Payments View - November 2021

FCA's policy statement

The FCA has today published its policy statement confirming amends to the UK onshored SCA RTS, its approach document and perimeter guidance. We are in the process of reviewing this but in short:

• The FCA is implementing the proposed exemption for SCA when accounts are accessed via an AISP or PIS. See below for how this diverges with the EU approach.
• Dedicated interfaces will be mandatory for certain types of accounts and should be introduced within 18 months
• ASPSPs will no longer be required to make interface technical specifications and a testing facility for TPPs available 6 months before the launch of a new product or service
• The Approach document will include updated guidance on SCA (including dynamic linking and inherence), prudential risk management, safeguarding, data sharing between PISPs and ASPSPs
• Guidance on the limited network and e-commerce exclusions has been implemented largely as consulted

SMCR

The FCA's recently published Perimeter Report focused on the need for legislative changes to increase the protections provided to consumers, including the extension of the Senior Managers and Certification Regime to cover payment and e-money institutions. This is nothing new but does serve as a reminder to firms that change is coming. However, as there was nothing on the SMCR being extended to these firms in the most recent Regulatory Initiatives Grid (more on this below), this doesn't appear to be imminent.

BNPL

HM Treasury has published a Buy Now Pay Later Consultation, seeking input on its proposal to restrict the so-called instalment credit exemption and on how to regulate BNPL lenders and agreements in a proportionate way. If put in place, these changes will represent a significant shift for the unregulated credit industry. The deadline for responses is 6 January 2022. If you're planning on responding or would like any advice around the changes we'd be keen to hear from you.

While BNPL is viewed as a consumer credit issue by regulators in the UK, we know that it is also being positioned as an alternative form of payment method akin to acquiring by some players in the market - both here and in other jurisdictions - which could lead to another, different, complexion on how it may be regulated in future.

EBA consultation on changes to SCA

The EBA published a Consultation proposing amendments to the exemption in Article 10 of the SCA RTS to address their concern that ASPSPs are creating unnecessary customer friction by not relying on the exemption either at all or to its fullest extent - particularly where AISPs are accessing accounts.

The EBA wants to introduce a mandatory exemption for ASPSPs where the information is accessed through an AISP, provided that the data accessed is limited. Under the proposal, SCA would be applied for the first access and renewed every 180 days, with the ASPSP only applying SCA only if it has evidence of unauthorised or fraudulent access. For information accessed directly, no changes are proposed other than to extend the current 90 day renewal requirement to 180 days for consistency with access via an AISP. Given the limited proposals, the consultation was only open for a short period and closed on 25 November.

This comes after the FCA's proposals (now confirmed in its policy statement) in January to amend the on-shored SCA RTS to address barriers, including removal of the 90 day SCA renewal requirement where accounts are accessed by AISPs. This could be the start of diverging rules for firms in the payments space.

Open banking

The CMA published an update on the governance of open banking, setting out the steps the CMA is taking to address the issues identified in the independent investigation report published in October. These include the appointment of a new Trustee, NEDs, and other governance arrangements. In the longer term, the CMA says it is working with the FCA and PSR in particular to develop a statement for the future Open Banking entity and its governance, and to include responses to its consultation on the future-oversight of open banking, expected at the end of 2021 or early 2022.

The CMA also sets out its view of the key guiding principles for Open Banking (developed further since its consultation in light of the investigation report) to be covered in more detail in its update / statement due at the end of this year / early next. At a high level, the principles cover Open Banking's purpose for competition and innovation, requirements for sufficient regulatory oversight and collaboration between regulators in relation to the entity, representation of all stakeholder interests (including all relevant industry participants and end-users), leadership, governance, reporting to regulators, monitoring and compliance with standards and obligations, funding and transition to the future entity.

More generally, the CMA has also published the Terms of Reference for a review of the lessons learnt from Open Banking in the CMA's approach to designing, implementing and monitoring remedies in investigations.

CoP and APP

The PSR has published a consultation proposing mandatory reimbursement for victims of Authorised Push Payment (APP) scams. See our thoughts on this here. This follows the PSR's recent paper concerning the expansion of Confirmation of Payee (CoP) to a wider range of banks and payment firms and the measures it may take to combat APP fraud. We consider the PSR's paper and what it means for account providing payment service providers (PSPs) here. Let us know if you are responding to the consultation and we would be happy to discuss or advise you on this.

PSR final report on card acquiring market review

The PSR has published its final report on the market review into card acquiring, which broadly replicates its initial conclusions in the interim report. The key concerns appear to be:

• Small to medium sized merchants that do not often consider switching provider, potentially weakening competition
• Poor pricing outcomes for merchants, due to acquirers holding onto savings from interchange fees, and failures by merchants to look for alternative providers to negotiate
• The PSR thinks this could be due to:
  • Pricing not being publicly available
  • Indefinite contracts for acquiring and payment facilitation
  • POS terminal not being able to be switched either due to incompatibility with replacement card providers and/or early termination fees
•  Significant increases in card scheme fees

A remedies consultation is expected in early 2022 which will set out more detail on how the PSR proposes to address the issues identified in the report, but we anticipate there will be proposed changes around incentivising switching, rules on pricing and price disclosures, which could impact the market.

Orders for Information - US approach to Tech Giants on payments

While not directly relevant to the UK payment sector (yet), one recent development in the US gave a useful insight into the direction of travel for the regulation of 'Big Tech'. The range of payments systems in the US and the number operated by tech platforms has prompted the Consumer Financial Protection Bureau (CFPB) to order participants in the payments market to turn over information to help it monitor for risks to consumers and to publish aggregated findings that are in the public interest. The orders have initially been sent to Amazon, Apple, Facebook, Google, PayPal and Square and it is reported that the CFPB is studying the payment system practices of Chinese tech giants, such as Alipay and WeChat Pay.

This is an interesting development in the US and something that we expect other national regulators to note and may in time influence their own approach.

UK Central Bank Digital Currency - HM Treasury and the Bank of England state their next moves

On 9 November, HM Treasury (HMT) and the Bank of England (BofE) released a statement on their next steps in the exploration of a UK Central Bank Digital Currency (CBDC). They will launch a consultation in 2022 to inform policy development over the next few years and to allow interested parties the opportunity to engage in the discussion and help HMT and the BofE to understand the merits and risks associated with a UK CBDC. It is important to them that they balance the need for the UK economy to develop as things become increasingly more digital with the role of being a pillar in the monetary system that provides financial stability and gives the public trust in money and supports public welfare.

This is an exciting area that we have been following closely in our regular Crypto View. The consultation paper will be a good opportunity for the market to share knowledge with the government so please let us know if you're interested in contributing to the consultation when it opens and we would be delighted to assist.

Regulatory initiatives grid

At the beginning of the month the FCA published its Regulatory Initiatives Grid providing an update on what's on the FCA's horizon. The only new initiatives specific to the payments sector were HMT's consultation on the extension of SMCR to financial market infrastructures and the new CBDC Taskforce. It is, however, always a useful guide to where the FCA focus will be and as an update on expected milestones and timing for engagement with industry, and we will come back to the initiatives covered in later editions of Payments View.