Statutory Instruments
Financial Services And Markets
Made
18th July 2017
Laid before Parliament
19th July 2017
Coming into force in accordance with regulation 1
The Treasury are a government department designated(1) for the purposes of section 2(2) of the European Communities Act 1972(2) in relation to financial services.
The Treasury make these Regulations in exercise of the powers conferred on them by section 2(2) of the European Communities Act 1972, sections 22(1) and (5) and 428(3) of, and paragraph 20(4)(d) of Schedule 1ZA and paragraph 15(1) of Schedule 2 to, the Financial Services and Markets Act 2000(3), section 3 of the Child Trust Funds Act 2004(4), section 694 of the Income Tax (Trading and Other Income) Act 2005(5), sections 85(2)(b) and 109(4)(b) of the Financial Services Act 2012(6) and paragraph 10(4)(b) and (5)(b) of Schedule 4 to the Financial Services (Banking Reform) Act 2013(7).
1.—(1) These Regulations may be cited as the Payment Services Regulations 2017.
(2) The following provisions come into force on 13th August 2017—
(a)this regulation and regulations 2 (interpretation), 106 (functions of the FCA), 112(6) (policy on imposition of penalties), 118 (costs of supervision), 120 (guidance), 121 (FCA’s exemption from liability in damages) and 147 (duty to co-operate and exchange of information);
(b)regulation 122 and the following provisions of Schedule 6 (application and modification of legislation)—
(i)paragraph 1 (disciplinary powers) in so far as that paragraph applies sections 69 and 70 of the 2000 Act;
(ii)paragraph 3 (FCA rules) for the purpose of enabling the FCA to make rules;
(iii)paragraph 5 (control over payment institutions) in so far as that paragraph applies the provisions of sections 179 and 191E of the 2000 Act which confer functions on the FCA;
(iv)paragraph 12 (application of the Financial Services and Markets Act 2000 (Service of Notices) Regulations 2001(8));
(c)regulation 156 in so far as it gives effect to the following provisions of Schedule 8 (amendments to legislation)—
(i)paragraph 2(6) (amendment of section 379A of the 2000 Act);
(ii)paragraph 3(b) (amendment of Schedule 15 to the Enterprise Act 2002(9));
(iii)paragraph 5 (amendment of the Electronic Money Regulations 2011(10)) for the purpose of enabling the FCA to impose requirements, give directions and make rules;
(d)for the purpose of enabling the FCA to impose requirements and give directions—
(i)regulation 5(3) and (5) (applications for authorisation as a payment institution);
(ii)regulation 6(7)(e) and (f) (professional indemnity insurance for authorised payment institutions);
(iii)regulation 11(1) and (3) (cancellation of registration);
(iv)regulation 13(1), (2), (3) and (5) (application for registration);
(v)regulation 15 (small payment institutions: supplementary provision) in so far as it applies regulation 11(1) and (3);
(vi)regulation 17(1)(b) and (3) (application for registration as an account information service provider);
(vii)regulation 18(4)(b) (professional indemnity insurance for registered account information service providers);
(viii)regulation 19 (registered account information service providers: supplementary provision) in so far as it applies regulation 11(1) and (3);
(ix)regulation 20(3) (duty to notify changes);
(x)regulation 27(1) (notice of intention);
(xi)regulation 30(4), (5) and (7) (supervision of firms exercising passport rights);
(xii)regulation 34(3) and (4) (application for registration of agent);
(xiii)regulation 37(2) (duty to notify change in circumstances);
(xiv)regulation 38(4) (notification of use of limited network exclusion);
(xv)regulation 39(3) to (5) (notification of use of electronic communications exclusion);
(xvi)regulation 71(8)(c) (denial of access to an account information service provider);
(xvii)regulation 98(3) (management of operational and security risks);
(xviii)regulation 99(2) (incident reporting);
(xix)regulation 105(4)(b) (refusal of access to bank account);
(xx)regulation 109(1) to (3) and (5) (reporting requirements);
(xxi)regulation 119 to the extent that it gives effect to paragraph 5(1), (3) and (4) of Schedule 5 (credit agreements).
(3) The following provisions come into force on 13th October 2017—
(a)Part 2, for the purposes of enabling—
(i)the making and determination of applications for authorisation or registration (including the imposition of requirements in relation to authorisations and registrations); and
(ii)the giving of notices under regulation 3(2) (exemption for municipal banks);
(b)for the purposes of enabling the giving of notifications and the making of applications to the FCA and enabling the FCA to take action in response to such notifications and applications, regulations 25 (outsourcing), 34 (use of agents) and 39 (notification of use of electronic communications exclusion);
(c)In Schedule 6 (application and modification of legislation), paragraphs 2 (the Upper Tribunal), 5 (control over payment institutions) in so far as not already in force, 8 (restriction on disclosure of information), 10 (warning notices and decision notices) and 13 (application of the Financial Services and Markets Act 2000 (Disclosure of Confidential Information) Regulations 2001);
(d)regulations 142 to 146 (misleading the FCA);
(e)regulation 150 (transitional and saving provisions), for the purposes of enabling the provision of information or giving of notification under regulation 150(3), and enabling the FCA to take action in response to such information or notification;
(f)regulation 156 in so far as it gives effect to—
(i)paragraph 5 of Schedule 8 (amendment of the Electronic Money Regulations 2011), for the purpose of enabling the giving of notifications, the making or determining of applications and the taking of action in response to such applications and notifications under the Electronic Money Regulations 2011;
(ii)paragraph 6 of Schedule 8 (amendment of the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975(11)), for the purpose of the FCA’s determination of applications for authorisation or registration under Part 2 of these Regulations (including the imposition of requirements in relation to authorisations and registrations).
(4) Regulations 27 (notice of intention) and 28 (decision following notice of intention) come into force on 13th December 2017 for the purposes of enabling the giving of notifications and enabling the FCA to take action in response to such notifications.
(5) Regulations 68(3)(c), 69(2)(a) and (3)(d), 70(2)(a) and (3)(c), 77(4)(c) and (6) and 100 (secure communication and authentication) come into force eighteen months after the date on which the regulatory technical standards adopted under Article 98 of the payment services directive come into force.
(6) Except as provided in paragraphs (2) to (5), these Regulations come into force on 13th January 2018.
(7) Paragraph 6 of Schedule 8 (amendment of the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975) extends to England and Wales only.
2.—(1) In these Regulations—
“the 2000 Act” means the Financial Services and Markets Act 2000;
“account information service” means an online service to provide consolidated information on one or more payment accounts held by the payment service user with another payment service provider or with more than one payment service provider, and includes such a service whether information is provided—
in its original form or after processing;
only to the payment service user or to the payment service user and to another person in accordance with the payment service user’s instructions;
“account information service provider” means a payment service provider which provides account information services;
“account servicing payment service provider” means a payment service provider providing and maintaining a payment account for a payer;
“acquiring of payment transactions” means a payment service provided by a payment service provider contracting with a payee to accept and process payment transactions which result in a transfer of funds to the payee;
“agent” means a person who acts on behalf of an authorised payment institution or a small payment institution in the provision of payment services;
“authentication” means a procedure which allows a payment service provider to verify the identity of a payment service user or the validity of the use of a specific payment instrument, including the use of the user’s personalised security credentials;
“authorised payment institution” means—
a person authorised as a payment institution pursuant to regulation 6 (conditions for authorisation as a payment institution) and included by the FCA in the register as an authorised payment institution pursuant to regulation 4(1)(a) (the register of certain payment service providers); or
a person included by the FCA in the register pursuant to regulation 150 or 152, and regulation 153(1) (transitional provisions);
“the FCA” means the Financial Conduct Authority;
“branch” means a place of business, other than the head office, of—
an authorised payment institution;
a small payment institution;
a registered account information service provider;
an EEA authorised payment institution; or
an EEA registered account information service provider;
which forms a legally dependent part of such a payment service provider and which carries out directly all or some of the services inherent in the business of such a payment service provider; and, for the purposes of these Regulations, all places of business set up in the same EEA State other than the United Kingdom by an authorised payment institution are to be regarded as a single branch;
“business day” means any day on which the relevant payment service provider is open for business as required for the execution of a payment transaction;
“the capital requirements directive” means Directive 2013/36/EU of the European Parliament and of the Council of 26th June 2013 relating to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC(12);
“the capital requirements regulation” means Regulation (EU) 575/2013 of the European Parliament and of the Council of 26th June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012(13);
“charity”, in Parts 6 (information requirements for payment services) and 7 (rights and obligations in relation to the provision of payment services), means a body whose annual income is less than £1 million and is—
in England and Wales, a charity as defined by section 1(1) of the Charities Act 2011 (meaning of “charity”)(14);
in Scotland, a charity as defined by section 106 of the Charities and Trustee Investment (Scotland) Act 2005 (general interpretation)(15);
in Northern Ireland, a charity as defined by section 1(1) of the Charities Act (Northern Ireland) 2008 (meaning of “charity”)(16);
“co-badged”, in relation to a payment instrument, refers to an instrument on which is included two or more payment brands, or two or more payment applications of the same payment brand;
“the Commissioners” means the Commissioners for Her Majesty’s Revenue and Customs;
“consumer” means an individual who, in contracts for payment services to which these Regulations apply, is acting for purposes other than a trade, business or profession;
“credit institution” has the meaning given in Article 4(1)(1) of the capital requirements regulation;
“credit transfer” means a payment service for crediting a payee’s payment account with a payment transaction or a series of payment transactions from a payer’s payment account by the payment service provider which holds the payer’s payment account, based on an instruction given by the payer;
“designated system” has the meaning given in regulation 2(1) of the Financial Markets and Insolvency (Settlement Finality) Regulations 1999 (interpretation)(17);
“digital content” means goods or services which are produced and supplied in digital form, the use or consumption of which is restricted to a technical device and which do not include in any way the use or consumption of physical goods or services;
“direct debit” means a payment service for debiting the payer’s payment account where a payment transaction is initiated by the payee on the basis of consent given by the payer to the payee, to the payee’s payment service provider or to the payer’s own payment service provider;
“durable medium” means any instrument which enables the payment service user to store information addressed personally to them in a way accessible for future reference for a period of time adequate for the purposes of the information and which allows the unchanged reproduction of the information stored;
“the EEA” means the European Economic Area;
“EEA agent” means an agent through which an authorised payment institution, in the exercise of its passport rights, provides payment services in an EEA State other than the United Kingdom;
“EEA authorised payment institution” means a person authorised in an EEA State other than the United Kingdom to provide payment services in accordance with the payment services directive;
“EEA branch” means a branch established by an authorised payment institution, in the exercise of its passport rights, to carry out payment services in an EEA State other than the United Kingdom;
“EEA registered account information service provider” means a person that is registered as an account information service provider in an EEA State other than the United Kingdom under the payment services directive;
“electronic communications network” has the meaning given in Article 2(a) of Directive 2002/21/EC of the European Parliament and of the Council of 7th March 2002 on a common regulatory framework for electronic communications networks and services(18);
“electronic communications service” has the meaning given in Article 2(c) of Directive 2002/21/EC of the European Parliament and of the Council of 7th March 2002 on a common regulatory framework for electronic communications networks and services;
“electronic money” has the meaning given in Article 2(2) of the electronic money directive;
“the electronic money directive” means Directive 2009/110/EC of the European Parliament and of the Council of 16th September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC(19);
“electronic money institution” has the meaning given in Article 2(1) of the electronic money directive;
“European Banking Authority” means the European Banking Authority established by Regulation (EU) 1093/2010 of the European Parliament and of the Council of 24th November 2010 establishing a European Supervisory Authority (European Banking Authority)(20);
“excluded provider” means a provider of services falling within paragraphs 2(k)(i) to (iii), (l) or (o) of Schedule 1 (limited network, electronic communications and cash withdrawal exclusions);
“framework contract” means a contract for payment services which governs the future execution of individual and successive payment transactions and which may contain the obligation and conditions for setting up a payment account;
“funds” means banknotes and coins, scriptural money and electronic money;
“group” means a group of—
undertakings linked to each other by a relationship referred to in Article 22(1), (2) or (7) of Directive 2013/34/EU of the European Parliament and of the Council of 26th June 2013 on the annual financial statements, consolidated financial statements and related reports of certain types of undertakings, amending Directive 2006/43/EC of the European Parliament and of the Council and repealing Council Directives 78/660/EEC and 83/349/EEC(21); or
undertakings as defined in Articles 4 to 7 of Commission Delegated Regulation (EU) No. 241/2014 of 7th January 2014 supplementing Regulation (EU) 575/2013 of the European Parliament and of the Council with regard to regulatory technical standards for Own Funds requirements for institutions(22), which are linked to each other by a relationship referred to in Article 10(1) or 113(6) or (7) of the capital requirements regulation;
“home state competent authority” means the competent authority designated in accordance with Article 22 of the payment services directive as being responsible for the authorisation and prudential supervision of an EEA authorised payment institution which is exercising (or intends to exercise) its passport rights in the United Kingdom;
“host state competent authority” means the competent authority designated in accordance with Article 22 of the payment services directive in an EEA State in which an authorised payment institution exercises (or intends to exercise) its passport rights;
“interchange fee regulation” means Regulation (EU) 2015/751 of the European Parliament and of the Council of 29th April 2015 on interchange fees for card-based payment transactions(23);
“issuing of payment instruments” means a payment service by a payment service provider contracting with a payer to provide a payment instrument to initiate payment orders and to process the payer’s payment transactions;
“means of distance communication” means a method which, without the simultaneous physical presence of the payment service provider and the payment service user, may be used for the conclusion of a contract for payment services between those parties;
“micro-enterprise” means an enterprise which, at the time at which the contract for payment services is entered into, is an enterprise as defined in Article 1 and Article 2(1) and (3) of the Annex to Recommendation 2003/361/EC of 6th May 2003 concerning the definition of micro, small and medium-sized enterprises(24);
“the money laundering directive” means Directive 2015/849/EU of the European Parliament and of the Council of 20th May 2015 on the prevention of the use of the financial system for the purpose of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC(25);
“money remittance” means a service for the transmission of money (or any representation of monetary value), without any payment accounts being created in the name of the payer or the payee, where—
funds are received from a payer for the sole purpose of transferring a corresponding amount to a payee or to another payment service provider acting on behalf of the payee; or
funds are received on behalf of, and made available to, the payee;
“notice” means a notice in writing;
“own funds” means own funds as defined in Article 4(1)(118) of the capital requirements regulation, and “Common Equity Tier 1 capital”, “Tier 1 capital” and “Tier 2 capital” have the same meanings as in that regulation;
“parent undertaking” has the same meaning as in the Companies Acts, as defined by section 1162 of, and Schedule 7 to, the Companies Act 2006 (parent and subsidiary undertakings)(26);
“participant” has the meaning given in regulation 2(1) of the Financial Markets and Insolvency (Settlement Finality) Regulations 1999 (interpretation)(27);
“passport right” means the entitlement of a person to establish or provide services in an EEA State other than that in which they are authorised to provide payment services—
in accordance with the Treaty on the Functioning of the European Union as applied in the EEA; and
subject to the conditions of the payment services directive;
“payee” means a person who is the intended recipient of funds which have been the subject of a payment transaction;
“payer” means—
a person who holds a payment account and initiates, or consents to the initiation of, a payment order from that payment account; or
where there is no payment account, a person who gives a payment order;
“payment account” means an account held in the name of one or more payment service users which is used for the execution of payment transactions;
“payment brand” means any material or digital name, term, sign or symbol, or combination of them, capable of denoting under which payment card scheme card-based payment transactions are carried out;
“payment initiation service” means an online service to initiate a payment order at the request of the payment service user with respect to a payment account held at another payment service provider;
“payment initiation service provider” means a payment service provider which provides payment initiation services;
“payment instrument” means any—
personalised device; or
personalised set of procedures agreed between the payment service user and the payment service provider,
used by the payment service user in order to initiate a payment order;
“payment order” means any instruction by a payer or a payee to their respective payment service provider requesting the execution of a payment transaction;
“payment service” means any of the activities specified in Part 1 of Schedule 1 (payment services) when carried out as a regular occupation or business activity, other than any of the activities specified in Part 2 of that Schedule (activities which do not constitute payment services);
“payment services directive” means Directive 2015/2366/EU of the European Parliament and of the Council of 25th November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No. 1093/2010, and repealing Directive 2007/64/EC(28);
“payment service provider” means any of the following when they carry out payment services—
authorised payment institutions;
small payment institutions;
registered account information service providers;
EEA authorised payment institutions;
EEA registered account information service providers;
electronic money institutions, including branches located in the EEA of such institutions whose head office is outside the EEA, in so far as the payment services provided by those branches are linked to the issuance of electronic money;
credit institutions, including branches located in the EEA;
the Post Office Limited;
the Bank of England, the European Central Bank and the national central banks of EEA States other than the United Kingdom, other than when acting in their capacity as a monetary authority or carrying out other functions of a public nature; and
government departments and local authorities, other than when carrying out functions of a public nature,
and in Part 9 (the FCA) and Schedule 6 (application and modification of legislation), includes agents of payment service providers and excluded providers;
“payment service user” means a person when making use of a payment service in the capacity of payer, payee, or both;
“payment system” means a funds transfer system with formal and standardised arrangements and common rules for the processing, clearing and settlement of payment transactions;
“the Payment Systems Regulator” means the body established under section 40 of the Financial Services (Banking Reform) Act 2013 (the Payment Systems Regulator);
“payment transaction” means an act initiated by the payer or payee, or on behalf of the payer, of placing, transferring or withdrawing funds, irrespective of any underlying obligations between the payer and payee;
“personalised security credentials” means personalised features provided by a payment service provider to a payment service user for the purposes of authentication;
“qualifying holding” has the meaning given in Article 4(1)(36) of the capital requirements regulation;
“reference exchange rate” means the exchange rate which is used as the basis to calculate any currency exchange and which is made available by the payment service provider or comes from a publicly available source;
“reference interest rate” means the interest rate which is used as the basis for calculating any interest to be applied and which comes from a publicly available source which can be verified by both parties to a contract for payment services;
“the register” means the register maintained by the FCA under regulation 4 (the register of certain payment service providers);
“registered account information service provider” means an account information service provider registered pursuant to regulation 18 and included by the FCA on the register pursuant to regulation 4(1)(c) (the register of certain payment service providers);
“regulated agreement” has the meaning given by section 189(1) of the Consumer Credit Act 1974 (definitions)(29);
“remote payment transaction” means a payment transaction initiated through the internet or otherwise initiated through a device that can be used for distance communication;
“sensitive payment data” means information, including personalised security credentials, which could be used to carry out fraud; but in relation to account information services and payment initiation services does not include the name of an account holder or an account number;
“single payment service contract” means a contract for a single payment transaction not covered by a framework contract;
“small payment institution” means—
a person registered as a small payment institution pursuant to regulation 14 and included by the FCA in the register pursuant to regulation 4(1)(b) (the register of certain payment service providers); or
a person included by the FCA in the register pursuant to regulations 151 and 153(1) (transitional provisions);
“strong customer authentication” means authentication based on the use of two or more elements that are independent, in that the breach of one element does not compromise the reliability of any other element, and designed in such a way as to protect the confidentiality of the authentication data, with the elements falling into two or more of the following categories—
something known only by the payment service user (“knowledge”);
something held only by the payment service user (“possession”);
something inherent to the payment service user (“inherence”);
“subsidiary undertaking” has the same meaning as in the Companies Acts (see section 1162 of, and Schedule 7 to, the Companies Act 2006 (parent and subsidiary undertakings));
“transfer order” has the meaning given in regulation 2(1) of the Financial Markets and Insolvency (Settlement Finality) Regulations 1999 (interpretation)(30);
“unique identifier” means a combination of letters, numbers or symbols specified to the payment service user by the payment service provider and to be provided by the payment service user in relation to a payment transaction in order to identify unambiguously one or both of—
another payment service user who is a party to the payment transaction;
the other payment service user’s payment account;
“value date” means a reference time used by a payment service provider for the calculation of interest on the funds debited from or credited to a payment account.
(2) In these Regulations references to amounts in euros include references to equivalent amounts in pounds sterling.
(3) Unless otherwise defined, expressions used in these Regulations which are also used in the payment services directive have the same meaning as in that directive.
(4) Expressions used in a modification to a provision in primary or secondary legislation applied by these Regulations have the same meaning as in these Regulations.
3.—(1) Subject to paragraph (2) and regulation 4(1)(f), these Regulations do not apply to the following persons—
(a)credit unions;
(b)municipal banks; and
(c)the National Savings Bank.
(2) Where municipal banks provide or propose to provide payment services they must give notice to the FCA.
(3) In this regulation—
“credit union” means a credit union within the meaning of—
“municipal bank” means a company which, immediately before 1st December 2001, fell within the definition of a municipal bank in section 103 of the Banking Act 1987 (municipal banks)(33).
4.—(1) The FCA must maintain a register of—
(a)authorised payment institutions and their EEA branches;
(b)small payment institutions;
(c)registered account information service providers;
(d)persons providing a service falling within paragraph 2(k)(i) to (iii) or (l) of Schedule 1 who have notified the FCA under regulation 38 or 39 (notification of use of limited network or electronic communications exclusion);
(e)agents of authorised payment institutions, small payment institutions and registered account information service providers, registered under regulation 34 (use of agents); and
(f)the persons specified in regulation 3(1) (exemption for certain bodies) where they provide payment services.
(2) The FCA may include on the register any of the persons mentioned in paragraphs (d) to (i) of the definition of a payment service provider in regulation 2(1) (interpretation) where such persons provide payment services.
(3) Where a person mentioned in paragraph (h), (i) or (j) of the definition of a payment service provider in regulation 2(1)—
(a)is not included on the register; and
(b)provides, or proposes to provide, payment services,
the person must give notice to the FCA.
(4) The FCA may—
(a)keep the register in any form it thinks fit;
(b)include on it such information as the FCA considers appropriate, provided that the register identifies the payment services for which an institution is authorised or registered under this Part; and
(c)exploit commercially the information contained in the register, or any part of that information.
(5) The FCA must—
(a)publish the register online and make it available for public inspection;
(b)enter in the register any cancellation of an authorisation or registration;
(c)enter in the register a description of the service provided by a person included on the register by virtue of paragraph (1)(d);
(d)update the register without delay; and
(e)provide a certified copy of the register, or any part of it, to any person who asks for it—
(i)on payment of the fee (if any) fixed by the FCA; and
(ii)in a form (either written or electronic) in which it is legible to the person asking for it.
(6) The FCA must, without delay, notify the European Banking Authority of—
(a)the information entered in the register;
(b)any changes to the information in the register;
(c)the reasons for the cancellation of any authorisation or registration; and
(d)where a person is included on the register by virtue of paragraph (1)(d), the particular exclusion which applies to the services provided by the person.
5.—(1) An application for authorisation as a payment institution must contain or be accompanied by the information specified in Schedule 2 (information to be included in or with an application for authorisation).
(2) An application for the variation of an authorisation as a payment institution must—
(a)contain a statement of the proposed variation;
(b)contain a statement of the payment services which the applicant proposes to carry on if the authorisation is varied; and
(c)contain, or be accompanied by, such other information as the FCA may reasonably require.
(3) An application under paragraph (1) or (2) must be made in such manner as the FCA may direct.
(4) At any time after receiving an application and before determining it, the FCA may require the applicant to provide it with such further information as it reasonably considers necessary to enable it to determine the application.
(5) Different directions may be given, and different requirements imposed, in relation to different applications or categories of application.
6.—(1) The FCA may refuse to grant all or part of an application for authorisation as a payment institution only if any of the conditions set out in paragraphs (2) to (9) is not met.
(2) The application must comply with the requirements of, and any requirements imposed under, regulations 5 (application for authorisation) and 20 (duty to notify changes).
(3) The applicant must immediately before the time of authorisation hold the amount of initial capital specified in Part 1 of Schedule 3 (capital requirements).
(4) The applicant must be a body corporate constituted under the law of a part of the United Kingdom having—
(a)its head office, and
(b)if it has a registered office, that office,
in the United Kingdom.
(5) The applicant carries on, or will carry on, at least part of its payment service business in the United Kingdom.
(6) The applicant must satisfy the FCA that, taking into account the need to ensure the sound and prudent conduct of the affairs of the institution, it has—
(a)robust governance arrangements for its payment service business, including a clear organisational structure with well-defined, transparent and consistent lines of responsibility;
(b)effective procedures to identify, manage, monitor and report any risks to which it might be exposed;
(c)adequate internal control mechanisms, including sound administrative, risk management and accounting procedures,
which are comprehensive and proportionate to the nature, scale and complexity of the payment services to be provided by the institution.
(7) The applicant must satisfy the FCA that—
(a)any persons having a qualifying holding in it are fit and proper persons having regard to the need to ensure the sound and prudent conduct of the affairs of an authorised payment institution;
(b)the directors and persons responsible for the management of the institution and, where relevant, the persons responsible for the management of payment services, are of good repute and possess appropriate knowledge and experience to provide payment services;
(c)it has a business plan (including, for the first three years, a forecast budget calculation) under which appropriate and proportionate systems, resources and procedures will be employed by the institution to operate soundly;
(d)it has taken adequate measures for the purpose of safeguarding payment service users’ funds in accordance with regulation 23 (safeguarding requirements);
(e)in the case of an applicant which proposes to carry on payment initiation services, it holds professional indemnity insurance or a comparable guarantee, which covers—
(i)the territories in which the applicant proposes to offer payment initiation services; and
(ii)the applicant’s potential liability under regulations 76 (payment service provider’s liability for unauthorised payment transactions) and 91 to 95 (non-execution or defective or late execution of transactions, liability for charges and interest and right of recourse), up to such amount as the FCA may direct; and
(f)in the case of an applicant which proposes to carry on account information services, it holds professional indemnity insurance or a comparable guarantee, which covers—
(i)the territories in which the applicant proposes to offer account information services; and
(ii)the applicant’s potential liability to account servicing payment service providers and payment service users resulting from unauthorised or fraudulent access to, or use of, payment account information, up to such amount as the FCA may direct.
(8) The applicant must comply with a requirement of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(34) to be included in a register maintained under those Regulations where such a requirement applies to the applicant.
(9) If the applicant has close links with another person (“CL”) the applicant must satisfy the FCA—
(a)that those links are not likely to prevent the FCA’s effective supervision of the applicant; and
(b)if it appears to the FCA that CL is subject to the laws, regulations or administrative provisions of a territory which is not an EEA State (“the foreign provisions”), that neither the foreign provisions, nor any deficiency in their enforcement, would prevent the FCA’s effective supervision of the applicant.
(10) For the purposes of paragraph (9), an applicant has close links with CL if--
(a)CL is a parent undertaking of the applicant;
(b)CL is a subsidiary undertaking of the applicant;
(c)CL is a parent undertaking of a subsidiary undertaking of the applicant;
(d)CL is a subsidiary undertaking of a parent undertaking of the applicant;
(e)CL owns or controls 20% or more of the voting rights or capital of the applicant; or
(f)the applicant owns or controls 20% or more of the voting rights or capital of CL.
7.—(1) The FCA may include in an authorisation such requirements as it considers appropriate.
(2) A requirement may, in particular, be imposed so as to require the person concerned to—
(a)take a specified action;
(b)refrain from taking a specified action.
(3) A requirement may be imposed by reference to the person’s relationship with its group or other members of its group.
(4) Where—
(a)an applicant for authorisation as a payment institution intends to carry on business activities other than the provision of payment services; and
(b)the FCA considers that the carrying on of such other business activities will impair, or is likely to impair—
(i)the financial soundness of the applicant, or
(ii)the FCA’s effective supervision of the applicant,
the FCA may require the applicant to establish a separate body corporate to carry on the payment service business.
(5) A requirement expires at the end of such period as the FCA may specify in the authorisation.
(6) Paragraph (5) does not affect the FCA’s powers under regulation 8 or 12 (variation of authorisation).
8. The FCA may, on the application of an authorised payment institution, vary that person’s authorisation by—
(a)adding a payment service to those for which it has granted authorisation;
(b)removing a payment service from those for which it has granted authorisation;
(c)imposing a requirement such as may, under regulation 7 (imposition of requirements), be included in an authorisation;
(d)cancelling a requirement included in the authorisation or previously imposed under paragraph (c); or
(e)varying such a requirement,
provided that the FCA is satisfied that the conditions set out in regulation 6(4) to (9) (conditions for authorisation) and, if applicable, the requirement in regulation 22(1) (capital requirements) to maintain own funds, are being or are likely to be met.
9.—(1) The FCA must determine an application for authorisation or the variation of an authorisation before the end of the period of three months beginning with the date on which it received the completed application.
(2) The FCA may determine an incomplete application if it considers it appropriate to do so, and it must in any event determine any such application within 12 months beginning with the date on which it received the application.
(3) The applicant may withdraw its application, by giving the FCA notice, at any time before the FCA determines it.
(4) The FCA may grant authorisation to carry out the payment services to which the application relates or such of them as may be specified in the grant of the authorisation.
(5) If the FCA decides to grant an application for authorisation, or for the variation of an authorisation, it must give the applicant notice of its decision specifying—
(a)the payment services for which authorisation has been granted; or
(b)the variation granted,
described in such manner as the FCA considers appropriate.
(6) The notice must state the date on which the authorisation or variation takes effect.
(7) If the FCA proposes to refuse an application or to impose a requirement it must give the applicant a warning notice.
(8) The FCA must, having considered any representations made in response to the warning notice—
(a)if it decides to refuse the application or to impose a requirement, give the applicant a decision notice; or
(b)if it grants the application without imposing a requirement, give the applicant notice of its decision, stating the date on which the authorisation or variation takes effect.
(9) If the FCA decides to refuse the application or to impose a requirement the applicant may refer the matter to the Upper Tribunal.
(10) If the FCA decides to authorise the applicant, or vary its authorisation, it must update the register as soon as practicable.
10.—(1) The FCA may cancel a person’s authorisation and enter such cancellation in the register where—
(a)the person does not provide payment services within 12 months beginning with the date on which the authorisation took effect;
(b)the person requests, or consents to, the cancellation of the authorisation;
(c)the person ceases to engage in business activity for more than six months;
(d)the person has obtained authorisation through false statements or any other irregular means;
(e)the person no longer meets, or is unlikely to continue to meet, any of the conditions set out in regulation 6(4) to (9) (conditions for authorisation) or, if applicable, the requirement in regulation 22(1) (capital requirements) to maintain own funds, or does not inform the FCA of a major change in circumstances which is relevant to its meeting those conditions or that requirement, as required by regulation 37 (duty to notify change in circumstance);
(f)the person has provided payment services other than in accordance with the authorisation granted to it;
(g)the person would constitute a threat to the stability of, or trust in, a payment system by continuing its payment services business;
(h)the cancellation is desirable in order to protect the interests of consumers; or
(i)the person’s provision of payment services is otherwise unlawful, including where such provision of services is unlawful because the person’s registration in a register maintained under regulation 54 or 55 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (duty and power to maintain registers) has been cancelled under regulation 60 of those Regulations (cancellation and suspension of registration).
(2) Where the FCA proposes to cancel a person’s authorisation, other than at the person’s request, it must give the person a warning notice.
(3) The FCA must, having considered any representations made in response to the warning notice—
(a)if it decides to cancel the authorisation, give the person a decision notice; or
(b)if it decides not to cancel the authorisation, give the person notice of its decision.
(4) If the FCA decides to cancel the authorisation, other than at the person’s request, the person may refer the matter to the Upper Tribunal.
(5) Where the period for a reference to the Upper Tribunal has expired without a reference being made, the FCA must as soon as practicable update the register accordingly.
11.—(1) A request for cancellation of a person’s authorisation under regulation 10(1)(b) (cancellation of authorisation) must be made in such manner as the FCA may direct.
(2) At any time after receiving a request and before determining it, the FCA may require the person making the request to provide it with such further information as it reasonably considers necessary to enable it to determine the request.
(3) Different directions may be given and different requirements imposed, in relation to different requests or categories of request.
12.—(1) The FCA may vary a person’s authorisation in any of the ways mentioned in regulation 8 if it appears to the FCA that—
(a)the person no longer meets, or is unlikely to continue to meet, any of the conditions set out in regulation 6(4) to (9) (conditions for authorisation) or, if applicable, the requirement in regulation 22(1) (capital requirements) to maintain own funds, or does not inform the FCA of a major change in circumstances which is relevant to its meeting those conditions or that requirement, as required by regulation 37 (duty to notify change in circumstance);
(b)the person has provided a particular payment service or payment services other than in accordance with the authorisation granted to it;
(c)the person would constitute a threat to the stability of, or trust in, a payment system by continuing to provide a particular payment service or payment services;
(d)the variation is desirable in order to protect the interests of consumers; or
(e)the person’s provision of a particular payment service or payment services is otherwise unlawful, including where such provision of services is unlawful because the person’s registration in a register maintained under regulation 54 or 55 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (duty and power to maintain registers) has been cancelled under regulation 60 of those Regulations (cancellation and suspension of registration).
(2) A variation under this regulation takes effect—
(a)immediately, if the notice given under paragraph (6) states that that is the case;
(b)on such date as may be specified in the notice; or
(c)if no date is specified in the notice, when the matter to which the notice relates is no longer open to review.
(3) A variation may be expressed to take effect immediately or on a specified date only if the FCA, having regard to the ground on which it is exercising the power under paragraph (1), reasonably considers that it is necessary for the variation to take effect immediately or, as the case may be, on that date.
(4) The FCA must as soon as practicable after the variation takes effect update the register accordingly.
(5) A person who is aggrieved by the variation of their authorisation under this regulation may refer the matter to the Upper Tribunal.
(6) Where the FCA proposes to vary a person’s authorisation under this regulation, it must give the person notice.
(7) The notice must—
(a)give details of the variation;
(b)state the FCA’s reasons for the variation and for its determination as to when the variation takes effect;
(c)inform the person that they may make representations to the FCA within such period as may be specified in the notice (whether or not the person has referred the matter to the Upper Tribunal);
(d)inform the person of the date on which the variation takes effect; and
(e)inform the person of their right to refer the matter to the Upper Tribunal and the procedure for such a reference.
(8) The FCA may extend the period allowed under the notice for making representations.
(9) If, having considered any representations made by the person, the FCA decides—
(a)to vary the authorisation in the way proposed, or
(b)if the authorisation has been varied, not to rescind the variation,
it must give the person notice.
(10) If, having considered any representations made by the person, the FCA decides—
(a)not to vary the authorisation in the way proposed,
(b)to vary the authorisation in a different way, or
(c)to rescind a variation which has taken effect,
it must give the person notice.
(11) A notice given under paragraph (9) must inform the person of their right to refer the matter to the Upper Tribunal and the procedure for such a reference.
(12) A notice under paragraph (10)(b) must comply with paragraph (7).
(13) For the purposes of paragraph (2)(c), paragraphs (a) to (d) of section 391(8) of the 2000 Act (publication) apply to determine whether a matter is open to review.
13.—(1) An application for registration as a small payment institution must contain, or be accompanied by, such information as the FCA may reasonably require.
(2) An application for the variation of a registration as a small payment institution must—
(a)contain a statement of the proposed variation;
(b)contain a statement of the payment services which the applicant proposes to carry on if the registration is varied; and
(c)contain, or be accompanied by, such other information as the FCA may reasonably require.
(3) An application under paragraph (1) or (2) must be made in such manner as the FCA may direct.
(4) At any time after receiving an application and before determining it, the FCA may require the applicant to provide it with such further information as it reasonably considers necessary to enable it to determine the application.
(5) Different directions may be given, and different requirements imposed, in relation to different applications or categories of application.
14.—(1) The FCA may refuse to register an applicant as a small payment institution only if any of the conditions set out in paragraphs (2) to (11) is not met.
(2) The application must comply with the requirements of, and any requirements imposed under, regulations 13 and 20.
(3) The monthly average over the period of 12 months preceding the application of the total amount of payment transactions executed by the applicant, including any of its agents in the United Kingdom, must not exceed 3 million euros.
(4) The business to which the application relates must not include the provision of account information services or payment initiation services.
(5) None of the individuals responsible for the management or operation of the business has been convicted of—
(a)an offence under Part 7 of the Proceeds of Crime Act 2002 (money laundering)(35) or under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017;
(b)an offence under section 15 (fund-raising), 16 (use and possession), 17 (funding arrangements), 18 (money laundering) or 63 (terrorist finance: jurisdiction) of the Terrorism Act 2000(36);
(c)an offence under the 2000 Act;
(d)an offence under regulation 3, 4 or 6 of the Al-Qaida and Taliban (Asset-Freezing) Regulations 2010(37), or regulation 10 of the ISIL (Da’esh) and Al-Qaida (Asset-Freezing) Regulations 2011 (contravention and circumvention of prohibitions)(38);
(e)an offence under section 11, 12, 13, 14, 15 or 18 of the Terrorist Asset-Freezing etc Act 2010 (offences relating to the freezing of funds etc. of designated persons)(39);
(f)an offence under these Regulations or the Electronic Money Regulations 2011(40); or
(g)any other financial crimes.
(6) Where the applicant is a partnership, an unincorporated association or a body corporate, the applicant must satisfy the FCA that any persons having a qualifying holding in it are fit and proper persons having regard to the need to ensure the sound and prudent conduct of the affairs of a small payment institution.
