In this Newsletter:
- Regulatory Developments
- Payment Market Developments
- Surveys and Reports
For previous editions of the Global Payments Newsletter, please visit our Financial Services practice page.
United Kingdom: FCA publishes feedback statement on Open Finance
On 26 March 2021, the FCA published a Feedback Statement on Open Finance (FS21/7) following its December 2019 Call for Input.
Some of the key findings that the FCA draws out in its feedback statement are:
- A legislative framework would be needed for open finance to develop fully, both to provide any statutory right to data access and to support a regulatory framework.
- In addition to the regulatory framework, the following building blocks would be needed for a sustainable open finance ecosystem to develop – either in support of voluntary adoption or to support future legislation:
- consumer protections informed by an ethical framework;
- a liability model;
- common standards (for APIs and user experience);
- an implementation entity that is funded and governed equitably; and
- a digital I.D.
- Commercial incentives are crucial to ensuring the success of open finance.
- The FCA recognises that open finance would create or increase risks and raise new questions of data ethics – including in relation to vulnerable and digitally excluded consumers - which need to be considered from the start as part of any system design to ensure the all-important customer buy-in.
- A ‘big bang’ approach to open finance is neither feasible or desirable. Many respondents highlighted the need for a phased delivery with a transparent approach to understanding industry costs and clear governance, and broad industry consultation to support the development of any open finance roadmap and its accompanying ecosystem, including API standards and specifications. Implementation of open finance should be:
- proportionate;
- phased; and
- ideally driven by consideration of credible consumer propositions and use cases (ie balancing the cost and complexity of implementation with the potential consumer benefit).
The feedback statement sets out a number of proposed next steps for the FCA, including working closely with the Department for Business, Energy & Industrial Strategy (BEIS) and HM Treasury in the coming months to assess the need for and feasibility of any secondary legislation.
For more on the feedback statement, take a look at our Engage article.
Progressing open finance as a mandatory regime in alignment with other Smart Data initiatives is one of the recommendations in the Policy and Regulation chapter of the recently published Kalifa Review of UK FinTech. Rachel Kent of Hogan Lovells is the vice-chair of this chapter alongside the Chair, Dr Kay Swinburne. Take a look at the recording of our recent webinar on the Kalifa Review and open finance for more on the Review’s recommendations.
South Korea: Financial Services Commission introduces new anti-money laundering rules for digital currency companies
On 25 March 2021, South Korea’s new anti-money laundering rules came into effect. The new rules extend anti-money laundering requirements to digital currency companies and other virtual asset service providers (VASPs).
Some of the key provisions include:
- A requirement for VASPs to register with the Korea Financial Intelligence Unit before commencing operations;
- A requirement for registered VASPs to report suspicious transactions and to verify customer identities; and
- The Korea Financial Intelligence Unit will carry out inspection and supervision on VASPs with regard to their compliance with the new anti-money laundering rules.
Crypto companies engaging in custody, trading, sales, exchange, and digital wallet services have a six-month grace period, until 24 September 2021, to register with the Korea Financial Intelligence Unit before facing potential sanctions for non-compliance.
Europe: European Commission publishes consultations and strategy on instant payments
On 31 March 2021, the European Commission published a public consultation on instant payments. The consultation follows from a December 2018 communication in which the European Commission expressed support for a fully integrated instant payments framework in the EU, and the Commission's September 2020 communication on an EU retail payments strategy. Note also that on 11 March 2021, the Commission published its roadmap for an EU-wide instant payments scheme for consultation, as reported in the March 2021 Global Payments Newsletter.
The aim of the consultation is to inform the European Commission on remaining obstacles, as well as possible enabling actions, to ensure a wide availability and use of instant payments in the EU.
The consultation is aimed at a broad range of users, including payment service providers (PSPs) and consumers. Respondents are required to answers a series of questions regarding their preferences for a possible future instant payments framework, factors that would incentivise them to support such a framework, and any objections.
Following the consultation, the European Commission hopes to be in a position to decide whether EU-coordinated action and / or policy measures are necessary to ensure an adequate number of EU PSPs offer instant credit transfers. The consultation is open until 23 June 2021.
The public consultation is designed to supplement a targeted consultation which was published by the Commission on 24 March 2021. This consultation is seeking feedback on technical issues relating to the instant payments initiative. It was published alongside the Commission’s strategy for the EU’s instant payments initiative which, among other things, sets out the background to the consultation and explains the type of information the Commission is looking for from stakeholders. The targeted consultation is open until 2 June 2021.
France: Government publishes Order on the systems and internal controls to fight against money laundering and terrorist financing
On 1 March 2021, an Order dated 25 February 2021 (the Order), amending the Order of 6 January 2021 relating to systems and internal controls to fight against money laundering and terrorist financing (AML/TF) and asset freezing measures, was published in the Official Journal of the French Republic.
The purpose of the Order is to harmonise the Order of 6 January 2021 and the Order of 3 November 2014 on internal control of undertakings in the banking, payment services and investment services sector subject to supervision by the Autorité de contrôle prudentiel et de résolution (ACPR), and to ensure consistency under the French AML/TF regime applicable to financial institutions.
