Payment Services Regulatory Newsletter: November 2023
Welcome to November’s issue of our Payment Services Newsletter. This newsletter contains a round-up of regulatory articles that provide the latest insight into compliance issues and developments relevant to the payments industry.
As always, if you have any questions on the content in this edition of our Payment Services newsletter, then please contact us here and we will be happy to help with your enquiry.
sign up to our payment services updates
What’s the latest?
Since my last newsletter in June, the payments sector has had several noteworthy developments.
In this issue, we delve into how e-money issued by banks, as distinct from electronic money institutions (EMIs) might be treated in the future. We will also be looking at the Financial Conduct Authority’s (FCA) key findings from its multi-firm review of how firms mitigate the risks of APP Fraud and Fraud attacks across the financial industry.
We also shine a spotlight on Policy Statement PS23/13, unravelling the FCA's new application gateway for firms dealing with cryptoassets, and providing insights into good and bad practices observed in recent applications.
Safeguarding, once again takes centre stage with the FCA emphasising its importance for financial firms, urging diligence in processes and reconciliation to protect funds. We have recently published our top tips for firms undertaking a safeguarding audit, and so if you’d like to receive this, get in touch.
John Burns, Senior Adviser at Cosegic, recently penned an article underscoring the critical role of reading and understanding terms and conditions, as endorsed by the FCA and His Majesty's Treasury. Although a tedious task for many, not paying close attention to the fine print on a terms and conditions policy could have a major impact for any potential litigation with customers.
Lastly, mark your calendars for our Payments Forum on December 6th, where industry experts will discuss the FCA's focus on payments and safeguarding. So after all that, let’s waste no more time and dive in!
And the ‘EMI’ goes to…
Whilst much of the focus of the recent joint statement from the Prudential Regulation Authority (PRA), the Financial Conduct Authority (FCA) and the Bank of England (BoE) on the ‘Cross-authority roadmap on innovation in payments’ was on the treatment of Stablecoins, there was one area that certainly caught my attention... to read more click here.
Fraud Management
Fresh Off the Press: The FCA (‘regulator’) has recently published details of its key findings from its multi-firm review of how firms mitigate the risks of APP Fraud and Fraud attacks across the financial industry, with a keen lens on the payments industry i.e. Payment Service Providers including Banks, Building Societies and other businesses that provider payment accounts such as Electronic Money Institutions. The review involved the FCA’ own risk-based sampling of 12 current account providers, challenger banks and payment firms. The regulator utilised data submitted by firms in the FCA’s Payments Fraud Report which involved its analysis of data on fraud volumes, value and type.
Jaspreet Kaur, Senior Payments Consultant gives an in-depth analysis of what firms should do with this news and how implementing fraud management frameworks can mitigate risk here.
Payment reimbursement requirements
Earlier this year, the Payment Systems Regulator (‘PSR’ or the ‘regulator’) introduced its world-first reimbursement requirement (‘reimbursement’) to Authorised Push Payment Fraud (APP) victims and E-money Institutions, Payment Institutions (PSPs) and banks, in its Policy Statement on 7 June 2023 (‘Consultation’).
The Government has recognised the hardship caused to victims by APP fraud and instructed the PSR to introduce reimbursement through its Financial Services Market Bill. The new reimbursement right applies to consumers, microenterprises and charities (as defined by the regulator).
The new reimbursement requirement applies to payments sent and received by PSPs in the UK across the Faster Payments system (FPS), including payment initiation service (PIS) transactions venturing into the scope of Open Banking. For the avoidance of doubt, PSPs that do not operate the sending or receiving of a payment account are out of scope.
APP Fraud continues to be a hot topic in payments, with the policy proposals likely to have significant impact on PSPs and, as result, lead to further significant lobbying before they are finalised. To find out how reimbursement will work and who will feel the least pain, click here to read our article on the topic.
Sanctions compliance
The FCA published a report on the findings of its recent review of sanctions systems and controls in over 90 financial services firms. The review found that, while many firms have made significant improvements in their compliance with the sanctions regime, since the Russian invasion of Ukraine, there are still a number of weaknesses that need to be addressed. To read our article on the FCA's findings click here.
Policy Statement PS23/13
In the cryptoassets space, the FCA has published details of the new application gateway for firms that wish to apply to approve financial promotions for unauthorised persons including cryptoasset firms. Notably, this bites on any firm making a financial promotion in the UK, regardless of where in the world they may be domiciled. Those firms looking to apply for registration under the Money Laundering Regulations will be expected by the FCA to explain how they propose to address financial promotions as part of their application. For guidance on the information firms applying for S.21 approver permission will need to provide, read our article here.
Speaking of which, the FCA has this month provided a helpful update on good/bad practices it has seen in applications submitted to date. This is an essential first port of call for prospective applicants, supplemented of course by a conversation with one of our consultants.
We’ll also be commenting shortly on the latest proposals for the treatment of stablecoins, and the surprising talk of banks which issue e-money to separate that from their core business.
Let’s talk about Safeguarding…
There has been some considerable development regarding Safeguarding since my last newsletter. The Financial Conduct Authority (FCA) has stressed the importance of safeguarding for financial firms, identified in their Portfolio letter in March. The FCA identified a number of common issues, such as firms not having clear processes to protect funds or lacking proper reconciliation procedures. They want firms to be diligent in segregating funds from credit institutions. If there are breaches, firms and auditors must inform the FCA.
Today the FCA expects that a firm’s “proposed auditor has, or has access to, appropriate specialist skill in auditing compliance with the safeguarding requirements under the PSRs 2017 and EMRs.”
Certainly, we at Cosegic fit that bill, having conducted over 100 safeguarding audits for PSPs over the past three years. If you’ve yet to perform a safeguarding audit yourself (whether obliged to do so or not), or are considering a fresh approach, please do get in touch with me to explain our process and methodology in more detail.
Terms and Conditions…
I wanted to highlight a recent article published by John Burns, Senior Adviser at Cosegic whereby he highlighted the need for businesses to diligently read terms and conditions. The Financial Conduct Authority (FCA) and His Majesty’s Treasury (HMT) are strongly of the view that they are of real importance, particularly given the ability of firms to rely on them when in dispute with customers.
Payments Event Forum
On a more exciting note, I'm thrilled to announce our annual Payments Forum scheduled for December 6th at the Sofitel Hotel. Don’t miss your opportunity to register and attend this event as spots are filling quickly. During this forum, we will have a variety of guest speakers from the payments industry to discuss the FCAs focus on payments and Safeguarding.
Register Here
As ever, if you would like to discuss Payment Services, or any other aspect of your compliance, then please contact any member of the Team. Additionally, if there is any topic you would like us to cover in future editions of the newsletter, then please let me know.
sign up to our payment services updates