(7) The applicant must satisfy the FCA that—
(a)where the applicant is a body corporate, the directors;
(b)the persons responsible for the management of the institution; and
(c)where relevant, the persons responsible for the management of payment services,
are of good repute and possess appropriate knowledge and experience to provide payment services.
(8) If the applicant is a body corporate which has close links with another person (“CL”) the applicant must satisfy the FCA—
(a)that those links are not likely to prevent the FCA’s effective supervision of the applicant; and
(b)if it appears to the FCA that CL is subject to the laws, regulations or administrative provisions of a territory which is not an EEA State (“the foreign provisions”), that neither the foreign provisions, nor any deficiency in their enforcement, would prevent the FCA’s effective supervision of the applicant.
(9) Regulation 6(10) (conditions for authorisation: definition of close links) applies for the purposes of paragraph (8) of this regulation as it applies for the purposes of regulation 6(9).
(10) The applicant’s head office, registered office or place of residence, as the case may be, must be in the United Kingdom.
(11) The applicant must comply with a requirement of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 to be included in a register maintained under those Regulations where such a requirement applies to the applicant.
(12) For the purposes of paragraph (3) where the applicant has yet to commence the provision of payment services, or has been providing payment services for less than 12 months, the monthly average may be based on the projected total amount of payment transactions over a 12 month period.
(13) In paragraph (5) “financial crime” includes any offence involving fraud or dishonesty and, for this purpose, “offence” includes any act or omission which would be an offence if it had taken place in the United Kingdom.
15. Regulations 7 to 12 apply to registration as a small payment institution as they apply to authorisation as a payment institution as if—
(a)references to authorisation were references to registration;
(b)in regulation 7 (imposition of requirements), paragraph (4) were omitted;
(c)in regulation 8 (variation at request of authorised payment institution)—
(i)for “an authorised payment institution” there were substituted “small payment institution”; and
(ii)for “provided that” to the end there were substituted—
“provided that the FCA is satisfied that the conditions set out in regulation 14(4) to (11) are being or are likely to be met and that the monthly average over any period of 12 months of the total amount of payment transactions executed by the institution, including any of its agents in the United Kingdom, continues not to exceed 3 million euros (“the financial limit”).”;
(d)in regulation 10(1) (cancellation of authorisation) for sub-paragraph (e) there were substituted—
“(e)the person does not meet, or is unlikely to meet, any of the conditions set out in regulation 14(4) to (11) (conditions for registration as small payment institution) or the financial limit referred to in regulation 8 or does not inform the FCA of a major change in circumstances which is relevant to its meeting those conditions or that requirement, as required by regulation 37 (duty to notify change in circumstance);”; and
(e)in regulation 12(1) (variation of authorisation on FCA’s own initiative) for sub-paragraph (a) there were substituted—
“(a)the person does not meet, or is unlikely to meet, any of the conditions set out in regulation 14(4) to (11) or the financial limit referred to in regulation 8;”.
16. If a small payment institution no longer meets a condition in regulation 14(3), (5) or (10) (conditions for registration as small payment institution) or intends to provide services other than those permitted by regulation 32 (additional activities), the institution concerned must, within 30 days of becoming aware of the change in circumstances, apply for authorisation as a payment institution under regulation 5 or registration as an account information service provider under regulation 17, as appropriate, if it intends to continue providing payment services in the United Kingdom.
17.—(1) An application for registration as an account information service provider or for the variation of a registration as an account information service provider must—
(a)contain or be accompanied by the information specified in paragraphs 1, 2, 5 to 8, 10, 12, 14 and 16 to 19 of Schedule 2 (information to be provided in or with an application for authorisation); and
(b)be made in such manner as the FCA may direct.
(2) At any time after receiving an application and before determining it, the FCA may require the applicant to provide it with such further information as it reasonably considers necessary to enable it to determine the application.
(3) Different directions may be given, and different requirements imposed, in relation to different applications or categories of application.
18.—(1) The FCA may refuse to register an applicant as an account information service provider if—
(a)any of the conditions set out in paragraphs (2) to (4) is not met; or
(b)any of the grounds in regulation 10(1) (as applied by regulation 19) would be met if the applicant were registered.
(2) The application must comply with the requirements of, and any requirements imposed under, regulations 17 (application for registration as an account information service provider) and 20 (duty to notify changes).
(3) The business to which the application relates must not include the provision of any payment service other than account information services.
(4) The applicant must hold professional indemnity insurance or a comparable guarantee, which covers—
(a)the territories in which the applicant proposes to offer account information services; and
(b)the applicant’s potential liability to account servicing payment service providers and payment service users resulting from unauthorised or fraudulent access to, or use of, payment account information, up to such amount as the FCA may direct.
19. Regulations 7 to 12 apply to registration as an account information service provider as they apply to authorisation as a payment institution, but as if—
(a)references to authorisation were references to registration;
(b)in regulation 7 (imposition of requirements), paragraph (4) were omitted;
(c)in regulation 8 (variation at request of authorised payment institution)—
(i)for “an authorised payment institution” there were substituted “registered account information service provider”;
(ii)paragraphs (a) and (b) were omitted; and
(iii)for “provided that” to the end there were substituted “provided that the conditions set out in regulation 18(3) and (4) are being or are likely to be met.”;
(d)in regulation 10(1) (cancellation of authorisation) for sub-paragraph (e) there were substituted—
“(e)the person does not meet, or is unlikely to meet, the conditions set out in regulation 18(3) and (4);”; and
(e)in regulation 12(1) (variation of authorisation on FCA’s own initiative) for sub-paragraph (a) there were substituted—
“(a)the person does not meet, or is unlikely to meet, the conditions set out in regulation 18(3) and (4);”.
20.—(1) If at any time after an applicant has provided the FCA with any information under regulation 5(1), (2), or (4) (application for authorisation or variation of authorisation), 13(1), (2) or (4) (application for registration as a small payment institution or variation of registration) or 17(1) or (2) (application for registration as an account information service provider or variation of registration) and before the FCA has determined the application—
(a)there is, or is likely to be, a material change affecting any matter contained in that information; or
(b)it becomes apparent to the applicant that the information is incomplete or contains a material inaccuracy,
the applicant must provide the FCA with details of the change, the complete information or a correction of the inaccuracy (as the case may be) without undue delay, or, in the case of a material change which has not yet taken place, the applicant must provide details of the likely change as soon as the applicant is aware of such change.
(2) The obligation in paragraph (1) also applies to material changes or significant inaccuracies affecting any matter contained in any supplementary information provided pursuant to that paragraph.
(3) Any information to be provided to the FCA under this regulation must be in such form or verified in such manner as it may direct.
21. If an authorised payment institution, a small payment institution or a registered account information service provider carries on a payment service in the United Kingdom, or purports to do so, other than in accordance with an authorisation or registration granted to it by the FCA, it is to be taken to have contravened a requirement imposed on it under these Regulations.
22.—(1) An authorised payment institution must maintain at all times own funds equal to or in excess of the greater of—
(a)the amount of initial capital specified in Part 1 of Schedule 3 (capital requirements), or
(b)in the case of an authorised payment institution which does not fall within paragraph (2), the amount of own funds calculated in accordance with Part 2 of Schedule 3.
(2) An authorised payment institution falls within this paragraph if—
(a)it does not offer payment services specified in paragraph 1(a) to (f) of Schedule 1 (payment services other than payment initiation services or account information services); or
(b)(i)it is included in the consolidated supervision of a parent credit institution pursuant to the capital requirements directive; and
(ii)all of the conditions specified in Article 7(1) of the capital requirements regulation are met in respect of it.
(3) The own funds maintained must meet the following requirements—
(a)the amount of Tier 2 capital must be equal to or less than one third of the amount of Tier 1 capital;
(b)at least 75% of the amount of Tier 1 capital must be in the form of Common Equity Tier 1 capital.
(4) An authorised payment institution must not include in its own funds calculation any item—
(a)used in an equivalent calculation by an authorised payment institution, credit institution, investment firm, asset management company or insurance undertaking in the same group; or
(b)in the case of an authorised payment institution which carries out activities other than providing payment services, is used in carrying out those activities.
23.—(1) For the purposes of this regulation “relevant funds” comprise the following—
(a)sums received from, or for the benefit of, a payment service user for the execution of a payment transaction; and
(b)sums received from a payment service provider for the execution of a payment transaction on behalf of a payment service user.
(2) Where—
(a)only a portion of the sums referred to in paragraph (1)(a) or (b) is to be used for the execution of a payment transaction (with the remainder being used for non-payment services); and
(b)the precise portion attributable to the execution of the payment transaction is variable or unknown in advance,
the relevant funds are such amount as may be reasonably estimated, on the basis of historical data and to the satisfaction of the FCA, to be representative of the portion attributable to the execution of the payment transaction.
(3) An authorised payment institution must safeguard relevant funds in accordance with either—
(a)paragraphs (5) to (11); or
(b)paragraphs (12) and (13).
(4) An authorised payment institution may safeguard certain relevant funds in accordance with paragraphs (5) to (11) and the remaining relevant funds in accordance with paragraphs (12) and (13).
(5) An authorised payment institution must keep relevant funds segregated from any other funds that it holds.
(6) Where the authorised payment institution continues to hold the relevant funds at the end of the business day following the day on which they were received it must—
(a)place them in a separate account that it holds with an authorised credit institution or the Bank of England; or
(b)invest the relevant funds in such secure, liquid assets as the FCA may approve (“relevant assets”) and place those assets in a separate account with an authorised custodian.
(7) An account in which relevant funds or relevant assets are placed under paragraph (6) must—
(a)be designated in such a way as to show that it is an account which is held for the purpose of safeguarding relevant funds or relevant assets in accordance with this regulation; and
(b)be used only for holding those funds or assets.
(8) No person other than the authorised payment institution may have any interest in or right over the relevant funds or relevant assets placed in an account in accordance with paragraph (6)(a) or (b) except as provided by this regulation.
(9) Notwithstanding paragraphs (5), (6), (7)(b) and (8), where an authorised payment institution is a participant in a designated system and the institution holds an account at the Bank of England for the purposes of completing the settlement of transfer orders that have been entered into the designated system on behalf of payment service users—
(a)funds held in the account pending settlement in accordance with the rules or default arrangements of the designated system, in respect of transfer orders that have been entered into the designated system on behalf of payment service users, may continue to be held in the account with relevant funds;
(b)the account, or a specified amount of funds in the account, may be subject to an interest or right in favour of the Bank of England in order to ensure the availability of funds to complete the settlement of transfer orders in accordance with the rules or default arrangements of the designated system;
(c)subject to paragraph (10), funds received into the account by the authorised payment institution upon settlement are to be considered as having been appropriately safeguarded in accordance with this regulation from the time of receipt in the designated system until the time of receipt into the account.
(10) The FCA may direct that paragraph (9)(c) does not apply in relation to a designated system if, in the FCA’s view, the rules and default arrangements of that system do not adequately insulate the funds of payment service users from the claims of other creditors of authorised payment institutions which are participants in the system.
(11) The authorised payment institution must keep a record of—
(a)any relevant funds segregated in accordance with paragraph (5);
(b)any relevant funds placed in an account in accordance with paragraph (6)(a);
(c)any relevant assets placed in an account in accordance with paragraph (6)(b);
(d)any funds held in an account as permitted by paragraph (9)(a);
(e)any funds expected to be received into an account as described in paragraph (9)(c) in respect of transfer orders that have been entered into the designated system;
(f)any funds received into an account as described in paragraph (9)(c).
(12) The authorised payment institution must ensure that—
(a)any relevant funds are covered by—
(i)an insurance policy with an authorised insurer;
(ii)a comparable guarantee given by an authorised insurer; or
(iii)a comparable guarantee given by an authorised credit institution; and
(b)the proceeds of any such insurance policy or guarantee are payable upon an insolvency event into a separate account held by the authorised payment institution which must—
(i)be designated in such a way as to show that it is an account which is held for the purpose of safeguarding relevant funds in accordance with this regulation; and
(ii)be used only for holding such proceeds.
(13) No person other than the authorised payment institution may have any interest in or right over the proceeds placed in an account in accordance with paragraph (12)(b) except as provided by this regulation.
(14) Subject to paragraph (15), where there is an insolvency event—
(a)the claims of payment service users are to be paid from the asset pool in priority to all other creditors; and
(b)until all the claims of payment service users have been paid, no right of set-off or security right may be exercised in respect of the asset pool except to the extent that the right of set-off relates to fees and expenses in relation to operating an account held in accordance with paragraph (6)(a) or (b), (9) or (12)(b).
(15) The claims referred to in paragraph (14)(a) shall not be subject to the priority of expenses of an insolvency proceeding except in respect of the costs of distributing the asset pool.
(16) Paragraphs (14) and (15) apply to any relevant funds which a small payment institution voluntarily safeguards in accordance with either paragraphs (5) to (11) or paragraphs (12) and (13).
(17) An authorised payment institution (and any small payment institution which voluntarily safeguards relevant funds) must maintain organisational arrangements sufficient to minimise the risk of the loss or diminution of relevant funds or relevant assets through fraud, misuse, negligence or poor administration.
(18) In this regulation—
“asset pool” means—
any relevant funds segregated in accordance with paragraph (5);
any relevant funds held in an account in accordance with paragraph (6)(a);
where paragraph (9) applies, any funds that are received into the account held at the Bank of England upon settlement in respect of transfer orders that have been entered into the designated system on behalf of payment service users, whether settlement occurs before or after the insolvency event;
any relevant assets held in an account in accordance with paragraph (6)(b); and
any proceeds of an insurance policy or guarantee held in an account in accordance with paragraph (12)(b);
“authorised insurer” means a person authorised for the purposes of the 2000 Act to effect and carry out a contract of general insurance as principal or otherwise authorised in accordance with Article 14 of Directive 2009/138/EC of the European Parliament and of the Council of 25th November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II)(41) to carry out non-life insurance activities as referred to in Article 2(2) of that Directive, other than a person in the same group as the authorised payment institution;
“authorised credit institution” means a person authorised for the purposes of the 2000 Act to accept deposits or otherwise authorised as a credit institution in accordance with Article 8 of the capital requirements directive other than a person in the same group as the authorised payment institution;
“authorised custodian” means a person authorised for the purposes of the 2000 Act to safeguard and administer investments or authorised as an investment firm under Article 5 of Directive 2014/65/EU of 15th May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU(42) which holds those investments under regulatory standards at least equivalent to those set out under Article 16 of that Directive;
“default arrangements” has the meaning given in regulation 2(1) of the Financial Markets and Insolvency (Settlement Finality) Regulations 1999(43) (interpretation);
“insolvency event” means any of the following procedures in relation to an authorised payment institution or small payment institution—
the making of a winding-up order;
the passing of a resolution for voluntary winding-up;
the entry of the institution into administration;
the appointment of a receiver or manager of the institution’s property;
the approval of a proposed voluntary arrangement (being a composition in satisfaction of debts or a scheme of arrangement);
the making of a bankruptcy order;
in Scotland, the award of sequestration;
the making of any deed of arrangement for the benefit of creditors or, in Scotland, the execution of a trust deed for creditors;
the conclusion of any composition contract with creditors; or
the making of an insolvency administration order or, in Scotland, sequestration, in respect of the estate of a deceased person;
“insolvency proceeding” means—
winding-up, administration, receivership, bankruptcy or, in Scotland, sequestration;
a voluntary arrangement, deed of arrangement or trust deed for the benefit of creditors; or
the administration of the insolvent estate of a deceased person;
“rules” has the meaning given in regulation 2(1) of the Financial Markets and Insolvency (Settlement Finality) Regulations 1999 (interpretation);
“security right” means—
security for a debt owed by an authorised payment institution or a small payment institution and includes any charge, lien, mortgage or other security over the asset pool or any part of the asset pool; and
any charge arising in respect of the expenses of a voluntary arrangement;
“settlement” and “system” have the same meanings as in the Financial Markets and Insolvency (Settlement Finality) Regulations 1999.
24.—(1) Where an authorised payment institution carries on activities other than the provision of payment services, it must provide to the FCA separate accounting information in respect of its provision of payment services.
(2) Such accounting information must be subject, where relevant, to an auditor’s report prepared by the institution’s statutory auditors or an audit firm (within the meaning of Directive 2006/43/EC of the European Parliament and of the Council of 17th May 2006 on statutory audits of annual accounts and consolidated accounts, amending Council Directives 78/660/EEC and 83/349/EEC and repealing Council Directive 84/253/EEC(44)).
(3) A statutory auditor or audit firm (“the auditor”) must, in any of the circumstances referred to in paragraph (4), communicate to the FCA information on, or its opinion on, matters—
(a)of which it has become aware in its capacity as auditor of an authorised payment institution or of a person with close links to an authorised payment institution; and
(b)which relate to payment services provided by that institution.
(4) The circumstances are that—
(a)the auditor reasonably believes that—
(i)there is or has been, or may be or may have been, a contravention of any requirement imposed on the authorised payment institution by or under these Regulations; and
(ii)the contravention may be of material significance to the FCA in determining whether to exercise, in relation to that institution, any functions conferred on the FCA by these Regulations;
(b)the auditor reasonably believes that the information on, or his opinion on, those matters may be of material significance to the FCA in determining whether the institution meets or will continue to meet the conditions set out in regulation 6(4) to (9) (conditions for authorisation) and, if applicable, the requirement in regulation 22(1) (capital requirements) to maintain own funds;
(c)the auditor reasonably believes that the institution is not, may not be or may cease to be, a going concern;
(d)the auditor is precluded from stating in his report that the annual accounts have been properly prepared in accordance with the Companies Act 2006;
(e)the auditor is precluded from stating in his report, where applicable, that the annual accounts give a true and fair view of the matters referred to in section 495 of the Companies Act 2006 (auditor’s report on company’s annual accounts)(45) including as it is applied and modified by regulation 39 of the Limited Liability Partnerships (Accounts and Audit) (Application of Companies Act 2006) Regulations 2008 (“the LLP Regulations”) (auditor’s report)(46); or
(f)the auditor is required to state in his report in relation to the person concerned any of the facts referred to in subsection (2), (3) or (5) of section 498 of the Companies Act 2006 (duties of auditor) or, in the case of limited liability partnerships, subsection (2), (3) or (4) of section 498 as applied and modified by regulation 40 of the LLP Regulations (duties and rights of auditors).
(5) In this regulation a person has close links with an authorised payment institution (“A”) if that person is—
(a)a parent undertaking of A;
(b)a subsidiary undertaking of A;
(c)a parent undertaking of a subsidiary undertaking of A; or
(d)a subsidiary undertaking of a parent undertaking of A.
25.—(1) An authorised payment institution must notify the FCA of its intention to enter into a contract with another person under which that other person will carry out any operational function relating to its provision of payment services (“outsourcing”).
(2) Where an authorised payment institution intends to outsource any important operational function, including the provision of an information technology system, all of the following conditions must be met—
(a)the outsourcing is not undertaken in such a way as to impair—
(i)the quality of the authorised payment institution’s internal control; or
(ii)the ability of the FCA to monitor and retrace the authorised payment institution’s compliance with these Regulations;
(b)the outsourcing does not result in any delegation by the senior management of the authorised payment institution of responsibility for complying with the requirements imposed by or under these Regulations;
(c)the relationship and obligations of the authorised payment institution towards its payment service users under these Regulations is not substantially altered;
(d)compliance with the conditions which the authorised payment institution must observe in order to be authorised and remain so is not adversely affected; and
(e)none of the conditions of the payment institution’s authorisation requires removal or variation.
(3) For the purposes of paragraph (2), an operational function is important if a defect or failure in its performance would materially impair—
(a)compliance by the authorised payment institution with these Regulations and any requirements of its authorisation;
(b)the financial performance of the authorised payment institution; or
(c)the soundness or continuity of the authorised payment institution’s payment services.
(4) An authorised payment institution must notify the FCA without undue delay of any change in outsourced functions or the persons to which functions are outsourced.
26. Regulations 27 to 30 apply in relation to a registered account information service provider as if the provider were an authorised payment institution, and apply in relation to an EEA registered account information service provider as if the provider were an EEA authorised payment institution.
27.—(1) Where an authorised payment institution intends to exercise its passport rights for the first time in an EEA State it must give the FCA, in such manner as the FCA may direct, notice of its intention to do so (“a notice of intention”) which—
(a)states the name and address of the authorised payment institution, and any authorisation or reference number;
(b)identifies the EEA States in which it intends to operate;
(c)identifies the payment services which it seeks to carry on in those States;
(d)if the authorised payment institution intends to use an agent to provide the services in any of those States, includes the information referred to in regulation 34(3)(a) (use of agents);
(e)if the authorised payment institution intends to use an EEA branch to provide the services in any of those States, includes—
(i)the information referred to in paragraphs 2 and 5 of Schedule 2 (information to be included in or with an application for authorisation) in relation to the services to be provided through each EEA branch;
(ii)the names of those responsible for the management of each proposed EEA branch; and
(iii)details of the organisational structure of each proposed EEA branch; and
(f)if the authorised payment institution intends to enter into a contract with a person in another EEA State under which that person will carry out any operational function relating to its provision of payment services in that EEA State, includes notification of that intention.
(2) If any of the information provided by an authorised payment institution in a notice of intention changes, including by the addition of a further branch, the authorised payment institution must give the FCA notice of such changes in a further notice of intention.
(3) The FCA must, within one month beginning with the date on which it receives a complete notice of intention, inform the host state competent authority of the information contained in the notice of intention.
28.—(1) If the FCA, taking into account any information received from the host state competent authority, proposes to determine that an authorised payment institution is not permitted to exercise passport rights in an EEA State as notified in a notice of intention, the FCA must give the relevant authorised payment institution a warning notice.
(2) The FCA must, within the period of three months beginning with the date on which it receives a notice of intention and having considered any representations made in response to the warning notice—
(a)if it decides—
(i)that the authorised payment institution is not permitted to exercise passport rights in the EEA State, not to register an EEA branch, or to cancel the registration an EEA branch, give the authorised payment institution a decision notice; or
(ii)that the authorised payment institution is permitted to exercise passport rights in the EEA State, to register an EEA branch, or not to cancel the registration of an EEA branch, give the authorised payment institution notice of its decision; and
(b)notify the host state competent authority of its decision, providing reasons for that decision if the FCA does not agree with the assessment of the host state competent authority.
(3) If the FCA decides that the authorised payment institution is not permitted to exercise passport rights in the EEA State, not to register an EEA branch, or to cancel the registration of an EEA branch, the authorised payment institution may refer the matter to the Upper Tribunal.
(4) If the FCA decides to register an EEA branch, it must update the register as soon as practicable.
(5) If the FCA decides to cancel the registration of an EEA branch, the FCA must, where the period for a reference to the Upper Tribunal has expired without a reference being made, as soon as practicable update the register accordingly.
(6) The authorised payment institution may commence activities as notified in its notice of intention only after the FCA has notified the institution of its decision under paragraph (2)(a)(ii) and, in the case of services to be provided through an EEA branch, after entry of the branch on the register.
(7) After registration, the authorised payment institution must notify the FCA of the date on which it starts to provide payment services in the other EEA State through the EEA branch, and the FCA must notify such date to the host state competent authority.
29.—(1) If a home state competent authority sends information to the FCA about an EEA authorised payment institution which intends to provide payment services in the United Kingdom, the FCA must, before the end of the period of one month beginning on the day which the FCA receives all the required information—
(a)assess the information; and
(b)provide relevant information to the home state competent authority in connection with the intended provision of payment services in the United Kingdom, including in particular any reasonable grounds for concern with regard to money laundering or terrorist financing within the meaning of the money laundering directive in connection with the intended appointment of an agent or establishment of a branch in the United Kingdom.
(2) The EEA authorised payment institution may provide payment services in the United Kingdom in accordance with the information it has provided to the home state competent authority upon entry of the branch or agent in the register maintained by the home state competent authority.
30.—(1) Without prejudice to the generality of regulation 147 (duty to co-operate and exchange of information), the FCA must co-operate with the host state competent authority or home state competent authority, as the case may be, in relation to the exercise of passport rights by any authorised payment institution or EEA authorised payment institution.
(2) The FCA must, in particular—
(a)notify the host state competent authority whenever it intends to carry out an on-site inspection in the host state competent authority’s territory; and
(b)provide the host state competent authority or home state competent authority, as the case may be—
(i)on request, with all relevant information; and
(ii)on its own initiative, with all essential information, including on compliance with the conditions at regulation 6(4) and (5) (conditions for authorisation),
relating to the exercise of passport rights by an authorised payment institution or EEA authorised payment institution, including where there is an infringement or suspected infringement of these Regulations or of the provisions of the payment services directive by an agent or branch.
(3) Where the FCA and the home state competent authority agree, the FCA may carry out on-site inspections on behalf of the home state competent authority in respect of payment services provided by an EEA authorised payment institution exercising its passport rights.
(4) The FCA may direct that an EEA authorised payment institution exercising its passport rights to provide payment services in the United Kingdom through a branch or an agent in the United Kingdom must report to the FCA on such activities, for information and statistical purposes and, where the EEA authorised payment institution has exercised its right of establishment in the United Kingdom, to monitor compliance with Parts 6 (information requirements for payment services) and 7 (rights and obligations in relation to the provision of payment services) of these Regulations.
(5) Reports required under paragraph (4) must be given at such times and in such form, and verified in such manner, as the FCA may direct.
(6) An agent in the United Kingdom appointed by an EEA authorised payment institution or a branch of an EEA authorised payment institution in the United Kingdom must maintain the confidentiality of any confidential information provided to the FCA under paragraph (4).
(7) The FCA may direct that an EEA authorised payment institution exercising its passport rights to provide payment services in the United Kingdom through an agent under the right of establishment must appoint a central contact point in the United Kingdom in order to ensure adequate communication and information reporting on compliance with Parts 6 and 7 and to facilitate supervision by the FCA and the home state competent authority.
(8) If a host state competent authority informs the FCA that an authorised payment institution providing services through an EEA branch or an EEA agent does not comply with a provision of the payment services directive, the FCA must—
(a)exercise its powers as appropriate without undue delay, to ensure that the authorised payment institution complies with the relevant provisions; and
(b)inform the host state competent authority and the competent authority of any other relevant EEA State of the measures taken without delay.
(9) Where immediate action is necessary to address a serious risk to the collective interests of payment service users in the United Kingdom, the FCA may, in addition to providing information under paragraph (2), take precautionary measures in relation to an EEA authorised payment institution pending action by the home state competent authority.
(10) Any measures taken under paragraph (9) must be temporary and must end when the risk identified has been addressed.
(11) If the FCA decides to take measures under paragraph (9), it must inform the home state competent authority, the competent authority of any other relevant EEA State, and the European Banking Authority of the measures to be taken and the reason that immediate action is necessary—
(a)in advance of taking the measures, if that is compatible with the need for immediate action; and
(b)in any event without undue delay.
(12) In paragraphs (8)(b) and (11) “competent authority of any other relevant EEA State” means a competent authority designated in accordance with Article 22 of the payment services directive in an EEA State which the FCA considers to have an interest in the measures taken, or to be taken, by the FCA.
31.—(1) An authorised payment institution or small payment institution must maintain relevant records and keep them for at least five years from the date on which the record was created.
(2) For the purposes of paragraph (1), records are relevant where they relate to compliance with obligations imposed by or under Parts 2 to 5 and, in particular, would enable the FCA to supervise effectively such compliance.
32.—(1) Authorised payment institutions and small payment institutions may, in addition to providing payment services, engage in the following activities—
(a)the provision of operational and closely related ancillary services, including—
(i)ensuring the execution of payment transactions;
(ii)foreign exchange services;
(iii)safe-keeping activities; and
(iv)the storage and processing of data;
(b)the operation of payment systems; and
(c)business activities other than the provision of payment services, subject to any relevant provision of EU or national law.
(2) Authorised payment institutions and small payment institutions may grant credit in relation to the provision of the payment services specified in paragraph 1(d) or (e) of Schedule 1 (execution of payment transactions where funds are covered by a credit line, issuing payment instruments or acquiring payment transactions) only if—
(a)such credit is ancillary and granted exclusively in connection with the execution of a payment transaction;
(b)such credit is not granted from the funds received or held for the purposes of executing payment transactions;
(c)in cases where such credit is granted by an authorised payment institution exercising its passport rights, there is an obligation upon the payment service user to repay the credit within a period not exceeding 12 months; and
(d)in relation to an authorised payment institution, in the opinion of the FCA the institution’s own funds are, and continue to be, adequate in the light of the overall amount of credit granted.
33. Any payment account held by an authorised payment institution or a small payment institution must be used only in relation to payment transactions.
34.—(1) Authorised payment institutions and small payment institutions may not provide payment services in the United Kingdom through an agent unless the agent is included on the register.
(2) Authorised payment institutions may not provide payment services in exercise of their passport rights through an EEA agent unless the agent is included in the register.
(3) An application for an agent to be included on the register must—
(a)contain, or be accompanied by, the following information—
(i)the name and address of the agent;
(ii)where relevant, a description of the internal control mechanisms that will be used by the agent to comply with the provisions of the money laundering directive (or, in the United Kingdom, the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(47));
(iii)the identity of the directors and persons responsible for the management of the agent and, if the agent is not a payment service provider, evidence that they are fit and proper persons;
(iv)the payment services for which the agent is appointed;
(v)the unique identification code or number of the agent, if any; and
(vi)such other information as the FCA may reasonably require; and
(b)be made in such manner as the FCA may direct.
(4) Different directions may be given, and different requirements imposed, in relation to different applications or categories of application.
(5) At any time after receiving an application and before determining it, the FCA may require the applicant to provide it with such further information as it reasonably considers necessary to enable it to determine the application.
(6) Where the application relates to the provision of payment services in exercise of passport rights through an EEA agent, the FCA must, within one month beginning with the date on which it received the completed application, inform the host state competent authority of the information provided under paragraph (3) or (5).
(7) The FCA may refuse to include the agent on the register only if—
(a)it has not received the information referred to in paragraph (3)(a), or is not satisfied that such information is correct;
(b)it is not satisfied that the directors and persons responsible for the management of the agent are fit and proper persons;
(c)it has reasonable grounds to suspect that, in connection with the provision of services through the agent—
(i)money laundering or terrorist financing within the meaning of the money laundering directive (or, in the United Kingdom, the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017) is taking place, has taken place, or has been attempted; or
(ii)the risk of such activities taking place would be increased.
(8) If the FCA proposes to refuse to include the agent on the register, it must give the authorised payment institution or the small payment institution, as the case may be, a warning notice.
(9) The FCA must, having considered any representations made in response to the warning notice—
(a)if it decides not to include the agent on the register, give the applicant a decision notice; or
(b)if it decides to include the agent on the register, give the applicant notice of its decision, stating the date on which the registration takes effect.
(10) Where the application relates to the provision of payment services in exercise of passport rights through an EEA agent, the FCA must—
(a)take into account any information received from the host state competent authority in making its decision; and
(b)notify the host state competent authority of its decision, providing reasons for that decision if the FCA does not agree with the assessment of the host state competent authority.
(11) The FCA must give any notice required by paragraph (9) or (10)—
(a)where the application relates to the provision of payment services in the United Kingdom, within a period of two months beginning on the date on which the FCA received the completed application;
(b)where the application relates to the provision of payment services in the exercise of passport rights through an EEA agent, within a period of three months beginning on the date on which the FCA received the completed application.
(12) If the FCA decides not to include the agent on the register the applicant may refer the matter to the Upper Tribunal.
(13) If the FCA decides to include the agent on the register, it must update the register as soon as practicable.
(14) An authorised payment institution must notify the FCA of the date on which it starts to provide payment services in another EEA State through a registered EEA agent, and the FCA must notify such date to the host state competent authority.
(15) An application under paragraph (3) may be combined with an application under regulation 5 or 13, in which case the application must be determined in the manner set out in regulation 9 (determination of application for authorisation) (if relevant, as applied by regulation 15 (supplementary provisions relating to applications for registration as a small payment institution).
(16) An authorised payment institution or a small payment institution must ensure that agents acting on its behalf inform payment service users of the agency arrangement.
(17) An authorised payment institution or small payment institution must notify the FCA without undue delay if there is any change in the information provided under paragraph (3) or (5).
35.—(1) The FCA may remove an agent of an authorised payment institution or small payment institution from the register where—
(a)the authorised payment institution or small payment institution requests, or consents to, the agent’s removal from the register;
(b)the authorised payment institution or small payment institution has obtained registration through false statements or any other irregular means;
(c)regulation 34(7)(b) or (c) (use of agents) applies;
(d)the removal is desirable in order to protect the interests of consumers; or
(e)the agent’s provision of payment services is otherwise unlawful.
(2) Where the FCA proposes to remove an agent from the register, other than at the request of the authorised payment institution or small payment institution, it must give the authorised payment institution or small payment institution a warning notice.
(3) The FCA must, having considered any representations made in response to the warning notice—
(a)if it decides to remove the agent, give the authorised payment institution or small payment institution a decision notice; or
(b)if it decides not to remove the agent, give the authorised payment institution or small payment institution notice of its decision.
(4) If the FCA decides to remove the agent, other than at the request of the authorised payment institution or small payment institution, the institution concerned may refer the matter to the Upper Tribunal.
(5) Where the period for a reference to the Upper Tribunal has expired without a reference being made, the FCA must as soon as practicable update the register accordingly.
36.—(1) Where an authorised payment institution or a small payment institution relies on a third party for the performance of operational functions it must take all reasonable steps to ensure that these Regulations are complied with.
(2) Without prejudice to paragraph (1), an authorised payment institution or a small payment institution is responsible, to the same extent as if it had expressly permitted it, for anything done or omitted by any of its employees, any agent or branch providing payment services on its behalf, or any entity to which activities are outsourced.
37.—(1) Where it becomes apparent to an authorised payment institution or a small payment institution that there is, or is likely to be, a significant change in circumstances which is relevant to—
(a)in the case of an authorised payment institution—
(i)its fulfilment of any of the conditions set out in regulation 6(4) to (9) (conditions for authorisation) and, if applicable, the requirement in regulation 22(1) (capital requirements) to maintain own funds;
(ii)the payment services which it seeks to carry on in exercise of its passport rights;
(b)in the case of a small payment institution, its fulfilment of any of the conditions set out in regulation 14(5) to (11) (conditions for registration as a small payment institution) and compliance with the financial limit referred to in regulation 8 (as modified by regulation 15) (variation of registration at request of small payment institution); and
(c)in the case of the use of an agent to provide payment services, the matters referred to in regulation 34(7)(b) and (c) (use of agents),
it must provide the FCA with details of the change without undue delay, or, in the case of a substantial change in circumstances which has not yet taken place, details of the likely change a reasonable period before it takes place.
(2) Any information to be provided to the FCA under this regulation must be in such form or verified in such manner as it may direct.
38.—(1) If a person (“service provider”) provides services of the type falling within paragraph 2(k)(i) to (iii) of Schedule 1 (limited network exclusion) and the total value of the payment transactions executed through such services provided by the service provider in any period of 12 months exceeds 1 million euros, the service provider must notify the FCA.
(2) The period of 12 months referred to in paragraph (1) does not include any period in respect of which a notification has already been made under paragraph (1).
(3) A notification under paragraph (1) must—
(a)include a description of the services offered; and
(b)specify the exclusion by virtue of which the services are not payment services.
(4) Notifications and information provided to the FCA under this regulation must be given—
(a)within such time as the FCA may direct after the end of the period of 12 months referred to in paragraph (1); and
(b)in such form or verified in such manner as the FCA may direct,
and different directions may be given in relation to different notifications or information or categories of notification or information.
(5) When the FCA receives a notification under this regulation, the FCA must assess whether the notified services fall within paragraph 2(k)(i) to (iii) of Schedule 1.
(6) If the FCA considers that any part of the notified services does not fall within paragraph 2(k)(i) to (iii) of Schedule 1—
(a)the FCA must notify the service provider, and
(b)the service provider may refer the matter to the Upper Tribunal.
39.—(1) If a person (“service provider”) provides, or intends to provide, a service for payment transactions falling within paragraph 2(l) of Schedule 1 (electronic communications exclusion), the service provider must—
(a)notify the FCA, and
(b)include with such notification a description of the service.
(2) The service provider must provide a notification under paragraph (1)—
(a)if the service provider starts to provide the service before 13th January 2018, on or before that date, or
(b)otherwise, before the service provider starts to provide the service.
(3) The service provider must also provide to the FCA, at such times as the FCA may direct, an annual audit opinion testifying that the transactions for which the service is provided comply with the limits mentioned in paragraph 2(l) of Schedule 1.
(4) Information provided to the FCA under this regulation must be in such form or verified in such manner as the FCA may direct.
(5) Different directions may be given under paragraph (3) and (4) in relation to different service providers or different categories of service provider.
40.—(1) This Part applies to payment services where—
(a)the services are provided from an establishment maintained by a payment service provider or its agent in the United Kingdom; and
(b)the services are provided in one of the following circumstances—
(i)the payment service providers of both the payer and the payee are located within the EEA and the service relates to a transaction in the currency of an EEA State;
(ii)the payment service providers of both the payer and the payee are located within the EEA and the service relates to a transaction in a currency other than the currency of an EEA State; or
(iii)the payment service provider of either the payer or the payee, but not both, is located within the EEA.