United Kingdom: Government updates AML/CTF instruments
On 24 March 2021, HM Treasury updated its Advisory Notice on money laundering and terrorist financing controls in overseas jurisdictions, following two statements published by the Financial Action Task Force (FATF) on 25 February 2021 which identified jurisdictions with strategic deficiencies in their AML/CTF regimes.
A day later on 25 March 2021, the Government published the Money Laundering and Terrorist Financing (Amendment) (High-Risk Countries) Regulations 2021 (SI 2021/392) together with an explanatory memorandum. The Regulations insert a new Schedule 3ZA into the Money Laundering Regulations 2017, which sets out a list of high-risk third countries, and revoke the retained EU law version of Commission Delegated Regulation (EU) 2016/1675 which set out the list of third countries identified by the European Commission as high risk.
Singapore: Monetary Authority of Singapore releases new guidance on anti-money laundering controls for the Digital Payment Token sector
On 26 March 2021, the Monetary Authority of Singapore released new guidance on strengthening anti-money laundering controls in the Digital Payment Token (DPT) sector. The guidance is intended to raise industry awareness among DPT service providers of sectoral money laundering and terrorism financing risks, and provide additional information to support their implementation of effective controls.
Entities that deal in DPT, facilitate the exchange of DPT, facilitate the transmission of DPT and/or provide custodian wallet services will be required to be licensed as DPT service providers and comply with anti-money laundering requirements. DPT service providers should also have a formalised approach to identify and assess money laundering and terrorism financing risks before offering new products.
The new guidance should be read in conjunction with Notice PSN02 on the Prevention of Money Laundering and Countering the Financing of Terrorism – Digital Payment Token Service and accompanying guidelines.
Global: FATF launches project to mitigate unintended consequences of incorrect implementation of AML/CTF standards
On 18 March 2021, the Financial Action Task Force (FATF) published a press release announcing that it has launched a new project looking into the unintended consequences resulting from the incorrect implementation of its AML/CTF standards.
The project will focus on four key areas:
- De-risking, which has affected non-profit organisations, money value transfer service providers, and correspondent banking relationships;
- Financial exclusion of individuals from the formal financial system;
- Suppression of non-profit organisations or the non-profit sector as a whole through non-implementation of the FATF’s risk-based approach; and
- Threats to fundamental human rights stemming from misuse of the FATF AML/CTF standards.
The FATF welcomed input into the first stages of the project by 20 April 2021.
France: Government publishes Decree on fight against the anonymity of virtual assets and strengthening the national AML/CTF regime
On 4 April 2021, Decree No. 2021-387 of 2 April 2021 on the fight against the anonymity of virtual assets and strengthening the national AML/CTF regime was published in the Official Journal of the French Republic.
The decree amends the existing AML/CTF regime concerning virtual assets, in particular by:
- Clarifying the prohibition on the use of anonymous e-money for the purchase of digital assets; and
- Imposing an obligation on digital asset service providers to identify their customers prior to any occasional transaction.
The decree entered into force on 5 April 2021, except for the provisions on the verification of the identity of occasional clients and their beneficial owners which will enter into force on 1 May 2021.
Italy: FIU publishes communication on new potential AML risks
On 11 February 2021, the Italian Financial Intelligence Unit (FIU) published a communication focusing on the new potential money laundering risks arising directly or indirectly from the COVID-19 pandemic, and stressing the need for intermediaries to calibrate AML measures in the most efficient manner and promptly report suspicious transactions.
As a follow-up to a communication on the same topic last year, the FIU illustrated, on a non-exhaustive basis, potential new risks also arising from the legislative measures adopted by the Government to manage the emergency, such as tax incentives and related sale of tax receivables, non-repayable contributions and/or financing guaranteed by the State. In addition, the increase in e-commerce transactions, innovative mobile payments and online gaming might entail potential risks which must be taken into account for AML purposes.
Europe: EBA publishes consultation on revising risk-based supervision guidelines under MLD4
On 17 March 2021, the EBA published a consultation paper on proposed changes to its guidelines on the risk-based supervision of credit and financial institutions’ compliance with AML/CTF obligations under MLD4.
The proposed changes address the key obstacles to effective AML/CTF supervision identified during the EBA’s review of the existing guidelines. No changes to the basic concepts and a 4-step approach to supervision developed in the original guidelines have been proposed. This means that risk-based supervision should continue to be based on the AML/CTF risk assessment carried out by competent authorities.
The EBA will hold a virtual public hearing on the draft guidelines on 22 April 2021. The consultation closes on 17 June 2021. The final guidelines will come into effect three months after publication.
Global: FSB publishes speech on key areas of focus in 2021, including cross-border payments
On 30 March 2021, the Financial Stability Board (FSB) published the text of a speech given by its Chairman, Randal K. Quarles, detailing the FSB’s priorities for 2021. The speech identified non-bank financial intermediation and cross-border payments as the two key areas of focus.
