Regulation & Policy Update: March 2021
Written by Andria Evripidou · March 30th, 2021
Being a data driven company, we want to support our customers in making informed decisions. The best decisions are not made in isolation but take into consideration the entire ecosystem. We operate in a regulated environment and as such the state of regulation remains a key consideration for all of us. This newsletter aims to do exactly this: provide you with an eagle’s eye view of the key regulatory developments in the UK and the EU.
This month we are submitting responses to CMA’s proposals around the future monitoring of its open banking remedies and The Payment Systems Regulator on consumer protection in interbank payments. The latest AML guidance has also been published by the EBA and we are taking a closer look on the Consumer Data Rights (CDR) in Australia.
We’re also keeping a keen eye on the Kalifa Review, the FCA and the PSR’s Confirmation of Payee consultation.
An in-depth look into the regulatory developments
The Future of the UK Open Banking Implementation Entity (OBIE)
Three years since its inception, the CMA now recognises that industry dynamics have changed and is consulting on the future role of the OBIE (the Future Entity). Amongst others, the CMA acknowledges that Open Finance will be the next step for the financial industry and sets as an objective for the Future Entity to pave the way for a new era of developments in the financial services. Some of the key recommendations made by the CMA include:
- The Future Entity should remain independently led and accountable to the CMA.
Our opinion: Great, we agree!
- Board and Advisory Committees to also include a consumer representative to ensure consumer needs are considered.
Our opinion: Absolutely, good idea.
- The funding of the Future Entity to be covered proportionally by Member Account Servicing Payment Service Providers (ASPSPs). A charge may be made for TPPs reflecting the additional services they receive from the Future Entity.
Our opinion: We are concerned with this proposal as the ecosystem is still new and fragile to impose a regulatory cost on smaller players.
- The current monitoring function for Open Banking implementation is sited in the Office of the Trustee rather than the OBIE and that this was seen as a means of emphasising its independence and impartiality, particularly since it was also able to support enforcement action by the Trustee himself. The CMA proposes that this remains to be the case.
Our opinion: We strongly believe that monitoring and enforcement are paramount to the success of Open Banking. We consider that the Future Entity and its Board should focus on strengthening this function.
Yapily has also published a more detailed discussion on the role and impact that the OBIE has had for the Open Banking world here. The consultation closes on the 29th March. If you would like to submit a response, you may find further details here or you can get in touch with us and we’d be happy to include your views in our own submission.
The Payment Systems Regulator: Consumer protection in interbank payments
The Payment Systems Regulator (PSR) has issued a PIS consultation on the level of protection that consumers receive when making interbank payments. The objective of the regulator through this consultation is to ensure consumers get enough protection when they make a payment from one bank account to another using interbank payment systems, particularly Faster Payments and by extension when using Open Banking.
Our opinion: We are strong supporters of the concept that buyers should be protected when making payments regardless of the payment instrument that they use and consider that such protections will give Open Banking customers more assurance going forward thus supporting wider adoption. However, we consider that there needs to be a proportionality element to the discussion on whether additional consumer protection measures are actually needed and justify the cost to the industry for implementing them.
The key findings by the regulator include:
- There is no protection that applies system-wide in interbank payments as there is when paying by cards (for example relating to chargebacks and refunds).
Our Opinion: Not exactly, the PSRs provide legal protections for wrongly executed payments regardless of payment type. The Customer is always entitled to a refund by their bank if ‘something has gone wrong with the payment’ and it was the PSPs fault. (see Regulation 91 of the PSRs 2017).
- The market is unlikely to improve the current level of protection for consumers on its own due to misaligned incentives of payment providers.
Our Opinion: This is inaccurate. PISPs have every incentive to ensure good consumer outcomes. PISPs must build trust with consumers if they are to be chosen at the checkout, above card payments.
- FPS rules may need to be adjusted to include more buyer protection safeguards, this may come at a cost.
Our Opinion: In principle, this is a good remedy but it may come at a cost that should be carefully considered from a competition point of view.
The consultation closes on the 8th April. If you would like to submit a response, you may find further details here or you can get in touch with us and we’d be happy to include your views in our own submission.
European Banking Authority - Revised Guidelines on AML/CTF
The EBA has published new Guidance on money laundering and terrorist financing risk factors that also apply to PIS and AIS providers. In summary, there’s no explicit exemption from AML requirements for either AISP or PISP, however, the EBA explicitly acknowledges that AIS/PIS has inherently low risk of ML/TF – which is a first. This means that the Due Diligence requirements based on the lower risk are at the Simple Due Diligence (SDD) level, which entails customer name verification and connected account access permission verification. This is a change from the previous more stringent Customer Due Diligence (CDD) requirements.
- For PIS, the EBA has clarified the PIS/Merchant relationship, noting that the PISP must perform customer due diligence on the Merchant, not the end-user.
- The EBA still requires AISPs/PISPs to monitor their systems for suspicious/unusual transactions, and to report them accordingly, but within the context of the risk levels of their business model.
- The EBA has acknowledged that if an NCA or member state has different rules for AML, then the national rules supersede the EBA’s guidance. So for those NCAs who have carved out AISP from the rule, eg., Denmark and Romania, those rules apply rather than the revised EBA Guidance.
If you would like to read more about the EBA’s decision, the Revised Guidelines can be found here.
Open Banking around the world: Australia
Open Banking is a growing sector in Australia. The key difference in its regulation is that it does not allow for PIS services in the way that it is described and enabled in the UK and EU. As of 1 July, 2020 Australia’s bank customers can give permission to accredited third parties to access their savings and credit card data. As of 1 November, 2020, they can also give permission to accredited third parties to access mortgage, personal loan and joint bank account data. Open Banking is the first sector of the Consumer Data Right. The CDR is envisaged to become an economy-wide system which will enable the safe and secure transfer of consumer data.
From an industry perspective, Open Banking has been slow to take off due to the infancy of the regulation (only introduced less than a year ago) and the relatively high cost of accreditation for TPPs. At the moment there are a handful of providers in Australia but this is expected to change as legislation allows more data to be incorporated into the Open Banking framework.
We’re keeping an eye on...
Five key themes a) policy and regulation, b) skills and talent c) investment d) international attractiveness and competitiveness and e) national connectivity. Within the policy and regulation umbrella, the Review proposed to form a coalition on Open Finance and a coalition on Digital ID.
FCA Consultation on 90 day reauthentication
The FCA is running a consultation on a number of amendments to existing payments regulations following Brexit. Some are quite important to us such as the removal of the 90 day re-authentication clause for AIS services.
Confirmation of Payee Consultation
This is a name checking service that requires the end user to input the name, sort code and bank account number before they initiate a transaction. Their bank then checks that the details match and let the customer know whether it would be safe to continue with the transaction. The PSR is consulting on extensions to this scheme.