(2) In the circumstances mentioned at paragraph (1)(b)(ii)—
(a)this Part applies only in respect of those parts of a transaction which are carried out in the EEA; and
(b)regulations 43(2)(b) and 52(a) and paragraph 2(e) of Schedule 4 (maximum execution time) do not apply.
(3) In the circumstances mentioned at paragraph (1)(b)(iii)—
(a)this Part applies only in respect of those parts of a transaction which are carried out in the EEA; and
(b)regulations 43(2)(b) and 52(a) and paragraphs 2(e) and 5(g) of Schedule 4 (maximum execution time and conditions for refund of direct debits) do not apply.
(4) This Part does not apply to registered account information service providers or EEA registered account information service providers, except for regulations 59 (burden of proof on payment service provider) and 60 (information requirements for account information service providers).
(5) Regulations 43 to 47 apply to payment services provided under a single payment service contract.
(6) Regulations 48 to 54 apply to payment services provided under a framework contract.
(7) If the payment service user is not a consumer, a micro-enterprise or a charity, the parties to a contract for payment services may agree that any or all of the provisions of this Part do not apply.
(8) Paragraph (1) applies to cash withdrawal services falling within paragraph 2(o) of Schedule 1 as if—
(a)references to payment services were references to cash withdrawal services falling within paragraph 2(o) of Schedule 1;
(b)references to payment service providers were references to providers of cash withdrawal services falling within paragraph 2(o) of Schedule 1; and
(c)references to this Part were references to regulation 61 (information on ATM withdrawal charges).
41.—(1) This regulation applies where a payment service is provided in relation to payment transactions that consist of the placing, transferring or withdrawal of funds covered by a credit line provided under a regulated agreement.
(2) Regulations 50 (changes in contractual information) and 51 (termination of framework contract) do not apply.
(3) Where a payment service provider is required to provide the same information to a payment service user by a provision in this Part and by a provision in the Consumer Credit Act 1974(48) or subordinate legislation made under that Act (“a CCA provision”), information which has been provided in compliance with the CCA provision, and which was provided in a manner which complies with the requirements of the provision in this Part, need not be provided again in order to comply with the provision in this Part.
42.—(1) This regulation applies in respect of payment instruments which, under the framework contract governing their use—
(a)can be used only to execute individual payment transactions of 30 euros or less, or in relation to payment transactions executed wholly within the United Kingdom, 60 euros or less;
(b)have a spending limit of 150 euros or, where payment transactions must be executed wholly within the United Kingdom, 300 euros; or
(c)store funds that do not exceed 500 euros at any time.
(2) Where this regulation applies—
(a)regulations 48 and 52 do not apply and the payment service provider is only required to provide the payer with information about the main characteristics of the payment service, including—
(i)the way in which the payment instrument can be used;
(ii)the liability of the payer, as set out in regulation 77 (payer or payee’s liability for unauthorised payment transactions);
(iii)charges levied;
(iv)any other material information the payer might need to take an informed decision; and
(v)an indication of where the information specified in Schedule 4 (prior general information for framework contracts) is made available in an easily accessible manner;
(b)the parties may agree that regulations 53 and 54 do not apply and instead—
(i)the payment service provider must provide or make available a reference enabling the payment service user to identify the payment transaction, the amount of the payment transaction and any charges payable in respect of the payment transaction;
(ii)in the case of several payment transactions of the same kind made to the same payee, the payment service provider must provide or make available to the payment service user information about the total amount of the payment transactions and any charges for those payment transactions; or
(iii)where the payment instrument is used anonymously or the payment service provider is not otherwise technically able to provide or make available the information specified in paragraph (i) or (ii), the payment service provider must enable the payer to verify the amount of funds stored; and
(c)the parties may agree that regulation 55(1) does not apply to information provided or made available in accordance with regulation 50.
43.—(1) A payment service provider must provide or make available to the payment service user the information specified in paragraph (2) in relation to the service, whether by supplying a copy of the draft single payment service contract or supplying a copy of the draft payment order or otherwise, either—
(a)before the payment service user is bound by the single payment service contract; or
(b)immediately after the execution of the payment transaction, where the contract is concluded at the payment service user’s request using a means of distance communication which does not enable provision of such information in accordance with sub-paragraph (a).
(2) The information referred to in paragraph (1) is—
(a)the information or unique identifier that has to be provided by the payment service user in order for a payment order to be properly initiated or executed;
(b)the maximum time in which the payment service will be executed;
(c)the charges payable by the payment service user to the user’s payment service provider and, where applicable, a breakdown of such charges;
(d)where applicable, the actual or reference exchange rate to be applied to the payment transaction; and
(e)such of the information specified in Schedule 4 (prior general information for framework contracts) as is relevant to the single payment service contract in question.
(3) Where a payment order is to be initiated through a payment initiation service provider, the payment initiation service provider must also provide or make available to the payer, before the payment is initiated, clear and comprehensive information as follows—
(a)the name of the payment initiation service provider;
(b)the address of the head office of the payment initiation service provider;
(c)where applicable, the address of the head office of the agent or branch through which the payment initiation service provider provides services in the United Kingdom;
(d)other contact details relevant for communication with the payment initiation service provider, including an electronic mail address; and
(e)the contact details of the FCA.
44.—(1) Where a payment order is initiated through a payment initiation service provider, immediately after the initiation of the payment order the payment initiation service provider must provide or make available to the payer and, where applicable, to the payee—
(a)confirmation of the successful initiation of the payment order with the payer’s account servicing payment service provider;
(b)a reference enabling the payer and the payee, to identify the payment transaction and, where appropriate, the payee to identify the payer, and any information transferred with the payment order;
(c)the amount of the payment transaction;
(d)where applicable, the amount of any charges payable to the payment initiation service provider in relation to the payment transaction, and where applicable a breakdown of the amounts of such charges.
(2) Where a payment order is initiated through a payment initiation service provider, the payment initiation service provider must provide or make available to the payer’s account servicing payment service provider the reference for the payment transaction.
45.—(1) The payer’s payment service provider must, immediately after receipt of the payment order, provide or make available to the payer the information specified in paragraph (2) in relation to the service to be provided by the payer’s payment service provider.
(2) The information referred to in paragraph (1) is—
(a)a reference enabling the payer to identify the payment transaction and, where appropriate, information relating to the payee;
(b)the amount of the payment transaction in the currency used in the payment order;
(c)the amount of any charges for the payment transaction payable by the payer and, where applicable, a breakdown of the amounts of such charges;
(d)where an exchange rate is used in the payment transaction and the actual rate used in the payment transaction differs from the rate provided in accordance with regulation 43(2)(d), the actual rate used or a reference to it, and the amount of the payment transaction after that currency conversion; and
(e)the date on which the payment service provider received the payment order.
46.—(1) The payee’s payment service provider must, immediately after the execution of the payment transaction, provide or make available to the payee the information specified in paragraph (2) in relation to the service provided by the payee’s payment service provider.
(2) The information referred to in paragraph (1) is—
(a)a reference enabling the payee to identify the payment transaction and, where appropriate, the payer and any information transferred with the payment transaction;
(b)the amount of the payment transaction in the currency in which the funds are at the payee’s disposal;
(c)the amount of any charges for the payment transaction payable by the payee and, where applicable, a breakdown of the amount of such charges;
(d)where applicable, the exchange rate used in the payment transaction by the payee’s payment service provider, and the amount of the payment transaction before that currency conversion; and
(e)the credit value date.
47. Where a payment order for a single payment transaction is transmitted by way of a payment instrument issued under a framework contract, the payment service provider in respect of that single payment transaction need not provide or make available under regulations 43 to 46 information which has been provided or made available, or will be provided or made available, under regulations 48 to 53 by another payment service provider in respect of the framework contract.
48.—(1) A payment service provider must provide to the payment service user the information specified in Schedule 4 (prior general information for framework contracts), either—
(a)in good time before the payment service user is bound by the framework contract; or
(b)where the contract is concluded at the payment service user’s request using a means of distance communication which does not enable provision of such information in accordance with sub-paragraph (a), immediately after the conclusion of the contract.
(2) The payment service provider may discharge the duty under paragraph (1) by providing a copy of the draft framework contract provided that such contract includes the information specified in Schedule 4 (prior general information for framework contracts).
49. If the payment service user so requests at any time during the contractual relationship, the payment service provider must provide the information specified in Schedule 4 (prior general information for framework contracts) and the terms of the framework contract.
50.—(1) Subject to paragraph (4), any proposed changes to—
(a)the existing terms of the framework contract; or
(b)the information specified in Schedule 4 (prior general information for framework contracts),
must be provided by the payment service provider to the payment service user no later than two months before the date on which they are to take effect.
(2) The framework contract may provide for any such proposed changes to be made unilaterally by the payment service provider where the payment service user does not, before the proposed date of entry into force of the changes, notify the payment service provider to the contrary.
(3) Where paragraph (2) applies, the payment service provider must inform the payment service user that
(a)the payment service user will be deemed to have accepted the changes in the circumstances referred to in that paragraph; and
(b)the payment service user has the right to terminate the framework contract without charge at any time before the proposed date of their entry into force.
(4) Changes in the interest or exchange rates may be applied immediately and without notice where—
(a)such a right is agreed under the framework contract and any such changes in interest or exchange rates are based on the reference interest or exchange rates information which has been provided to the payment service user in accordance with this Part; or
(b)the changes are more favourable to the payment service user.
(5) The payment service provider must inform the payment service user of any change to the interest rate as soon as possible unless the parties have agreed on a specific frequency or manner in which the information is to be provided or made available.
(6) Any change in the interest or exchange rate used in payment transactions must be implemented and calculated in a neutral manner that does not discriminate against payment service users.
51.—(1) The payment service user may terminate the framework contract at any time unless the parties have agreed on a period of notice not exceeding one month.
(2) Any charges for the termination of the contract must reasonably correspond to the actual costs to the payment service provider of termination.
(3) The payment service provider may not charge the payment service user for the termination of a framework contract after the expiry of 6 months of the contract.
(4) The payment service provider may terminate a framework contract concluded for an indefinite period by giving at least two months’ notice, if the contract so provides.
(5) Notice of termination given in accordance with paragraph (4) must be provided in the same way as information is required by regulation 55(1) (communication of information) to be provided or made available.
(6) Where charges for the payment service are levied on a regular basis, such charges must be apportioned up until the time of the termination of the contract and any charges paid in advance must be reimbursed proportionally.
(7) This regulation does not affect any right of a party to the framework contract to treat it, in accordance with the general law of contract, as unenforceable, void or discharged.
52. Where an individual payment transaction under a framework contract is initiated by the payer, at the payer’s request the payer’s payment service provider must inform the payer of—
(a)the maximum execution time;
(b)the charges payable by the payer in respect of the payment transaction; and
(c)where applicable, a breakdown of the amounts of such charges.
53.—(1) The payer’s payment service provider under a framework contract must provide to the payer the information specified in paragraph (2) in respect of each payment transaction on paper or on another durable medium at least once per month free of charge.
(2) The information is—
(a)a reference enabling the payer to identify the payment transaction and, where appropriate, information relating to the payee;
(b)the amount of the payment transaction in the currency in which the payer’s payment account is debited or in the currency used for the payment order;
(c)the amount of any charges for the payment transaction and, where applicable, a breakdown of the amounts of such charges, or the interest payable by the payer;
(d)where applicable, the exchange rate used in the payment transaction by the payer’s payment service provider and the amount of the payment transaction after that currency conversion; and
(e)the debit value date or the date of receipt of the payment order.
(3) A framework contract may include a condition that the payer may require the information specified in paragraph (2) be provided or made available periodically at least once a month, free of charge and in an agreed manner which enables the payer to store and reproduce the information unchanged.
(4) Paragraph (1) does not require a payment service provider to provide information where—
(a)the information has been, or is to be, provided or made available as required by the payer under a condition of the type referred to in paragraph (3); or
(b)more than one month has passed since information was last provided, but there are no payment transactions in respect of which the payment service provider has not previously provided or made available information in accordance with paragraph (1) or as required by the payer under a condition of the type referred to in paragraph (3).
54.—(1) The payee’s payment service provider under a framework contract must provide to the payee the information specified in paragraph (2) in respect of each payment transaction on paper or on another durable medium at least once per month free of charge.
(2) The information is—
(a)a reference enabling the payee to identify the payment transaction and the payer, and any information transferred with the payment transaction;
(b)the amount of the payment transaction in the currency in which the payee’s payment account is credited;
(c)the amount of any charges for the payment transaction and, where applicable, a breakdown of the amounts of such charges, or the interest payable by the payee;
(d)where applicable, the exchange rate used in the payment transaction by the payee’s payment service provider, and the amount of the payment transaction before that currency conversion; and
(e)the credit value date.
(3) A framework contract may include a condition that the information specified in paragraph (2) is to be provided or made available periodically at least once a month and in an agreed manner which enables the payee to store and reproduce the information unchanged.
(4) Paragraph (1) does not require a payment service provider to provide information where—
(a)the information has been, or is to be, provided or made available in accordance with a condition of the type referred to in paragraph (3); or
(b)more than one month has passed since information was last provided, but there are no payment transactions in respect of which the payment service provider has not previously provided or made available information in accordance with paragraph (1) or in accordance with a condition of the type referred to in paragraph (3).
55.—(1) Subject to regulation 42(2)(c) (disapplication of certain regulations in the case of low-value payment transactions), any information provided or made available in accordance with this Part must be provided or made available—
(a)in the case of single payment service contracts, in an easily accessible manner;
(b)subject to paragraph (2), on paper or on another durable medium;
(c)in easily understandable language and in a clear and comprehensible form; and
(d)in English or in the language agreed by the parties.
(2) Paragraph (1)(b)—
(a)in the case of single payment service contracts, only applies where the payment service user so requests; and
(b)in the case of framework contracts, is subject to any agreement in accordance with regulation 53(3) or 54(3) (information for the payer or payee on individual payment transactions) as to the manner in which information is to be provided or made available.
56.—(1) A payment service provider may not charge for providing or making available information which is required to be provided or made available by this Part.
(2) The payment service provider and the payment service user may agree on charges for any information which is provided at the request of the payment service user where such information is—
(a)additional to the information required to be provided or made available by this Part;
(b)provided more frequently than is specified in this Part; or
(c)transmitted by means of communication other than those specified in the framework contract.
(3) Any charges imposed under paragraph (2) must reasonably correspond to the payment service provider’s actual costs.
57.—(1) Payment transactions must be executed in the currency agreed between the parties.
(2) Where a currency conversion service is offered before the initiation of the payment transaction—
(a)at an automatic teller machine or the point of sale; or
(b)by the payee,
the party offering the currency conversion service to the payer must disclose to the payer all charges as well as the exchange rate to be used for converting the payment transaction.
58.—(1) The payee must inform the payer of any charge requested or reduction offered by the payee for the use of a particular payment instrument before the initiation of the payment transaction.
(2) The payment service provider, or any relevant other party involved in the transaction, must inform the payment service user of any charge requested by the payment service provider or other party, as the case may be, for the use of a particular payment instrument before the initiation of the payment transaction.
(3) A payer or payment service user is not obliged to pay a charge of the type referred to in paragraph (1) or (2) if the payer or payment service user was not informed of the full amount of the charge in accordance with the relevant paragraph.
59. Where a payment service provider is alleged to have failed to provide information in accordance with this Part, it is for the payment service provider to prove that it provided the information in accordance with this Part.
60.—(1) A registered account information service provider or EEA registered account information service provider must provide to the payment service user—
(a)such information specified in Schedule 4 (prior general information for framework contracts) as is relevant to the service provided;
(b)all charges payable by the payment service user to the account information service provider and, where applicable, a breakdown of those charges.
61. A provider of cash withdrawal services falling within paragraph 2(o) of Schedule 1 must ensure that a customer using such services is provided with information on withdrawal charges falling within regulations 43 (information required prior to the conclusion of a single payment service contract), 45 (information required after receipt of the payment order), 46 (information for the payee after execution) and 57 (currency and currency conversion), before the withdrawal and on receipt of the cash.
62.—(1) A payment service provider must make available free of charge in an easily accessible manner the document produced by the European Commission under Article 106 of the payment services directive—
(a)in electronic form on its website (if any);
(b)in paper form at any branches and through any agent it uses or any entity to which activities are outsourced.
(2) The FCA must make the document available in an easily accessible manner on its website.
(3) Payment service providers and the FCA must also make the information contained in the document available by alternative means or in alternative formats so as to be accessible to persons with disabilities.
63.—(1) This Part applies to payment services where—
(a)the services are provided from an establishment maintained by a payment service provider or its agent in the United Kingdom; and
(b)the services are provided in one of the following circumstances—
(i)the payment service providers of both the payer and the payee are located within the EEA and the service relates to a transaction in the currency of an EEA State;
(ii)the payment service providers of both the payer and the payee are located within the EEA and the service relates to a transaction in a currency other than the currency of an EEA State; or
(iii)the payment service provider of either the payer or the payee, but not both, is located within the EEA.
(2) In the circumstances mentioned at paragraph (1)(b)(ii)—
(a)this Part applies only in respect of those parts of a transaction which are carried out in the EEA; and
(b)regulations 84 to 88 (amounts transferred and received and execution time) do not apply.
(3) In the circumstances mentioned at paragraph (1)(b)(iii)—
(a)this Part applies only in respect of those parts of a transaction which are carried out in the EEA; and
(b)regulations 66(2) (responsibility for charges), 79 (refunds for direct debits), 80 (requests for direct debit refunds), 84 (amounts transferred and received), 86(1) to (3) (execution time for transactions to a payment account), 91 (defective execution of payer-initiated transactions), 92 (defective execution of payee-initiated transactions), 94 (liability for charges and interest) and 95 (right of recourse) do not apply.
(4) This Part does not apply to registered account information service providers or EEA registered account information service providers, except for regulations 70 (access to payment accounts for account information services), 71(7) to (10) (denial of access to payment accounts), 72(3) (payment service user’s obligation to keep personalised security credentials safe) and 98 to 100 (risk management, incident reporting, authentication and dispute resolution).
(5) Where the payment service user is not a consumer, a micro-enterprise or a charity, the payment service user and the payment service provider may agree that—
(a)any or all of regulations 66(1) (charges), 67(3) and (4) (withdrawal of consent), 75 (evidence on authentication and execution), 77 (payer or payee’s liability for unauthorised transactions), 79 (refunds for direct debits), 80 (requests for direct debit refunds), 83 (revocation of a payment order), 91 (defective execution of payer-initiated transactions), 92 (defective execution of payee-initiated transactions) and 94 (liability for charges and interest) do not apply;
(b)a different time period applies for the purposes of regulation 74(1) (notification of unauthorised or incorrectly executed payment transactions).
64.—(1) This regulation applies where a payment service is provided in relation to payment transactions that consist of the placing, transferring or withdrawal of funds covered by a credit line provided under a regulated agreement.
(2) Regulation 71(2) to (5) (limits on the use of payment instruments) do not apply where section 98A(4) of the Consumer Credit Act 1974 (termination etc of open-end consumer credit agreements)(49) applies.
(3) Regulations 76(1) to (4) and 77(1) to (5) (rectification of and liability for unauthorised transactions), and regulation 74 (notification and rectification of unauthorised or incorrectly executed payment transactions) as it applies in relation to regulation 76, do not apply.
(4) Regulations 76(5) and 77(6) apply as if—
(a)in regulation 76(5), the references to an unauthorised payment transaction were to a payment transaction initiated by use of a credit facility in the circumstances described in section 83(1) of the Consumer Credit Act 1974 (liability for misuse of credit facilities);
(b)the references to complying with regulation 76(1) were to compensating the payer for loss arising as described in section 83(1) of the Consumer Credit Act 1974.
65.—(1) This regulation applies in respect of payment instruments which, under the framework contract governing their use—
(a)can be used only to execute individual payment transactions of 30 euros or less, or in relation to payment transactions executed wholly within the United Kingdom, 60 euros or less;
(b)have a spending limit of 150 euros, or where payment transactions must be executed wholly within the United Kingdom, 300 euros; or
(c)store funds that do not exceed 500 euros at any time.
(2) Where this regulation applies the parties may agree that—
(a)regulations 72(1)(b) (obligation to notify loss or misuse of instrument), 73(1)(c), (d) and (e) (means of notifying loss) and 77(4) (payer not liable for certain losses) do not apply where the payment instrument does not allow for the stopping or prevention of its use;
(b)regulations 75 (evidence on authentication and execution), 76 (payment service provider’s liability for unauthorised transactions) and 77(1) and (2) (payer’s liability for unauthorised transactions) do not apply where the payment instrument is used anonymously or the payment service provider is not in a position, for other reasons concerning the payment instrument, to prove that a payment transaction was authorised;
(c)despite regulation 82(1) (refusal of payment orders), the payment service provider is not required to notify the payment service user of the refusal of a payment order if the non-execution is apparent from the context;
(d)the payer may not revoke the payment order under regulation 83 after transmitting the payment order or giving their consent to execute the payment transaction to the payee;
(e)execution periods other than those provided by regulations 86 (payment transactions to payment account) and 87 (absence of payment account) apply.
(3) Subject to paragraph (2)(b), regulations 76 (payment service provider’s liability for unauthorised transactions) and 77(1) and (2) (payer’s liability for unauthorised transactions) apply to electronic money unless the payer’s payment service provider does not have the ability under the contract to—
(a)freeze the payment account on which the electronic money is stored; or
(b)stop the use of the payment instrument.
66.—(1) The payment service provider may only charge the payment service user for the fulfilment of any of its obligations under this Part—
(a)in accordance with regulation 82(3) (refusal of payment orders), 83(6) (revocation of a payment order) or 90(2)(b) (incorrect unique identifiers);
(b)where agreed between the parties; and
(c)where such charges reasonably correspond to the payment service provider’s actual costs.
(2) Where both the payer’s and the payee’s payment service providers, or the only payment service provider, in respect of a payment transaction are within the EEA, the respective payment service providers must ensure that—
(a)the payee pays any charges levied by the payee’s payment service provider; and
(b)the payer pays any charges levied by the payer’s payment service provider.
(3) The payee’s payment service provider may not prevent the payee from—
(a)requesting payment of a charge by the payer for the use of a particular payment instrument;
(b)offering a reduction to the payer for the use of a particular payment instrument; or
(c)otherwise steering the payer towards the use of a particular payment instrument.
67.—(1) A payment transaction is to be regarded as having been authorised by the payer for the purposes of this Part only if the payer has given its consent to—
(a)the execution of the payment transaction; or
(b)the execution of a series of payment transactions of which that payment transaction forms part.
(2) Such consent—
(a)may be given before or, if agreed between the payer and its payment service provider, after the execution of the payment transaction;
(b)must be given in the form, and in accordance with the procedure, agreed between the payer and its payment service provider; and
(c)may be given via the payee or a payment initiation service provider.
(3) The payer may withdraw its consent to a payment transaction at any time before the point at which the payment order can no longer be revoked under regulation 83 (revocation of a payment order).
(4) Subject to regulation 83(3) to (5), the payer may withdraw its consent to the execution of a series of payment transactions at any time with the effect that any future payment transactions are not regarded as authorised for the purposes of this Part.
68.—(1) This regulation does not apply to payment transactions initiated through card-based payment instruments on which electronic money is stored.
(2) Where the conditions in paragraph (3) are met, a payment service provider which issues card-based payment instruments may request that an account servicing payment service provider confirm whether an amount necessary for the execution of a card-based payment transaction is available on the payment account of the payer.
(3) The conditions are that—
(a)the payer has given explicit consent to the payment service provider to request the confirmation;
(b)the payer has initiated a payment transaction for the amount in question using a card-based payment instrument issued by the payment service provider making the request;
(c)the payment service provider making the request complies, for each request, with the authentication and secure communication requirements set out in the regulatory technical standards adopted under Article 98 of the payment services directive in its communications with the account servicing payment service provider.
(4) If the conditions in paragraph (5) are met, an account servicing payment service provider which receives a request under paragraph (2) must provide the requested confirmation, in the form of a ‘yes’ or ‘no’ answer, to the requesting payment service provider immediately.
(5) The conditions are that—
(a)the payment account is accessible online when the account servicing payment service provider receives the request; and
(b)before the account servicing payment service provider receives the first request under paragraph (2) from the requesting payment service provider in relation to the payer’s payment account, the payer has given the account servicing payment service provider explicit consent to provide confirmation in response to such requests by that payment service provider.
(6) If the payer so requests, the account servicing payment service provider must also inform the payer of the payment service provider which made the request under paragraph (2) and the answer provided under paragraph (4).
(7) An account servicing payment service provider must not—
(a)include with a confirmation provided under paragraph (4) a statement of the account balance; or
(b)block funds on a payer’s payment account as a result of a request under paragraph (2).
(8) The payment service provider which makes a request under paragraph (2) must not—
(a)store any confirmation received under paragraph (4); or
(b)use the confirmation received for a purpose other than the execution of the card-based payment transaction for which the request was made.
69.—(1) This regulation applies only in relation to a payment account which is accessible online.
(2) Where a payer gives explicit consent in accordance with regulation 67 (consent and withdrawal of consent) for a payment to be executed through a payment initiation service provider, the payer’s account servicing payment service provider must—
(a)communicate securely with the payment initiation service provider in accordance with the regulatory technical standards adopted under Article 98 of the payment services directive;
(b)immediately after receipt of the payment order from the payment initiation service provider, provide or make available to the payment initiation service provider all information on the initiation of the payment transaction and all information accessible to the account servicing payment service provider regarding the execution of the payment transaction;
(c)treat the payment order in the same way as a payment order received directly from the payer, in particular in terms of timing, priority or charges, unless the account servicing payment service provider has objective reasons for treating the payment order differently;
(d)not require the payment initiation service provider to enter into a contract before complying with the preceding sub-paragraphs.
(3) A payment initiation service provider must—
(a)not hold a payer’s funds in connection with the provision of the payment initiation service at any time;
(b)ensure that a payer’s personalised security credentials are—
(i)not accessible to other parties, with the exception of the issuer of the credentials; and
(ii)transmitted through safe and efficient channels;
(c)ensure that any other information about a payer is not provided to any person except a payee, and is provided to the payee only with the payer’s explicit consent;
(d)each time it initiates a payment order, identify itself to the account servicing payment service provider and communicate with the account servicing payment service provider, the payer and the payee in a secure way in accordance with the regulatory technical standards adopted under Article 98 of the payment services directive;
(e)not store sensitive payment data of the payment service user;
(f)not request any information from a payer except information required to provide the payment initiation service;
(g)not use, access or store any information for any purpose except for the provision of a payment initiation service explicitly requested by a payer;
(h)not change the amount, the payee or any other feature of a transaction notified to it by the payer.
70.—(1) This regulation applies only in relation to a payment account which is accessible online.
(2) Where a payment service user uses an account information service, the payment service user’s account servicing payment service provider must—
(a)communicate securely with the account information service provider in accordance with the regulatory technical standards adopted under Article 98 of the payment services directive;
(b)treat a data request from the account information service provider in the same way as a data request received directly from the payer, unless the account servicing payment service provider has objective reasons for treating the request differently;
(c)not require the account information service provider to enter into a contract before complying with the preceding sub-paragraphs.
(3) An account information service provider must—
(a)not provide account information services without the payment service user’s explicit consent;
(b)ensure that the payment service user’s personalised security credentials are—
(i)not accessible to other parties, with the exception of the issuer of the credentials; and
(ii)transmitted through safe and efficient channels;
(c)for each communication session, identify itself to the account servicing payment service provider and communicate securely with the account servicing payment service provider and the payment service user in accordance with the regulatory technical standards adopted under Article 98 of the payment services directive;
(d)not access any information other than information from designated payment accounts and associated payment transactions;
(e)not request sensitive payment data linked to the payment accounts accessed;
(f)not use, access or store any information for any purpose except for the provision of the account information service explicitly requested by the payment service user.
71.—(1) Where a specific payment instrument is used for the purpose of giving consent to the execution of a payment transaction, the payer and its payment service provider may agree on spending limits for any payment transactions executed through that payment instrument.
(2) A framework contract may provide for the payment service provider to have the right to stop the use of a payment instrument on reasonable grounds relating to—
(a)the security of the payment instrument;
(b)the suspected unauthorised or fraudulent use of the payment instrument; or
(c)in the case of a payment instrument with a credit line, a significantly increased risk that the payer may be unable to fulfil its liability to pay.
(3) The payment service provider must, in the manner agreed between the payment service provider and the payer and before carrying out any measures to stop the use of the payment instrument—
(a)inform the payer that it intends to stop the use of the payment instrument; and
(b)give its reasons for doing so.
(4) Where the payment service provider is unable to inform the payer in accordance with paragraph (3) before carrying out any measures to stop the use of the payment instrument, it must do so immediately after.
(5) Paragraphs (3) and (4) do not apply where provision of the information in accordance with paragraph (3) would compromise reasonable security measures or is otherwise unlawful.
(6) The payment service provider must allow the use of the payment instrument or replace it with a new payment instrument as soon as practicable after the reasons for stopping its use cease to exist.
(7) An account servicing payment service provider may deny an account information service provider or a payment initiation service provider access to a payment account for reasonably justified and duly evidenced reasons relating to unauthorised or fraudulent access to the payment account by that account information service provider or payment initiation service provider, including the unauthorised or fraudulent initiation of a payment transaction.
(8) If an account servicing payment service provider denies access to a payment account under paragraph (7)—
(a)the account servicing payment service provider must notify the payment service user of the denial of access and the reason for the denial of access, in the form agreed with the payment service user;
(b)the notification under sub-paragraph (a) must be provided before the denial of access if possible, or otherwise immediately after the denial of access;
(c)the account servicing payment service provider must immediately report the incident to the FCA in such form as the FCA may direct, and such report must include the details of the case and the reasons for taking action;
(d)the account servicing payment service provider must restore access to the account once the reasons for denying access no longer justify such denial of access.
(9) Paragraph (8)(a) and (b) do not apply if notifying the payment service user—
(a)would compromise reasonably justified security reasons; or
(b)is unlawful.
(10) When the FCA receives a report under paragraph (8)(c), it must assess the case and take such measures as it considers appropriate.
72.—(1) A payment service user to whom a payment instrument has been issued must—
(a)use the payment instrument in accordance with the terms and conditions governing its issue and use; and
(b)notify the payment service provider in the agreed manner and without undue delay on becoming aware of the loss, theft, misappropriation or unauthorised use of the payment instrument.
(2) Paragraph (1)(a) applies only in relation to terms and conditions that are objective, non-discriminatory and proportionate.
(3) The payment service user must take all reasonable steps to keep safe personalised security credentials relating to a payment instrument or an account information service.
73.—(1) A payment service provider issuing a payment instrument must—
(a)ensure that the personalised security credentials are not accessible to persons other than the payment service user to whom the payment instrument has been issued;
(b)not send an unsolicited payment instrument, except where a payment instrument already issued to a payment service user is to be replaced;
(c)ensure that appropriate means are available at all times to enable the payment service user to notify the payment service provider in accordance with regulation 72(1)(b) (notification of loss or unauthorised use of payment instrument) or to request that, in accordance with regulation 71(6), the use of the payment instrument is no longer stopped;
(d)on request, provide the payment service user at any time during a period of 18 months after the alleged date of notification under regulation 72(1)(b) with the means to prove that such notification to the payment service provider was made;
(e)provide the payment service user with an option to make a notification under regulation 72(1)(b) free of charge, and ensure that any costs charged are directly attributed to the replacement of the payment instrument;
(f)prevent any use of the payment instrument once notification has been made under regulation 72(1)(b).
(2) The payment service provider bears the risk of sending to the payment service user a payment instrument or any personalised security credentials relating to it.
74.—(1) A payment service user is entitled to redress under regulation 76, 91, 92, 93 or 94 (liability for unauthorised transactions, non-execution or defective or late execution of transactions, or charges and interest), only if it notifies the payment service provider without undue delay, and in any event no later than 13 months after the debit date, on becoming aware of any unauthorised or incorrectly executed payment transaction.
(2) Where the payment service provider has failed to provide or make available information concerning the payment transaction in accordance with Part 6 of these Regulations (information requirements for payment services), the payment service user is entitled to redress under the regulations referred to in paragraph (1) notwithstanding that the payment service user has failed to notify the payment service provider as mentioned in that paragraph.
75.—(1) Where a payment service user—
(a)denies having authorised an executed payment transaction; or
(b)claims that a payment transaction has not been correctly executed,
it is for the payment service provider to prove that the payment transaction was authenticated, accurately recorded, entered in the payment service provider’s accounts and not affected by a technical breakdown or some other deficiency in the service provided by the payment service provider.
(2) If a payment transaction was initiated through a payment initiation service provider, it is for the payment initiation service provider to prove that, within its sphere of competence, the payment transaction was authenticated, accurately recorded and not affected by a technical breakdown or other deficiency linked to the payment initiation service.
(3) Where a payment service user denies having authorised an executed payment transaction, the use of a payment instrument recorded by the payment service provider, including a payment initiation service provider where appropriate, is not in itself necessarily sufficient to prove either that—
(a)the payment transaction was authorised by the payer; or
(b)the payer acted fraudulently or failed with intent or gross negligence to comply with regulation 72 (user’s obligations in relation to payment instruments and personalised security credentials).
(4) If a payment service provider, including a payment initiation service provider where appropriate, claims that a payer acted fraudulently or failed with intent or gross negligence to comply with regulation 72, the payment service provider must provide supporting evidence to the payer.
76.—(1) Subject to regulations 74 and 75, where an executed payment transaction was not authorised in accordance with regulation 67 (consent and withdrawal of consent), the payment service provider must—
(a)refund the amount of the unauthorised payment transaction to the payer; and
(b)where applicable, restore the debited payment account to the state it would have been in had the unauthorised payment transaction not taken place.
(2) The payment service provider must provide a refund under paragraph (1)(a) as soon as practicable, and in any event no later than the end of the business day following the day on which it becomes aware of the unauthorised transaction.
(3) Paragraph (2) does not apply where the payment service provider has reasonable grounds to suspect fraudulent behaviour by the payment service user and notifies a person mentioned in section 333A(2) of the Proceeds of Crime Act 2002 (tipping off: regulated sector)(50) of those grounds in writing.
(4) When crediting a payment account under paragraph (1)(b), a payment service provider must ensure that the credit value date is no later than the date on which the amount of the unauthorised payment transaction was debited.
(5) Where an unauthorised payment transaction was initiated through a payment initiation service provider—
(a)the account servicing payment service provider must comply with paragraph (1);
(b)if the payment initiation service provider is liable for the unauthorised payment transaction (in relation to which see regulation 75(2)) the payment initiation service provider must, on the request of the account servicing payment service provider, compensate the account servicing payment service provider immediately for the losses incurred or sums paid as a result of complying with paragraph (1), including the amount of the unauthorised transaction.
77.—(1) Subject to paragraphs (2), (3) and (4), a payment service provider which is liable under regulation 76(1) may require that the payer is liable up to a maximum of £35 for any losses incurred in respect of unauthorised payment transactions arising from the use of a lost or stolen payment instrument, or from the misappropriation of a payment instrument.
(2) Paragraph (1) does not apply if—
(a)the loss, theft or misappropriation of the payment instrument was not detectable by the payer prior to the payment, except where the payer acted fraudulently; or
(b)the loss was caused by acts or omissions of an employee, agent or branch of a payment service provider or of an entity which carried out activities on behalf of the payment service provider.
(3) The payer is liable for all losses incurred in respect of an unauthorised payment transaction where the payer—
(a)has acted fraudulently; or
(b)has with intent or gross negligence failed to comply with regulation 72 (obligations of the payment service user in relation to payment instruments and personalised security credentials).
(4) Except where the payer has acted fraudulently, the payer is not liable for any losses incurred in respect of an unauthorised payment transaction—
(a)arising after notification under regulation 72(1)(b);
(b)where the payment service provider has failed at any time to provide, in accordance with regulation 73(1)(c) (obligations of the payment service provider in relation to payment instruments), appropriate means for notification;
(c)where regulation 100 (authentication) requires the application of strong customer authentication, but the payer’s payment service provider does not require strong customer authentication; or
(d)where the payment instrument has been used in connection with a distance contract (other than an excepted contract).
(5) In paragraph (4)(d)—
“distance contract” means a distance contract as defined by regulation 5 of the Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 (other definitions)(51);
“excepted contract” means a contract that—
falls to any extent within regulation 6(1) of those Regulations (limits of application: general); or
falls within regulation 6(2) of those Regulations.
(6) Where regulation 100 requires the application of strong customer authentication, but the payee or the payee’s payment service provider does not accept strong customer authentication, the payee or the payee’s payment service provider, or both (as the case may be), must compensate the payer’s payment service provider for the losses incurred or sums paid as a result of complying with regulation 76(1).
78. Where a card-based payment transaction is initiated by or through the payee and the amount of the transaction is not known when the payer authorises the transaction—
(a)the payer’s payment service provider may not block funds on the payer’s payment account unless the payer has authorised the exact amount of the funds to be blocked; and
(b)the payer’s payment service provider must release the blocked funds without undue delay after becoming aware of the amount of the payment transaction, and in any event immediately after receipt of the payment order.