Following positive feedback from G20 leaders, the FSB will begin implementing the ‘building blocks’ of its multi-year roadmap on enhancing cross-border payments, working collaboratively with the Committee on Payments and Markets Infrastructures of the Bank for International Settlements. It plans to publish a consultation paper in May 2021 and deliver a final set of cross-border payments targets to the G20 in October 2021.
Despite the FSB’s desire to enhance cross-border payments, the speech recognises that the COVID-19 pandemic has resulted in an increase in cybersecurity incidents. To begin to address this, the FSB is focused on achieving greater convergence in areas such as regulatory reporting of cyber incidents, and it will deliver recommendations to the G20 in October 2021.
Thailand and Vietnam: Central banks launch interoperable cross-border QR payments system
On 1 April 2021, it was reported that the Bank of Thailand and the State Bank of Vietnam have launched an interoperable cross-border payments system that enables individuals travelling between the two countries to make QR code-based payments for goods and services using their mobile banking app.
The service currently targets merchants in tourist destinations and economic centres, to meet the needs of specific groups such as Vietnamese citizens working in Thailand and Thai citizens working in Vietnam. The central banks forecast that the QR functionality will be particularly useful once international travel resumes, as Vietnam and Thailand are popular tourist destinations.
At launch, the service will support transactions made by customers of one Thailand-based bank and three Vietnam-based banks, with plans to expand when COVID-19 restrictions relax.
Thailand and Singapore: Bank of Thailand and Monetary Authority of Singapore partner to link national payment systems
On 25 March 2021, it was announced that the Bank of Thailand and the Monetary Authority of Singapore have partnered to link the two countries’ national payment systems, PayNow in Singapore and PromptPay in Thailand, to deliver near-real-time cross-border transfers. The goal of the project is to facilitate quicker and cheaper remittances.
The move aligns with Thailand and Singapore’s economic strategies. According to JP Morgan in its 2020 E-commerce Payments Trends reports, Thailand is the second largest e-commerce market in Southeast Asia, with cross-border spending making up 50% of the country’s total e-commerce spend. Similarly, cross-border shopping is a defining feature of Singapore’s e-commerce market.
The linkage will go live during mid-2021, with a small group of banks participating in both countries. Over time, the regulators plan to onboard more banks and other financial institutions, and are considering expanding the project to other central banks in the Asia-Pacific region.
United Kingdom: PSR publishes annual plan and budget for 2021/22
On 24 March 2021, the Payment Systems Regulator (PSR) published its annual plan and budget for 2021/22. The plan outlines the PSR’s strategy for the coming year, including key aims, activities and expected costs. The PSR’s overarching aim is to focus on work that will improve outcomes by encouraging competition and innovation, and putting the interests of payment systems users first.
Key priorities include:
- Considering payment alternatives to card or cash payments to overcome barriers to bank-to-bank payments playing a greater role in everyday payments;
- Ensuring the successful renewal of the UK’s interbank payment systems by Pay.UK;
- Overseeing Pay.UK’s management of the New Payments Architecture programme and exploring ways to lower risks to its successful delivery;
- Tackling authorised push payment (APP) scams, following its call for views published in February 2021;
- Publishing and consulting on a remedies paper containing proposals to help merchants get a better deal for card-acquiring services; and
- Working closely with HM Treasury, the Bank of England and the FCA through HM Treasury’s Cryptoassets Taskforce to develop a UK regulatory regime for cryptoassets and stablecoins.
The PSR plans to publish its annual performance report against its plans for 2020/21 during the summer of 2021.
Europe: Council of the EU adopts conclusions to the European Commission’s Retail Payments Strategy
On 22 March 2021, the Council of the EU (the Council) announced that it had published and adopted its conclusions on the retail payments strategy for the EU presented by the European Commission in September 2020.
The Council fully supports the overall aims of the strategy, such as ensuring a competitive and innovative retail payments market in the EU, promoting the uptake of instant payments, and creating the conditions for the development of EU-wide payment solutions to decrease the EU’s dependency on major global players in this area.
The conclusions are organised under four pillars of strategic action, namely:
- Addressing issues related to increasingly digital and instant payment solutions;
- Innovation and competitiveness issues;
- Ensuring access to and interoperability of retail payment systems and other support infrastructures; and
- Improving payments with countries outside the EU.
The Council requested the European Commission to undertake a comprehensive review of PSD2 to take account of developments in the market and the challenges encountered in its implementation. The Council also considered that legislative action may be needed to promote adherence to the SEPA Instant Credit Transfer scheme.
Italy: Ministry of Economy and Finance adopts new rules on comparison websites under PAD
On 18 March 2021, the Ministry of Economy and Finance adopted new rules on comparison websites in accordance with the EU Payment Accounts Directive 2014/92/EU (PAD). Under PAD, payment service providers (PSPs) offering payment accounts to consumers must participate on one or more websites comparing payment account offers, to which consumers have access free of charge.
In Italy, PAD was implemented under the Italian Consolidated Banking Act (CBA). Secondary measures implementing PAD have now been set out under a Ministerial Decree of 22 December 2020, published in the Italian Official Gazette on 18 March 2021.
