As the world moves towards a cashless future, the global payments sector is at the forefront of financial innovation. A wave of new entrants to the sector makes the sector one of the most exciting to be involved in. Costs incurred in holding, transferring and transaction in global currencies and digital assets continue to shrink. However, new entrants to the sector face a set of regulatory headwinds that, depending on the business activities, can be complex to navigate.
Surety can help. But first, let’s take a quick look at payment services activities in the UK, and how they are regulated.
How are payment services regulated in the UK?
Payment services in the UK include providing payment accounts, executing transactions, issuing payment instruments, undertaking merchant acquiring services, and open banking services. Regulatory, financial and in some cases criminal consequences can result from contravening the regulations applicable to these activities. These activities, unless subject to specified exemptions, are regulated by the UK Financial Conduct Authority (FCA) under the “Payments Services Regulations 2017” (PSRs 2017). Other regulatory requirements above and beyond the PSRs, such as AML and conduct of business regulations, may also apply depending on your activities.
In PERG 15.1 of its Handbook the FCA sets out that the PSRs are “likely to be of relevance to a range of firms including credit institutions, electronic money institutions, the Post Office Limited, money remitters, certain bill payment service providers, card issuers, merchant acquirers, payment initiators, account aggregators and certain electronic communication network service providers.”
A consequence of the PSRs is that, in many cases, if your payment services business does not fall under specific exemption (and you are not a Part 4A-authorised credit institution or E-Money institution), you may need to apply to the FCA to become:
· an authorised payment institution (API); or
· a small payment institution (SPI).
Making such an application is time-consuming and requires a depth of information on your business model and your systems and controls.
How can Surety help?
Managing the compliance obligations associated with running a regulated payment services institution can be complex. The regulators expect documented, tested and evidenced controls to be in place, ensuring the risks associated with your business are understood and managed effectively. Compliance staff at regulated firms are often swamped with policies and procedures, risk reporting, as well as the business data and management information required to do their jobs.
Surety simplifies this by becoming your central compliance brain. Our platform gives you the ability to align and assign your controls to the regulations that apply to you, and easily evidence that fact to your regulators! Whether it’s supporting a regulatory licence application, or managing your business as usual compliance monitoring and testing, Surety gives you the evidence and the insights to succeed.