79.—(1) Where the conditions in paragraph (2) and the requirement in regulation 80(1) are satisfied, the payer is entitled to a refund from its payment service provider of the full amount of any authorised payment transaction initiated by or through the payee.
(2) The conditions are that—
(a)the authorisation did not specify the exact amount of the payment transaction when the authorisation was given in accordance with regulation 67 (consent and withdrawal of consent); and
(b)the amount of the payment transaction exceeded the amount that the payer could reasonably have expected taking into account the payer’s previous spending pattern, the conditions of the framework contract and the circumstances of the case.
(3) The payer is entitled to an unconditional refund from its payment service provider of the full amount of any direct debit transactions of the type referred to in Article 1 of Regulation (EU) 260/2012 of the European Parliament and of the Council of 14th March 2012 establishing technical and business requirements for credit transfers and direct debits in euro and amending Regulation (EC) No 924/2009(52).
(4) When crediting a payment account under paragraph (1), a payment service provider must ensure that the credit value date is no later than the date on which the amount of the unauthorised payment transaction was debited.
(5) For the purposes of paragraph (2)(b), the payer cannot rely on currency exchange fluctuations where the reference exchange rate provided under regulation 43(2)(d) or paragraph 3(b) of Schedule 4 was applied.
(6) The payer and payment service provider may agree in the framework contract that the right to a refund does not apply where—
(a)the payer has given consent directly to the payment service provider for the payment transaction to be executed; and
(b)if applicable, information on the payment transaction was provided or made available in an agreed manner to the payer for at least four weeks before the due date by the payment service provider or by the payee.
80.—(1) The payer must request a refund under regulation 79 from its payment service provider within 8 weeks from the date on which the funds were debited.
(2) The payment service provider may require the payer to provide such information as is reasonably necessary to prove that the conditions in regulation 79(2) are satisfied.
(3) The payment service provider must either—
(a)refund the full amount of the payment transaction; or
(b)provide justification for refusing to refund the payment transaction, indicating the bodies to which the payer may refer the matter if the payer does not accept the justification provided.
(4) Any refund or justification for refusing a refund must be provided within 10 business days of receiving a request for a refund or, where applicable, within 10 business days of receiving any further information requested under paragraph (2).
(5) If the payment service provider requires further information under paragraph (2), it may not refuse the refund until it has received further information from the payer.
81.—(1) A payer’s payment service provider must not debit the payment account before receipt of a payment order.
(2) Subject to paragraphs (3) to (6), for the purposes of these Regulations the time of receipt of a payment order is the time at which the payment order is received by the payer’s payment service provider.
(3) If the time of receipt of a payment order does not fall on a business day for the payer’s payment service provider, the payment order is deemed to have been received on the first business day thereafter.
(4) The payment service provider may set a time towards the end of a business day after which any payment order received will be deemed to have been received on the following business day.
(5) Where the payment service user initiating a payment order agrees with its payment service provider that execution of the payment order is to take place—
(a)on a specific day;
(b)on the last day of a certain period; or
(c)on the day on which the payer has put funds at the disposal of its payment service provider,
the time of receipt is deemed to be the day so agreed.
(6) If the day agreed under paragraph (5) is not a business day for the payer’s payment service provider, the payment order is deemed to have been received on the first business day thereafter.
82.—(1) Subject to paragraph (4), where a payment service provider refuses to execute a payment order or to initiate a payment transaction, it must notify the payment service user of—
(a)the refusal;
(b)if possible, the reasons for such refusal; and
(c)where it is possible to provide reasons for the refusal and those reasons relate to factual matters, the procedure for rectifying any factual errors that led to the refusal.
(2) Any notification under paragraph (1) must be given or made available in an agreed manner and at the earliest opportunity, and in any event within the periods specified in regulation 86.
(3) The framework contract may provide for the payment service provider to charge the payment service user for such refusal where the refusal is reasonably justified.
(4) The payment service provider is not required to notify the payment service user under paragraph (1) where such notification would be otherwise unlawful.
(5) Where all the conditions set out in the payer’s framework contract with the account servicing payment service provider have been satisfied, the account servicing payment service provider may not refuse to execute an authorised payment order irrespective of whether the payment order is initiated by the payer, through a payment initiation service provider, or by or through a payee, unless such execution is otherwise unlawful.
(6) For the purposes of regulations 86, 91 and 92 (payment transactions to a payment account and non-execution or defective or late execution of a payment transaction) a payment order of which execution has been refused is deemed not to have been received.
83.—(1) Subject to paragraphs (2) to (5), a payment service user may not revoke a payment order after it has been received by the payer’s payment service provider.
(2) In the case of a payment transaction initiated by a payment initiation service provider, or by or through the payee, the payer may not revoke the payment order after giving consent to the payment initiation service provider to initiate the payment transaction or giving consent to execute the payment transaction to the payee.
(3) In the case of a direct debit, the payer may not revoke the payment order after the end of the business day preceding the day agreed for debiting the funds.
(4) Where a day is agreed under regulation 81(5) (receipt of payment orders), the payment service user may not revoke a payment order after the end of the business day preceding the agreed day.
(5) At any time after the time limits for revocation set out in paragraphs (1) to (4), the payment order may only be revoked if the revocation is—
(a)agreed between the payment service user and the relevant payment service provider or providers; and
(b)in the case of a payment transaction initiated by or through the payee, including in the case of a direct debit, also agreed with the payee.
(6) A framework contract may provide for the relevant payment service provider to charge for revocation under this regulation.
84.—(1) Subject to paragraph (2), the payment service providers of the payer and payee must ensure that the full amount of the payment transaction is transferred and that no charges are deducted from the amount transferred.
(2) The payee and its payment service provider may agree for the relevant payment service provider to deduct its charges from the amount transferred before crediting it to the payee provided that the full amount of the payment transaction and the amount of the charges are clearly stated in the information provided to the payee.
(3) If charges other than those provided for by paragraph (2) are deducted from the amount transferred—
(a)in the case of a payment transaction initiated by the payer, the payer’s payment service provider must ensure that the payee receives the full amount of the payment transaction;
(b)in the case of a payment transaction initiated by the payee, the payee’s payment service provider must ensure that the payee receives the full amount of the payment transaction.
85.—(1) Regulations 86 to 88 apply to any payment transaction—
(a)in euro;
(b)executed wholly within the United Kingdom in sterling; or
(c)involving only one currency conversion between the euro and sterling, provided that—
(i)the currency conversion is carried out in the United Kingdom; and
(ii)in the case of cross-border payment transactions, the cross-border transfer takes place in euro.
(2) In respect of any other payment transaction, the payment service user may agree with the payment service provider that regulations 86 to 88 (except regulation 86(3)) do not apply.
86.—(1) Subject to paragraphs (2) and (3), the payer’s payment service provider must ensure that the amount of the payment transaction is credited to the payee’s payment service provider’s account by the end of the business day following the time of receipt of the payment order.
(2) Where a payment transaction is initiated by way of a paper payment order the reference in paragraph (1) to the end of the business day following the time of receipt of the payment order is to be treated as a reference to the end of the second business day following the time of receipt of the payment order.
(3) Where a payment transaction—
(a)does not fall within paragraphs (a) to (c) of regulation 85(1); but
(b)is to be executed wholly within the EEA,
the payer’s payment service provider must ensure that the amount of the payment transaction is credited to the payee’s payment service provider’s account by the end of the fourth business day following the time of receipt of the payment order.
(4) The payee’s payment service provider must value date and credit the amount of the payment transaction to the payee’s payment account following its receipt of the funds.
(5) The payee’s payment service provider must transmit a payment order initiated by or through the payee to the payer’s payment service provider within the time limits agreed between the payee and its payment service provider, enabling settlement in respect of a direct debit to occur on the agreed due date.
87.—(1) Paragraph (2) applies where a payment service provider accepts funds on behalf of a payee who does not have a payment account with that payment service provider.
(2) The payment service provider must make the funds available to the payee immediately after the funds have been credited to that payment service provider’s account.
88. Where a payment service user places cash on its payment account with a payment service provider in the same currency as that payment account, the payment service provider must—
(a)if the user is a consumer, micro-enterprise or charity, ensure that the amount is made available and value dated immediately after the receipt of the funds;
(b)in any other case, ensure that the amount is made available and value dated no later than the end of the next business day after the receipt of the funds.
89.—(1) The credit value date for the payee’s payment account must be no later than the business day on which the amount of the payment transaction is credited to the account of the payee’s payment service provider.
(2) Paragraph (3) applies where—
(a)the transaction does not involve a currency conversion;
(b)the transaction involves only a currency conversion between the euro and pounds sterling or another Member State currency, between pounds sterling and another Member State currency, or between two other Member State currencies; or
(c)the transaction involves only one payment service provider.
(3) The payee’s payment service provider must ensure that the amount of the payment transaction is at the payee’s disposal immediately after that amount has been credited to that payment service provider’s account.
(4) The debit value date for the payer’s payment account must be no earlier than the time at which the amount of the payment transaction is debited to that payment account.
90.—(1) Where a payment order is executed in accordance with the unique identifier, the payment order is deemed to have been correctly executed by each payment service provider involved in executing the payment order with respect to the payee specified by the unique identifier.
(2) Where the unique identifier provided by the payment service user is incorrect, the payment service provider is not liable under regulation 91 or 92 for non-execution or defective execution of the payment transaction, but the payment service provider—
(a)must make reasonable efforts to recover the funds involved in the payment transaction; and
(b)may, if agreed in the framework contract, charge the payment service user for any such recovery.
(3) The payee’s payment service provider must co-operate with the payer’s payment service provider in its efforts to recover the funds, in particular by providing to the payer’s payment service provider all relevant information for the collection of funds.
(4) If the payer’s payment service provider is unable to recover the funds it must, on receipt of a written request, provide to the payer all available relevant information in order for the payer to claim repayment of the funds.
(5) Where the payment service user provides information additional to that specified in regulation 43(2)(a) (information required prior to the conclusion of a single payment service contract) or paragraph 2(b) of Schedule 4 (prior general information for framework contracts), the payment service provider is liable only for the execution of payment transactions in accordance with the unique identifier provided by the payment service user.
91.—(1) This regulation applies where a payment order is initiated directly by the payer.
(2) The payer’s payment service provider is liable to the payer for the correct execution of the payment transaction unless it can prove to the payer and, where relevant, to the payee’s payment service provider, that the payee’s payment service provider received the amount of the payment transaction in accordance with regulation 86(1) to (3) (payment transactions to a payment account).
(3) Where the payer’s payment service provider is liable under paragraph (2), it must without undue delay refund to the payer the amount of the non-executed or defective payment transaction and, where applicable, restore the debited payment account to the state in which it would have been had the defective payment transaction not taken place.
(4) The credit value date for a credit under paragraph (3) must be no later than the date on which the amount was debited.
(5) If the payer’s payment service provider proves that the payee’s payment service provider received the amount of the payment transaction in accordance with regulation 86, the payee’s payment service provider is liable to the payee for the correct execution of the payment transaction and must—
(a)immediately make available the amount of the payment transaction to the payee; and
(b)where applicable, credit the corresponding amount to the payee’s payment account.
(6) The credit value date for a credit under paragraph (5)(b) must be no later than the date on which the amount would have been value dated if the transaction had been executed correctly.
(7) Where a payment transaction is executed late, the payee’s payment service provider must, on receipt of a request from the payer’s payment service provider on behalf of the payer, ensure that the credit value date for the payee’s payment account is no later than the date the amount would have been value dated if the transaction had been executed correctly.
(8) Regardless of liability under this regulation, the payer’s payment service provider must, on request by the payer, immediately and without charge—
(a)make efforts to trace any non-executed or defectively executed payment transaction; and
(b)notify the payer of the outcome.
92.—(1) This regulation applies where a payment order is initiated by the payee.
(2) The payee’s payment service provider is liable to the payee for the correct transmission of the payment order to the payer’s payment service provider in accordance with regulation 86(5) (payment transactions to a payment account).
(3) Where the payee’s payment service provider is liable under paragraph (2), it must immediately re-transmit the payment order in question to the payer’s payment service provider.
(4) The payee’s payment service provider must also ensure that the transaction is handled in accordance with regulation 89 (value date and availability of funds), such that the amount of the transaction—
(a)is at the payee’s disposal immediately after it is credited to the payee’s payment service provider’s account; and
(b)is value dated on the payee’s payment account no later than the date the amount would have been value dated if the transaction had been executed correctly.
(5) The payee’s payment service provider must, on request by the payee and free of charge, make immediate efforts to trace the payment transaction and notify the payee of the outcome.
(6) Subject to paragraph (8), if the payee’s payment service provider proves to the payee and, where relevant, to the payer’s payment service provider, that it is not liable under paragraph (2) in respect of a non-executed or defectively executed payment transaction, the payer’s payment service provider is liable to the payer and must, as appropriate and immediately—
(a)refund to the payer the amount of the payment transaction; and
(b)restore the debited payment account to the state in which it would have been had the defective payment transaction not taken place.
(7) The credit value date for a credit under paragraph (6)(b) must be no later than the date on which the amount was debited.
(8) If the payer’s payment service provider proves that the payee’s service provider has received the amount of the payment transaction, paragraph (6) does not apply and the payee’s payment service provider must value date the amount on the payee’s payment account no later than the date the amount would have been value dated if the transaction had been executed correctly.
93.—(1) This regulation applies where a payment order is initiated by the payer through a payment initiation service.
(2) The account servicing payment service provider must refund to the payer the amount of the non-executed or defective payment transaction and, where applicable, restore the debited payment account to the state in which it would have been had the defective payment transaction not taken place.
(3) Paragraph (4) applies if the payment initiation service provider does not prove to the account servicing payment service provider that—
(a)the payment order was received by the payer’s account servicing payment service provider in accordance with regulation 81 (receipt of payment orders); and
(b)within the payment initiation service provider’s sphere of influence the payment transaction was authenticated, accurately recorded and not affected by a technical breakdown or other deficiency linked to the non-execution, defective or late execution of the transaction.
(4) On request from the account servicing payment service provider, the payment initiation service provider must immediately compensate the account servicing payment service provider for the losses incurred or sums paid as a result of the refund to the payer.
94. A payment service provider is liable to its payment service user for—
(a)any charges for which the payment service user is responsible; and
(b)any interest which the payment service user must pay,
as a consequence of the non-execution or defective or late execution of the payment transaction.
95. Where the liability of a payment service provider (“the first provider”) under regulation 76, 91, 92 or 93 (payment service providers’ liability for unauthorised or defective payment transactions) is attributable to another payment service provider or an intermediary, including where there is a failure to use strong customer authentication as required by regulation 100 (authentication), the other payment service provider or intermediary must compensate the first provider for any losses incurred or sums paid pursuant to those regulations.
96.—(1) A person is not liable for any contravention of a requirement imposed on it by or under this Part where the contravention is due to abnormal and unforeseeable circumstances beyond the person’s control, the consequences of which would have been unavoidable despite all efforts to the contrary.
(2) A payment service provider is not liable for any contravention of a requirement imposed on it by or under this Part where the contravention is due to the obligations of the payment service provider under other provisions of EU or national law.
97. A payment service provider must not access, process or retain any personal data for the provision of payment services by it, unless it has the explicit consent of the payment service user to do so.
98.—(1) Each payment service provider must establish a framework with appropriate mitigation measures and control mechanisms to manage the operational and security risks, relating to the payment services it provides. As part of that framework, the payment service provider must establish and maintain effective incident management procedures, including for the detection and classification of major operational and security incidents.
(2) Each payment service provider must provide to the FCA an updated and comprehensive assessment of the operational and security risks relating to the payment services it provides and on the adequacy of the mitigation measures and control mechanisms implemented in response to those risks.
(3) Such assessment must—
(a)be provided on an annual basis, or at such shorter intervals as the FCA may direct; and
(b)be provided in such form and manner, and contain such information, as the FCA may direct.
99.—(1) If a payment service provider becomes aware of a major operational or security incident, the payment service provider must, without undue delay, notify the FCA.
(2) A notification under paragraph (1) must be in such form and manner, and contain such information, as the FCA may direct.
(3) If the incident has or may have an impact on the financial interests of its payment service users, the payment service provider must, without undue delay, inform its payment service users of the incident and of all measures that they can take to mitigate the adverse effects of the incident.
(4) Upon receipt of the notification referred to in paragraph (1), the FCA must—
(a)without undue delay, provide the relevant details of the incident to the European Banking Authority and to the European Central Bank;
(b)notify any other relevant authorities in the United Kingdom; and
(c)co-operate with the European Banking Authority and the European Central Bank in assessing the relevance of the incident to authorities outside of the United Kingdom.
(5) If the FCA receives notification of an incident from the European Banking Authority or the European Central Bank it must take any appropriate measures to protect the immediate safety of the financial system.
100.—(1) A payment service provider must apply strong customer authentication where a payment service user—
(a)accesses its payment account online, whether directly or through an account information service provider;
(b)initiates an electronic payment transaction; or
(c)carries out any action through a remote channel which may imply a risk of payment fraud or other abuses.
(2) Where a payer initiates an electronic remote payment transaction directly or through a payment initiation service provider, the payment service provider must apply strong customer authentication that includes elements which dynamically link the transaction to a specific amount and a specific payee.
(3) A payment service provider must maintain adequate security measures to protect the confidentiality and integrity of payment service users’ personalised security credentials.
(4) An account servicing payment service provider must allow a payment initiation service provider or account information service provider to rely on the authentication procedures provided by the account servicing payment service provider to a payment service user in accordance with the preceding paragraphs of this regulation.
(5) Paragraphs (1), (2) and (3) are subject to any exemptions from the requirements in those paragraphs provided for in regulatory technical standards adopted under Article 98 of the payment services directive.
101.—(1) This regulation applies in relation to complaints from payment service users who are not eligible within the meaning of section 226(6) of the 2000 Act (the ombudsman scheme – compulsory jurisdiction).
(2) A payment service provider must put in place and apply adequate and effective complaint resolution procedures for the settlement of complaints from payment service users about the rights and obligations arising under Parts 6 and 7.
(3) Those procedures must—
(a)be applied in every EEA State where the payment service provider offers the payment services; and
(b)be available in an official language of each such EEA State, or in another language if agreed between the payment service provider and the payment service user.
(4) When a payment service provider receives a complaint from a payment service user, the payment service provider must make every possible effort to address all points raised in a reply to the complaint on paper or, if agreed between payment service provider and payment service user, in another durable medium.
(5) Subject to paragraph (6), the reply must be provided to the complainant within an adequate timeframe and at the latest 15 business days after the day on which the payment service provider received the complaint.
(6) In exceptional situations, if a full reply cannot be given in accordance with paragraph (4) for reasons beyond the control of the payment service provider, the payment service provider must send a holding reply, clearly indicating the reasons for the delay in providing a full reply to the complaint and specifying the deadline by which the payment service user will receive a full reply.
(7) The deadline specified under paragraph (6) must not be later than 35 business days after the day on which the payment service provider received the complaint.
(8) The payment service provider must inform the payment service user about the details of one or more providers of dispute resolution services able to deal with disputes concerning the rights and obligations arising under this Part and Part 6 (information requirements for payment services), if the payment service provider uses such services.
(9) The payment service provider must also make available in a clear, comprehensive and easily accessible way—
(a)the information referred to in paragraph (7); and
(b)details of how to access further information about any provider of dispute resolution services referred to in paragraph (8) and the conditions for using such services.
(10) The information to be made available under paragraph (8) must be made available—
(a)on the website of the payment service provider (if any);
(b)at branches of the payment service provider (if any); and
(c)in the general terms and conditions of the contract between the payment service provider and the payment service user.
102.—(1) Regulation 103 does not apply to the following kinds of payment systems—
(a)a designated system;
(b)a payment system consisting solely of payment service providers belonging to the same group.
103.—(1) Rules or conditions governing access to, or participation in, a payment system by authorised or registered payment service providers must—
(a)be objective, proportionate and non-discriminatory; and
(b)not prevent, restrict or inhibit access or participation more than is necessary to—
(i)safeguard against specific risks such as settlement risk, operational risk or business risk; or
(ii)protect the financial and operational stability of the payment system.
(2) Paragraph (1) applies only to such payment service providers as are legal persons.
(3) Rules or conditions governing access to, or participation in, a payment system must not, in respect of payment service providers, payment service users or other payment systems—
(a)restrict effective participation in other payment systems;
(b)discriminate (whether directly or indirectly) between
(i)different authorised payment service providers; or
(ii)different registered payment service providers;
in relation to the rights, obligations or entitlements of participants in the payment system; or
(c)impose any restrictions on the basis of institutional status.
104.—(1) This regulation applies where a participant in a designated system allows an authorised or registered payment service provider that is not a participant in the system to pass transfer orders through the system.
(2) The participant—
(a)must treat a request by another authorised or registered payment service provider to pass transfer orders through the system in an objective, proportionate and non-discriminatory manner; and
(b)must not—
(i)prevent, restrict or inhibit access to or participation in the system more than is necessary to safeguard against specific risks such as settlement risk, operational risk or business risk, or to protect the financial and operational stability of the participant or the payment system;
(ii)discriminate (whether directly or indirectly) between different authorised payment service providers or different registered payment service providers in relation to the rights, obligations or entitlements of such providers in relation to access to or participation in the system; or
(iii)impose any restrictions on the basis of institutional status.
(3) If the participant refuses such a request, it must provide full reasons for the refusal to the payment service provider which made the request.
105.—(1) A credit institution must—
(a)grant payment service providers of the types referred to in paragraphs (a) to (f) of the definition of “payment service provider” in regulation 2(1), and applicants for authorisation or registration as such payment service providers, access to payment accounts services on an objective, non-discriminatory and proportionate basis;
(b)when a payment service provider of a type mentioned in sub-paragraph (a) enquires about such access, include in the response to the enquiry the criteria that the credit institution applies when considering requests for such access; and
(c)maintain arrangements to ensure that those criteria are applied in a manner which ensures compliance with sub-paragraph (a).
(2) Access to payment accounts services granted to a payment service provider pursuant to paragraph (1) must be sufficiently extensive to allow the payment service provider to provide payment services in an unhindered and efficient manner.
(3) If a credit institution refuses a request for access to such services from a payment service provider of the types mentioned in paragraph (1)(a), or withdraws access to such services for such a payment service provider, it must notify the FCA.
(4) A notification under paragraph (3) must—
(a)contain duly motivated reasons for the refusal or the withdrawal of access; and
(b)contain such information, and be provided in such form and manner and within such period following the refusal or withdrawal of access, as the FCA may direct.
(5) The FCA must provide the reasons received under paragraph (4) to the Payment Systems Regulator, unless the Payment Systems Regulator informs the FCA that it does not wish to receive them.
106.—(1) The FCA is designated as the competent authority for the purposes of the payment services directive, except as set out in paragraph (2), and has the functions and powers conferred on it by these Regulations.
(2) The FCA is not designated as the competent authority for the purposes of the following provisions of the payment services directive—
(a)the condition in Article 3(o) (transposed in regulation 61) (information on ATM withdrawal charges);
(b)Article 35 (transposed in regulations 102 to 104) (access to payment systems);
(c)in Article 62, paragraph 4 and the second sentence of paragraph 3 (restrictions on payee charging for use of certain payment instruments).
(3) In determining the general policy and principles by reference to which it performs particular functions under these Regulations, and to the extent appropriate taking into account the FCA’s designation under paragraph (1), the FCA must have regard to—
(a)the need to use its resources in the most efficient and economic way;
(b)the principle that a burden or restriction which is imposed on a person, or on the carrying on of an activity, should be proportionate to the benefits, considered in general terms, which are expected to result from the imposition of that burden or restriction;
(c)the desirability of sustainable growth in the economy of the United Kingdom in the medium or long term;
(d)the general principle that consumers should take responsibility for their own decisions;
(e)the responsibilities of those who manage the affairs of persons subject to requirements imposed by or under these Regulations, including those affecting consumers, in relation to compliance with those requirements;
(f)the desirability where appropriate of the FCA exercising its functions in a way that recognises differences in the nature of, and objectives of, businesses carried on by different persons subject to requirements imposed by or under these Regulations;
(g)the desirability in appropriate cases of the FCA publishing information in relation to persons on whom requirements are imposed by or under these Regulations;
(h)the principle that the FCA should exercise its functions as transparently as possible.
107. For the purposes of this Part, including the legislation applied by regulation 122 and Schedule 6, but with the exception of regulation 119 and Schedule 5 (credit agreements)—
(a)the requirements imposed on payment service providers by Articles 8(2), 9(2) and 12 of the interchange fee regulation are to be treated as if they were included in Part 5 of these Regulations (requirements for providers of certain services which are not payment services);
(b)the requirements imposed on payment service providers by Articles 8(5) and (6), 9(1), 10(1) and (5) and 11 of the interchange fee regulation are to be treated as if they were included in Part 6 of these Regulations (information requirements for payment services); and
(c)requirements imposed on payment service providers by or under directly applicable EU regulations adopted under the payment services directive, or by rules made by the FCA pursuant to paragraph 3 of Schedule 7, are to be treated as if they were imposed by or under Part 7 of these Regulations (rights and obligations in relation to the provision of payment services).
108.—(1) The FCA must maintain arrangements designed to enable it to determine whether—
(a)persons on whom requirements are imposed by or under Parts 2 to 7 or regulation 105 (access to bank accounts) are complying with them;
(b)there has been any contravention of regulation 138(1) (prohibition on provision of payment services by persons other than payment service providers), 139(1) (false claims to be a payment service provider or exempt) or 142(1)(a) or (2) (misleading a regulator).
(2) The arrangements referred to in paragraph (1) may provide for functions to be performed on behalf of the FCA by any body or person who is, in its opinion, competent to perform them.
(3) The FCA must also maintain arrangements for enforcing the provisions of these Regulations.
(4) Paragraph (2) does not affect the FCA’s duty under paragraph (1).
109.—(1) A person must give the FCA such information as the FCA may direct in respect of its provision of payment services or its compliance with requirements imposed by or under Parts 2 to 7 or regulation 105 (access to bank accounts).
(2) Information required under this regulation must be given at such times and in such form, and verified in such manner, as the FCA may direct.
(3) A direction under paragraph (2) must specify the purpose for which the information is required, as appropriate, and the time within which the information is to be given.
(4) Each authorised payment institution, small payment institution and registered account information service provider, and each credit institution and electronic money institution which is authorised in the United Kingdom and provides payment services, must provide to the FCA statistical data on fraud relating to different means of payment.
(5) Such data must be provided at least once per year, and must be provided in such form as the FCA may direct.
(6) The FCA must provide such data in an aggregated form to the European Banking Authority and the European Central Bank.
110. If the FCA considers that a person has contravened a requirement imposed on them by or under these Regulations, the FCA may publish a statement to that effect.
111.—(1) The FCA may impose a penalty of such amount as it considers appropriate on—
(a)a payment service provider who has contravened a requirement imposed on them by or under these Regulations; or
(b)a person who has contravened regulation 138(1) (prohibition on provision of payment services by persons other than payment service providers), 139(1) (false claims to be a payment service provider or exempt) or 142(1)(a) or (2) (misleading a regulator).
(2) The FCA may not in respect of any contravention both require a person to pay a penalty under this regulation and cancel their authorisation as a payment institution or their registration as a small payment institution or account information service provider (as the case may be).
(3) A penalty under this regulation is a debt due from that person to the FCA, and is recoverable accordingly.
112.—(1) Where the FCA proposes to publish a statement under regulation 110 or to impose a penalty under regulation 111, it must give the person concerned a warning notice.
(2) The warning notice must set out the terms of the proposed statement or state the amount of the proposed penalty.
(3) If, having considered any representations made in response to the warning notice, the FCA decides to publish a statement under regulation 110 or to impose a penalty under regulation 111, it must without delay give the person concerned a decision notice.
(4) The decision notice must set out the terms of the statement or state the amount of the penalty.
(5) If the FCA decides to publish a statement under regulation 110 or impose a penalty on a person under regulation 111, the person concerned may refer the matter to the Upper Tribunal.
(6) Sections 210 (statements of policy) and 211 (statements of policy: procedure) of the 2000 Act apply in respect of the imposition of penalties under regulation 111 and the amount of such penalties as they apply in respect of the imposition of penalties under Part 14 of the 2000 Act (disciplinary measures) and the amount of penalties under that Part of that Act.
(7) After a statement under regulation 110 is published, the FCA must send a copy of it to the person concerned and to any person to whom a copy of the decision notice was given under section 393(4) of the 2000 Act (third party rights) (as applied by paragraph 10 of Schedule 6 to these Regulations).
113.—(1) If, on the application of the FCA, the court is satisfied—
(a)that there is a reasonable likelihood that any person will contravene a requirement imposed by or under these Regulations; or
(b)that any person has contravened such a requirement and that there is a reasonable likelihood that the contravention will continue or be repeated,
the court may make an order restraining (or in Scotland an interdict prohibiting) the contravention.
(2) If, on the application of the FCA, the court is satisfied—
(a)that any person has contravened a requirement imposed by or under these Regulations; and
(b)that there are steps which could be taken for remedying the contravention,
the court may make an order requiring that person, and any other person who appears to have been knowingly concerned in the contravention, to take such steps as the court may direct to remedy it.
(3) If, on the application of the FCA, the court is satisfied that any person may have—
(a)contravened a requirement imposed by or under these Regulations; or
(b)been knowingly concerned in the contravention of such a requirement,
it may make an order restraining (or in Scotland an interdict prohibiting) them from disposing of, or otherwise dealing with, any assets of theirs which it is satisfied they are reasonably likely to dispose of or otherwise deal with.
(4) The jurisdiction conferred by this regulation is exercisable by the High Court and the Court of Session.
(5) In paragraph (2), references to remedying a contravention include references to mitigating its effect.
114.—(1) The FCA may exercise the power in paragraph (2) if it is satisfied that a payment service provider (referred to in this regulation and regulation 115 as “the person concerned”) has contravened a requirement imposed by or under these Regulations, or been knowingly concerned in the contravention of such a requirement, and that—
(a)profits have accrued to the person concerned as a result of the contravention; or
(b)one or more persons have suffered loss or been otherwise adversely affected as a result of the contravention.
(2) The power referred to in paragraph (1) is a power to require the person concerned, in accordance with such arrangements as the FCA considers appropriate, to pay to the appropriate person or distribute among the appropriate persons such amount as appears to the FCA to be just having regard—
(a)in a case within sub-paragraph (a) of paragraph (1), to the profits appearing to the FCA to have accrued;
(b)in a case within sub-paragraph (b) of that paragraph, to the extent of the loss or other adverse effect;
(c)in a case within both of those paragraphs, to the profits appearing to the FCA to have accrued and to the extent of the loss or other adverse effect.
(3) In paragraph (2) “appropriate person” means a person appearing to the FCA to be someone—
(a)to whom the profits mentioned in paragraph (1)(a) are attributable; or
(b)who has suffered the loss or adverse effect mentioned in paragraph (1)(b).
115.—(1) If the FCA proposes to exercise the power under regulation 114(2), it must give the person concerned a warning notice.
(2) The warning notice must state the amount which the FCA propose to require the person concerned to pay or distribute as mentioned in regulation 114(2).
(3) If, having considered any representations made in response to the warning notice, the FCA decides to exercise the power under regulation 114(2), it must without delay give the person concerned a decision notice.
(4) The decision notice must—
(a)state the amount that the person concerned is to pay or distribute;
(b)identify the person or persons to whom that amount is to be paid or among whom that amount is to be distributed; and
(c)state the arrangements in accordance with which the payment or distribution is to be made.
(5) If the FCA decides to exercise the power under regulation 114(2), the person concerned may refer the matter to the Upper Tribunal.
116.—(1) The court may, on the application of the FCA, make an order under paragraph (2) if it is satisfied that a person has contravened a requirement imposed by or under these Regulations, or been knowingly concerned in the contravention of such a requirement, and that—
(a)profits have accrued to them as a result of the contravention; or
(b)one or more persons have suffered loss or been otherwise adversely affected as a result of the contravention.
(2) The court may order the person concerned to pay to the FCA such sum as appears to the court to be just having regard—
(a)in a case within sub-paragraph (a) of paragraph (1), to the profits appearing to the court to have accrued;
(b)in a case within sub-paragraph (b) of that paragraph, to the extent of the loss or other adverse effect;
(c)in a case within both of those sub-paragraphs, to the profits appearing to the court to have accrued and to the extent of the loss or other adverse effect.
(3) Any amount paid to the FCA in pursuance of an order under paragraph (2) must be paid by it to such qualifying person or distributed by it among such qualifying persons as the court may direct.
(4) In paragraph (3), “qualifying person” means a person appearing to the court to be someone—
(a)to whom the profits mentioned in paragraph (1)(a) are attributable; or
(b)who has suffered the loss or adverse effect mentioned in paragraph (1)(b).
(5) On an application under paragraph (1) the court may require the person concerned to supply it with such accounts or other information as it may require for any one or more of the following purposes—
(a)establishing whether any and, if so, what profits have accrued to them as mentioned in sub-paragraph (a) of that paragraph;
(b)establishing whether any person or persons have suffered any loss or adverse effect as mentioned in sub-paragraph (b) of that paragraph; and
(c)determining how any amounts are to be paid or distributed under paragraph (3).
(6) The court may require any accounts or other information supplied under paragraph (5) to be verified in such manner as it may direct.
(7) The jurisdiction conferred by this regulation is exercisable by the High Court and the Court of Session.
(8) Nothing in this regulation affects the right of any person other than the FCA to bring proceedings in respect of the matters to which this regulation applies.
117.—(1) The FCA must maintain arrangements designed to enable payment service users and other interested parties to submit complaints to it that a requirement imposed by or under Parts 2 to 7 of these Regulations has been breached by a payment service provider.
(2) Where it considers it appropriate, the FCA must include in any reply to a complaint under paragraph (1) details of the ombudsman scheme established under Part 16 of the 2000 Act (the ombudsman scheme).
118.—(1) The functions of the FCA under these Regulations are to be treated for the purposes of paragraph 23 of Schedule 1ZA (fees) to the 2000 Act(53) as functions conferred on the FCA under that Act, with the following modifications—
(a)section 1B(5)(a) of the 2000 Act (FCA’s general duties)(54) does not apply to the making of rules under paragraph 23 by virtue of this regulation;
(b)rules made under paragraph 23 by virtue of this regulation are not to be treated as regulating provisions for the purposes of section 140A(1) of the 2000 Act (competition scrutiny)(55);
(c)paragraph 23(7) does not apply.
(2) The FCA must in respect of each of its financial years pay to the Treasury any amounts received by it during the year by way of penalties imposed under regulation 111.
(3) The Treasury may give directions to the FCA as to how the FCA is to comply with its duty under paragraph (2).
(4) The directions may in particular—
(a)specify the time when any payment is required to be made to the Treasury, and
(b)require the FCA to provide the Treasury at specified times with information relating to penalties that the FCA has imposed under regulation 111.
(5) The Treasury must pay into the Consolidated Fund any sums received by them under this regulation.
119. Schedule 5, which contains provisions concerning credit agreements, has effect.
120.—(1) The FCA may give guidance consisting of such information and advice as it considers appropriate with respect to—
(a)the operation of these Regulations;
(b)any matters relating to the functions of the FCA under these Regulations;
(c)any other matters about which it appears to the FCA to be desirable to give information or advice in connection with these Regulations.
(2) The FCA may—
(a)publish its guidance;
(b)offer copies of its published guidance for sale at a reasonable price;
(c)if it gives guidance in response to a request made by any person, make a reasonable charge for that guidance.
121. The functions of the FCA under these Regulations are to be treated for the purposes of paragraph 25 (exemption from liability in damages) of Part 4 of Schedule 1ZA to the 2000 Act(56) as functions conferred on the FCA under that Act.
122. The provisions of primary and secondary legislation set out in Schedule 6 apply for the purposes of these Regulations with the modifications set out in that Schedule.
123. In this Part—
“the 2013 Act” means the Financial Services (Banking Reform) Act 2013(57);
“compliance failure” means a failure by a regulated person to comply with—
a directive requirement; or
a direction given under regulation 125;
“directive requirement” means an obligation, prohibition or restriction imposed by regulation 61 (information on ATM withdrawal charges) or Part 8 (access to payment systems and bank accounts), with the exception of the obligation imposed on the FCA by regulation 105(5) (access to bank accounts);
“general direction” has the meaning given in regulation 125(5);
“general guidance” has the meaning given in regulation 134(2);
“regulated person” means a person on whom a directive requirement is imposed.
124.—(1) The Payment Systems Regulator is designated as the competent authority for the purposes of the following provision of the payment services directive—
(a)the condition in Article 3(o) (transposed in regulation 61) (information on ATM withdrawal charges);
(b)Article 35 (transposed in regulations 102 to 104) (access to payment systems);
(c)Article 36 (transposed in regulation 105) (access to bank accounts), together with the FCA,
and has the functions and powers conferred on it by these Regulations.
(2) In determining the general policy and principles by reference to which it performs particular functions under these Regulations, and to the extent appropriate taking into account the Payment Systems Regulator’s designation under paragraph (1), the Payment Systems Regulator must have regard to the matters to which the FCA is required to have regard by regulation 106(3), and for that purpose references to the FCA in regulation 106(3)(f) to (h) are to be read as references to the Payment Systems Regulator.