The new rules require owners of comparison websites to obtain a yearly attestation of conformity, following a specific assessment procedure set out in the Decree. The conformity assessment will have to be filed with the Bank of Italy by 31 December each year.
For further information, see this Engage article.
Austria: Financial Market Authority implements SCA requirement for card payments in the e-commerce sector
On 15 March 2021, the Austrian Financial Market Authority announced that strong customer authentication (SCA) will now be required by law for card payments in the e-commerce sector.
The requirement for SCA was introduced under PSD2 and was initially supposed to be implemented by all companies by 14 September 2019. In Austria, SCA for accessing a payment account, electronic transfers and for point of sale payments has been required since that date. However, the deadline for implementation of SCA for e-commerce card payments had been extended to 15 March 2021.
Russia: Bank of Russia reduces maximum bank fees for transactions via its Faster Payments System
On 29 March 2021, the Bank of Russia announced that it has reduced the maximum fees that banks can charge to trade and service companies for transactions via its Faster Payments System. Fees will now be capped at RUB 1,500.
The Faster Payments System is a Bank of Russia service that lets individuals make instant interbank transfers to themselves or others using a mobile phone number. Banks generally charge trade and service companies fees for transactions via the service.
Previously, the fee threshold was not fixed and varied from 0.4% to 0.7% of the transaction amount, depending on the payment activity. It is hoped that the new cap will enable companies to decrease their costs when selling high-value goods and will encourage more extensive use of the Faster Payments System.
The decision will become effective on 1 October 2021. Also from 1 October 2021, similar fees will be set for payments to the self-employed. Payments by individuals via the Faster Payments System will remain free of charge.
United Kingdom: Bank of England updates payment and settlement webpage
On 1 April 2021, the Bank of England updated its payment and settlement webpage with information on omnibus accounts for payment systems operators and prefunding accounts. The website now contains dedicated sections for both topics.
With respect to omnibus accounts, the Bank of England makes clear that a payment system operator has to be recognised under the Banking Act 2009 to be eligible to hold an omnibus account. Organisations interested in applying for an omnibus account should contact the Bank of England directly.
The Bank of England also highlights that it has created special prefunded accounts for direct settlement participants to hold funds to cover the maximum possible net debit positions they could reach in certain retail payment systems.
United Kingdom: Lending Standards Board publishes Call for Input on the CRM Code for APP scams
On 31 March 2021, the Lending Standards Board (LSB) published a Call for Input on the Contingent Reimbursement Model Code for Authorised Push Payment (APP) scams (CRM Code). The Call for Input follows the LSB’s review of the CRM Code in January 2021 and is open to CRM Code signatories, other firms, consumer representatives and the industry more generally.
At the time of issuing its review, the LSB did not have sufficient evidence to make informed policy decisions about some key areas of the CRM Code. The Call for Input therefore focuses on the following topics:
- That the scope of the CRM Code should more fully reflect the evolving nature and complexity of APP scams to ensure that it is able to remain relevant and in line with developments in the wider payments landscape;
- That the CRM Code should recognise the wider range of participants within the payments industry whilst ensuring that it retains a consistent approach to the standards of protections provided; and
- That the CRM Code should more fully reflect the roles and responsibilities of receiving firms in the customer payment journey, in particular how the CRM Code can balance responsibilities of parties in the payment journey, especially beyond the traditional three-party payment model.
The Call for Input closes on 26 May 2021.
Switzerland: SIX Swiss Exchange launches high-level public consultation on proposed changes to the Swiss Payment Standards 2022
On 6 April 2021, the SIX Swiss Exchange launched a high-level public consultation on its proposed changes to the Swiss Payment Standards 2022. The Swiss Payment Standards are intended to govern customer-bank data exchanges based on the Independent Sales Organisation (ISO) standards relating to payments and cash management (ISO 20022). ISO 20022 changed in 2019, triggering the need for an update to the Swiss Payment Standards.
The consultation describes planned changes to four documents:
- The Swiss Business Rules;
- The Swiss Implementation Guidelines for Credit Transfers;
- The Swiss Implementation Guidelines for Cash Management; and
- The Swiss Implementation Guidelines for Status Report.
The consultation closed on 20 April 2021. A second consultation will be launched in May 2021, and the publication of new Swiss Payment Standards 2022 documents is expected in July 2021.
Italy: Council of State suspends establishment of the Italian UBO Register
On 19 March 2021, the Council of State suspended the adoption of its opinion on the Ministry of Economy and Finance’s draft decree on the functioning of the Italian Register of ultimate beneficial owners (UBO Register).
Following the implementation of MLD4 and MLD5 in Italy, the Ministry of Economy and Finance was to adopt a dedicated decree to set up the UBO Register. In December 2019, the Ministry of Economy and Finance submitted a draft decree to the Council of State for its opinion. The draft set the deadline for the first reporting to the UBO Register as 15 March 2021.
However, the Council of State pointed out certain procedural and legislative shortcomings and has suspended the adoption of its opinion until the Ministry of Economy and Finance provides clarifications.
See this Engage article for further information.
