General
Who is regulated under the PSRs?
All firms providing payment services as set out in Schedule 1 to the Payment Services Regulations 2009, (the PSRs) must either be authorised or registered (unless they are credit institutions or e-money issuers or expressly excluded from the PSRs; for example, credit unions). Types of business included are non-bank credit card issuers and money remitters. Authorised or registered firms are known as payment institutions (Pls).
Credit institutions (for example, banks and building societies) and e-money issuers are already authorised to carry out payment services as a result of their existing authorisation and do not therefore need to seek further authorisation or registration. They are however required to comply with the conduct of business requirements.
We have published guidance to help you consider whether your business activities fall within the scope of the PSRs - see (Chapter 15 of our Perimeter Guidance manual) (PERG).
What is a payment institution?
There are two categories of firm under the PSRs:
Authorised payment institutions
They are authorised to provide one or more payment services and must comply with the PSRs capital and safeguarding requirements. See Regulations 18 and 19 of the PSRs for further information on capital and safeguarding.
Small payment institutions
Payment service providers are able to take advantage of a waiver from the prudential requirements and register rather than obtain authorisation if they meet the following conditions:
- their turnover does not exceed €3 million of payment transactions per month (averaged over twelve months); and
- none of the people responsible for the management and the operation of the business have been convicted of offences relating to money laundering or terrorist financing or other financial crimes.
Although it is not mandatory, small PIs can choose to safeguard.
Is there a list of exemptions?
The following bodies are exempt from the PSRs under Regulation 3:
- credit unions;
- municipal banks; and
- the National Savings Bank.
Do credit institutions and e-money issuers need to give the FSA any notification of their intention to provide payment services?
Credit institutions do not need to give the FSA any notification of their intention to provide payment services but electronic money institutions (EMIs) do if the payment services are unrelated to the issuance of electronic money (e-money).
Do the PSRs apply to savings accounts?
The PSRs apply to ‘flexible savings accounts’. The issue of which savings accounts can be considered ‘payment accounts’ is dealt with in our Perimeter Guidance (see question 16 of the Q&A). However, payment transactions to and from accounts which are not payment accounts are subject to the conduct of business requirements.
Do the PSRs apply to payments outside the EEA?
All firms providing payment services (unless they are credit institutions or e-money issuers or expressly excluded from the Payment Services Directive (PSD)) who are established in the UK must either be authorised or registered by us to provide payment services, regardless of where they send payments for their customers. For example, a money remitter, based in Birmingham, serving a niche market for sending payments to Bangladesh and doing no other payments business must be authorised by or registered with us.
However, most of the conduct of business provisions only apply to transactions where the payment service providers of both the payer and the payee are located in the EEA, and where the payment transactions are in euro, or in the currency of a member state that has not adopted the euro (for example, sterling).
Transactions where either the payee or payer’s payment service provider is based outside the European Economic Area are known as ‘one-leg transactions’. So, for example, if someone in the UK sends money to someone in Ghana, most of the conduct of business provisions do not apply to the transaction. The Treasury has publicly consulted on whether or not these one-leg transactions should be brought into the scope of the PSRs. The outcome was that the conduct of business provisions will not be extended to one-leg transactions.
How do the PSRs apply to banks operating in Bacs, CHAPS or Faster Payments through an agency agreement with a settlement bank?
The key test is whether they are offering payment services to a customer. If the customer requests that the agency bank executes a transaction for them and the transaction is executed, then the conduct of business requirements apply in relation to the transaction. The agency bank is responsible for ensuring that the requirements are complied with. The arrangements that the agency bank puts in place to effect the transaction are not relevant to the question of whether the PSRs apply.
Are bill payment services included in the scope of the PSRs?
See our Perimeter Guidance question 25. The Treasury has also set out its views in its Summary of Responses to its consultation on the draft PSRs (see paragraphs 2.10 to 2.13).
Conduct of business requirements or ‘COB’ requirements
What are the conduct of business requirements?
The PSRs require firms to provide users with a range of information (for example, pre-contract information, such as terms and conditions and post contract information such as amount and currency of payment) and there are various provisions regulating the rights and obligations of payment service users and providers (for example, firms are prevented from deducting charges unless otherwise agreed).
