not itself have authorisation to provide that service. Similarly, under the Electronic Money Regulations, an Agent is – technically – only able to act as such in relation to the principal firm’s payment services. With regards the issuance of e-money, an Agent (or ‘distributor’) is able only to distribute or redeem e-money that is issued by its Principal firm
  • Principle 3 – management and control. Key to the FCA’s findings, in both sectors, is the extent to which oversight of an AR/Agent’s activity is visible, effectively monitored and the relevant risks identified and mitigated
  • Principle 8 – conflicts of interest. The FCA identified that conflicts of interest, that are inherent in this model, are not accurately identified, logged or managed by Principal firms. Whilst FSMA firms may be familiar with this requirement this may be new for payments firms

What should I do?

There are a number of things you should consider if you have (or intend to have) Agents operating under your umbrella. Here are my top 5 ‘things to do’:

  1. Ensure they are ‘fit and proper’ before onboarding them, e.g. through credit checks, solvency checks, DSB checks, or other onboarding programme. The FCA will expect you to have done this before submitting an application to register the Agent

  2. Ensure what they are doing is consistent with your permission i.e. they are not providing a payment service that you are not already authorised/registered to provide yourself

  3. Ensure they remain ‘fit and proper’; you should be checking at least annually that nothing has changed in their circumstances since they were appointed

  4. Follow the money. If you are subject to safeguarding, you must ensure that any relevant funds received by your Agent(s) are accounted for in your own calculations

  5. Ensure they are compliant. As their Principal, the obligation is on you. Your Agents should be acting in accordance with the policies and procedures set by the Principal firm. You must create, implement and evidence a monitoring programme that provides you with the appropriate level of assurance, and which can be used to demonstrate to the FCA you have sufficient control and oversight over your Agent(s)

What’s next?

As I mentioned earlier, there are many corollaries out there. Recent history (e.g. the application of the Principles to payments firms) suggests that the payments sector is being brought more in line with the FSMA-related community and, as such, it would be prudent to start anticipating regulatory change by refence to what already exists for FSMA firms.

We provide specialised regtech services to help you to carry out due diligence on your Agents as part of their onboarding process. Our services reduce the time and cost of Customer Due Diligence and Enhanced Due Diligence, while also offering deeper risk insight and business intelligence to enable smarter risk and compliance decisions. Click here to find out more, alternatively, if you would like advice in relation to how you can retain a compliant agency network, please do get in touch with us, we would be happy to assist you.

Contact Us

James Headshot

James Borley

James, our Managing Director for Payment Services, is a highly qualified financial services expert and a familiar name to many in the payments and e-money community.

Contact James

Related resources

All resources
iStock 171292310 Article

Identifying the weaknesses in firms’ transaction reporting governance and control frameworks

iStock 1065111748 Event

Bitesize webinar: Establishing a robust prudential monitoring framework

iStock 486530768 Article

Operational Resilience: regulatory guidelines for critical third parties aim to avoid systemic disruption

Cosegic test Company news

Press Release: Cosegic launches new Consumer Duty audit.