United Kingdom: Government launches Digital Markets Unit
On 7 April 2021, the Digital Markets Unit (DMU) was established within the Competition and Markets Authority (CMA). It has been established on a non-statutory basis, pending legislation to put it on a statutory footing and giving it its own enforcement powers.
The scope of the DMU's powers is yet to be confirmed, but it is envisaged that its principal role will be to produce and enforce individual codes of conduct to govern the behaviour of companies designated as having Strategic Market Status (SMS).
The Government will consult later this year on the design of the DMU before legislating to put it on a statutory footing as soon as Parliamentary time allows. It is anticipated that the DMU will not be fully operational before 2022.
In preparation for the consultation, the DMU’s terms of reference were recently published. The terms of reference indicate that the non-statutory DMU will focus on preparatory work for the statutory regime, supporting and advising the Government on the statutory regime, gathering evidence on digital markets and engaging stakeholders.
For further information, see this Engage article.
Japan: Government announces effective dates for amended Data Privacy laws
On 24 March 2021, the Government released the effective dates of substantial amendments to the Japanese Act on the Protection of Personal Information (APPI), requiring companies to take certain additional measures to protect the personal data of data subjects.
Key provisions that have been amended include:
- The concept of Pseudonymously Processed Information;
- Provisions on mandatory breach reporting;
- Personal-related information; and
- The extraterritorial applicability of the APPI.
The full revised APPI will come into effect on 1 April 2022, although some parts are effective earlier. For further information, take a look at this Engage article.
You may also be interested in our recently published Asia Pacific Data Protection and Cyber Security Guide 2021.
Global: G20 publishes communique from April 2021 meeting of finance ministers and central bank governors
On 8 April 2021, the G20 published a communique following a virtual meeting of finance ministers and central bank governors on 7 April 2021. Among other items, the G20:
- Committed to the timely and effective implementation of its roadmap to enhance cross-border payments;
- Looked forward to the FSB’s progress report on how regulatory, supervisory and oversight frameworks address so-called “global stablecoins”, and to a broad discussion on the cross-border use of central bank digital currencies and wider implications for the international monetary system; and
- Reaffirmed its support for the Financial Action Task Force (FATF) as the global standard-setting body for preventing and combating money laundering, terrorist financing and proliferation financing, and expressed interest in the outcomes of the FATF’s ingoing work on digital transformation in the context of tackling financial crime.
United Kingdom: FCA extends COVID-19 guidance on cancellations and refunds
On 1 April 2021, the FCA published finalised guidance on refund requests following cancellations during the COVID-19 pandemic. The guidance is aimed at credit and debit card firms and insurance providers, and is an extension of the guidance published in October 2020 which was due to expire on 2 April 2021. The consultation on the extended guidance was covered in February’s Global Payments Newsletter.
The guidance is effective from 2 April 2021. The FCA will continue to keep it under review in light of how the COVID-19 situation develops.
United Kingdom: FCA, PRA and Bank of England policy statements on operational resilience and PRA policy statement on outsourcing and third party risk management
On 29 March 2021, the FCA (PS21/3), the PRA (PS6/21) and the Bank of England published policy statements and supervisory materials setting out their final rules and guidance on operational resilience, including a Joint Covering Document on Impact Tolerances for Important Business Services. The authorities are introducing a new operational resilience framework for firms and financial market infrastructures (FMIs).
The policy statements follow the regulators’ December 2019 consultations on new rules and guidance on operational resilience, which were reported on in the December 2019 Global Payments Newsletter. For more background on the consultations, see this Engage article.
The new rules will come into effect on 31 March 2022, by which date firms and FMIs will need to have identified their important business services and set impact tolerances. This will be followed by a three-year transitional period, ending on 31 March 2025. By the end of the transitional period, firms and FMIs should have in place sound, effective, and comprehensive strategies, processes and systems enabling them to address risks to their ability to remain within their impact tolerance for each important business service.
Also on 29 March 2021, the PRA published Policy Statement PS7/21 on outsourcing and third party risk management. It has revised the final policy, as against its December 2019 consultation paper CP30/19, by:
- Amending the scope so that firms should assess the materiality and risks of all third party arrangements, irrespective of whether they fall within the definition of outsourcing;
- Clarifying that firms should make the PRA aware if a third party service provider in a material outsourcing (or other third party) arrangement is unable or unwilling to include certain terms within the contract that reflect the firm's obligations; and
- Explaining that firms should adopt a risk-based approach to the location of data that allows them to leverage the operational resilience advantages of outsourced data being stored in multiple locations while managing relevant risks.
Appendix 1 to PS7/21 contains the supervisory statement on outsourcing and third party risk management (SS2/21), which firms are expected to comply with by 31 March 2022. Outsourcing arrangements entered into on or after 31 March 2021 should meet the expectations in SS2/21 by 31 March 2022. Firms should seek to review and update legacy outsourcing agreements entered into before 31 March 2021 at the first appropriate contractual renewal or revision point to meet the expectations in in SS2/21 as soon as possible on or after 31 March 2022.
The PRA is planning a follow-up consultation setting out detailed proposals for an online portal which all firms would need to populate with certain information on their outsourcing and third party arrangements.