Full details are set out in Parts 5 and 6 of the PSRs.
Does the ‘corporate opt-out’ have to be agreed by the customer?
Yes. This can be done through account terms and conditions.
The 'corporate opt-out' enables payment service providers to agree different terms with their customers for certain of the conduct of business provisions.
However, the corporate opt-out is only available where the customer is not:
- a consumer;
- a micro-enterprise (see definition below); or
- a charity with an annual income of less than £1m.
If a payment service provider wishes to use the corporate opt-out it needs to have secured their agreement, otherwise the PSRs apply in full. Payment service providers need to consider the terms of their own existing customer agreements, seeking professional advice where appropriate but, in principle, we consider agreement by conduct can be sufficient. Where a payment service provider asks for agreement by conduct, to show that agreement has been reached it is particularly important for it to take reasonable steps to bring to the customer's attention sufficient information for the customer to understand what it is agreeing to.
What are the criteria for a customer being classed as a micro-enterprise?
A micro-enterprise is an enterprise that employs fewer than ten people and whose annual turnover and/or annual balance sheet total does not exceed €2m. The definition allows for group companies’ turnover, etc, to be taken into account in this calculation. Full details of the definition can be found in the Commission Recommendation 2003/361/EC.
For the purposes of the corporate opt-out (see above), whether or not a customer is a micro-enterprise is determined at the time of entry into the payment services contract. Where difficulties have arisen with determining the status of existing customer, to remove doubt about a customer’s status payment service providers may have chosen to enter into a new contract for payment services with the customer in order to reset the date at which the micro-enterprise tests are assessed.
The jurisdiction of the Financial Ombudsman Service (FOS) is wider, covering complaints from customers that were micro-enterprises at the time of contracting or which have since become micro-enterprises.
Is there an obligation on micro-enterprises to inform of their status and any change in status?
There is no requirement for this, but such an obligation could form part of the contract between the payment service provider and the micro-enterprise. It could, for example, be agreed that the contract would be terminated on notification that the customer no longer meets the thresholds for being a micro-enterprise.
Does information have to be sent to the customer?
As noted above, the PSRs require payment service providers to provide users with a range of information. In most cases, the PSRs state that the information can be ‘provided’ (for example, on paper or by e-mail or text) or ‘made available’ (for example, by a link to a secure website). ‘Made available’ does not necessarily mean the information has to be sent to the customer, but the method of availability must be agreed.
What form does information have to be in?
Part 5 of the PSRs sets out the requirements in relation to provision of information. Depending on the type of payment service contract, there are generally conditions relating to the accessibility of the information and the manner in which it is made available or provided. No particular format for the information is specified.
Can an interest rate that a firm sets itself be a reference interest rate provided the firm publishes it, for example on its website?
To be a reference interest rate, the rate has to be "from a publicly available source which can be verified by both parties to a payment service contract". Unlike the reference exchange rate definition, the reference interest rate definition does not refer to rates made available by the payment service provider itself. Question 146 on the European Commission’s PSD Q&A website advises that this "can be interpreted as requiring a publicly available 'index or base'. Typically, this comes from independent sources such as LIBOR, Euribor or ECB rates."
We expect the reference interest rates used in practice to be external indices or bases such as LIBOR, Euribor or central bank rates, or perhaps a basket of rates set by other banks.
When is a currency conversion a payment transaction, as opposed to an ancillary service?
A payment transaction may involve a currency conversion and this can lead to additional conduct of business obligations, but currency conversion is not a payment transaction in itself. In our view, it is not the intention of the PSRs to regulate foreign exchange transactions.
When carrying out a payment transaction that involves a currency conversion, does the payment service provider have to tell the payer at the outset all the charges that will be incurred, including those charged by the payee’s payment service provider?
Where a payer customer wishes to transfer funds within the EEA and needs those funds to be converted to Euro or another member state currency as part of the payment transaction, the payer’s payment service provider must inform the customer of any charges that it will levy (regulation 36 or 40 depending on whether the transaction is under a single payment service contract or a framework contract) and must not deduct any further charges before execution, so that the full amount of funds are transferred (regulation 68).