(3) The Payment Systems Regulator must maintain arrangements designed to enable it to determine whether regulated persons are complying with directive requirements, and for enforcing directive requirements.
125.—(1) The Payment Systems Regulator may give a direction in writing to any regulated person.
(2) A direction may be given for the purpose of—
(a)obtaining information about—
(i)compliance with a directive requirement; or
(ii)the application of a directive requirement to a person;
(b)remedying a failure to comply with a directive requirement; or
(c)preventing a failure to comply, or continued non-compliance, with a directive requirement.
(3) A direction may require or prohibit the taking of specified action.
(4) A direction may apply—
(a)in relation to all regulated persons or in relation to every regulated person of a specified description; or
(b)in relation to a specified regulated person or specified regulated persons.
(5) A direction that applies as mentioned in paragraph (4)(a) is referred to in this Part as a “general direction”.
(6) A direction requiring the provision of information must specify the purpose for which the information is required, as appropriate, and the time within which the information is to be given.
(7) The Payment Systems Regulator must publish any general direction.
126. The Payment Systems Regulator may publish details of—
(a)a compliance failure by a regulated person; or
(b)a penalty imposed under regulation 127.
127.—(1) The Payment Systems Regulator may require a regulated person to pay a penalty in respect of a compliance failure.
(2) A penalty—
(a)must be paid to the Payment Systems Regulator; and
(b)may be enforced by the Payment Systems Regulator as a debt.
(3) The Payment Systems Regulator must prepare a statement of the principles which it will apply in determining—
(a)whether to impose a penalty; and
(b)the amount of a penalty.
(4) The Payment Systems Regulator must—
(a)publish the statement on its website;
(b)send a copy to the Treasury;
(c)review the statement from time to time and revise it if necessary (and sub-paragraphs (a) and (b) apply to a revision); and
(d)in applying the statement to a compliance failure, apply the version in force when the compliance failure occurred.
128. Before publishing details of a compliance failure by a regulated person under regulation 126(a) or imposing a penalty on a regulated person under regulation 127, the Payment Systems Regulator must—
(a)give the person notice in writing of the proposed publication or penalty and reasons for the proposed publication or penalty;
(b)give the person at least 21 days to make representations;
(c)consider any representations made; and
(d)as soon as is reasonably practicable, give the person a notice in writing stating whether or not it intends to publish the details or impose the penalty.
129.—(1) If, on the application of the Payment Systems Regulator, the court is satisfied—
(a)that there is a reasonable likelihood that there will be a compliance failure, or
(b)that there has been a compliance failure and there is a reasonable likelihood that it will continue or be repeated,
the court may make an order restraining the conduct constituting the failure.
(2) If, on the application of the Payment Systems Regulator, the court is satisfied—
(a)that there has been a compliance failure by a regulated person; and
(b)that there are steps which could be taken for remedying the failure,
the court may make an order requiring the regulated person, and anyone else who appears to have been knowingly concerned in the failure, to take such steps as the court may direct to remedy it.
(3) The jurisdiction conferred by this regulation is exercisable—
(a)in England and Wales and Northern Ireland, by the High Court; and
(b)in Scotland, by the Court of Session.
(4) In this regulation—
(a)references to an order restraining anything are, in Scotland, to be read as references to an interdict prohibiting that thing; and
(b)references to remedying a failure include mitigating its effect.
130.—(1) A person who is affected by a decision to give a direction under regulation 125 (directions) other than a general direction or a decision to publish details under regulation 126(a) (publication of compliance failures) may appeal against the decision to the Competition Appeal Tribunal in accordance with regulation 131.
(2) A person who is affected by a decision to impose a penalty under regulation 127 (penalties) may appeal against the decision to the Competition Appeal Tribunal in accordance with regulation 132.
131.—(1) This regulation applies where a person is appealing to the Competition Appeal Tribunal against a decision to give a direction under regulation 125 (directions) or to publish details under regulation 126(a) (publication of compliance failures).
(2) The means of making an appeal is by sending the Competition Appeal Tribunal a notice of appeal in accordance with Tribunal rules.
(3) The notice of appeal must be sent within the period specified, in relation to the decision appealed against, in those rules.
(4) In determining an appeal made in accordance with this regulation, the Competition Appeal Tribunal must apply the same principles as would be applied by a court on an application for judicial review.
(5) The Competition Appeal Tribunal must either—
(a)dismiss the appeal; or
(b)quash the whole or part of the decision to which the appeal relates.
(6) If the Competition Appeal Tribunal quashes the whole or part of a decision, it may refer the matter back to the Payment Systems Regulator with a direction to reconsider and make a new decision in accordance with its ruling.
(7) The Competition Appeal Tribunal may not direct the Payment Systems Regulator to take any action which it would not otherwise have the power to take in relation to the decision.
(8) In this regulation and regulation 132 “Tribunal rules” means rules under section 15 of the Enterprise Act 2002(58).
132.—(1) This regulation applies where a person is appealing to the Competition Appeal Tribunal against a decision to impose a penalty under regulation 127 (penalty).
(2) The person may appeal against—
(a)the imposition of the penalty;
(b)the amount of the penalty; or
(c)any date by which the penalty, or any part of it, is required to be paid.
(3) The means of making an appeal is by sending the Competition Appeal Tribunal a notice of appeal in accordance with Tribunal rules.
(4) The notice of appeal must be sent within the period specified, in relation to the decision appealed against, in those rules.
(5) The Competition Appeal Tribunal may do any of the following—
(a)uphold the penalty;
(b)set aside the penalty;
(c)substitute for the penalty a penalty of an amount decided by the Competition Appeal Tribunal;
(d)vary any date by which the penalty, or any part of it, is required to be paid.
(6) If an appeal is made in accordance with this regulation, the penalty is not required to be paid until the appeal has been determined.
(7) Paragraphs (2), (5) and (6) do not restrict the power to make Tribunal rules; and those paragraphs are subject to Tribunal rules.
(8) Except as provided by this regulation, the validity of the penalty may not be questioned by any legal proceedings whatever.
(9) In the case of an appeal made in accordance with this regulation, a decision of the Competition Appeal Tribunal has the same effect as, and may be enforced in the same manner as, a decision of the Payment Systems Regulator.
133.—(1) The Payment Systems Regulator must maintain arrangements designed to enable persons to submit complaints to it that a directive requirement has been breached.
(2) Where it considers it appropriate, the Payment Systems Regulator must include in any reply to a complaint under paragraph (1) details of the ombudsman scheme established under Part 16 of the 2000 Act (the ombudsman scheme).
134.—(1) The Payment Systems Regulator may give guidance consisting of such information and advice as it considers appropriate in relation to—
(a)the directive requirements;
(b)its functions under these Regulations;
(c)any related matters about which it appears to the Payment Systems Regulator to be desirable to give information or advice.
(2) In this Part “general guidance” means guidance given by the Payment Systems Regulator under this regulation which is—
(a)given to persons generally or to a class of persons;
(b)intended to have continuing effect; and
(c)given in writing or other legible form.
(3) The Payment Systems Regulator may publish its guidance.
135.—(1) Sections 81 to 93 of the 2013 Act (information and investigation powers and disclosure of information) apply for the purposes of the Payment Systems Regulator’s functions under these Regulations as if—
(a)references to Part 5 of the 2013 Act were references to these Regulations;
(b)references to a participant in a regulated payment system were references to a regulated person;
(c)references to a compliance failure were references to a compliance failure as defined in regulation 123 (interpretation of this Part);
(d)in section 81 (power to obtain information or documents)—
(i)subsection (1)(a) were omitted
(ii)in subsection (1)(b), “otherwise” were omitted; and
(iii)after subsection (3) there were inserted—
“(4) A notice under subsection (1) requiring information must specify the purpose for which the information is required and the time within which the information is to be provided.”.
(e)in section 82(1) (reports by skilled persons) the reference to participation in a payment system were a reference to compliance with the directive requirements;
(f)in section 83 (appointment of persons to conduct investigations), subsection (1) were omitted;
(g)in section 90 (enforcement of information and investigation powers)—
(i)in subsection (7)(a)(i) for “12 months (or 6 months, if the offence was committed before the commencement of section 154(1) of the Criminal Justice Act 2003)” there were substituted “3 months”;
(ii)in subsection (7)(a)(iii) for “6 months” there were substituted “3 months”; and
(iii)in subsection (8)(a) for “51 weeks (or 3 months, if the offence was committed before the commencement of section 280(2) of the Criminal Justice Act 2003)” there were substituted “3 months”;
(h)in section 91 (restrictions on disclosure of confidential information), subsection (6) were omitted; and
(i)in section 93 (offences relating to disclosure of confidential information), in subsection (4)(a) for “51 weeks (or 3 months, if the offence was committed before the commencement of section 280(2) of the Criminal Justice Act 2003)” there were substituted “3 months”.
(2) The Financial Services (Banking Reform) Act 2013 (Disclosure of Confidential Information) Regulations 2014(59) (“the 2014 Regulations”) apply for the purposes of the Payment Systems Regulator’s functions under these Regulations as if—
(a)the reference in regulation 5(3)(a) of the 2014 Regulations (disclosure for the purposes of certain other proceedings) to Part 5 of the 2013 Act were a reference to these Regulations; and
(b)the following entry were included in the table in the Schedule to the 2014 Regulations (persons and functions in respect of which disclosure is permitted)—
136.—(1) For the purposes of these Regulations section 40(3) and (4) of the 2013 Act (Financial Conduct Authority to ensure capability of Payment Systems Regulator) applies as if the reference in section 40(3) of that Act to the functions referred to in section 40(1) included a reference to the functions of the Payment Systems Regulator under these Regulations.
(2) For the purposes of these Regulations section 104 of the 2013 Act (consultation in relation to generally applicable requirements) applies as if—
(a)in subsection (1)—
(i)the reference in paragraph (a) to a general direction under section 54 of that Act were a reference to a general direction under regulation 125 (directions);
(ii)paragraph (b) were omitted;
(b)in subsection (3)(c), the reference to the Payment Systems Regulator’s duties under section 49 were a reference to the Payment Systems Regulator’s duties under regulation 124(2) and (3) (duties to maintain arrangements for monitoring and enforcement and to have regard to regulatory principles); and
(c)in subsection (10), the reference to regulated payment systems were a reference to regulated persons.
(3) For the purposes of these Regulations paragraphs 5, 7 and 9 to 14 of Schedule 4 to the 2013 Act (the Payment Systems Regulator) apply as if—
(a)references to the functions of the Payment Systems Regulator included references to the functions of the Payment Systems Regulator under the interchange fee regulation and these Regulations;
(b)in paragraph 5 of that Schedule (arrangements for discharging functions)—
(i)in sub-paragraph (3), the reference to general directions under section 54 of the 2013 Act included a reference to general directions under regulation 125;
(ii)in sub-paragraph (4), the reference to general guidance included a reference to general guidance under regulation 134 (guidance);
(c)in paragraph 9 (funding) of that Schedule, in sub-paragraph (1) the reference to participants in regulated payment systems included a reference to regulated persons;
(d)in paragraph 10 of that Schedule (penalty receipts)—
(i)references to penalties imposed under section 73 of the 2013 Act included references to penalties imposed under regulation 127 (penalties);
(ii)in sub-paragraph (4)—
(aa)in paragraph (a) the reference to the Payment Systems Regulator’s powers under sections 72 to 75 of the 2013 Act included a reference to the Payment Systems Regulator’s powers under regulations 126 to 129 (publication of compliance failures and penalties, penalties and injunctions);
(bb)in paragraphs (c) and (d) the reference to relevant offences included reference to offences under Part 5 of the 2013 Act as applied by regulation 135 and under these Regulations; and
(e)in paragraph 11 of that Schedule (penalty receipts)—
(i)in sub-paragraph (1), the reference to penalties imposed under section 73 of the 2013 Act included a reference to penalties imposed under regulation 127 (penalties); and
(ii)in sub-paragraphs (1) and (2), the references to participants in regulated payment systems included references to regulated persons.
137.—(1) A payment service provider may not agree with a payment service user that it will not comply with any provision of these Regulations unless—
(a)such agreement is permitted by these Regulations, or
(b)such agreement provides for terms which are more favourable to the payment service user than the relevant provisions of these Regulations.
(2) A contractual term is void if and to the extent that—
(a)the term is agreed in contravention of paragraph (1), or
(b)the term relates to a transaction alleged to have been unauthorised or defectively executed, and purports to—
(i)impose liability to provide compensation on a different person from the person identified in these Regulations, or
(ii)allocate the burden of proof to a different person from the person identified in these Regulations.
138.—(1) A person may not provide a payment service in the United Kingdom, or purport to do so, unless the person is—
(a)an authorised payment institution;
(b)a small payment institution;
(c)a registered account information service provider;
(d)an EEA authorised payment institution or an EEA registered account information service provider exercising its passport rights;
(e)a credit institution authorised in the United Kingdom or exercising an EEA right in accordance with Part 2 of Schedule 3 to the 2000 Act (exercise of passport rights by EEA firms);
(f)an electronic money institution which for the purposes of the Electronic Money Regulations 2011(62) is—
(i)registered in the United Kingdom as an authorised electronic money institution or a small electronic money institution; or
(ii)an EEA authorised electronic money institution exercising passport rights in the United Kingdom;
(g)the Post Office Limited;
(h)the Bank of England, the European Central Bank or a national central bank of an EEA State other than the United Kingdom,
(i)a government department or a local authority; or
(j)exempt under regulation 3 (exemption for certain bodies).
(2) A person who contravenes paragraph (1) is guilty of an offence and is liable—
(a)on summary conviction, to imprisonment for a term not exceeding three months or to a fine, which in Scotland or Northern Ireland may not exceed the statutory maximum, or both;
(b)on conviction on indictment, to imprisonment for a term not exceeding two years or to a fine, or both.
139.—(1) A person who does not fall within any of sub-paragraphs (a) to (f) of regulation 138(1) may not—
(a)describe themselves (in whatever terms) as a person falling within any of those sub-paragraphs; or
(b)behave, or otherwise hold themselves out, in a manner which indicates (or which is reasonably likely to be understood as indicating) that they are such a person.
(2) A person who contravenes paragraph (1) is guilty of an offence and is liable on summary conviction to imprisonment for a term not exceeding three months or to a fine, which in Scotland or Northern Ireland may not exceed level 5 on the standard scale, or both.
140. In proceedings for an offence under regulation 138 or 139 it is a defence for the accused to show that they took all reasonable precautions and exercised all due diligence to avoid committing the offence.
141.—(1) A person (not being a payment service provider) who contravenes regulation 57(2) or 58(2) (information on charges and exchange rates) is guilty of an offence and liable on summary conviction to a fine, which in Scotland or Northern Ireland may not exceed level 5 on the standard scale.
(2) No offence is committed if the person took all reasonable steps and exercised all due diligence to ensure that the requirement imposed on the person by regulation 57(2) or 58(2), as the case may be, would be complied with.
142.—(1) A person may not, in purported compliance with any requirement imposed by or under these Regulations, knowingly or recklessly give information which is false or misleading in a material particular to—
(a)the FCA; or
(b)the Payment Systems Regulator.
(2) A person may not—
(a)provide any information to another person, knowing the information to be false or misleading in a material particular, or
(b)recklessly provide to another person any information which is false or misleading in a material particular,
knowing that the information is to be used for the purpose of providing information to the FCA in connection with its functions under these Regulations.
(3) A person may not—
(a)provide any information to another person, knowing the information to be false or misleading in a material particular, or
(b)recklessly provide to another person any information which is false or misleading in a material particular,
knowing that the information is to be used for the purpose of providing information to the Payment Systems Regulator in connection with its functions under these Regulations.
(4) A person who contravenes paragraph (1), (2) or (3) is guilty of an offence and is liable—
(a)on summary conviction, to a fine, which in Scotland or Northern Ireland may not exceed the statutory maximum;
(b)on conviction on indictment, to a fine.
143. A person who is convicted of an offence under these Regulations is not liable to a penalty under regulation 111 or 127 (financial penalties) in respect of the same contravention of a requirement imposed by or under these Regulations.
144.—(1) If an offence under these Regulations committed by a body corporate is shown—
(a)to have been committed with the consent or connivance of an officer, or
(b)to be attributable to any neglect on their part,
the officer as well as the body corporate is guilty of the offence and liable to be proceeded against and punished accordingly.
(2) If the affairs of a body corporate are managed by its members, paragraph (1) applies in relation to the acts and defaults of a member in connection with such member’s functions of management as if the member were a director of the body.
(3) If an offence under these Regulations committed by a partnership is shown—
(a)to have been committed with the consent or connivance of a partner, or
(b)to be attributable to any neglect on their part,
the partner as well as the partnership is guilty of the offence and liable to be proceeded against and punished accordingly.
(4) If an offence under these Regulations committed by an unincorporated association (other than a partnership) is shown—
(a)to have been committed with the consent or connivance of an officer, or
(b)to be attributable to any neglect of such officer,
the officer as well as the association is guilty of the offence and liable to be proceeded against and punished accordingly.
(5) In this regulation—
“officer”—
in relation to a body corporate, means a director, manager, secretary, chief executive, member of the committee of management, or a person purporting to act in such a capacity; and
in relation to an unincorporated association, means any officer of the association or any member of its governing body, or a person purporting to act in such capacity; and
“partner” includes a person purporting to act as a partner.
145.—(1) Proceedings for an offence under these Regulations may be instituted only—
(a)in respect of an offence under regulation 138 (prohibition on provision of payment services by persons other than payment service providers), 139 (false claims to be a payment service provider or exempt), 141 (contravention of regulations 57 and 58), or 142(4) in so far as it relates to regulation 142(1)(a) or (2) (misleading the FCA), by the FCA;
(b)in respect of an offence under regulation 142(4) in so far as it relates to regulation 142(1)(b) or (3) (misleading the Payment Systems Regulator), by the Payment Systems Regulator; or
(c)by or with the consent of the Director of Public Prosecutions.
(2) Paragraph (1) does not apply to proceedings in Scotland.
146.—(1) Proceedings for an offence alleged to have been committed by a partnership or an unincorporated association must be brought in the name of the partnership or association (and not in that of its members).
(2) A fine imposed on the partnership or association on its conviction of an offence is to be paid out of the funds of the partnership or association.
(3) Rules of court relating to the service of documents are to have effect as if the partnership or association were a body corporate.
(4) In proceedings for an offence brought against the partnership or association—
(a)section 33 of the Criminal Justice Act 1925 (procedure on charge of offence against corporation)(63) and section 46 of and Schedule 3 to the Magistrates’ Courts Act 1980 (corporations)(64) apply as they do in relation to a body corporate;
(b)section 70 of the Criminal Procedure (Scotland) Act 1995 (proceedings against organisations)(65) applies as it does in relation to a body corporate;
(c)section 18 of the Criminal Justice (Northern Ireland) Act 1945 (procedure on charge)(66) and Schedule 4 to the Magistrates’ Courts (Northern Ireland) Order 1981 (corporations)(67) apply as they do in relation to a body corporate.
(5) Summary proceedings for an offence under these Regulations may be taken—
(a)against a body corporate or unincorporated association at any place at which it has a place of business;
(b)against an individual at any place where they are for the time being.
(6) Paragraph (5) does not affect any jurisdiction exercisable apart from this regulation.
147.—(1) The FCA, the Commissioners and the Payment Systems Regulator must take such steps as they consider appropriate to co-operate with each other and—
(a)the competent authorities designated under Article 22(1), or referred to in Article 100(1), of the payment services directive, of EEA States other than the United Kingdom;
(b)the European Central Bank, the Bank of England and the national central banks of EEA States other than the United Kingdom;
(c)any other relevant competent authorities designated under EU law or the law of the United Kingdom or any other EEA State which is applicable to payment service providers; and
(d)the European Banking Authority,
for the purposes of the exercise by those bodies of their functions under the payment services directive and other relevant EU or national legislation.
(2) Subject to the requirements of the Data Protection Act 1998(68), section 348 of the 2000 Act (restrictions on disclosure of confidential information by FCA etc.)(69) (as applied with modifications by paragraph 8 of Schedule 6 to these Regulations), regulation 105 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(70) (disclosure by the Commissioners) and any other applicable restrictions on the disclosure of information, the FCA, the Commissioners and the Payment Systems Regulator may provide information to each other and—
(a)the bodies mentioned in paragraph (1)(a), (c) and (d);
(b)the European Central Bank, the Bank of England and the national central banks of EEA States other than the United Kingdom when acting in their capacity as monetary and oversight authorities;
(c)where relevant, other public authorities responsible for the oversight of payment and settlement systems;
for the purposes of the exercise by those bodies of their functions under the payment services directive and other relevant EU or national legislation.
(3) Part 9 of the Enterprise Act 2002(71) (information) does not prohibit disclosure of information under paragraph (2) but a person to whom that Part applies must have regard to the considerations mentioned in section 244 of that Act (specified information: considerations relevant to disclosure) before making any such disclosure.
(4) If the European Banking Authority is assisting the FCA, or a competent authority in another EEA State, in relation to a disagreement between those authorities pursuant to Article 19 of Regulation (EU) 1093/2010 of the European Parliament and of the Council of 24th November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC(72), the FCA must defer any decision in relation to the subject of the disagreement until the disagreement is resolved under that Article.
148.—(1) A contravention—
(a)which is to be taken to have occurred by virtue of regulation 21 (authorised payment institutions, small payment institutions and registered account information service providers acting without permission);
(b)of a requirement imposed by regulation 23 (safeguarding requirements); or
(c)of a requirement imposed by or under Part 6 (information requirements for payment services) or 7 (rights and obligations in relation to the provision of payment services),
is actionable at the suit of a private person who suffers loss as a result of the contravention, subject to the defences and other incidents applying to actions for breach of statutory duty.
(2) A person acting in a fiduciary or representative capacity may bring an action under paragraph (1) on behalf of a private person if any remedy—
(a)will be exclusively for the benefit of the private person; and
(b)cannot be obtained by way of an action brought otherwise than at the suit of the fiduciary or representative.
(3) In this regulation “private person” means—
(a)any individual, except where the individual suffers the loss in question in the course of providing payment services; and
(b)any person who is not an individual, except where that person suffers the loss in question in the course of carrying on business of any kind;
but does not include a government, a local authority (in the United Kingdom or elsewhere) or an international organisation.
(4) Where there has been a contravention of a requirement under regulation 76(5)(b) (payment service provider’s liability for unauthorised payment transactions), 77(6) (payer or payee’s liability for unauthorised payment transactions), 93(4) (non-execution or defective or late execution of payment transactions initiated through a payment initiation service) or 95 (right of recourse) for a payment service provider to compensate another payment service provider, the payment service provider to which compensation is required to be paid is to be treated for the purposes of this regulation as if it were a private person.
149. Notwithstanding the revocation of the Payment Services Regulations 2009 by regulation 157 (revocations), those Regulations continue to apply in relation to services provided before 13th January 2018.
150.—(1) Where a person provides payment services before 13th January 2018 pursuant to an authorisation under the Payment Services Regulations 2009, or the national law in another EEA State transposing the first payment services directive, that person may continue to provide the services provided before that date until the end of 12th July 2018 without authorisation or registration under these Regulations or (in the case of an EEA authorised payment institution) the national law transposing the payment services directive.
(2) Where a person falls within paragraph (1) pursuant to an authorisation under the Payment Services Regulations 2009, until the end of 12th July 2018 or, if earlier, the date on which the person is authorised or registered under these Regulations—
(a)any requirement imposed under regulation 7 of the Payment Services Regulations 2009 (imposition of variations) applies in relation to services provided pursuant to this paragraph;
(b)regulations 10 (cancellation of authorisation), 11 (request for cancellation of authorisation) and 12 (variation of authorisation on FCA’s own initiative) of these Regulations apply in relation to the person as if references to authorisation were references to entitlement to provide payment services pursuant to this paragraph; and
(c)the person may not apply for a variation under regulation 8 of these Regulations (variation etc. at request of authorised payment institution) before it complies with paragraph (3) of this regulation.
(3) Where a person falling within paragraph (1) has its head office and its registered office (if any) in the United Kingdom and intends to provide payment services on or after 13th July 2018 other than pursuant to regulation 152, the person must before 13th April 2018—
(a)provide to the FCA all information specified in Schedule 2 that the person has not previously provided to the FCA; or
(b)notify the FCA that it has previously provided all such information to the FCA.
(4) Where a person provides information or a notification in accordance with paragraph (3), the FCA must treat the information or notification as an application for authorisation made in accordance with regulation 5.
(5) In this regulation “first payment services directive” means Directive 2007/64/EC of the European Parliament and of the Council of 13th November 2007 on payment services in the internal market amending Directives 97/7/EC, 2002/65/EC, 2005/60/EC and 2006/48/EC and repealing Directive 97/5/EC(73).
151.—(1) Where a person provides payment services before 13th January 2018 pursuant to a registration as a small payment institution under the Payment Services Regulations 2009—
(a)that person may continue to provide the services provided before that date until the end of 12th January 2019 without authorisation or registration under these Regulations;
(b)any requirement imposed under regulation 7 of the Payment Services Regulations 2009 (imposition of variations) (as applied by regulation 14 of those Regulations) applies in relation to services provided pursuant to this paragraph;
(c)regulations 10 (cancellation of registration), 11 (request for cancellation of authorisation) and 12 (variation of authorisation on FCA’s own initiative) of these Regulations, as applied by regulation 15 (supplementary provisions in relation to small payment institutions), apply in relation to the person as if references to registration were references to entitlement to provide payment services pursuant to this paragraph; and
(d)the person may not apply for a variation under regulation 8 of these Regulations (variation etc. at request of authorised payment institution) (as applied by regulation 15) before it complies with paragraph (2) of this regulation.
(2) If a person falling within paragraph (1) intends to provide payment services on or after 13th January 2019 the person must apply for authorisation or registration under these Regulations before 13th October 2018.
(3) The FCA must exercise its powers under regulation 13(1) and (3) in order to require a person making an application under paragraph (2) to provide to the FCA any relevant information not previously provided by the applicant.
152.—(1) Paragraphs (2) and (3) apply where, before 13th January 2018, a person provides payment services of the type described in paragraph 1(g) of Schedule 1 to the Payment Services Regulations 2009 which are also of the type described in paragraph 1(c) of Schedule 1 to these Regulations pursuant to an authorisation under the Payment Services Regulations 2009.
(2) For the purposes of those services, the person is to be treated as an authorised payment institution and the person’s entitlement to provide those services is to be treated as an authorisation granted under these Regulations.
(3) Paragraph (2) does not apply on or after 13th January 2020 unless the person has provided evidence to the FCA that it holds such own funds as are required under these Regulations before that date.
(4) Paragraphs (5) and (6) apply where, before 13th January 2018, a person provides payment services of the type described in paragraph 1(g) of Schedule 1 to the Payment Services Regulations 2009 which are also of the type described in paragraph 1(c) of Schedule 1 to these Regulations, pursuant to an authorisation under national legislation in another EEA State transposing the first payment services directive.
(5) For the purposes of those services, the person is to be treated as an EEA authorised payment institution and the person’s entitlement to provide those services is to be treated as an authorisation granted under such national legislation.
(6) Paragraph (5) does not apply on or after 13th January 2020 unless the person has provided evidence to its home state competent authority that it holds such own funds as are required under the payment services directive before that date.
(7) In this regulation “first payment services directive” has the meaning given in regulation 150(5).
153.—(1) The FCA must include in the register a person entitled to provide payment services by regulation 150, 151 or 152 or by this regulation.
(2) Where a person is entitled to provide payment services by regulation 150, 151 or 152 or by authorisation or registration granted pursuant to an application made under regulation 151(2) or treated as having been made under regulation 150(4)—
(a)any notification that person has given under regulation 21 (outsourcing) of the Payment Services Regulations 2009 is to be treated as a notification given under regulation 25 of these Regulations (outsourcing);
(b)any registration of an EEA branch of that person under regulation 24 of the Payment Services Regulations 2009 (registration of EEA branch) is to be treated as registration of an EEA branch under regulation 28 these Regulations (decision following notice of intention);
(c)any notification that the person has given under regulation 23 (notice of intention) of the Payment Services Regulations 2009 is to be treated as a notification under regulation 27 of these Regulations (notice of intention);
(d)any registration of an agent under regulation 29 (use of agents) of those Regulations is to be treated as registration of an agent under regulation 34 of these Regulations (use of agents).
(3) Where a person has made an application or request to the FCA under the Payment Services Regulations 2009 before 13th January 2018, and the FCA has not determined the application or request before that date, the application or request is to be treated as if it had been made under these Regulations on that date.
154.—(1) Paragraph (2) applies to a person that—
(a)provided account information services or payment initiation services before 12th January 2016;
(b)continues to provide such services immediately before 13th January 2018; and
(c)but for paragraph (2), would require a new authorisation or registration, or a variation of an authorisation, in order to continue to provide such services on and after 13th January 2018;
(2) During the period described in paragraph (3)—
(a)the person may continue to provide the services without a new authorisation or registration, or a variation of an authorisation, in respect of the services, and
(b)services provided as permitted by sub-paragraph (a) are to be treated for the purposes of these Regulations and the Electronic Money Regulations 2011 as if they were not account information services or payment initiation services.
(3) The period starts on 13th January 2018 and ends at the end of—
(a)the last day of the period of 18 months starting on the date on which the regulatory technical standards adopted under Article 98 of the payment services directive come into force; or
(b)if earlier, the date on which—
(i)the FCA notifies the person of its decision in relation to an application for authorisation or registration, or for variation of an authorisation, in respect of the services, or
(ii)the person gives the FCA notice of the withdrawal of such application.
(4) Until an account servicing payment service provider complies with the regulatory technical standards adopted under Article 98 of the payment services directive in respect of an account, the account servicing payment service provider must not abuse its non-compliance to block or obstruct the use of payment initiation services or account information services in respect of that account.
155. Schedule 7, which contains provisions concerning the application of these Regulations to Gibraltar, has effect.
156. Schedule 8, which contains amendments to primary and secondary legislation, has effect.
157. An instrument appearing in the first column of the table in Schedule 9 is revoked to the extent set out in the corresponding entry in the second column of the table.
158.—(1) The Treasury must from time to time—
(a)carry out a review of the regulatory provision contained in these Regulations; and
(b)publish the report setting out the conclusions of the review.
(2) The first report under this regulation must be published on or before 13th January 2023.
(3) Subsequent reports must be published at intervals not exceeding five years.
(4) Section 30(3) of the Small Business, Enterprise and Employment Act 2015(74) requires that a review carried out under this regulation must, so far as is reasonable, have regard to how the payment services directive is implemented in other countries which are subject to its obligations.
(5) Section 30(4) of that Act requires that a report published under this regulation must, in particular—
(a)set out the objectives intended to be achieved by the regulatory provision referred to in paragraph (1)(a);
(b)assess the extent to which those objectives are achieved;
(c)assess whether those objectives remain appropriate; and
(d)if those objectives remain appropriate, assess the extent to which they could be achieved in another way that imposes less onerous regulatory provision.
(6) In this regulation, “regulatory provision” has the same meaning as in sections 28 to 32 of the Small Business, Enterprise and Employment Act 2015 (see section 32 of that Act).
David Evennett
Mark Spencer
Two of the Lords Commissioners of Her Majesty’s Treasury
18th July 2017
Regulation 2(1)
1. Subject to Part 2, the following, when carried out as a regular occupation or business activity, are payment services—
(a)services enabling cash to be placed on a payment account and all of the operations required for operating a payment account;
(b)services enabling cash withdrawals from a payment account and all of the operations required for operating a payment account;
(c)the execution of payment transactions, including transfers of funds on a payment account with the user’s payment service provider or with another payment service provider—
(i)execution of direct debits, including one-off direct debits;
(ii)execution of payment transactions through a payment card or a similar device;
(iii)execution of credit transfers, including standing orders;
(d)the execution of payment transactions where the funds are covered by a credit line for a payment service user—
(i)execution of direct debits, including one-off direct debits;
(ii)execution of payment transactions through a payment card or a similar device;
(iii)execution of credit transfers, including standing orders;
(e)issuing payment instruments or acquiring payment transactions;
(f)money remittance;
(g)payment initiation services;
(h)account information services.
2. The following do not constitute payment services—
(a)payment transactions executed wholly in cash and directly between the payer and the payee, without any intermediary intervention;
(b)payment transactions between the payer and the payee through a commercial agent authorised in an agreement to negotiate or conclude the sale or purchase of goods or services on behalf of either the payer or the payee but not both the payer and the payee;
(c)the professional physical transport of banknotes and coins, including their collection, processing and delivery;
(d)payment transactions consisting of non-professional cash collection and delivery as part of a not-for-profit or charitable activity;
(e)services where cash is provided by the payee to the payer as part of a payment transaction for the purchase of goods or services following an explicit request by the payer immediately before the execution of the payment transaction;
(f)cash-to-cash currency exchange operations where the funds are not held on a payment account;
(g)payment transactions based on any of the following documents drawn on the payment service provider with a view to placing funds at the disposal of the payee—
(i)paper cheques of any kind, including traveller’s cheques;
(ii)bankers’ drafts;
(iii)paper-based vouchers;
(iv)paper postal orders;
(h)payment transactions carried out within a payment or securities settlement system between payment service providers and settlement agents, central counterparties, clearing houses, central banks or other participants in the system;
(i)payment transactions related to securities asset servicing, including dividends, income or other distributions, or redemption or sale, carried out by persons referred to in sub-paragraph (h) or by investment firms, credit institutions, collective investment undertakings or asset management companies providing investment services or by any other entities allowed to have the custody of financial instruments;
(j)services provided by technical service providers, which support the provision of payment services, without the provider entering at any time into possession of the funds to be transferred, excluding payment initiation services or account information services but including—
(i)the processing and storage of data;
(ii)trust and privacy protection services;
(iii)data and entity authentication;
(iv)information technology;
(v)communication network provision; and
(vi)the provision and maintenance of terminals and devices used for payment services;
(k)services based on specific payment instruments that can be used only in a limited way and meet one of the following conditions—
(i)allow the holder to acquire goods or services only in the issuer’s premises;
(ii)are issued by a professional issuer and allow the holder to acquire goods or services only within a limited network of service providers which have direct commercial agreements with the issuer;
(iii)may be used only to acquire a very limited range of goods or services; or
(iv)are valid only in a single EEA State, are provided at the request of an undertaking or a public sector entity, and are regulated by a national or regional public authority for specific social or tax purposes to acquire specific goods or services from suppliers which have a commercial agreement with the issuer.
(l)payment transactions resulting from services provided by a provider of electronic communications networks or services, including transactions between persons other than that provider and a subscriber, where those services are provided in addition to electronic communications services for a subscriber to the network or service, and where the additional service is—
(i)for purchase of digital content and voice-based services, regardless of the device used for the purchase or consumption of the digital content, and charged to the related bill; or
(ii)performed from or via an electronic device and charged to the related bill for the purchase of tickets or for donations to organisations which are registered or recognised as charities by public authorities, whether in the United Kingdom or elsewhere,
provided that the value of any single payment transaction does not exceed £40, and the cumulative value of payment transactions for an individual subscriber in a month does not exceed £240;
(m)payment transactions carried out between payment service providers, or their agents or branches, for their own account;
(n)payment transactions and related services between a parent undertaking and its subsidiary or between subsidiaries of the same parent undertaking, without any intermediary intervention by a payment service provider other than an undertaking belonging to the same group;
(o)cash withdrawal services provided through automatic teller machines, where the provider—
(i)is acting on behalf of one or more card issuers;
(ii)is not party to the framework contract with the customer withdrawing money from a payment account; and
(iii)does not conduct any other payment service.
Regulation 5(1)
1. A programme of operations setting out, in particular, the type of payment services envisaged.
2. A business plan including a forecast budget calculation for the first three financial years which demonstrates that the applicant is able to employ appropriate and proportionate systems, resources and procedures to operate soundly.
3. Evidence that the applicant holds initial capital for the purposes of regulation 6(3).
4. Where regulation 23 (safeguarding requirements) applies, a description of the measures taken for safeguarding payment service users’ funds in accordance with that regulation.
5. A description of the applicant’s governance arrangements and internal control mechanisms, including administrative risk management and accounting procedures, which demonstrates that such arrangements, mechanisms and procedures are proportionate, appropriate, sound and adequate.
6. A description of the applicant’s procedure for monitoring, handling and following up security incidents and security-related customer complaints, including an incidents reporting mechanism which takes account of the notification obligations under regulation 99 (incident reporting).
7. A description of the applicant’s process for filing, monitoring, tracking and restricting access to sensitive payment data.
8. A description of the applicant’s business continuity arrangements, including a clear identification of the critical operations, effective contingency plans, and a procedure for regular testing and reviewing of the adequacy and efficiency of such plans.
9. A description of the principles and definitions used by the applicant in collecting statistical data on performance, transactions and fraud.
10. A statement of the applicant’s security policy, including—
(a)a detailed risk assessment in relation to the payment services to be provided, including risks of fraud and illegal use of sensitive and personal data, and
(b)a description of—
(i)the applicant’s security control and mitigation measures to provide adequate protection to users against the risks identified,
(ii)how such measures ensure a high level of technical security and data protection, including such security and protection for the software and IT systems used by the applicant and any undertakings to which the applicant outsources any part of its operations, and
(iii)the applicant’s measures to comply with regulation 98(1) (management of operational and security risks), taking into account any guidelines issued by the European Banking Authority under Article 95(3) of the payment services directive.