Global: BCBS publishes principles for operational risk and operational resilience
On 1 April 2021 and following a consultation in August 2020, the Basel Committee on Banking Supervision (BCBS) published the Principles for Operational Resilience (Principles), which aim to increase the capacity of banks to withstand disruptions caused by severe adverse events.
The Principles are largely derived from existing guidance on outsourcing, business continuity and risk management-related guidance issued by the BCBS or national supervisors. They cover a variety of categories including business continuity planning and testing, mapping of interconnections and interdependencies of critical operations, and third-party dependency management.
United Kingdom: FCA publishes policy statement on extending annual financial crime reporting obligation
On 31 March 2021, the FCA published Policy Statement PS21/4 on extending its annual financial crime reporting obligation. The FCA's annual financial crime reporting obligation (known as REP-CRIM) is set out in its Supervision manual (SUP) at SUP 16.23.
The policy statement follows FCA Consultation Paper CP20/17 in August 2020, which proposed to extend the scope of firms required to provide the FCA with REP-CRIM information to include firms that carry on regulated activities that it considers potentially pose higher money laundering risk.
As a result, the policy statement confirms that more entities will fall within the scope of the REP-CRIM obligations. This includes:
- certain FSMA authorised firms falling within the scope of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692) (MLRs) that either hold client money or assets or carry on an activity that the FCA considers poses higher money laundering risks;
- all payments institutions (subject to certain exceptions) and all e-money institutions;
- all Multilateral Trading Facilities;
- all Organised Trading Facilities; and
- all cryptoasset exchange providers and custodian wallet providers.
The FCA has, however, removed ‘home finance mediation’ and ‘making arrangements with a view to transactions in investments’ (both as defined in the FCA Handbook Glossary) from the scope of the reporting obligations.
Entities newly within the scope of the REP-CRIM obligations must submit their first reports within 60 business days of their first accounting reference date after 30 March 2022.
Europe: European Commission publishes roadmap on cross-border law enforcement access to bank account registries
On 31 March 2021, the European Commission published a roadmap on cross-border investigations and law enforcement access to interconnected bank account registries. The initiative forms part of the Commission's AML/CTF action plan.
The European Commission plans to implement the roadmap by amending Directive (EU) 2019/1153 on the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences. Some of the aims of the roadmap include:
- Contributing to the prevention, detection and investigation of serious and organised crime by enabling law enforcement authorities to obtain direct access to information on the identity of holders of bank and payments accounts in other Member States;
- Improving access for national authorities to the interconnection of national centralised bank account registers to significantly improve the capacity of these authorities;
- Quick access to information on where criminals and terrorists keep or hide their funds or assets to ensure more timely information for requests for freezing orders; and
- Smooth and fast access to the information found in the registries held by other Member States to provide direct operational support to law enforcement authorities.
The roadmap is open for feedback until 28 April 2021.
United Kingdom: PSR board supports enforcement team’s development of high-level strategic approach to enforcement
On 1 April 2021, the PSR published minutes of its board meeting on 20 January 2021. Among other items, the board discussed the PSR’s current and future enforcement work. The board was invited to consider whether, in light of the PSR’s ongoing strategy work, the enforcement team should begin work on developing a new, high-level enforcement approach to help direct its future decision-making and ensure that it is aligned with the overall PSR strategy.
The board supported the enforcement team's proposal and indicated that any strategic approach should cover decisions made both before and after the opening of an enforcement investigation. It also noted that enforcement is an important regulatory tool and that the taking of formal enforcement action in suitable cases sends important messages to industry.
United Kingdom: FMLC responds to HM Treasury consultation on regulatory approach to cryptoassets and stablecoins
On 19 March 2021, the Financial Markets Law Committee (FMLC) published its response to HM Treasury’s consultation on the UK regulatory approach to cryptoassets and stablecoins (reported in the January 2021 Global Payments Newsletter).
In its response, the FMLC highlighted a number of legal uncertainties, including:
- The lack of clarity surrounding the definition of a ‘token’;
- Difficulties arising from interpreting definitions under existing financial regulation in the context of token arrangements;
- The possible overlap of the new regime for stablecoins with the existing regime under the Electronic Money Regulations 2011; and
- Difficulties arising from the application of concepts present in financial services regulation which reflect the traditional market infrastructure of intermediated securities, most of which cannot readily be applied to a DLT context.
Russia: Bank of Russia announces plans for a prototype digital ruble by the end of 2021
On 8 April 2021, the Bank of Russia announced its plans to build a prototype digital ruble by the end of 2021. The bank will use a two-tier retail model, in which it will act as both the issuer of digital rubles and the operator of the platform. Commercial banks will be able to use the platform to open digital wallets for their clients, as well as to perform banking operations.
It is likely that the Bank of Russia will use open source code to build its own proprietary DLT platform for the ruble.