The payee’s payment service provider can agree with the payee that a charge, paid by the payee, is deducted from the amount transferred before execution of the transaction (regulation 68). After execution, the payee must also be given information on the amount of the charge and the final amount of funds. The payer’s payment service provider does not need to inform its payer customer of these charges paid by the payee.
What exchange rate information has to be given to a customer at the point of sale in relation to a credit card transaction that involves a currency conversion?
Under regulation 45(2)(d) and (3), the information about the exchange rate used and the amount of the payment transaction after the currency conversion may be provided or made available to the customer periodically (and at least once a month), providing this has been agreed in the framework contract. This assumes the currency conversion is done by the credit card issuer and not at the point of sale.
As overdrafts are not payment services, does that mean that none of the overdraft terms are part of the framework contract or covered by schedule 4?
While the provision of credit is not in itself a payment service, the execution of payment transactions covered by a credit line is. Many or most of the terms for an overdraft are inextricable from the payment service and form part of the framework contract or the schedule 4 information that has to be disclosed under regulation 40. Examples include, where relevant, details of interest rates.
However, regulation 34 disapplies certain information requirements for agreements that are regulated agreements under the Consumer Credit Act 1974 (CCA), given that the CCA regulates the provision of credit rather than the provision of payments. The carve out is there to avoid the overlap and inconsistency that would result from, for example, different requirements for varying interest rates and credit limits applying under the CCA and the PSRs.
Impact on consumers
On which consumer transactions do the PSRs have the most impact?
Any payment transaction that consumers carry out in sterling or in euro; for example, payments in and out of current accounts, e-money accounts, flexible savings accounts and credit card accounts.
The PSRs affect money transmission services within the UK and the EEA, which is where consumers will most likely notice a difference from previously, particularly in relation to the information requirements.
Consumers must be provided with specified information about their transaction and their transaction must be made by the business day following the one on which they placed the payment order. Consumers also have greater clarity over their rights and obligations in relation to payment transactions, such as the circumstances in which they have a right to a refund.
Consumers have the right to take complaints about their payment service provider to the Financial Ombudsman Service (FOS) if they are not satisfied with the payment service provider’s response to their complaint.
Are PIs covered by the Financial Services Compensation Scheme?
No, there is no provision for a compensation scheme in the PSRs. The safeguarding provisions are intended to prevent customer losses in the event of an insolvency of an authorised PI.
Passporting
How do the Regulations apply to a non-EEA credit institution operating through a branch in the UK?
The conduct of business requirements apply to all payment service providers, including UK branches of non-EEA credit institutions providing payment services.
The Commission has advised that their interpretation of the PSRs is that such firms need to incorporate within the EEA and seek authorisation in order to carry out payment services. We have set out our position in question seven of the Perimeter Guidance.
For passporting firms, who is responsible for supervision?
In the case of an EEA payment service provider operating through a branch or agent in the UK, the supervisor for conduct of business purposes is us, as the host state competent authority. The home state competent authority remains responsible for prudential matters (that is, provisions covered by Title II PSRs).
In the case of a UK payment service provider passporting on an establishment basis to another EEA state, the supervisor for conduct of business purposes is the host state competent authority, we remain responsible for prudential supervision.
Supervision
What does ‘complaints-led’ supervision mean?
We are taking a complaints-led approach to supervision of the conduct of business provisions of the PSRs. Complaints-led supervision means that, in general, we base our conduct of business supervision strategy on the complaints that we receive from payment service users about breaches of the PSRs. This may lead to thematic work if there are common themes to the types of breaches.
Do all EEA countries take the same approach to supervision as the FSA (that is, a complaints-led approach)?
It is up to each member state to determine their approach to supervision. We have chosen to take an approach that we believe is proportionate in view of our assessment that there are no significant market failures in this area. Supervision is therefore initially on a complaints-led basis. This may change depending on our ongoing assessment of the risks posed to our regulatory objectives by the payment services market.
Do other member states have different requirements for firms?
As the PSD is a mostly maximum harmonising directive, the requirements of firms should be essentially the same. However, there are a number of national options which have resulted in differences and interpretations of the PSD may differ to an extent, as may methods of implementation.