11. For an applicant subject to the obligations in relation to money laundering and terrorist financing under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and Regulation 2015/847/EU of the European Parliament and of the Council of 20th May 2015 on information accompanying transfers of funds(75), a description of the internal control mechanisms which the applicant has established in order to comply with those obligations.
12. A description of the applicant’s structural organisation, including, where applicable, a description of the intended use of agents and branches and the off-site and on-site checks that the applicant undertakes to perform on them at least annually, a description of outsourcing arrangements, and a description of its participation in any national or international payment system.
13. In relation to each person holding, directly or indirectly, a qualifying holding in the applicant—
(a)the size and nature of their qualifying holding; and
(b)evidence of their suitability taking into account the need to ensure the sound and prudent management of a payment institution.
14.—(1) The identity of directors and persons who are or will be responsible for the management of the applicant and, where relevant, persons who are or will be responsible for the management of the payment services activities of the applicant.
(2) Evidence that the persons described in sub-paragraph (1) are of good repute and that they possess appropriate knowledge and experience to perform payment services.
15. The identity of the auditors of the applicant, if any.
16.—(1) The legal status of the applicant and, where the applicant is a limited company, its articles.
(2) In this paragraph “articles” has the meaning given in section 18 of the Companies Act 2006 (articles of association)(76).
17. The address of the head office of the applicant.
18. For the purposes of paragraphs 4, 5, 6 and 12, a description of the audit arrangements of the applicant and of the organisational arrangements the applicant has set up with a view to taking all reasonable steps to protect the interests of its payment service users and to ensure continuity and reliability in the performance of payment services.
19. In the case of an applicant which proposes to provide payment initiation services or account information services, the professional indemnity insurance or comparable guarantee which it holds in relation to such services.
Regulations 6(3) and 22(1)
1. For the purposes of this Part, “initial capital” comprises one or more of the items specified in Article 26(1)(a) to (e) of the capital requirements regulation.
2.—(1) The amount of initial capital referred to in regulations 6(3) (conditions for authorisation) and 22(1)(a) (capital requirements) is the amount specified in the second column of the table, corresponding to the payment services provided or to be provided as specified in the first column.
(2) Where payment services in more than one row of the table are provided or to be provided, the amount of initial capital is the greater of the corresponding amounts in the second column.
Payment services | Initial capital requirement (euros) |
---|---|
Services specified in paragraph 1(h) of Schedule 1 | None |
Services specified in paragraph 1(f) of Schedule 1 (money remittance) | 20,000 |
Services specified in paragraph 1(g) of Schedule 1 (payment initiation services) | 50,000 |
Services specified in paragraph 1(a) to (e) of Schedule 1 | 125,000 |
3. The amount of own funds referred to in regulation 22(1)(b) is to be calculated in accordance with such of Method A, Method B or Method C (set out in paragraphs 8 to 10) as the FCA may direct.
4. The FCA may direct that an authorised payment institution must hold own funds up to 20% higher, or up to 20% lower, than the amount which would result from paragraph 3.
5. A direction made under paragraph 4 must be on the basis of an evaluation of the relevant authorised payment institution including, if available and where the FCA considers it appropriate, any risk-management processes, risk loss database or internal control mechanisms of the authorised payment institution.
6. The FCA may make a reasonable charge for making an evaluation required under paragraph 5.
7. If an authorised payment institution has not completed a full financial year’s business, references to a figure for the preceding financial year are to be read as the equivalent figure projected in the business plan provided in the payment institution’s application for authorisation, subject to any adjustment to that plan required by the FCA.
8.—(1) “Method A” means the calculation method set out in this paragraph.
(2) The own funds requirement is 10% of the authorised payment institution’s fixed overheads for the preceding financial year.
(3) If a material change has occurred in an authorised payment institution’s business since the preceding financial year, the FCA may direct that the own funds requirement is to be a higher or lower amount than that calculated in accordance with sub-paragraph (2).
9.—(1) “Method B” means the calculation method set out in this paragraph.
(2) The own funds requirement is the sum of the following elements multiplied by the scaling factor—
(a)4% of the first 5,000,000 euros of payment volume;
(b)2.5% of the next 5,000,000 euros of payment volume;
(c)1% of the next 90,000,000 euros of payment volume;
(d)0.5% of the next 150,000,000 euros of payment volume; and
(e)0.25% of any remaining payment volume.
(3) “Payment volume” means the total amount of payment transactions executed by the authorised payment institution in the preceding financial year divided by the number of months in that year.
(4) The “scaling factor” is—
(a)0.5 for a payment institution that is authorised to provide only the payment service specified in paragraph 1(f) of Schedule 1 (money remittance); and
(b)1 for a payment institution that is authorised to provide any other payment service specified in paragraph 1(a) to (e) of Schedule 1.
10.—(1) “Method C” means the calculation method set out in this paragraph.
(2) The own funds requirement is the relevant indicator multiplied by—
(a)the multiplication factor; and
(b)the scaling factor;
subject to the proviso in sub-paragraph (7).
(3) The “relevant indicator” is the sum of the following elements—
(a)interest income;
(b)interest expenses;
(c)gross commissions and fees received; and
(d)gross other operating income.
(4) For the purpose of calculating the relevant indicator—
(a)each element must be included in the sum with its positive or negative sign;
(b)income from extraordinary or irregular items must not be used;
(c)expenditure on the outsourcing of services rendered by third parties may reduce the relevant indicator if the expenditure is incurred from a payment service provider;
(d)the relevant indicator is calculated on the basis of the twelve-monthly observation at the end of the previous financial year;
(e)the relevant indicator must be calculated over the previous financial year; and
(f)audited figures must be used unless they are not available in which case business estimates may be used.
(5) The “multiplication factor” is the sum of—
(a)10% of the first 2,500,000 euros of the relevant indicator;
(b)8% of the next 2,500,000 euros of the relevant indicator;
(c)6% of the next 20,000,000 euros of the relevant indicator;
(d)3% of the next 25,000,000 euros of the relevant indicator; and
(e)1.5% of any remaining amount of the relevant indicator.
(6) “Scaling factor” has the meaning given in paragraph 9(4).
(7) The proviso is that the own funds requirement must not be less than 80% of the average of the previous three financial years for the relevant indicator.
11. Except where this Schedule provides for a different method of recognition, measurement or valuation, whenever a provision in this Schedule refers to an asset, liability, equity or income statement item, an authorised payment institution must, for the purpose of that provision, recognise the asset, liability, equity or income statement item and measure its value in accordance with whichever of the following are applicable for the purpose of the institution’s external financial reporting—
(a)Financial Reporting Standards and Statements of Standard Accounting Practice issued or adopted by the Financial Reporting Council Limited;
(b)Statements of Recommended Practice, issued by industry or sectoral bodies recognised for this purpose by the Financial Reporting Council Limited;
(c)International Financial Reporting Standards and International Accounting Standards issued or adopted by the International Accounting Standards Board;
(d)International Standards on Auditing (United Kingdom and Ireland) issued by the Financial Reporting Council Limited or a predecessor body;
(e)the Companies Act 2006.
Regulations 43(2) and 48
1. The following information about the payment service provider—
(a)the name of the payment service provider;
(b)the address and contact details of the payment service provider’s head office;
(c)if different from the information under sub-paragraph (b), the address and contact details of the branch or agent from which the payment service is being provided;
(d)details of the payment service provider’s regulators, including any reference or registration number of the payment service provider.
2. The following information about the payment service—
(a)a description of the main characteristics of the payment service to be provided;
(b)the information or unique identifier that must be provided by the payment service user in order for a payment order to be properly initiated or executed;
(c)the form and procedure for giving consent to the initiation of a payment order or execution of a payment transaction and for the withdrawal of consent in accordance with regulation 67 (consent and withdrawal of consent);
(d)a reference to the time of receipt of a payment order, in accordance with regulation 81 (receipt of payment orders), and the cut-off time, if any, established by the payment service provider;
(e)the maximum execution time for the payment services to be provided;
(f)whether spending limits for the use of a payment instrument may be agreed in accordance with regulation 71(1) (limits on the use of payment instruments);
(g)in the case of co-badged card-based payment instruments, the payment services user’s rights under Article 8 of the interchange fee regulation.
3. The following information about charges, interest and exchange rates—
(a)details of all charges payable by the payment service user to the payment service provider, including those connected to the manner in and frequency with which information is provided or made available and, where applicable, a breakdown of the amounts of any charges;
(b)where relevant, details of the interest and exchange rates to be applied or, if reference interest and exchange rates are to be used, the method of calculating the actual interest and the relevant date and index or base for determining such reference interest or exchange rates;
(c)where relevant and if agreed, the immediate application of changes in reference interest or exchange rates and information requirements relating to the changes in accordance with regulation 50(4) (changes in contractual information).
4. The following information about communication—
(a)the means of communication agreed between the parties for the transmission of information or notifications under these Regulations including, where relevant, any technical requirements for the payment service user’s equipment and software for receipt of the information or notifications;
(b)the manner in which and frequency with which information under these Regulations is to be provided or made available;
(c)the language or languages in which the framework contract will be concluded and in which any information or notifications under these Regulations will be communicated;
(d)the payment service user’s right to receive the terms of the framework contract and information in accordance with regulation 49 (information during period of contract).
5. The following information about safeguards and corrective measures—
(a)where relevant, a description of the steps that the payment service user is to take in order to keep safe a payment instrument and how to notify the payment service provider for the purposes of regulation 72(1)(b) (obligations of the payment service user in relation to payment instruments and personalised security credentials);
(b)the secure procedure by which the payment service provider will contact the payment service user in the event of suspected or actual fraud or security threats;
(c)where relevant, the conditions under which the payment service provider proposes to reserve the right to stop or prevent the use of a payment instrument in accordance with regulation 71(2) to (6);
(d)the payer’s liability under regulation 77 (payer or payee’s liability for unauthorised payment transactions), including details of any limits on such liability;
(e)how and within what period of time the payment service user is to notify the payment service provider of any unauthorised or incorrectly initiated or executed payment transaction under regulation 74 (notification and rectification of unauthorised or incorrectly executed payment transactions), and the payment service provider’s liability for unauthorised payment transactions under regulation 76 (payment service provider’s liability for unauthorised payment transactions) or, as the case may be, section 83 of the Consumer Credit Act 1974(77) (liability for misuse of credit facilities);
(f)the payment service provider’s liability for the initiation or execution of payment transactions under regulation 91 or 92 (non-execution or defective or late execution of payment transactions);
(g)the conditions for the payment of any refund under regulation 79 (refunds for payment transactions initiated by or through a payee).
6. The following information about changes to and termination of the framework contract—
(a)where relevant, the proposed terms under which the payment service user will be deemed to have accepted changes to the framework contract in accordance with regulation 50(2) (changes in contractual information), unless they notify the payment service provider that they do not accept such changes before the proposed date of their entry into force;
(b)the duration of the framework contract;
(c)where relevant, the right of the payment service user to terminate the framework contract and any agreements relating to termination in accordance with regulation 51 (termination of framework contract).
7. The following information about redress—
(a)any contractual clause on—
(i)the law applicable to the framework contract;
(ii)the competent courts;
(b)the availability of alternative dispute resolution procedures for the payment service user and the methods for having access to them.
Regulation 119
1.—(1) If it appears to the FCA that sub-paragraph (4) has been, or is likely to be, contravened as respects an EEA authorised payment institution exercising passport rights in the United Kingdom, it may by notice given to the institution in accordance with Part 2 of this Schedule impose on the institution a credit prohibition.
(2) If it appears to the FCA that a restriction imposed under paragraph 2 on an EEA authorised payment institution exercising passport rights in the United Kingdom has not been complied with, it may by notice given to the institution in accordance with Part 2 of this Schedule impose on the institution a credit prohibition.
(3) “A credit prohibition” means a prohibition on carrying on, or purporting to carry on, in the United Kingdom any business which consists of or includes carrying on an activity—
(a)of the kind specified by article 36A, 36H, 39D, 39E, 39F, 39G, 60B, 60N, 89A or 89B of the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001(78) (activities relating to credit); and
(b)listed in Annex I to the payment services directive or which the institution is entitled to carry on in accordance with Article 18 of that directive.
(4) This sub-paragraph is contravened as respects an EEA authorised payment institution exercising passport rights in the United Kingdom if—
(a)the institution or any of its employees, agents or associates (whether past or present), or
(b)where the institution is a body corporate, any controller of the institution or an associate of any such controller,
does any of the things specified in sub-paragraph (5).
(5) A person does a thing specified in this sub-paragraph if the person—
(a)commits any offence involving fraud or other dishonesty or violence;
(b)contravenes any provision made by or under—
(i)the Consumer Credit Act 1974;
(ii)the 2000 Act, to the extent that that Act relates to any activity of the kind specified by article 36A, 36H, 39D, 39E, 39F, 39G, 60B, 60N, 89A or 89B of the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001;
(iii)any other enactment regulating the provision of credit to individuals or other transactions with individuals;
(c)contravenes any provision in force in an EEA State which corresponds to a provision of the kind mentioned in paragraph (b);
(d)practices discrimination on grounds of sex, colour, race or ethnic or national origins in, or in connection with, the carrying on of any business;
(e)engages in business practices appearing to the FCA to be deceitful or oppressive or otherwise unfair or improper (including practices that appear to the FCA to involve irresponsible lending).
(6) A credit prohibition may be absolute or may be imposed—
(a)for such period,
(b)until the occurrence of such event, or
(c)until such conditions are complied with,
as may be specified in the notice given under sub-paragraph (1) or (2).
(7) Any period, event or condition so specified may be varied by the FCA on the application of the institution concerned (for which, see paragraph 5).
(8) A credit prohibition may be withdrawn in whole or in part—
(a)on the initiative of the FCA, by notice served by the FCA on the institution concerned, and any such notice takes effect on such date as is specified in the notice;
(b)on an application submitted by the institution concerned (for which, see paragraph 5).
(9) Where the FCA withdraws a credit prohibition and imposes a restriction under paragraph 2, the FCA may specify that the withdrawal of the credit prohibition only takes effect when the imposition of the restriction is no longer open to review.
(10) For the purposes of sub-paragraph (9), whether the imposition of a restriction is open to review is to be determined in accordance with section 391(8) of the 2000 Act (publication) as if the imposition of the restriction were a matter to which a supervisory notice (within the meaning of that section) relates.
(11) An institution contravening a prohibition imposed under this paragraph is guilty of an offence and liable—
(a)on summary conviction to a fine, which in Scotland or Northern Ireland may not exceed the statutory maximum;
(b)on conviction on indictment, to a fine.
(12) In this paragraph—
“associate” has the same meaning as in article 60L of the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (interpretation of Chapter 14A)(79);
“controller” has the meaning given by section 422 of the 2000 Act (controller)(80).
(13) If a credit prohibition is in effect in relation to an institution, article 60JA of the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001 (payment institutions)(81) does not apply in relation to that institution.
2.—(1) In this paragraph, “restriction” means a direction that an EEA authorised payment institution exercising passport rights in the United Kingdom may not carry on in the United Kingdom, otherwise than in accordance with such conditions as may be specified in the direction, any business which consists of or includes carrying on an activity—
(a)of the kind specified in article 36A, 36H, 39D, 39E, 39F, 39G, 60B, 60N, 89A or 89B of the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001;
(b)listed in Annex I to the payment services directive or which the institution is entitled to carry on in accordance with Article 18 of that directive; and
(c)specified in the direction.
(2) If it appears to the FCA that the situation as respects an EEA authorised payment institution exercising passport rights in the United Kingdom is such that the powers conferred by paragraph 1 are exercisable, the FCA may, instead of imposing a credit prohibition—
(a)impose by notice given in accordance with Part 2 of this Schedule such restriction as appears to it desirable;
(b)where it has already imposed a restriction, vary the restriction on the FCA’s own initiative by notice given in accordance with Part 2 of this Schedule.
(3) The FCA may also impose a restriction by notice given in accordance with Part 2 of this Schedule if it withdraws a credit prohibition.
(4) A restriction may be—
(a)withdrawn on the initiative of the FCA, by notice served by the FCA on the institution concerned, and any such notice takes effect on such date as is specified in the notice;
(b)withdrawn or varied on an application submitted by the institution concerned (for which, see paragraph 5).
(5) An institution contravening a restriction is guilty of an offence and liable—
(a)on summary conviction to a fine, which in Scotland or Northern Ireland may not exceed the statutory maximum;
(b)on conviction on indictment, to a fine.
3. In this Part—
“prohibition” means a credit prohibition imposed under paragraph 1(1) or (2) of Part 1 of this Schedule; and
“restriction” means a restriction imposed under paragraph 2(2) or (3) of Part 1 of this Schedule.
4.—(1) A prohibition or restriction takes effect—
(a)immediately, if the relevant notice states that that is the case,
(b)on such date as may be specified in the notice, or
(c)if no date is specified in the notice, when the matter to which the notice relates is no longer open to review.
(2) An institution which is aggrieved by the imposition of a prohibition or a restriction by a notice given under this paragraph may refer the matter to the Upper Tribunal.
(3) A prohibition or restriction may be expressed to take effect immediately (or on a specified date) only if the FCA, having regard to the ground on which it is imposing the prohibition or restriction, reasonably considers that it is necessary for the prohibition or restriction to take effect immediately (or on that date).
(4) The notice must—
(a)give details of the prohibition or restriction,
(b)state the FCA’s reasons for the prohibition or restriction,
(c)inform the institution that it may make representations to the FCA within such period as is specified in the notice (whether or not the institution has referred the matter to the Upper Tribunal),
(d)inform the institution of when the prohibition or restriction takes effect, and
(e)inform the institution of its right to refer the matter to the Upper Tribunal.
(5) The FCA may extend the period allowed under the notice for making representations.
(6) If, having considered any representations made by the institution, the FCA decides--
(a)to impose the proposed prohibition or restriction, or
(b)if the prohibition or restriction has already taken effect, not to withdraw the prohibition or restriction,
it must give the institution a notice.
(7) If, having considered any representations made by the institution, the FCA decides—
(a)not to impose the proposed prohibition or restriction,
(b)to impose a different prohibition or restriction, or
(c)if the prohibition or restriction has already taken effect, to withdraw the prohibition or restriction,
it must give the institution a notice.
(8) A notice under sub-paragraph (6) must inform the institution of its right to refer the matter to the Upper Tribunal.
(9) A notice under sub-paragraph (7)(b) must comply with sub-paragraph (4).
(10) If a notice under this paragraph informs an institution of its right to refer a matter to the Upper Tribunal, it must give an indication of the procedure on such a reference.
(11) For the purposes of sub-paragraph (1)(c)—
(a)whether a matter is open to review is to be determined in accordance with section 391(8) of the 2000 Act (publication);
(b)the notice to which the matter relates is to be treated as a supervisory notice for the purposes of that section.
(12) References in this paragraph to the imposition of a restriction include references to the variation of a restriction on the initiative of the FCA.
5.—(1) An application under Part 1 of this Schedule must—
(a)be made in such manner as the FCA may direct, and
(b)contain, or be accompanied by, such other information as the FCA may reasonably require.
(2) At any time after the application is received and before it is determined, the FCA may require the applicant to provide it with such further information as it reasonably considers necessary to enable it to determine the application.
(3) Different directions may be given, and different requirements imposed, in relation to different applications or categories of application.
(4) The FCA may require an applicant to provide information required under this paragraph in such form, or to verify it in such a way, as the FCA may direct.
(5) If the FCA decides to grant an application, it must give the applicant a notice.
(6) If the FCA proposes to refuse an application, or to take an action different from or in addition to the one applied for (including a proposal to impose a restriction when withdrawing a prohibition on an application under paragraph 1(8)(b)), it must give the applicant a warning notice.
(7) If the FCA decides to refuse an application, or to take an action different from or in addition to the one applied for (including a decision to impose a restriction when withdrawing a prohibition on an application under paragraph 1(8)(b)), it must give the applicant a decision notice.
(8) An applicant who is aggrieved by a decision notice given under this paragraph may refer the matter to the Upper Tribunal.
6. If the FCA sends a notice to an institution under this Schedule which imposes, varies or withdraws a prohibition or restriction, it must send a copy of the notice to the institution’s home state competent authority.
Regulation 122
1. Sections 66 (disciplinary powers) to 70 (statements of policy: procedure) of the 2000 Act(82) apply but as if for section 66A (misconduct: action by the FCA) there were substituted—
“66A.—(1) For the purposes of action by the FCA, a person is guilty of misconduct if, while a relevant person, the person has been knowingly concerned in a contravention of the Payment Services Regulations 2017 by a payment service provider.
(2) “Relevant person” means any person responsible for the management of the payment service provider or, where relevant, any person responsible for the management of the payment service provider’s payment services activities.”.
2. Part 9 of the 2000 Act (hearings and appeals)(83) applies in respect of references to the Upper Tribunal made under these Regulations as it applies in respect of references made to the Upper Tribunal under that Act, with the following modifications—
(a)section 133 (proceedings before Tribunal: general provision) is to be read as if for subsection (7A) there were substituted—
“(7A) A reference is a “disciplinary reference” for the purposes of this section if it is in respect of any of the following decisions under the Payment Services Regulations 2017—
(a)a decision to publish a statement under regulation 110;
(b)a decision to impose a penalty under regulation 111.”;
(b)subsection (1) of section 133A (proceedings before Tribunal: decision and supervisory notices, etc.) is to be read as if “, as a result of section 388(2)” were omitted; and
(c)section 133A is to be read as if subsection (5) were omitted.
3.—(1) Section 137A of the 2000 Act (the FCA’s general rules)(84) applies as if—
(a)references to authorised persons were references to authorised payment institutions, small payment institutions, registered account information service providers, EEA authorised payment institutions, EEA registered account information service providers and electronic money institutions;
(b)in subsection (1)—
(i)the reference in paragraph (a) to the carrying on of regulated activities were to the provision of payment services, and
(ii)the reference in paragraph (b) to the carrying on of activities which are not regulated activities were to the carrying on of activities in connection with the provision of payment services;
(c)in subsection (5)—
(i)references to an EEA firm were to an EEA authorised payment institution or EEA registered account information service provider;
(ii)in paragraph (a), reference to permission conferred by Part 2 of Schedule 3 to FSMA were to permission conferred by regulation 29(2) of these Regulations;
(iii)in paragraph (b), reference to any of the single market directives or the emission allowance auctioning regulation were to the payment services directive;
(d)after subsection (5) there were inserted—
“(6) The FCA may make a rule pursuant to paragraph (1) only if the FCA is also making, or has made, a rule under this section or section 137R (financial promotion rules)(85) concerning the same matter which applies to authorised persons in connection with the provision of payment services.”.
(2) Sections 137T (general supplementary powers) and 141A (power to make consequential amendments of references to rules) and Chapter 2 of Part 9A (rules: modification, waiver, contravention and procedural provisions) of the 2000 Act(86) apply in relation to rules made pursuant to sub-paragraph (1) as they do in relation to other rules made by the FCA under section 137A of the 2000 Act, subject to sub-paragraph (3).
(3) Section 138D (actions for damages) applies as if in that section subsection (6) were omitted and “private person” had the meaning given in regulation 148(3) of these Regulations (actions for breach of requirements).
4. Part 11 of the 2000 Act (information gathering and investigations)(87) applies with the following modifications—
(a)section 165 (regulators’ power to require information) is to be read as if—
(i)references to an authorised person were references to a payment service provider;
(ii)in subsection (4), for “this Act” there were substituted “the Payment Services Regulations 2017”; and
(iii)in subsection (7), paragraphs (b) to (e) were omitted;
(b)section 166 (reports by skilled persons) is to be read as if—
(i)references to an authorised person were references to a payment service provider; and
(ii)subsections (10) and (11) were omitted;
(c)section 166A (appointment of skilled person to collect and update information) is to be read as if references to an authorised person were to a payment service provider;
(d)section 167 (appointment of persons to carry out general investigations) is to be read as if—
(i)references to a recognised investment exchange, an authorised person or an appointed representative were references to a payment service provider;
(ii)in subsection (4), references to a former authorised person or appointed representative were to a former payment service provider;
(iii)in subsection (5) for “regulated activities” there were substituted “payment services”; and
(iv)for subsection (5A) there were substituted—
“(5A) “Investigating authority” means the FCA.”;
(v)subsection (6) were omitted;
(e)section 168 (appointment of persons to carry out investigations in particular cases) is to be read as if—
(i)in subsection (1)—
(aa)after paragraph (b) there were inserted—
“(c)a person may have contravened any requirement of or imposed under the Payment Services Regulations 2017;
(d)an EEA authorised payment institution exercising passport rights in the United Kingdom may have contravened, or may be likely to contravene, a prohibition or restriction within the meaning of paragraph 3 (interpretation) of Schedule 5 to the Payment Services Regulations 2017 (credit agreements);
(e)paragraph 1(4) of that Schedule 5 (power to prohibit the entry into credit agreements) may have been contravened, or may be likely to be contravened, as respects an EEA authorised payment institution exercising passport rights in the United Kingdom.”;
(bb)in paragraph (b) for “191F” to the end there were substituted “or under regulation 138, 139, 141 or 142 of the Payment Services Regulations 2017”;
(ii)for subsection (2) there were substituted—
“(2) Subsection (3) also applies if it appears to an investigating authority that there are circumstances suggesting that a person may be guilty of an offence under, or has contravened a requirement of, the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(88).”;
(iii)subsections (4) and (5) were omitted; and
(iv)for subsection (6) there were substituted—
“(6) “Investigating Authority” means the FCA.”;
(f)section 169 (investigations etc in support of overseas regulator) is to be read as if—
(i)in subsection (8) for “Part XXIII” there were substituted “sections 348, 349 and 352, as applied with modifications by the Payment Services Regulations 2017”; and
(ii)in subsection (13) for “has the same meaning as in section 195” there were substituted “means a competent authority in another EEA State designated in accordance with Article 22 of the payment services directive”;
(g)section 170 (investigations: general) is to be read as if—
(i)in subsection (1) “or (5)” were omitted;
(ii)in subsection (3)(a) “or (4)” were omitted; and
(iii)for subsection (10) there were substituted—
“(10) “Investigating authority” in relation to an investigator means the FCA.”;
(h)section 171 (powers of persons appointed under section 167) is to be read as if subsections (3A) and (7) were omitted;
(i)section 172(4) (additional power of persons appointed as a result of section 168(1) or (4)) is to be read as if “or (4)” were omitted;
(j)section 174 (admissibility of statements made to investigators) is to be read as if—
(i)in subsection (2) “or in proceedings in relation to action to be taken against that person under section 123 to which this section applies” were omitted;
(ii)in subsection (3)(a) for “398” there were substituted “regulation 142 of the Payment Services Regulations 2017”;
(iii)subsection (3A) were omitted; and
(iv)in subsection (4) “or (5)” were omitted;
(k)section 175(8) (information and documents: supplemental provisions) is to be read as if “or (5)” were omitted;
(l)section 176 (entry of premises under warrant) is to be read as if—
(i)in subsection (3)(a) for “an authorised person or an appointed representative” there were substituted “a payment service provider”;
(ii)in subsection (10) “or (5)” were omitted;
(iii)for subsection (11)(a) there were substituted—
“(a)by the FCA under section 165 or 175; or”;
(m)177(5)(a) (offences) is to be read as if for “six months” there were substituted “three months”.
5. Part 12 of the 2000 Act (control over authorised persons)(89) applies with the following modifications—
(a)references to a UK authorised person are to be read as references to an authorised payment institution or small payment institution other than one included in the register pursuant to regulation 153(1) (transitional provisions);
(b)section 178 (obligation to notify the appropriate regulator) is to be read as if for subsection (2A) there were substituted—
“(2A) In this Part, “the appropriate regulator” means the FCA.”;
(c)section 187(2)(b) (approval with conditions) is to be read as if “section 187A(3)(b) or” were omitted;
(d)section 187A (assessment: consultation by PRA with FCA) is to be disregarded;
(e)section 187C (variation etc of conditions) is to be read as if subsection (1) were omitted;
(f)section 188(1), (2) and (3) (assessment: consultation with EC competent authorities) are to be read as if after “home state regulator” there were inserted “or home state competent authority”;
(g)section 191A (objection by the appropriate regulator) is to be read as if subsection (4A) were omitted;
(h)section 191B (restriction notices) is to be read as if—
(i)subsection (2A) were omitted;
(ii)after subsection (2B) there were inserted—
“(2C) In a restriction notice, the FCA must direct that voting power to which the notice relates is, until further notice, not to be exercisable.”;
(iii)for subsection (3)(b) there were substituted—
“(b)voting power that has been exercised as a result of the acquisition is void;”;
(i)section 191C (orders for sale of shares) is to be read as if subsection (2A) were omitted;
(j)section 191D (obligation to notify the appropriate regulator: dispositions of control) is to be read as if subsection (1A) were omitted;
(k)section 191F (offences) is to be read as if in subsections (8)(a) and (9)(a), for “to a fine not exceeding the statutory maximum” there were substituted in each case “to a fine, which in Scotland or Northern Ireland may not exceed the statutory maximum”;
(l)section 191G (interpretation) is to be read as if, in subsection (1), the definition of “UK authorised person” were omitted; and
(m)section 192 (power to change definitions of control etc) is to be disregarded.
6.—(1) Part 13 of the 2000 Act (incoming firms: intervention by FCA or PRA)(90) applies with the following modifications.
(2) References to—
(a)“the regulator” or “the appropriate regulator” are to be read as references to the FCA;
(b)requirements imposed by or under the 2000 Act are to be read as references to requirements imposed by or under these Regulations.
(3) Section 193 (interpretation) is to be read as if—
(a)in subsection (1), for the definition of “incoming firm” there were substituted—
““incoming firm” means an EEA authorised payment institution or EEA registered account information service provider which is exercising, or has exercised, its right to provide payment services in the United Kingdom in accordance with the Payment Services Regulations 2017;”,
(b)subsection (1A) were omitted; and
(c)for subsection (2) there were substituted—
“(2) Expressions used in this Part and in the Payment Services Regulations 2017 have the same meaning in this Part as they have in those Regulations.”.
(4) Section 194 (general grounds on which power of intervention is exercisable) is to be read as if subsections (1)(c)(ii) and (1AA) to (5) were omitted.
(5) Sections 194A to 194C, 195A, 195B, 198 to 199A and 201 are to be disregarded.
(6) Section 195 (exercise of power in support of overseas regulator) is to be read as if—
(a)subsection (2A) were omitted; and
(b)in subsection (5)(b), the reference to an EEA firm’s EEA authorisation were a reference to an EEA authorised payment institution’s authorisation under the payment services directive.
(7) Section 196 (the power of intervention) is to be read as if—
(a)in subsection (1), for paragraphs (a) and (b) there were substituted—
“(a)the firm were an authorised payment institution; and
(b)the FCA were entitled to exercise its power under regulation 12 of the Payment Services Regulations 2017 (variation of authorisation on FCA’s own initiative) by imposing a requirement such as may, under regulation 7 of those Regulations (imposition of requirements), be included in an authorisation under those Regulations.”; and
(b)subsection (3) were omitted.
(8) Section 202 (contravention of requirement) is to be read as if for subsection (2) there were substituted—
“(2) Regulation 148 of the Payment Services Regulations 2017 (actions for breach of requirements) applies to the contravention as if it were a contravention of Part 6 or 7 of those Regulations.”.
7. Sections 341 (access to books etc) to 346 (provision of false or misleading information to auditor or actuary) of the 2000 Act(91) apply with the following modifications—
(a)references to a regulator are to be read as references to the FCA and references to the PRA are to be disregarded;
(b)references to an authorised person are to be read as an authorised payment institution or a person required by regulation 39 to provide an audit opinion to the FCA;
(c)section 344 (duty of auditor or actuary resigning etc. to give notice) is to be read as if for subsection (4) there were substituted—
“(4) In this section “the appropriate regulator” means the FCA.”.
8.—(1) Sections 348 (restrictions on disclosure of confidential information by FCA, PRA etc)(92), 349 (exceptions from section 348)(93) and 352 (offences)(94) of the 2000 Act apply with the following modifications—
(a)section 348 is to be read as if—
(i)in subsection (2)(b) for the words from “, the PRA” to the end there were substituted “under the Payment Services Regulations 2017”;
(ii)in subsection (3)(a) for “this Act” there were substituted “the Payments Services Regulations 2017”;
(iii)in subsection (5)—
(aa)for “this Part”, there were substituted “the Payment Services Regulations 2017”;
(bb)paragraphs (aa), (c) and (zd) were omitted;
(cc)in paragraph (e) for “paragraphs (a) to (c)” there were substituted “paragraph (a)”;
(iv)for subsection (6) there were substituted—
“(6) In subsection (5)(f), “expert” includes any body or person appointed under regulation 108 of the Payment Services Regulations 2017 to perform a function on behalf of the FCA.”;
(v)subsection (8) were omitted.
(b)section 349 is to be read as if subsections (3A) and (3B) were omitted.
9. Sections 359 (administration order)(95), 367 (winding-up petitions) and 368 (winding-up petitions: EEA and Treaty firms)(96) of the 2000 Act apply with the following modifications—
(a)references to an authorised person are to be read as references to an authorised payment institution or an EEA authorised payment institution;
(b)section 359 is to be read as if—
(i)subsections (1)(b), (1A), (3)(b) and (c) and (5) were omitted;
(ii)for subsection (1)(c) there were substituted—
“(c)is providing or has provided payment services in contravention of regulation 138(1) of the Payment Services Regulations 2017.”;
(iii)in subsection (3)(a) there were omitted “or partnership” and for “an agreement” there were substituted “a contract for payment services”; and
(iv)in subsection (4) the definitions of “agreement”, “authorised deposit taker”, “authorised reclaim fund” and “relevant deposit” were omitted;
(c)section 367 is to be read as if—
(i)subsections (1)(b), (1A), (2), (5), (6) and (7) were omitted;
(ii)for subsection (1)(c) there were substituted—
“(c)is providing or has provided payment services in contravention of regulation 138(1) of the Payment Services Regulations 2017.”; and
(iii)in subsection (4) for “an agreement” there were substituted “a contract for payment services”; and
(d)section 368 is to be read as if—
(i)in subsection (1) for the words from “winding up” to the end substitute “winding up of an EEA authorised payment institution unless it has been asked to do so by the home state competent authority.”; and
(ii)subsection (2) were omitted.
10. Part 26 of the 2000 Act (notices)(97) applies with the following modifications—
(a)section 388 (decision notices) is to be read as if subsection (2) were omitted;
(b)section 390 (final notices) is to be read as if the reference in subsection (6) to section 384(5) were a reference to regulation 114(2) of these Regulations;
(c)subsection 391 (publication) is to be read as if—
(i)for subsection (1ZB) there were substituted—
“(1ZB) A warning notice falls within this subsection if it is given under regulation 112 of the Payment Services Regulations 2017.”;
(ii)in subsection (10), for “has the same meaning as in section 395” there were substituted “means a notice given under regulation 12(6), (9) or (10)(b) (including as applied by regulation 15 or 19) of, or paragraph 4 of Schedule 5 to, the Payment Services Regulations 2017)”;
(d)section 392 (application of sections 393 and 394) is to be read as if for paragraphs (a) and (b) there were substituted—
“(a)a warning notice given in accordance with regulations 10(2) (including as applied by regulation 15 or 19), 28(1) (in relation to the cancellation of a registration), 35(2), 112(1) or 115(1) of the Payment Services Regulations 2017;
(b)a decision notice given in accordance with regulations 10(3)(a) (including as applied by regulation 15 or 19), 28(2)(a)(i) (in relation to the cancellation of a registration), 35(3)(a), 112(3) or 115(3) of the Payment Services Regulations 2017.”; and
(e)section 395 (the FCA’s and PRA’s procedures) is to be read as if in subsection (13) for “in accordance with” to the end there were substituted “under regulation 12(6), (9) or (10)(b) (including as applied by regulation 15 or 19) of, or paragraph 4 of Schedule 5 to, the Payment Services Regulations 2017”.
11. Section 413 of the 2000 Act (protected items) applies for the purposes of these Regulations as it applies for the purposes of that Act.
12. The Financial Services and Markets Act 2000 (Service of Notices) Regulations 2001(98) apply to any notice, direction or document of any kind given by or to the FCA under these Regulations as it applies to any notice, direction or document of any kind under the 2000 Act.