Global: FATF publishes consultation on updated guidance on virtual assets and virtual asset service providers (VASPs)
On 19 March 2021, the Financial Action Task Force (FATF) issued a public consultation on proposed revisions to its 2019 guidance on the risk-based approach to virtual assets and VASPs. The proposed changes to the FATF’s pre-existing guidance aim to maintain a level playing field for VASPs, based on the financial services they provide in line with existing standards applicable to financial institutions and other AML/CTF-obliged entities, as well as minimizing the opportunity for regulatory arbitrage between sectors and countries.
The consultation focuses on a number of questions, including:
- Does the revised guidance on the definition of VASP provide more clarity on which businesses are undertaking VASP activities and are subject to the FATF Standards?
- What are the most effective ways to mitigate the money laundering and terrorist financing risks relating to peer-to-peer transactions (i.e., virtual asset transfers conducted without the use or involvement of a VASP or other obliged entity, such as virtual asset transfers between two unhosted wallets)?
- Does the revised guidance provide clear instruction on how the FATF Standards apply to so-called stablecoins and related entities?
The consultation closed on 20 April 2021. At this stage, the FATF has not approved the current draft of the guidance and will make any further amendments at its June 2021 meeting.
United Kingdom: PRA publishes policy statement on depositor protection identity verification
On 24 March 2021, the PRA published Policy Statement PS4/21 on depositor protection identity verification. The changes, which came into force on 29 March 2021, relate to the timing of identity verification required for eligibility of depositor protection under the Financial Services Compensation Scheme (FSCS) and amendments to the PRA's expectations set out in its supervisory statement on depositor and dormant account protection (SS18/15).
The policy statement follows the PRA’s Consultation Paper CP3/21, which was reported on in the February 2021 Global Payments Newsletter.
United Kingdom: PRA publishes consultation on regulated fees and levies for 2021/2022
On 8 April 2021, the PRA published a consultation paper on its fees for 2021/22. The PRA’s proposed provisional Annual Funding Requirement for 2021/22 is GBP 291.6m, an increase of GBP 27.2m (10%) from the 2020/21 budget.
For the 2021/22 fee year, the PRA proposes to remove:
- the separate EU Withdrawal Fee that has been in place since the 2017/18 fee year, to reflect this work moving into ‘business as usual’ activity; and
- the 50% and 90% discounts on period fees for former passporting firms as a result of their change in status following the end of the Brexit transition period.
The consultation closes on 20 May 2021. The PRA proposes to publish the changes resulting from the consultation on 6 July 2021 and they are expected to be effective from 8 July 2021.
United States: New York MTA to phase out MetroCard as contactless payments increase
On 12 March 2021, it was reported that New York’s Metropolitan Transit Authority (MTA) will phase out its thirty-year-old MetroCard by 2023, as contactless payments become increasingly popular. Contactless payments rose from 4% in 2020 to 10% in 2021. The MTA has recently completed the installation of Omny contactless readers at all subway and bus stations.
Poland: Zrzutka.pl launches deposit card that allows users to make contactless payments without a terminal
On 22 March 2021, it was reported that Zrzutka.pl, a Polish crowdfunding service, has launched a deposit card that can initiate payments without a terminal. The payments can either work through Near-Field Communication or by scanning a QR code. The company aims to issue 10,000 deposit cards in Poland by the end of 2021.
Global: Visa will enable Bitcoin purchases on its payment platform
On 17 March 2021, Visa’s CEO Al Kelly announced that Visa is working with 35 partners in the cryptocurrency industry to integrate Bitcoin into their payment platform. Customers worldwide will be able to trade in Bitcoin, as well as convert Bitcoin funds into fiat.
Saudi Arabia: Geidea launches end-to-end payment solution for merchants
On 23 March 2021, it was reported that Geidea, a fintech company, has acquired a licence from the Saudi Central Bank to process end-to-end payments directly to merchants. This is supplemented by a ‘tap on phone’ feature for contactless payments, which will enable SMEs to more easily process customer payments. All transactions will be settled through Geidea’s app.
Romania: CEC Bank launches Open Banking solution
On 26 March 2021, CEC Bank announced that it has started to offer access to accounts from nine other Romanian banks through Open Banking. The bank plans to extend Open Banking to more banks in the future. External accounts can be added directly from CEC Bank’s mobile app.
Germany: Bundesbank partners with German authorities to develop technology bridging blockchain and Euro
On 24 March 2021, it was reported that the Bundesbank, Deutsche Börse and the German government’s debt agency have partnered to develop technology enabling investors to buy and sell securities on the blockchain in return for central bank money. The solution utilises distributed ledger technology to settle trades between cryptocurrency and Euro.
United States: PayPal launches cryptocurrency checkout service
On 30 March 2021, it was reported that PayPal will begin allowing US customers to use cryptocurrency for payments. The service works by giving customers the option to convert their cryptocurrency holdings into fiat currencies at checkouts, and will be available at 29 million merchants worldwide. For the moment, PayPal will accept payments in Bitcoin, Ether, Bitcoin Cash and Litecoin.
Malaysia: Selangkah launches app enabling businesses to access digital and cashless payments
On 22 March 2021, it was reported that Selangkah, a public health initiative platform to ensure the health and safety of the community when resuming business operations during the COVID-19 pandemic, launched Selangkah Biz, an app enabling businesses in Malaysia to increase their use of cashless payments. SMEs are able to accept payments from customers using e-wallets, with debit and credit card payments soon to follow. Selangkah charges a fee per transaction of between 0.8 and 1.3% of the price of the transaction.
Global: Bottlepay enables users to send and receive Bitcoin through Twitter
On 18 March 2021, it was reported that Bottlepay, a digital payments app, has launched a new social media feature allowing users to instantly send and receive Bitcoin from one user’s account to another through tweets. Bottlepay will be adding official currencies in the future and plans to extend the network to Reddit, Discord, Twitch, Telegram and Mastodon.
India: Axis Bank introduces ‘Wear ‘N’ Pay’ device for contactless payments
On 16 March 2021, Axis Bank announced the launch of a wearable device that allows customers to make contactless payments, using technology from Canada’s Tappy Technologies. The wearable device costs USD10 and can be bought online or in bank branches.
United Kingdom: Zilch launches BNPL for in-person shopping
On 8 April 2021, it was reported that Buy Now Pay Later (BNPL) provider Zilch will roll out a BNPL feature that allows customers to spread costs for in-person purchases. Customers using Zilch’s digital card will now be able to spread the costs for in-store payments over six weeks.
Brazil: Central bank gives green light to relaunch of WhatsApp P2P payments feature
On 30 March 2021, it was reported that the central bank of Brazil has approved the relaunch of WhatsApp’s P2P payments feature. Last June, the central bank suspended the payments feature before it was launched, citing competition issues in the mobile payments space. WhatsApp users in Brazil will now be able to send each other funds using the Visa and Mastercard card networks.
United States: Gemini partners with Alloy to automate ID verification for new Gemini credit card
On 9 April 2021, it was reported that Gemini, a leading cryptocurrency exchange and custodian, has partnered with Alloy, a leading ID platform for banks and fintech companies. Gemini will use Alloy’s platform to automate ID decisions and verification for the new Gemini credit card, available in all US states. Cardholders will earn up to 3% back on every purchase in bitcoin or other crypto which will be automatically deposited into their Gemini account.
United Kingdom: Signal begins beta testing of P2P payments
On 7 April 2021, it was announced that messaging app Signal has begun beta testing a P2P payments feature in the UK. For the moment, Signal is using a proprietary cryptocurrency from MobileCoin. Signal app users can link a MobileCoin wallet to Signal for sending and receiving funds and viewing transactions through a simple interface.
United Kingdom: Open Banking Annual Report 2020
The Open Banking Implementation Entity (OBIE) has published its report on the 2020 UK open banking ecosystem. The report gives an overview of OBIE’s activity in 2020 and sets out areas of growth for 2021.
The key highlights include:
- On 15 May 2020, the OBIE published its revised Roadmap for the final stages of open banking implementation;
- OBIE recorded 4 million payment initiation service payments through open banking in 2020, up from 320,000 in 2018;
- OBIE sponsored the Nesta Open Up 2020 programme, a £1.5m prize challenge to promote open banking solutions; and
- OBIE helped minimise Brexit disruption by driving engagement with an FCA consultation, coordinating details of identity requirements on a per-bank basis, and updating its directory with the final list of regulatory permissions.
Looking towards the future, OBIE plans to finish the implementation of open banking in 2021. The CMA is currently in the process of deciding the future of the UK open banking landscape following the end of the OBIE’s mandate.
United States: eMarketer report on mobile payments
On 30 March 2021, eMarketer published a report on the increasing use of mobile payments in the US. According to the report, the COVID-19 pandemic has accelerated the adoption of mobile payment platforms, as Americans have actively sought out retailers offering contactless payment options.
Key findings from the report include:
- 40.1% of smartphone users engaged in mobile payments in 2020;
- According to eMarketer, this figure will increase to 43.2% in 2021, and as much as 50.1% in 2025;
- The average annual spending per user was USD1,973.7 in 2020; and
- According to eMarketer, this figure will increase to USD2,439.7 in 2021 and USD4,064.3 in 2025.
The report further predicts that in-store mobile app payments will hit a new record in 2021, reaching an estimated 101m Americans aged 14 and above. It is believed that more than half of smartphone users will use mobile payments by 2025.
Bhutan: Annual Payment Systems Report 2020
On 22 March 2021, the Royal Monetary Authority of Bhutan published its Annual Payments Systems Report for 2020. The report summarises the payments landscape in Bhutan and reviews key developments during 2020, with a focus on the growth of digital payments.
Due to the effects of the COVID-19 pandemic, and Bhutan’s efforts to increase digital payments, the value of e-money transactions increased by 2,133.7% as compared to 2019. The number of mobile and internet banking transactions also increased by 34%, while the use of in-person card transactions decreased by 50%.
In 2020, Bhutan launched the ‘Payment System Strategy 2020’, a series of measures and projects aiming to encourage the growth of the digital payments sector. Some of the main developments included the introduction of Bhutan QR, which allows customers to make payments using QR codes at over 14,000 merchants, and the promotion of cross-border payment systems through India-based Rupay.