13. The Financial Services and Markets Act 2000 (Disclosure of Confidential Information) Regulations 2001(99) apply with the following modifications—
(a)regulation 2 (interpretation) is to be read as if—
(i)in the definition of “EEA competent authority” after “single market directives” there were inserted “, the payment services directive, Regulation (EU) 2015/751 of the European Parliament and of the Council of 29th April 2015 on interchange fees for card-based payment transactions(100)”;
(ii)in paragraph (a) of the definition of “overseas regulatory authority” after “of the Act” there were inserted “or any function conferred under national legislation in implementation of the payment services directive”; and
(iii)after the definition of “overseas regulatory authority” there were inserted—
““payment services directive” means Directive 2015/2366/EU of the European Parliament and of the Council of 25th November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No. 1093/2010, and repealing Directive 2007/64/EC(101);
“payment services directive information” means confidential information received by the FCA in the course of discharging its functions as the competent authority under the payment services directive;”;
(iv)in the definition of “single market restrictions” after paragraph (o) there were inserted—
“(p)article 24 of the payment services directive;”;
(b)regulation 5(4)(a) (disclosure for the purposes of certain other proceedings) is to be read as if for “an authorised person, former authorised person or former regulated person” there were substituted “a payment service provider, former payment service provider, excluded provider or former excluded provider”;
(c)regulation 5(6)(e) is to be read as if for “an authorised person, former authorised person or former regulated person” there were substituted “a payment service provider, former payment service provider, excluded provider or former excluded provider”;
(d)regulation 8 (application of Part 3) is to be read as if after sub-paragraph (f) there were inserted—
“(g)payment services directive information.”;
(e)regulation 9 (disclosure by regulators or regulator workers to certain other persons) is to be read as if—
(i)in paragraph (1) after “paragraphs” there were inserted “(1B)”; and
(ii)after paragraph (1A) there were inserted—
“(1B) Paragraph (1) does not permit disclosure to the persons specified in the first column in Part 4A of Schedule 1 unless the disclosure is of payment services directive information.”;
(f)regulation 11 (application of Part 4) is to be read as if after sub-paragraph (h) there were inserted—
“(i)payment services directive information.”;
(g)Part 1 of Schedule 1 (disclosure of confidential information whether or not subject to single market restrictions) is to be read as if, in the second column, in the list of functions beside—
(i)“An official receiver appointed under section 399 of the Insolvency Act 1986, or an official receiver for Northern Ireland appointed under article 355 of the Insolvency (Northern Ireland) Order 1989”, after paragraph (ii) there were inserted—
“or
(iv)payment service providers, former payment service providers, excluded providers or former excluded providers”;
(ii)“The Department of Enterprise, Trade and Investment in Northern Ireland”, after paragraph (c)(ii) there were inserted—
“or
(iii)payment service providers, former payment service providers, excluded providers or former excluded providers”;
(iii)“The Pensions Regulator”, after paragraph (ii) there were inserted—
“or
(iii)payment service providers, former payment service providers, excluded providers or former excluded providers”;
(iv)“The Charity Commissioners for England and Wales”, after paragraph (ii) there were inserted—
“or
(iii)payment service providers, former payment service providers, excluded providers or former excluded providers”; and
(h)Schedule 1 is to be read as if after Part 4 there were inserted—
Person | Functions> |
---|---|
The Commissioners for Her Majesty’s Revenue and Customs | Their functions under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017”. |
Regulation 155
1.—(1) These Regulations apply in relation to a firm which—
(a)has its head office in Gibraltar; and
(b)is authorised in Gibraltar to provide payment services;
as follows.
(2) The firm is to be treated as having an entitlement, corresponding to its passport right deriving from the payment services directive, to establish a branch or provide services in the United Kingdom.
(3) References in these Regulations to—
(a)an “EEA authorised payment institution” or “EEA registered account information service provider” are to be treated as references to the firm;
(b)“home state competent authority” are to be treated as references to the competent authority (within the meaning of the payment services directive) in Gibraltar in relation to the firm; and
(c)“passport rights” are to be treated as references to the entitlement mentioned in sub-paragraph (2).
2.—(1) For the purposes of these Regulations, an authorised payment institution or registered account information service provider is to be treated as having an entitlement, corresponding to its passport right, to establish a branch or provide services in Gibraltar.
(2) In relation to an authorised payment institution which establishes a branch, or provides services, in Gibraltar, references in these Regulations to—
(a)“EEA branch” are to be treated as including a reference to such a branch;
(b)“EEA State” are to be treated as including references to Gibraltar;
(c)“host state competent authority” are to be treated as including a reference to the competent authority (within the meaning of the payment services directive) in Gibraltar in relation to the institution; and
(d)“passport rights” are to be treated as including references to the entitlement mentioned in sub-paragraph (1).
3.—(1) Section 138L(1) of the 2000 Act (consultation: general exemptions)(102) has effect for the purposes of these Regulations as if modified by adding at the end “or if it is making rules for the purpose of extending rules that apply to EEA authorised payment institutions to Gibraltar-based firms”.
(2) Paragraph 14 of Schedule 17 to the 2000 Act (the ombudsman scheme: the scheme operator’s rules)(103) has effect for the purposes of these Regulations as if modified by adding at the end—
“(8) Sub-paragraphs (4), (5) and (6) above do not apply if the scheme operator is making rules for the purpose of extending rules that apply to EEA authorised payment institutions to Gibraltar-based firms.”.
Regulation 156
1. In the Consumer Credit Act 1974(104)—
(a)in section 78 (duty to give information to debtor under running-account credit agreement), after subsection (1) insert—
“(1A) Where a request under subsection (1) also amounts to a request under regulation 49 of the Payment Services Regulations 2017 (information during period of contract), subsection (1) applies as if the words “and payment of a fee of £1” were omitted.”;
(b)in section 84 (misuse of credit-tokens), in subsection (1) for “£50” substitute “£35”.
2.—(1) The 2000 Act(105) is amended as follows.
(2) In section 1H (further interpretative provisions for sections 1B to 1G)(106), in subsection (8)—
(a)in the definition of “payment services” for “2009” substitute “2017”;
(b)in the definition of “payment service provider”—
(i)for “2009” substitute “2017”;
(ii)for “(g) or (h)” substitute “(i) or (j)”.
(3) In section 206A (suspending permission to carry on regulated activities etc.)(107), in subsection (1A)(a) for “2009” substitute “2017”.
(4) In section 226 (compulsory jurisdiction)(108)—
(a)in subsection (2)(b) for “2009” substitute “2017”;
(b)after subsection (5) insert—
“(5A) If the FCA specifies activities which are account information services provided by authorised payment institutions or EEA authorised payment institutions, the FCA must specify to the same extent account information services provided by registered account information service providers or, as the case may be, EEA registered account information service providers.
(5B) Expressions used in subsection (5A) and in the Payments Services Regulations 2017 have the same meaning in that subsection as they do in those Regulations.”.
(5) In section 234 (industry funding)(109), in subsection (1) for “2009” substitute “2017”.
(6) In section 379A(2)(a) (power to apply settlement finality regime to payment institutions)(110) for “2009 (S.I. 2009/209)” substitute “2017”.
(7) In section 404E (meaning of consumers)(111), in subsection (6)—
(a)in the definition of “payment services” for “2009” substitute “2017”;
(b)in the definition of “payment service provider” for “(e)” substitute “(g)”.
(8) In section 404F (other definitions etc.)(112), in subsection (8)(b)—
(a)for “11” substitute “12”;
(b)for “2009” substitute “2017”.
(9) In Schedule 1A (further provision about the Consumer Financial Education Body)(113), in paragraph 12(5)—
(a)for “2009” substitute “2017”; and
(b)for “(f)” substitute “(h)”.
(10) In Schedule 17 (the ombudsman scheme)(114), in paragraph 13(4) for “2009” substitute “2017”.
(11) Any reference, in an amendment to the 2000 Act made by an Act passed in the Session in which these Regulations are made, to a person who is a payment service provider for the purposes of the Payment Services Regulations 2009 as a result of falling within any of paragraphs (a) to (f) of the definition in regulation 2(1) of those Regulations is to be read as a reference to a person who is a payment service provider for the purposes of these Regulations as a result of falling within any of paragraphs (a) to (h) of the definition in regulation 2(1) of these Regulations.
3. In the Enterprise Act 2002(115)—
(a)in Schedule 13 (listed Directives and Regulations), after paragraph 15 insert—
“16. In Article 62 of Directive 2015/2366/EU of the European Parliament and of the Council of 25th November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No. 1093/2010, and repealing Directive 2007/64/EC, paragraphs 4 and 5 and the second sentence of paragraph 3.”;
(b)in Schedule 15 (enactments conferring functions)—
(i)after “Postal Services Act 2011.” insert—
“Electronic Money Regulations 2011.”;
(ii)after “Civil Aviation Act 2012.” insert—
“Consumer Rights (Payment Surcharges) Regulations 2012.”;
(iii)at the end insert—
“Payment Services Regulations 2017.”.
4. In section 108 of the Financial Services (Banking Reform) Act 2013 (relationship with Part 8 of the Payment Services Regulations 2009)(116)—
(a)in the heading, for “2009” substitute “2017”;
(b)in subsection (1), for the words from “relevant person” to the end substitute “person to obtain or maintain access to, or participation in, a payment system in circumstances in which regulation 103 (prohibition on restrictive rules on access to payment systems) or 104 (indirect access to designated payment systems) of the Payment Services Regulations 2017 applies in relation to access to, or participation in, the payment system by the person.”; and
(c)omit subsection (2).
5.—(1) The Electronic Money Regulations 2011(117) are amended as follows.
(2) In regulation 2(1) (interpretation)—
(a)in the appropriate places insert—
““account information service” means an online service to provide consolidated information on one or more payment accounts held by the payment service user with another payment service provider or with more than one payment service provider, and includes such a service whether information is provided—
in its original form or after processing;
only to the payment service user or to the payment service user and to another person in accordance with the payment service user’s instructions;”;
““European Banking Authority” means the European Banking Authority established by Regulation (EU) 1093/2010 of the European Parliament and of the Council of 24th November 2010 establishing a European Supervisory Authority (European Banking Authority)(118);”;
““payment initiation service” means a service to initiate a payment order at the request of the payment service user with respect to a payment account held at another payment service provider;”;
““payment service provider” has the meaning given in regulation 2(1) of the Payment Services Regulations 2017;”;and
““sensitive payment data” means information, including personalised security credentials, which could be used to carry out fraud; but in relation to account information services and payment initiation services does not include the name of an account holder or an account number;”; and
(b)for the definition of “own funds” substitute—
““own funds” means own funds as defined in Article 4(1)(118) of the capital requirements regulation, and “Common Equity Tier 1 capital”, “Tier 1 capital” and “Tier 2 capital” have the same meanings as in that regulation;”;
(c)in the definition of “payment services” for “2009” substitute “2017”;
(d)for the definition of “the payment services directive” substitute—
““the payment services directive” means Directive 2015/2366/EU of the European Parliament and of the Council of 25th November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No. 1093/2010, and repealing Directive 2007/64/EC;”.
(3) In regulation 3 (exclusions), for paragraphs (a) and (b) substitute—
“(a)monetary value stored on specific payment instruments that can be used only in a limited way and meet one of the following conditions—
(i)allow the holder to acquire goods or services only in the issuer’s premises;
(ii)are issued by a professional issuer and allow the holder to acquire goods or services only within a limited network of service providers which have direct commercial agreements with the issuer;
(iii)may be used only to acquire a very limited range of goods or services; or
(iv)are valid only in a single EEA State, are provided at the request of an undertaking or a public sector entity, and are regulated by a national or regional public authority for specific social or tax purposes to acquire specific goods or services from suppliers which have a commercial agreement with the issuer;
(b)monetary value that is used to make payment transactions resulting from services provided by a provider of electronic communications networks or services, including transactions between persons other than that provider and a subscriber, where those services are provided in addition to electronic communications services for a subscriber to the network or service, and where the additional service is—
(i)for purchase of digital content and voice-based services, regardless of the device used for the purchase or consumption of the digital content, and charged to the related bill; or
(ii)performed from or via an electronic device and charged to the related bill for the purchase of tickets or for donations to organisations which are registered or recognised as charities by public authorities, whether in the United Kingdom or elsewhere,
provided that the value of any single payment transaction does not exceed £40, and the cumulative value of payment transactions for an individual subscriber in a month does not exceed £240.”.
(4) After regulation 3 (electronic money: exclusions) insert—
3A.—(1) If, in any period of 12 months, the total value of payment transactions made with monetary value falling within regulation 3(a)(i) to (iii) issued by a person (“issuer”) exceeds 1 million euros, the issuer must notify the Authority.
(2) The period of 12 months referred to in paragraph (1) does not include any period in respect of which a notification has already been made under paragraph (1).
(3) A notification under paragraph (1) must—
(a)include a description of the transactions made; and
(b)specify the exclusion by virtue of which the monetary value is not electronic money.
(4) Notifications and information provided to the Authority under this regulation must be given—
(a)within such time as the Authority may direct after the end of the period of 12 months referred to in paragraph (1); and
(b)in such form or verified in such manner as the Authority may direct,
and different directions may be given in relation to different notifications or information or categories of notification or information.
(5) When the Authority receives a notification under this regulation, the Authority must assess whether the notified monetary value falls within regulation 3(a)(i) to (iii).
(6) If the Authority considers that any part of the notified monetary value does not fall within regulation 3(a)(i) to (iii)—
(a)the Authority must notify the issuer, and
(b)the issuer may refer the matter to the Upper Tribunal.
3B.—(1) If a person (“issuer”) issues, or intends to issue, monetary value falling within regulation 3(b), the service provider must—
(a)notify the Authority, and
(b)include with such notification a description of the transactions for which the monetary value is intended to be used.
(2) The issuer must provide a notification under paragraph (1)—
(a)if the issuer started to issue the monetary value before 13th January 2018, on or before that date, or
(b)otherwise, before the issuer starts to issue the monetary value.
(3) The issuer must also provide to the Authority, at such times as the Authority may direct, an annual audit opinion testifying that the transactions for which the monetary value is used comply with the limits mentioned in regulation 3(b).
(4) Information provided to the Authority under this regulation must be in such form or verified in such manner as the Authority may direct.
(5) Different directions may be given under paragraph (3) and (4) in relation to different issuers or different categories of issuers.”.
(5) In regulation 4 (the register of certain electronic money issuers)—
(a)in paragraph (1) after sub-paragraph (b) insert—
“(ba)persons who have notified the Authority in accordance with regulation 3A or 3B;”;
(b)in paragraph (6) after sub-paragraph (a) insert—
“(aa)enter in the register any cancellation of an authorisation or registration;
(ab)enter in the register a description of the service provided by a person included on the register by virtue of paragraph (1)(ba);”;
(c)after paragraph (6) insert—
“(7) The Authority must, without delay, notify the European Banking Authority of—
(a)the information entered in the register;
(b)any changes to the information in the register;
(c)the reasons for the cancellation of any authorisation or registration; and
(d)where a person is included on the register by virtue of paragraph (1)(ba), the particular exclusion which applies to the person.”.
(6) In regulation 6 (conditions for authorisation)—
(a)in paragraph (2) for “regulation 5” substitute “regulations 5 and 20”;
(b)after paragraph (4) insert—
“(4A) The applicant carries on, or will carry on, at least part of its electronic money and payment service business in the United Kingdom.”;
(c)in paragraph (6), after sub-paragraph (d) insert—
“(e)in the case of an applicant which proposes to carry on payment initiation services, it holds professional indemnity insurance or a comparable guarantee, which covers—
(i)the territories in which the applicant proposes to offer payment initiation services; and
(ii)the applicant’s potential liability under regulations 76 and 91 to 95 of the Payment Services Regulations 2017, up to such amount as the Authority may direct; and
(f)in the case of an applicant which proposes to carry on account information services, it holds professional indemnity insurance or a comparable guarantee, which covers—
(i)the territories in which the applicant proposes to offer account information services; and
(ii)the applicant’s potential liability to account servicing payment service providers and payment service users resulting from unauthorised or fraudulent access to, or use of, payment account information, up to such amount as the Authority may direct.”.
(7) In regulation 8 (variation at request of an authorised electronic money institution), in the wording after paragraph (c)—
(a)after “provided that” insert “the Authority is satisfied that”;
(b)for “will continue to be met” substitute “are being or are likely to be met”.
(8) In regulation 10(1) (cancellation of authorisation)—
(a)in sub-paragraph (e) after “own funds” insert “, or does not inform the Authority of a major change in circumstances which is relevant to its meeting those conditions or that requirement, as required by regulation 37”;
(b)in sub-paragraph (g) after “stability of” insert “, or trust in,”;
(c)in paragraph (i) after “unlawful” insert “, including where such provision of services is unlawful because the person’s registration in a register maintained under regulation 54 or 55 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 has been cancelled under regulation 60 of those Regulations”.
(9) In regulation 11(1) (variation of authorisation on Authority’s own initiative)—
(a)in sub-paragraph (a) after “own funds” insert “, or does not inform the Authority of a major change in circumstances which is relevant to its meeting those conditions or that requirement, as required by regulation 37”;
(b)in sub-paragraph (c) after “stability of” insert “, or trust in,”;
(c)in sub-paragraph (e) after “unlawful” insert “, including where such provision of services is unlawful because the person’s registration in a register maintained under regulation 54 or 55 of the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 has been cancelled under regulation 60 of those Regulations”.
(10) In regulation 13 (conditions for registration)—
(a)in paragraph (2) for “regulation 12” substitute “regulations 12 and 20”;
(b)after paragraph (4) insert—
“(4A) The business to which the application relates must not include the provision of account information services or payment initiation services.”;
(c)in paragraph (8)(e) for “2009” substitute “2017”.
(11) In regulation 15 (supplementary provisions)—
(a)in paragraph (b), in the modified version of regulation 8—
(i)in paragraph (1), in the wording after sub-paragraph (c)—
(aa)after “provided that” insert “the Authority is satisfied that”;
(bb)for “continue to be met” substitute “are being or are likely to be met”;
(ii)in paragraph (2) omit “that must continue to be met”;
(b)in paragraph (c), in the modified version of regulation 10(1)(e), after “(d)” insert “, or does not inform the Authority of a major change in circumstances which is relevant to its meeting those conditions, as required by regulation 37”.
(12) In regulation 16 (application to become an authorised electronic money institution where a financial limit is exceeded)—
(a)for the heading substitute “application for authorisation if requirements cease to be met”;
(b)for “referred to in regulation 8(2)(c) or (d) (as applied by regulation 15)”, substitute “in regulation 13(3), (4), (8) or (9)”.
(13) In regulation 20 (safeguarding requirements)—
(a)after paragraph (2) insert—
“(2A) An electronic money institution may safeguard certain relevant funds in accordance with regulation 21 and the remaining relevant funds in accordance with regulation 22.”;
(b)in paragraph (6) for “Regulation 19 of the Payment Services Regulations 2009” substitute “Regulation 23 of the Payment Services Regulations 2017”.
(14) In regulation 21 (safeguarding option 1)—
(a)in paragraph (2)(a) after “authorised credit institution” insert “or the Bank of England”;
(b)after paragraph (4) insert—
“(4A) Notwithstanding paragraphs (1), (2), (3)(b) and (4), where an electronic money institution is a participant in a designated system and the institution holds an account at the Bank of England for the purposes of completing the settlement of transfer orders that have been entered into the designated system on behalf of electronic money holders—
(a)funds held in the account pending settlement in accordance with the rules or default arrangements of the designated system, in respect of transfer orders that have been entered into the designated system on behalf of electronic money holders, may continue to be held in the account with relevant funds;
(b)the account, or a specified amount of funds in the account, may be subject to an interest or right in favour of the Bank of England in order to ensure the availability of funds to complete the settlement of transfer orders in accordance with the rules or default arrangements of the designated system;
(c)subject to paragraph (4B), funds received into the account by the electronic money institution upon settlement are to be considered as having been appropriately safeguarded in accordance with this regulation from the time of receipt in the designated system until the time of receipt into the account.
(4B) The Authority may direct that paragraph (4A)(c) does not apply in relation to a designated system if, in the Authority’s view, the rules and default arrangements of that system do not adequately insulate the funds of electronic money holders from the claims of other creditors of electronic money institutions which are participants in the system.”;
(c)in paragraph (5)—
(i)omit “and” after sub-paragraph (b);
(ii)after sub-paragraph (c) insert—
“(d)any funds held in an account as permitted by paragraph (4A)(a);
(e)any funds expected to be received into an account as described in paragraph (4A)(c) in respect of transfer orders that have been entered into the designated system; and
(f)any funds received into an account as described in paragraph (4A)(c).”;
(d)in paragraph (7) after the definition of “authorised custodian” insert—
““default arrangements”, “designated system”, “rules”, “settlement”, “system” and “transfer order” have the same meanings as in the Financial Markets and Insolvency (Settlement Finality) Regulations 1999(119).”.
(15) In regulation 22 (safeguarding option 2), in paragraph (1)(a)(ii) and (iii) after “a” insert “comparable”.
(16) In regulation 24 (insolvency events)—
(a)in paragraph (1)(b) after “21(2)(a) or (b)” insert “or (4A),”;
(b)in paragraph (4), in the definition of “asset pool”, after paragraph (b) insert—
“(ba)where regulation 21(4A) applies, any funds that are received into the account held at the Bank of England upon settlement in respect of transfer orders that have been entered into the designated system on behalf of electronic money holders, whether settlement occurs before or after the insolvency event;”;
(c)after paragraph (4) insert—
“(5) In paragraph (4) “designated system”, “settlement” and “transfer order” have the same meanings as in the Financial Markets and Insolvency (Settlement Finality) Regulations 1999.”.
(17) In regulation 26 (outsourcing)—
(a)in paragraph (2)—
(i)after “important operational function” insert “, including provision of an information technology system”;
(ii)in sub-paragraph (a)(ii) after “monitor” insert “and retrace”;
(b)in paragraphs 2(a)(ii), (b) and (c) and (3)(a) for “2009” substitute “2017”;
(c)after paragraph (3) insert—
“(4) An authorised electronic money institution must notify the Authority without undue delay of any change in outsourced functions or the persons to which functions are outsourced.”.
(18) In regulation 28 (notice of intention)—
(a)in paragraph (2), for sub-paragraphs (a) to (d) substitute—
“(a)states the name and address of the institution, and any authorisation or reference number;
(b)identifies the EEA States in which it intends to operate;
(c)identifies the electronic money issuance, redemption, distribution or payment services which it seeks to carry on in those States;
(d)if the institution intends to use an agent to provide the services in any of those States, includes the information referred to in regulation 34(3) (requirement for agents to be registered);
(e)if the institution intends to use an EEA branch to provide the services in any of those States, includes—
(i)the information referred to in paragraphs 2 and 5 of Schedule 1 in relation to the services to be provided through each EEA branch;
(ii)the names of those responsible for the management of each proposed EEA branch; and
(iii)details of the organisational structure of each proposed EEA branch;
(f)if the authorised payment institution intends to enter into a contract with a person in another EEA State under which that person will carry out any operational function relating to the issuance, distribution or issuance of electronic money or the provision of payment services in that EEA State, includes notification of that intention; and
(g)identifies the distributors, if any, whom the institution intends to engage to distribute or redeem electronic money in exercise of its passport rights in that State.”;
(b)for paragraphs (3) and (4) substitute—
“(3) If any of the information provided by an authorised electronic money institution in a notice of intention changes, including by the addition of a further branch, the institution must give the Authority notice of such changes in a further notice of intention.
(4) The Authority must, within one month beginning with the date on which it receives a complete notice of intention, inform the host state competent authority of the information contained in the notice of intention.”.
(19) For regulation 29 (registration of EEA branch) substitute—
29.—(1) If the Authority, taking into account any information received from the host state competent authority, proposes to determine that an authorised electronic money institution is not permitted to exercise passport rights in an EEA State as notified in a notice of intention, the Authority must give the relevant institution a warning notice.
(2) The Authority must, within the period of three months beginning with the date on which it receives a notice of intention and having considered any representations made in response to the warning notice—
(a)if it decides
(i)that the authorised electronic money institution is not permitted to exercise passport rights in the EEA State, not to register an EEA branch, or to cancel the registration an EEA branch, give the institution a decision notice; or
(ii)that the authorised electronic money institution is permitted to exercise passport rights in the EEA State, to register an EEA branch, or not to cancel the registration of an EEA branch, give the institution notice of its decision; and
(b)notify the host state competent authority of its decision, providing reasons for that decision if the Authority does not agree with the assessment of the host state competent authority.
(3) If the Authority decides that the authorised electronic money institution is not permitted to exercise passport rights in the EEA State, not to register an EEA branch, or to cancel the registration of an EEA branch, the institution may refer the matter to the Upper Tribunal.
(4) If the Authority decides to register an EEA branch, it must update the register as soon as practicable.
(5) If the Authority decides to cancel the registration of an EEA branch, the Authority must, where the period for a reference to the Upper Tribunal has expired without a reference being made, as soon as practicable update the register accordingly.
(6) The authorised electronic money institution may commence activities as notified in its notice of intention only after the Authority has notified the institution of its decision under paragraph (2)(a)(ii) and, in the case of services to be provided through an EEA branch, after entry of the branch on the register.
(7) After registration, the authorised electronic money institution must notify the Authority of the date on which it starts to provide payment services in the other EEA State through the EEA branch, and the Authority must notify such date to the host state competent authority.
29A.—(1) If a home state competent authority sends information to the Authority about an EEA authorised electronic money institution which intends to provide services in the United Kingdom, the Authority must, before the end of the period of one month beginning on the day which the Authority receives all the required information—
(a)assess the information; and
(b)provide relevant information to the home state competent authority in connection with the intended provision of payment services in the United Kingdom, including in particular any reasonable grounds for concern with regard to money laundering or terrorist financing within the meaning of the money laundering directive in connection with the intended appointment of an agent or establishment of a branch in the United Kingdom.
(2) The EEA authorised electronic money institution may provide services in the United Kingdom in accordance with the information it has provided to the home state competent authority upon entry of the branch or agent in the register maintained by the home state competent authority.”.
(20) In regulation 30 (supervision of firms exercising passport rights)—
(a)in paragraph (2)(b)(ii) after “information” insert “, including on compliance with the conditions at regulation 6(4)(a) and (4A)”;
(b)for paragraph (4) substitute—
“(4) The Authority may direct that an EEA authorised electronic money institution exercising its passport rights to services in the United Kingdom through a branch or an agent in the United Kingdom must report to the Authority on such activities, for information and statistical purposes and, where the institution has exercised its right of establishment in the United Kingdom, to monitor compliance with Part 5 of these Regulations.
(5) Reports required under paragraph (4) must be given at such times and in such form, and verified in such manner, as the Authority may direct.
(6) An agent in the United Kingdom appointed by an EEA authorised electronic money institution or a branch of an EEA authorised electronic money institution in the United Kingdom must maintain the confidentiality of any confidential information provided to the Authority under paragraph (4).
(7) If a host state competent authority informs the Authority that an authorised electronic money institution providing services through an EEA branch or an EEA agent does not comply with a provision of the payment services directive, the Authority must—
(a)exercise its powers as appropriate without undue delay, to ensure that the authorised payment institution complies with the relevant provisions; and
(b)inform the host state competent authority and the competent authority of any other relevant EEA State of the measures taken without delay.
(8) Where immediate action is necessary to address a serious risk to the collective interests of electronic money holders or payment service users in the United Kingdom, the Authority may, in addition to providing information under paragraph (2), take precautionary measures in relation to an EEA authorised electronic money institution pending action by the home state competent authority.
(9) Any measures taken under paragraph (8) must be temporary and must end when the risk identified has been addressed.
(10) If the Authority decides to take measures under paragraph (8), it must inform the home state competent authority, the competent authority of any other relevant EEA State, and the European Banking Authority of the measures to be taken and the reason that immediate action is necessary—
(a)in advance of taking the measures, if that is compatible with the need for immediate action; and
(b)in any event without undue delay.
(12) In paragraphs (7)(b) and (10) “competent authority of any other relevant EEA State” means a competent authority designated in accordance with the electronic money directive in an EEA State which the Authority considers to have an interest in the measures taken, or to be taken, by the Authority.”.
(21) Before regulation 32 (additional activities) insert—
31A.—(1) An electronic money institution must maintain relevant records and keep them for at least five years from the date on which the record was created.
(2) For the purposes of paragraph (1), records are relevant where they relate to compliance with obligations imposed by or under Parts 2 to 4 and, in particular, would enable the Authority to supervise effectively such compliance.”.
(22) In regulation 32(2) for “regulation 27(2) of the Payment Services Regulations 2009” substitute “regulation 32(2) of the Payment Services Regulations 2017”.
(23) In regulation 34 (requirement for agents to be registered)—
(a)in paragraph (3)(a)—
(i)in paragraph (iii) after “the agent and” insert “, if the agent is not an electronic money institution or an EEA authorised electronic money institution, or a payment service provider within the meaning of the Payment Services Regulations 2017,”;
(ii)omit “and” after paragraph (iii)
(iii)after paragraph (iii) insert—
“(iiia)the services for which the agent is appointed;
(iiib)the unique identification code or number of the agent, if any; and”;
(b)after paragraph (5) insert—
“(5A) Where the application relates to the provision of services in exercise of passport rights through an EEA agent, the Authority must, within one month beginning with the date on which it received the completed application, inform the host state competent authority of the information provided under paragraph (3) or (5).”;
(c)omit paragraphs (7) and (8);
(d)after paragraph (10) insert—
“(10A) Where the application relates to the provision of services in exercise of passport rights through an EEA agent, the Authority must—
(a)take into account any information received from the host state competent authority in making its decision; and
(b)notify the host state competent authority of its decision, providing reasons for that decision if the Authority does not agree with the assessment of the host state competent authority.
(10B) The Authority must give notice under paragraph (10) and (10A)—
(a)where the application relates to the provision of services in the United Kingdom, within a period of two months beginning on the date on which the Authority received the completed application;
(b)where the application relates to the provision of services in the exercise of passport rights through an EEA agent, within a period of three months beginning on the date on which the Authority received the completed application.”;
(e)after paragraph (12) insert—
“(12A) An authorised electronic money institution must notify the Authority of the date on which it starts to provide services in another EEA State through a registered EEA agent, and the FCA must notify such date to the host state competent authority.”;
(f)after paragraph (14) insert—
“(15) An authorised electronic money institution must notify the Authority without undue delay if there is any change in the information notified under paragraph (3) or (5).”.
(24) In regulation 36(1) (reliance) for “2009” substitute “2017”.
(25) In regulation 49 (reporting requirements), after paragraph (2) insert—
“(3) A direction under this regulation must specify the purpose for which the information is required, as appropriate, and the time within which the information is to be given.”.
(26) In regulation 71 (duty to co-operate and exchange information)—
(a)in paragraph (1)—
(i)omit “and” after sub-paragraph (b);
(ii)after sub-paragraph (c) insert—
“; and
(d)the European Banking Authority,”;
(b)in paragraph (2)(a) for “and (c)” substitute “, (c) and (d)”;
(c)after paragraph (2) insert—
“(3) If the European Banking Authority is assisting the Authority, or a competent authority in another EEA State, in relation to a disagreement between those authorities pursuant to Article 19 of Regulation (EU) 1093/2010 of the European Parliament and of the Council of 24th November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC(120), the Authority must defer any decision in relation to the subject of the disagreement until the disagreement is resolved under that Article.”.
(27) In regulation 73 (prohibition on contracting out) for “2009” substitute “2017”.
(28) After regulation 78 (amendments to the banking consolidation directive) insert—
78A.—(1) This regulation applies in relation to an authorised electronic money institution, EEA authorised electronic money institution or small electronic money institution which provides services before 13th January 2018 in accordance with these Regulations or the national law in another EEA State transposing the electronic money directive and, where relevant, the Payment Services Regulations 2009 or the national law in another EEA State transposing the first payment services directive.
(2) In the case of an authorised electronic money institution or small electronic money institution—
(a)the institution may continue to provide the services provided before 13th January 2018 until the end of 12th July 2018 without further authorisation or registration under these Regulations;
(b)the institution is to be treated as if on 13th January 2018 the Authority had imposed a requirement under regulation 7 (imposition of variations), including under that regulation as applied by regulation 15 (supplementary provisions), requiring the institution to refrain from providing account information services or payment initiation services for an indefinite period;
(c)any other requirement imposed by the Authority under regulation 7 (imposition of variations), including under that regulation as applied by regulation 15 (supplementary provisions), applies in relation to services provided pursuant to sub-paragraph (a);
(d)regulations 10 (cancellation of authorisation) and 11 (variation of authorisation on Authority’s own initiative), including those regulations as applied by regulation 15, apply in relation to the institution as if references to authorisation or registration included references to entitlement to provide payment services pursuant to sub-paragraph (a); and
(e)the institution may not apply for a variation under regulation 8 (variation etc. at request of authorised electronic money institution), including under that regulation as applied by regulation 15, before it complies with paragraph (4) or (5) of this regulation.
(3) An EEA authorised electronic money institution may continue to provide the services provided before 13th January 2018 until the end of 12th July 2018 without further authorisation or registration under the national law implementing the amendments to the electronic money directive made by Article 111 of the payment services directive.
(4) Where an authorised electronic money institution intends to provide services on or after 13th July 2018, the institution must before 13th April 2018—
(a)provide to the Authority all information specified in Schedule 1 that the person has not previously provided to the Authority; or
(b)notify the Authority that it has previously provided all such information to the Authority.
(5) Where a small electronic money institution intends to provide services as a small electronic money institution on or after 13th July 2018, the institution must before 13th April 2018 notify the Authority whether it continues to meet the requirements for registration as a small electronic money institution, together with any information relevant to that question which is has not previously provided to the Authority.
(6) On receipt of information or a notification pursuant to paragraph (4) or (5), the Authority must consider whether the institution’s authorisation or registration should be continued on and after 13th July 2018.
(7) If the Authority does not decide to continue the institution’s authorisation or registration under paragraph (6), the institution’s authorisation or registration is to be treated as having been cancelled on 13th July 2018.
(8) The Authority must maintain in the register a person entitled to provide services pursuant to this regulation.
(9) In this regulation “first payment services directive” means Directive 2007/64/EC of the European Parliament and of the Council of 13th November 2007 on payment services in the internal market amending Directives 97/7/EC, 2002/65/EC, 2005/60/EC and 2006/48/EC and repealing Directive 97/5/EC(121).”.
(29) In Schedule 1 (information to be included in or with an application for authorisation)—
(a)after paragraph 5 insert—
“5A. A description of the applicant’s procedure for monitoring, handling and following up security incidents and security-related customer complaints, including where appropriate an incidents reporting mechanism which takes account of the notification obligations under regulation 99 of the Payment Services Regulations 2017.
5B. A description of the applicant’s process for filing, monitoring, tracking and restricting access to sensitive payment data.
5C. A description of the applicant’s business continuity arrangements, including a clear identification of the critical operations, effective contingency plans, and a procedure for regular testing and reviewing of the adequacy and efficiency of such plans.
5D. A description of the principles and definitions used by the applicant in collecting statistical data on performance, transactions and fraud.
5E. A statement of the applicant’s security policy, including—
(a)a detailed risk assessment in relation to the payment services to be provided, including risks of fraud and illegal use of sensitive and personal data, and
(b)a description of—
(i)the applicant’s security control and mitigation measures to provide adequate protection to users against the risks identified,
(ii)how such measures ensure a high level of technical security and data protection, including such security and protection for the software and IT systems used by the applicant and any undertakings to which the applicant outsources any part of its operations, and
(iii)where appropriate, the applicant’s measures to comply with regulation 98(1) of the Payment Services Regulations 2017, taking into account any guidelines issued by the European Banking Authority under Article 95(3) of the payment services directive.”;
(b)in paragraph 7, after “branches and” insert “the off-site and on-site checks that the applicant undertakes to perform on them at least annually,”;
(c)in paragraph 13, after “5” insert “, 5A”; and
(d)after paragraph 13, insert—
“14. In the case of an applicant which proposes to provide payment initiation services or account information services, the professional indemnity insurance or comparable guarantee which it holds in relation to such services.”.
(30) In Schedule 2 (capital requirements)—
(a)in paragraph 1 for “the items specified in paragraph 4(a), (b) and (c) of this Schedule” substitute “one or more of the items specified in Article 26(1)(a) to (e) of the capital requirements regulation”;
(b)in paragraph 4 for “the following items” to the end substitute “own funds as defined in Article 4(1)(18) of the capital requirements regulation, and are to be calculated in accordance with paragraphs 9 to 12.”;
(c)omit paragraphs 5 to 8 and the heading preceding paragraph 7;
(d)for paragraph 9 substitute—
“9. For the purposes of calculating own funds—
(a)the amount of Tier 2 capital must be equal to or less than one third of the amount of Tier 1 capital;
(b)at least 75% of the amount of Tier 1 capital must be in the form of Common Equity Tier 1 capital.”;
(e)in paragraph 13(a) after “payment services” insert “specified in paragraph 1(a) to (f) of Schedule 1 of the Payment Services Regulations 2017.”;
(f)in paragraph 21(4)—
(i)in paragraph (a) for “2009” substitute “2017”;
(ii)omit paragraph (b);
(iii)in paragraph (c) after “payment service” insert “specified in paragraph 1(a) to (e) of Schedule 1 to those Regulations”.
(31) In Schedule 3 (application and modification of legislation)—
(a)after paragraph 2 (the tribunal) insert—
2A.—(1) Section 137A of the 2000 Act applies for the purposes of these Regulations as if—
(a)references to authorised persons were references to authorised electronic money institutions, small electronic money institutions and EEA authorised electronic money institutions;
(b)in subsection (1)—
(i)the reference in paragraph (a) to the carrying on of regulated activities were to the issuance of electronic money, and
(ii)the reference in paragraph (b) to the carrying on of activities which are not regulated activities were to the carrying on of activities in connection with the issuance of electronic money;
(c)in subsection (5)—
(i)references to EEA firms were to EEA authorised issuance of electronic money institutions;
(ii)in paragraph (a), reference to permission conferred by Part 2 of Schedule 3 to the 2000 Act were to permission conferred by regulation 29A(2) of these Regulations;
(iii)in paragraph (b), reference to any of the single market directives or the emission allowance auctioning regulation were to the electronic money directive;
(c)after subsection (5) there were inserted—
“(6) The FCA may make a rule pursuant to paragraph (1) only if the FCA is also making, or has made, a rule under this section or section 137R concerning the same matter which applies to authorised persons in connection with the issuance of electronic money.”.
(2) Sections 137T (general supplementary powers) and 141A (power to make consequential amendments of references to rules) and Chapter 2 of Part 9A (rules: modification, waiver, contravention and procedural provisions) of the 2000 Act apply in relation to rules made pursuant to paragraph (1) as they do in relation to other rules made by the FCA under section 137A of the 2000 Act, subject to sub-paragraph (3).
(3) Section 138D (actions for damages) applies as if in that section subsection (6) were omitted and “private person” had the meaning given in regulation 72(3) of these Regulations.”.
(b)after paragraph 4 (control over electronic money institutions) insert—
4A.—(1) Part 13 of the 2000 Act (incoming firms: intervention by FCA or PRA) applies with the following modifications.
(2) References to—
(a)“the regulator” or “the appropriate regulator” are to be read as references to the Authority;
(b)requirements imposed by or under the 2000 Act are to be read as references to requirements imposed by or under these Regulations.
(3) Section 193 (interpretation) is to be read as if—
(a)in subsection (1), for the definition of “incoming firm” there were substituted—
““incoming firm” means an EEA authorised electronic money institution which is exercising, or has exercised, its right to provide services in the United Kingdom in accordance with the Electronic Money Regulations 2011;”,
(b)subsection (1A) were omitted; and
(c)for subsection (2) there were substituted—
“(2) Expressions used in this Part and in the Payment Services Regulations 2017 have the same meaning in this Part as they have in those Regulations.”.
(4) Section 194 (general grounds on which power of intervention is exercisable) is to be read as if subsections (1)(c)(ii) and (1AA) to (5) were omitted.
(5) Sections 194A to 194C, 195A, 195B, 198 to 199A and 201 are to be ignored.
(6) Section 195 (exercise of power in support of overseas regulator) is to be read as if—
(a)subsection (2A) were omitted; and
(b)in subsection (5)(b), the reference to an EEA firm’s EEA authorisation were a reference to an EEA authorised electronic money institution’s authorisation under the electronic money directive.
(7) Section 196 (the power of intervention) is to be read as if—
(a)in subsection (1), for paragraphs (a) and (b) there were substituted—
“(a)the firm were an authorised electronic money institution; and
(b)the FCA were entitled to exercise its power under regulation 12 of the Electronic Money Regulations 2011 (variation of authorisation on Authority’s own initiative) by imposing a requirement such as may, under regulation 7 of those Regulations (imposition of requirements) be included in an authorisation under those Regulations.”; and
(b)subsection (3) were omitted.
(8) Section 202 (contravention of requirement) is to be read as if for subsection (2) there were substituted—
“(2) Regulation 72 of the Electronic Money Regulations 2011 (right to bring actions) applies to the contravention as if it were a contravention of Part 5 of those Regulations.”.”.
6. In the Rehabilitation of Offenders Act 1974 (Exceptions) Order 1975(122)—
(a)in article 2(1)—
(i)for “Payment Services Regulations 2009” in each place it appears substitute “Payment Services Regulations 2017”;
(ii)in the appropriate place, insert—
““registered account information service provider” has the meaning given by regulation 2(1) of the Payment Services Regulations 2017;”;
(b)in article 4(1)(d)(xv)—
(i)after “an authorised payment institution” insert “, a registered account information service provider”;
(ii)for “2009” substitute “2017”.
7. In regulation 2(1)(b) of the Individual Savings Account Regulations 1998 (interpretation)(123), in the definition of “insolvency event” for “regulation 19(15) of the Payment Services Regulations 2009” substitute “regulation 23(18) of the Payment Services Regulations 2017”.
8. In the Financial Services and Markets Act 2000 (Regulated Activities) Order 2001(124)—
(a)In article 9AB(2) (funds received for payment services) for “2009” substitute “2017”;
(b)in article 60JA (payment institutions)—
(i)in paragraph (1) for “16(3)” substitute “18(4)”;
(ii)in paragraph (2) for “2009” substitute “2017”;
(c)in article 60JB (electronic money institutions), in paragraph (1) for “16(3)” substitute “18(4)”.
9. In regulation 2(1)(c) of the Child Trust Funds Regulations 2004 (interpretation)(125), in the definition of “insolvency event” for “regulation 19(15) of the Payment Services Regulations 2009” substitute “regulation 23(18) of the Payment Services Regulations 2017”.
10. In the Financial Services (Distance Marketing) Regulations 2004(126)—
(a)in regulation 7(1A) (information required prior to the conclusion of the contract) for “2009” substitute “2017”;
(b)in regulation 8(1A) (written and additional information) for “2009” substitute “2017”.
11. In Schedule 6 to the Investment Bank Special Administration Regulations 2011 (modifications and consequential amendments)(127), in the entry for the Payment Services Regulations 2009 in the list after paragraph 1, for “2009” substitute “2017”.
12.—(1) The Consumer Rights (Payment Surcharges) Regulations 2012(128) are amended as follows.
(2) In regulation 1 (citation and commencement)—
(a)in paragraph (2) for “These Regulations apply” substitute “Regulation 4 (fees a trader must not charge a consumer) applies”;
(b)after paragraph (2) insert—
“(3) Regulation 6A applies in relation to contracts entered into after the date on which the Payment Services Regulations 2017 were made.”.
(3) In regulation 3 (other definitions) after the definition of “goods” insert—
““payee”, “payer”, “payment instrument”, “payment service” and “payment service provider” have the meanings given in regulation 2(1) of the Payment Services Regulations 2017;”.
(4) For the heading of regulation 4 (excessive charges prohibited) substitute “Fees a trader must not charge a consumer”.
(5) In the heading of regulation 5 (contracts where prohibition applies) for “prohibition” substitute “regulation 4”.
(6) After regulation 6 (temporary exemption for micro-businesses and new businesses) insert—
6A.—(1) A payee must not charge a payer any fee in respect of payment by means of—
(a)a payment instrument which—
(i)is a card-based payment instrument as defined in Article 2(20) of Regulation (EU) 2015/751 of the European Parliament and of the Council of 29th April 2015 on interchange fees for card-based payment transactions(129); and
(ii)is not a commercial card as defined in Article 2(6) of that Regulation; or
(b)a payment instrument which—
(i)is not a card-based payment instrument as defined in Article 2(20) of that Regulation; and
(ii)would not fall within the definition of commercial card at Article 2(6) of that Regulation if, in that definition, the reference to any card-based payment instrument were to any payment instrument and the reference to such cards were to such payment instruments; or
(c)a payment service to which Regulation (EU) 260/2012 of the European Parliament and of the Council of 14th March 2012 establishing technical and business requirements for credit transfers and direct debits in euro(130) applies.
(2) A payee receiving a payment by means of a payment instrument must not charge the payer, in respect of such payment, a fee which exceeds the costs borne by the payee for the use of that specific payment instrument.
6B.—(1) Regulation 6A applies only if the payment service provider of the payer or the payment service provider of the payee is located in an EEA state.
(2) Where the payment service providers of both the payee and the payer are located in an EEA state, regulation 6A(1) and (2) apply.
(3) Where the payment service provider of either the payer or the payee, but not both, is located in an EEA state, regulation 6A(2) applies but regulation 6A(1) does not apply.”.
(7) In regulations 7(1) and (4) (complaints), 8(1) and (2) (orders to secure compliance) and 9(a) (notification of undertakings and orders to the CMA) after “regulation 4” insert “or 6A”.
(8) In regulation 10 (consumer’s right of redress)—
(a)in the heading for “Consumer’s right” substitute “Right”;
(b)after “regulation 4” insert “or any payee charges a fee in contravention of regulation 6A”;
(c)in paragraph (a)—
(i)for “consumer to pay” substitute “payment of”;
(ii)for “of the excess charged” substitute “that the charging of the fee contravenes regulation 4 or 6A”;
(d)in paragraph (b) for “excess to be repaid to the consumer” substitute “fee to be repaid to the extent that the charging of the fee contravenes regulation 4 or 6A”.
13. In article 4 of the Postal Services Act 2011 (Disclosure of Information) Order 2012(131) (prescription of enactments), in the entry for the Payment Services Regulations 2009, for “2009” substitute “2017”.
14. In regulation 2(1) of the Payments in Euro (Credit Transfers and Direct Debits) Regulations 2012(132), in the final definition (definition of “payment services”, “payment service provider”, “payment service user” and “payment system”) for “2009” substitute “2017”.
15. In article 2(1) of the Payment to Treasury of Penalties (Enforcement Costs) Order 2013 (enforcement powers)(133), for sub-paragraph (g) substitute—
“(g)regulations 110, 111, 113, 114 and 116 of the Payment Services Regulations 2017,”.
16. In article 2(b) of the Financial Services Act 2012 (Relevant Functions in relation to Complaints Scheme) Order 2014 (relevant functions of the FCA)(134)—
(a)for “2009” substitute “2017”; and
(b)for “regulation 93” substitute “regulation 120”.
17. In article 3(e) of the Communications Act 2003 (Disclosure of Information) Order 2014 (specification of relevant functions)(135) for “2009” substitute “2017”.
18. In regulation 1(4) of the Financial Services and Markets Act 2000 (Excluded Activities and Prohibitions) Order 2014(136) (interpretation), in the definition of “payment services” for “2009” substitute “2017”.
19. In the Schedule to the Public Interest Disclosure (Prescribed Persons) Order 2014(137), in paragraph (e) of the entry for the Financial Conduct Authority for “payment services regulations 2009” substitute “Payment Services Regulations 2017”.
20. In the Enterprise Act 2002 (Part 8 EU Infringements) Order 2014(138)—
(a)in article 4 for “the listed Directive” substitute “a Directive, or provisions of a Directive, listed in the Schedule”;
(b)in the Schedule (listed directive)—
(i)in the heading of the Schedule for “DIRECTIVE” substitute “DIRECTIVES”;
(ii)in the heading of the first column in the table for “Directive” substitute “Directives”;
(iii)in the first column of the table after “Directive 97/7/EC of the European Parliament and the Council” insert—
“; and
Paragraphs 4 and 5 and the second sentence of paragraph 3 of Article 62 of Directive 2015/2366/EU of the European Parliament and of the Council of 25th November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No. 1093/2010, and repealing Directive 2007/64/EC(139)”;
(iv)in the second column of the table after “Regulations 4,” insert “6A, 6B,”.
21. In the Payment to Treasury of Penalties (Enforcement Costs of the Payment Systems Regulator) Order 2015(140)—
(a)in article 1(2) (citation, commencement and interpretation) omit the definition of “the 2009 Regulations”;
(b)in article 2 (enforcement powers) omit paragraph (d);
(c)in article 3 (relevant offences) omit paragraph (c).
22. In article 26 of the Mortgage Credit Directive Order 2015 (extension of the compulsory jurisdiction of the Financial Ombudsman Scheme to registered consumer buy-to-let mortgage firms)(141), in paragraph (1)(a) for “2009” substitute “2017”.
23. In regulation 17 of the Small and Medium Sized Business (Credit Information) Regulations 2015 (extension of the jurisdiction of the Financial Ombudsman Scheme to designated credit reference agencies)(142), in paragraph (1)(a), (d) and (e) for “2009” substitute “2017”.
24. In regulation 14 of the Small and Medium Sized Business (Finance Platforms) Regulations 2015 (extension of the jurisdiction of the Financial Ombudsman Scheme to designated finance platforms)(143), in paragraph (1)(a), (d) and (e) for “2009” substitute “2017”.
25. In the Payment Accounts Regulations 2015(144)—
(a)in regulation 2(1) (interpretation), in the definition of “Payment Services Regulations” for “2009” substitute “2017”;
(b)in regulation 8 (fee information document), in paragraph (1)(a) for “Part 5 (information requirements for payment systems)” substitute “Part 6 (information requirements for payment services)”;
(c)in regulation 10 (statement of fees), in paragraph (1) for “Part 5” substitute “Part 6”;
(d)in Schedule 3 (switching service)—
(i)in paragraph 4(1)(e) for “regulation 43” substitute “regulation 51”;
(ii)in paragraph 5(3) for “regulation 56(2)” substitute “regulation 71(2)”;
(iii)in paragraph 6(3) for “regulation 43” substitute “regulation 51”;
(e)in Schedule 5 (fees connected with alternative arrangements etc.), in paragraph 3(2) for “regulation 43” substitute “regulation 51”.
26. In the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017(145)—
(a)in regulation 3(1) (general interpretation), in the definitions of “payment services” and “payment service provider” for “2009” substitute “2017”;
(b)in regulation 53 (interpretation), in the definition of “telecommunication, digital and IT payment service provider” for the words from “falling within” to the end substitute “consisting of the execution of payment transactions where the consent of the payer to execute a payment transaction is given by means of any telecommunication, digital or IT device and the payment is made to the telecommunication, IT system or network operator acting only as an intermediary between the payment service user and the supplier of the goods and services (and terms used in this definition which are defined in the Payment Services Regulations 2017 have the meanings given in those Regulations).”;
(c)in regulation 60(5) (cancellation and suspension of registration)—
(i)in sub-paragraph (b) for “2009” substitute “2017”;
(ii)in sub-paragraph (c)(i)—
(aa)for “(c) to (h)” substitute “(d) to (j)”;
(bb)for “2009” substitute “2017”;
(iii)in sub-paragraph (c)(ii) for “121” substitute “154(2)”;
(d)in regulation 62(1) (transfer of funds supervisory authorities), in sub-paragraphs (b) and (c) for “2009” substitute “2017”;
(e)in regulation 77(2) (power to impose civil penalties: suspension and removal of authorisation), in paragraphs (a)(ii) and (iii) and (b)(ii) and (iii) for “2009” substitute “2017”;
(f)in regulation 105 (disclosure by the Commissioners), in paragraphs (1) and (2)(c) for “2009” substitute “2017”.
Regulation 157
Instrument revoked | Extent of revocation |
---|---|
The Payment Services Regulations 2009(146) | All of the Regulations except regulation 126 and Schedule 6 (amendments to primary and secondary legislation) |
The Financial Services and Markets Act 2000 (Regulated Activities) (Amendment) Order 2014(147) | Articles 12 (amendment of the Payment Services Regulations 2009), 13 (saving of section 51 of the Consumer Credit Act 1974) and 19(4) (amendment of the Financial Services and Markets Act 2000 (Regulated Activities) (Amendment) (No.2) Order 2013) |
(This note is not part of the Regulations)
These Regulations transpose in part Directive 2015/2366/EU of the European Parliament and of the Council of 25th November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No. 1093/2010, and repealing Directive 2007/64/EC (OJ L 337 23.12.2015, p.35) also known as the Revised Payment Services Directive or “PSD2”. The Financial Conduct Authority (“FCA”) is responsible for transposing other parts of PSD2. A transposition note setting out how PSD2 will be transposed into UK law is published with the Explanatory Memorandum to these Regulations on legislation.gov.uk.
PSD2 repeals and replaces Directive 2007/64/EC of the European Parliament and of the Council of 13th November 2007 on payment services in the internal market amending Directives 97/7/EC, 2002/65/EC, 2005/60/EC and 2006/48/EC and repealing Directive 97/5/EC, also known as the Payment Services Directive or “PSD1” (OJ L 319 5.12.2007, p.1). Likewise these Regulations revoke and replace the Payment Services Regulations 2009 (S.I. 2009/209), which in large part transposed PSD1 into UK law (see regulation 157 and Schedule 9 of these Regulations).
The Regulations set out a regulatory regime for providers of payment services, restrict the provision of payment services as a regular business to certain types of entities (“payment service providers”), and require the authorisation or registration of providers of payment services which do not otherwise have the status of payment service provider. The services subject to regulation, and excluded services which are not subject to regulation, are set out in Schedule 1.
Part 2 and Schedule 2 provide for authorisation and registration under the Regulations, including the conditions and procedure for authorisation or registration.
Part 3 and Schedule 3 contain provisions which apply to entities authorised under the Regulations but, with some limited exceptions, do not apply to entities registered under the Regulations. The Part includes requirements relating to capital, safeguarding of customers’ funds and outsourcing of functions, and sets out the procedure for the exercise of the right under PSD2 for authorised entities to provide payment services in other EEA states.
Part 4 contains provisions which apply to entities authorised and registered under the Regulations, and includes restrictions on the activities which such entities can carry on alongside the provision of payment services and the use of agents to provide payment services.
Part 5 requires entities which provide services which are excluded from regulation as payment services to notify the FCA that they are providing such services.
Part 6 and Schedule 4 contain requirements for payment service providers to provide to their customers information about the terms on which services are provided and about individual transactions.
Part 7 contains provisions about the way in which payment services are to be provided, including the way in which transactions are to be authorised, the timing of transactions, the interaction between these Regulations and the Consumer Credit Act 1974 (c. 39), and liability in the event of a problem arising with a transaction. This Part also contains provisions relating to account information services and payment initiation services, which are types of payment services which are not regulated under PSD1.
Part 8 contains provisions relating to access to payment systems and to bank accounts for payment service providers.
Part 9 and Schedules 5 and 6 provide for the FCA to monitor and enforce compliance with many of the requirements of the Regulations, and provides powers for it to do so, including power to make rules in connection with the provision of payment services by entities authorised or registered under these Regulations using its powers in the Financial Services and Markets Act 2000 (c. 8).
Part 10 provides for the Payment Systems Regulator to monitor and enforce compliance with some of the requirements of the Regulations.
Part 11 contains transitional arrangements for entities which already provide payment services, including those which are authorised or registered under the Payment Services Regulations 2009. Schedule 7 makes provision in relation to Gibraltar.
Schedule 8 makes amendments to legislation which include—
amendments to ensure the availability of the Financial Ombudsman Service in relation to payment services;
amendments to consumer rights legislation prohibiting the charging of fees for the use of certain types of payment for certain transactions, and giving enforcement functions to trading standards authorities;
amendments to the Electronic Money Regulations 2011 (S.I. 2011/99) to align many of the provisions of those Regulations with the provisions of these Regulations, as required by PSD2; and
various consequential amendments.
A full impact assessment of the effect that these Regulations will have on the costs of business and the voluntary sector is available from Her Majesty’s Treasury, 1 Horse Guards Road, London SW1A 2HQ and will be published with the Explanatory Memorandum to these Regulations on legislation.gov.uk.
1972 c. 68. Section 2(2) was amended by section 27(1)(a) of the Legislative and Regulatory Reform Act 2006 (c. 51) and the European Union (Amendment) Act 2008 (c. 7), Schedule, Part 1. By virtue of the amendment of section 1(2) by section 1 of the European Economic Area Act 1993 (c. 51) legislation may be made under section 2(2) of the European Communities Act to implement obligations of the United Kingdom created or arising by or under the Agreement on the European Economic Area signed at Oporto on 2nd May 1992 (Cm 2073) and the Protocol adjusting the Agreement signed at Brussels on 17th March 1992 (Cm 2183).
2000 c. 8. Section 22(5) provides that “specified” means specified in an order made by the Treasury. Paragraph 25 of Schedule 2 makes provision supplementing section 22. Schedule 1ZA was inserted by section 6 of the Financial Services Act 2012 (c. 21), and paragraph 20 was amended by paragraph 4 of Schedule 10 to the Financial Services (Banking Reform) Act 2013 (c. 33).
2004 c. 5. Section 3 was amended by sections 60 to 62 of the Deregulation Act 2015 (c. 20).
2005 c. 5. Section 694 is supplemented by the remainder of Chapter 3 of Part 6. Section 694 was amended by section 40(2) of the Finance Act 2011 (c. 11), and is applied with modifications by section 151 of the Taxation of Chargeable Gains Act 1992 (c. 12).
2012 c. 21. Section 85(2) was substituted by paragraph 10 of Schedule 2 to the Financial Services (Banking Reform) Act 2013.
OJ L 176, 27.6.2013, p.338.
OJ L 176, 27.6.2013, p.1.
2005 asp 10. There are amendments to section 106 but none is relevant to these Regulations.
S.I. 1999/2979. There are amendments to regulation 2, but none is relevant here.
OJ L 108, 24.4.2002, p.33.
OJ L 267, 10.10.2009, p.7.
OJ L 331, 15.12.2010, p.12.
OJ L 182, 29.6.2013, p.19.
OJ L 74, 14.3.2014, p.8.
OJ L 123, 19.5.2015, p.1.
OJ L 124, 20.5.2003, p.36.
OJ L 141, 5.6.2015, p.73.
S.I. 1999/2979. The definition of “participant” in regulation 2(1) was amended by S.I. 2010/2993.
OJ L 337 23.12.2015, p.35.
1974 c. 39. The definition of “regulated agreement” was substituted by S.I. 2013/1881.
S.I. 1999/2979. The definition of “transfer order” in regulation 2(1) was amended by S.I. 2010/2993.
1979 c.34. The definition of “credit union” in section 31(1) was substituted by paragraph 16 of Schedule 4 to the Co-operative and Community Benefit Societies Act 2014 (c. 14).
1987 c. 22. The Act was repealed from 1st December 2001 by S.I. 2001/3649.
2002 c. 29, as amended by sections 102 to 106 of, and paragraphs 173 and 174 of Schedule 4 and Part 2 of Schedule 17 to, the Serious Organised Crime and Police Act 2005 (c. 15), paragraphs 129 to 135 of Schedule 8 to the Crime and Courts Act 2013 (c. 22), section 37 of the Serious Crime Act 2015 (c. 9) and sections 10 to 12 of, and paragraphs 37 and 38 of Schedule 5 to, the Criminal Finances Act 2017 (c. 22), and by S.I. 2006/308, 2007/3398.
S.I. 2010/1197, revoked by S.I. 2011/2742.
S.I. 2011/2742, as renamed by S.I. 2016/937.
OJ L 335, 17.12.2009, p.1.
OJ L 173, 12.6.2014, p.349.
S.I. 1999/2979. The definition of “default arrangements” was amended by S.I. 2006/50, 2010/2993 and 2013/504.
OJ L 157, 9.6.2006, p.87.
2006 c. 46. Section 495 was amended by S.I. 2013/3008, 2016/649 and 2017/516. Section 498 was amended by S.I. 2008/393, 2013/1970 and 2016/649.
S.I. 2008/1911. Regulation 39 was amended by S.I. 2016/575. Regulation 40 was amended by S.I. 2009/1804.
1973 c. 39. Section 98A was inserted by S.I. 2010/1010.
2002 c. 29. Section 333A was inserted by S.I. 2007/3398 and amended by paragraph 132 of Schedule 8 to the Crime and Courts Act 2013 (c. 22).
S.I. 2013/3134. Regulation 6 was amended by S.I. 2015/1629.
OJ L 94, 30.3.2012, p.22.
2000 c. 8. Schedule 1ZA was substituted by Schedule 3 to the Financial Services Act 2012 (c. 21). Paragraph 23 was amended by paragraph 7 of Schedule 8 to the Financial Services (Banking Reform) Act 2013 (c. 33), paragraph 16 of Schedule 3 to the Pension Schemes Act 2015 (c.8) and section 29 of the Bank of England and Financial Services Act 2016 (c. 14), and by S.I. 2013/1773.
Section 1B was substituted by section 6 of the Financial Services Act 2012 and amended by paragraph 3 of Schedule 3 to the Pension Schemes Act 2015.
Section 140A was substituted by section 24 of the Financial Services Act 2012 and amended by paragraph 10 of Schedule 3 to the Financial Services (Banking Reform) Act 2013 and paragraph 10 of Schedule 3 to the Pension Schemes Act 2015, and by S.I. 2014/892 and 2016/680.
Paragraph 25 was amended by section 109 of the Financial Services (Banking Reform) Act 2013.
2002 c. 40. Section 15 was amended by paragraph 20 of Schedule 8 to the Consumer Rights Act 2015 (c. 15).
2002 c. 40. Section 213(1) was amended by S.I. 2014/892.
S.I. 2012/3110, amended by S.I. 2013/761 and 3134 and 2014/549 and by paragraph 12 of Schedule 8 to these Regulations.
1925 c. 86. Section 33 was amended by Schedule 6 to the Magistrates’ Court Act 1952 (c. 55), paragraph 19 of Schedule 8 to the Courts Act 1971 (c. 23) and paragraph 71 of Schedule 8 to the Courts Act 2003 (c. 39).
1980 c. 43. Schedule 3 was amended by sections 25 and 101 of, and Schedule 13 to, the Criminal Justice Act 1991 (c. 53), and by paragraph 51 of Schedule 3 and Part 4 of Schedule 37 to the Criminal Justice Act 2003 (c. 44).
1995 c.46. Section 70 was amended by section 10(6) of the Criminal Procedure (Scotland) Act 2004 (asp 5), section 28 of the Criminal Proceedings etc. (Reform) (Scotland) Act 2007 (asp 6), section 66 of the Criminal Justice and Licensing (Scotland) Act 2010 (asp 13), section 6(4) of the Partnerships (Prosecution) (Scotland) Act 2013 (c. 21) and section 83(a) of the Criminal Justice (Scotland) Act 2016 (asp 1), and by S.I. 2001/1149.
1945 c. 15 (N.I. 1). Section 18 was amended by the Magistrates Court Act (Northern Ireland) 1964 (c. 21 (N.I.)), paragraph 1 of Schedule 12 to the Justice (Northern Ireland) Act 2002 (c. 26) and by S.I. 1972/538 (N.I. 1).
2000 c. 8. Section 348 was amended by paragraph 26 of Schedule 2 to the Financial Services Act 2010, paragraph 18 of Schedule 12 to the Financial Services Act 2012, paragraph 5 of Schedule 8 to the Financial Services (Banking Reform) Act 2013 and paragraph 45 of Schedule 2 to the Bank of England and Financial Services Act 2016, and by S.I. 2016/1239.
OJ L 331, 15.12.2010, p.12.
OJ L 319 5.12.2007, p.1. The Directive is repealed with effect from 13 January 2018 by Directive 2015/2366/EU.
2015 c.26. Section 30(3) was amended by section 19 of the Enterprise Act 2016 (c. 12).
OJ L 141, 05.06.2015, p.1.
S.I. 2001/544. Articles 36A, 36H, 39D, 39F, 39G, 60B, 60N, 89A and 89B were inserted by S.I. 2013/1881 and amended by S.I. 2014/366, 1448 and 1850, 2015/853 and 2016/392.
S.I. 2001/544. Article 60L was inserted by S.I. 2013/1881. There are amendments to article 60L but none is relevant here.
Section 422 was substituted by S.I. 2009/534 and amended by S.I. 2013/3115.
S.I. 2001/544. Article 60JA was inserted by S.I. 2014/366.
2000 c. 8. Section 66 was amended by section 12 of, and paragraph 8 of Schedule 2 to, the Financial Services Act 2010 (c. 28), paragraph 14 of Schedule 5 to the Financial Services Act 2012 (c. 21), sections 28 and 32 of, and paragraph 5 of Schedule 3 to, the Financial Services (Banking Reform) Act 2013 (c. 33). Sections 66A and 66B were inserted by section 32 of the Financial Services (Banking Reform) Act 2013 and amended by section 25 of, and paragraphs 16 and 17 of Schedule 4 to, the Bank of England and Financial Services Act 2016 (c. 14), and by S.I. 1015/1864 and 2016/225 and 627. Sections 67 to 70 were amended by paragraphs 9 and 10 of Schedule 2 to the Financial Services Act 2010, paragraphs 15 to 18 of Schedule 5 to the Financial Services Act 2012, paragraphs 6 and 7 of Schedule 3 to the Financial Services (Banking Reform) Act 2013.
Part 9 was amended by section 23 of the Financial Services Act 2012, paragraph 83 of Schedule 9 to the Crime and Courts Act 2013 (c. 22) and section 4 of the Financial Services (Banking Reform) Act 2013, and by S.I. 2010/22, 2013/1388, 2014/3329 and 2016/680.
Part 9A was substituted by section 24 of the Financial Services Act 2012.
Section 137R was amended by S.I. 2015/910.
Chapter 2 was amended by paragraphs 8 and 9 of Schedule 3 to the Financial Services (Banking Reform) Act 2013, paragraph 69 of Schedule 4 to the Co-operative and Community Benefit Societies Act 2014 (c. 14), paragraphs 7 and 8 of Schedule 3 to the Pension Schemes Act 2015 (c. 8), sections 29, 33 and 35 of, and paragraph 35 of Schedule 2 to, the Bank of England and Financial Services Act 2016, S.I. 2013/1388.
Part 11 was amended by paragraph 54 of Schedule 26 to the Criminal Justice Act 2003 (c. 44), paragraph 33 of Schedule 7 to the Counter-Terrorism Act 2008, section 18 of, and paragraphs 15 to 17 of Schedule 2 to, the Financial Services Act 2010, paragraphs 1 to 14 of Schedule 12 and paragraph 8 of Schedule 18 to the Financial Services Act 2012, paragraph 11 of Schedule 3 to the Pension Schemes Act 2015, paragraphs 36 and 37 of Schedule 2 to the Bank of England and Financial Services Act 2016 and paragraph 9 of Schedule 2 to the Investigatory Powers Act 2016 (c.25), and by S.I. 2001/1090, 2005/1433, 2007/126, 2011/1043, 2012/2554, 2013/1773, 2015/575 and 2016/225 and 680
Part 12 was amended by section 26 of the Financial Services Act 2012 and paragraphs 38 to 40 of Schedule 2 to the Bank of England and Financial Services Act 2016, and by S.I. 2009/534, 2011/1043 and 1613, 2013/3115, 2014/3329, 2015/534, 575 and 1755 and 2016/1239.
Part 13 was amended by section 3 of the Financial Services Act 2010 and paragraphs 30 to 43 of Schedule 4 to the Financial Services Act 2012, and by S.I. 2007/126, 2194 and 3253, 2011/1043 and 1613, 2012/916 and 2015, 2013/1773, 1797, 1881 and 3115, 2015/575, 910 and 1882.
Sections 341 to 346 were amended by paragraphs 4 to 7 of Schedule 13 to the Financial Services Act 2012 and paragraph 44 of Schedule 2 to the Bank of England and Financial Services Act 2016, and by S.I. 2013/3115.
Section 348 was amended by paragraph 26 of Schedule 2 to the Financial Services Act 2010, paragraph 18 of Schedule 12 to the Financial Services Act 2012, paragraph 5 of Schedule 8 to the Financial Services (Banking Reform) Act 2013 and paragraph 45 of Schedule 2 to the Bank of England and Financial Services Act 2016, and by S.I. 2016/1239.
Section 349 was amended by section 964 of the Companies Act 2006 (c. 46) and paragraph 19 of Schedule 12 to the Financial Services Act 2012, and by S.I. 2006/1183, 2007/1093 and 2011/1043.
Section 352 was amended by paragraph 54 of Schedule 26 to the Criminal Justice Act 2003.
Section 359 was substituted by paragraph 55 of Schedule 17 to the Enterprise Act 2002 (c. 40) and amended by paragraph 6 of Schedule 2 to the Dormant Bank and Building Society Accounts Act 2008 (c. 31) and paragraph 6 of Schedule 14 to the Financial Services Act 2012, and by S.I. 2005/1455.
Sections 367 and 368 were amended by paragraphs 14 and 15 of Schedule 14 to the Financial Services Act 2012, and by S.I. 2005/575
Part 26 was amended by paragraph 11 of Schedule 4 to the Regulation of Investigatory Powers Act 2000 (c. 23), section 13 of, and paragraphs 28 and 29 of Schedule 2 to, the Financial Services Act 2010, sections 17 to 19 and 24 of, and paragraph 37 of Schedule 8, paragraphs 26 to 35 of Schedule 9 and paragraph 8 of Schedule 13 to, the Financial Services Act 2012, section 4 of, and paragraphs 12 to 14 of Schedule 3 to, the Financial Services (Banking Reform) Act 2013, and paragraph 43 of Schedule 10 to the Investigatory Powers Act 2016 (c. 25), and by S.I. 2006/381 and 1433, 2007/126 and 1973, 2009/534, 2010/22, 2012/916, 2013/1388 and 3115, 2014/2879, 2015/1755 and 2016/225, 680, 715 and 1239.
S.I. 2001/1420, amended by S.I. 2005/274, 2010/1193, 2013/472 and 2014/549.
S.I. 2001/2188, amended by S.I. 2001/3437 and 3624, 2002/1775, 2003/693, 2066, 2174 and 2817, 2004/1862 and 3379, 2005/3071, 2006/3413, 2007/3255, 2009/2877, 2010/2628, 2011/1043, 1265, 1613 and 2085, 2012/725, 916, 2554 and 3019, 2013/472, 504, 1162, 1773, 2329 and 3115, 2014/549, 883, 2879 and 3348, 2015/575 and 910, and 2016/225, 680 and 715.
OJ L 123, 19.5.2015, p.1.
OJ L 337 23.12.2015, p.35.
Section 138L was substituted by section 24 of the Financial Services Act 2012.
Paragraph 14 was amended by paragraph 25 of Schedule 11 to the Financial Services Act 2012 and by S.I. 2015/542.
1973 c. 39. Section 78 was amended by section 7 of the Consumer Credit Act 2006 (c. 14) and by S.I. 1998/997 and 2008/1277. Section 84 was amended by S.I. 1998/997, 2000/2334 and 2004/2095.
Section 1H was substituted (with the rest of Part 1A) for Part 1 by section 6 of the Financial Services Act 2012 and amended by S.I. 2013/655, 1881 and 3115.
Section 206A was inserted by section 9 of the Financial Services Act 2010. Subsection (1A) was inserted by paragraph 13 of Schedule 9 to the Financial Services Act 2012.
Subsection (2) was amended by S.I. 2009/209 and 2011/99.
Subsection (1) was amended by paragraph 10 of Schedule 11 to the Financial Services Act 2012, S.I. 2009/209 and 2011/99.
Section 379A was inserted by section 112 of the Digital Economy Act 2017 (c. 30).
Section 404E was substituted, with other sections, for section 404 by section 14 of the Financial Services Act 2010. Subsection (6) was amended by S.I. 2011/99 and 2013/1881.
Section 404F was substituted, with other sections, for section 404 by section 14 of the Financial Services Act 2010. Subsection (6) was amended by paragraph 20 of Schedule 18 to the Financial Services Act 2012 and by S.I. 2011/99.
Schedule 1A was inserted by paragraph 1 of Schedule 1 to the Financial Services Act 2010. Paragraph 12 was amended by paragraph 13 of Schedule 15 to the Financial Services Act 2012 and by S.I. 2011/99.
Paragraph 13 was amended by paragraph 24 of Schedule 11 to the Financial Services Act 2012, and by S.I. 2009/209, 2011/99 and 2015/542.
2002 c. 40. Schedule 13 was amended by S.I. 2006/3363, 2015/2911 and other instruments which are not relevant to these Regulations. There are amendments to Schedule 15 but none is relevant to these Regulations.
2013 c. 33. Section 108 was amended by section 14 of the Small Business, Enterprise and Employment Act 2015 (c. 26).
S.I. 2011/99, amended by S.I. 2011/2742, 2012/1791, 2013/429, 479, 1881 and 3115, 2014/366, 2015/575 and 2016/163 and 937.
OJ L 331, 15.12.2010, p.12.
S.I. 1999/2979. The definitions of “default arrangements” and “transfer order” in regulation 2(1) were amended by S.I. 2010/2993 and 2013/504.
OJ L 331, 15.12.2010, p.12.
OJ L 319 5.12.2007, p.1. The Directive is repealed with effect from 13 January 2018 by Directive 2015/2366/EU.
S.I. 1975/1023, as amended by S.I. 2011/1800, 2013/472 and other instruments that are not relevant here.
S.I. 1998/1870, as amended by S.I. 2011/1780 and other instruments that are not relevant here.
S.I. 2001/544. Article 9AB was inserted by S.I. 2009/209 and amended by S.I. 2011/99. Articles 60JA and 60JB were inserted by S.I. 2014/366.
S.I. 2004/1450, as amended by S.I. 2010/582 and other instruments that are not relevant here.
S.I. 2004/2095, as amended by S.I. 2009/209 and other instruments that are not relevant here.
S.I. 2011/245. There have been amendments but none is relevant here.
S.I. 2012/3110, amended by S.I. 2013/761 and 3134 and 2014/549.
OJ L 123, 19.5.2015, p.1.
OJ L 94, 30.3.2012, p.22.
S.I. 2012/1128. There have been amendments to article 4 but none is relevant here.
S.I. 2012/3122. Regulation 2(1) was amended by S.I. 2013/472.
S.I. 2013/418. There have been amendments to article 2 but none is relevant here.
S.I. 2014/2080. There are several amendments to regulation 1(4) but none is relevant here.
OJ L 337 23.12.2015, p.35.