On 1 August 2018, the Financial Conduct Authority (“FCA”) published Consultation Paper 18/21 on ‘General Standards and Communication Rules for the Payment Services and E-Money Sectors’. The consultation closes on 1 November 2018.
The FCA proposes to extend the Principles for Business in its Handbook of Rules and Guidance (“Handbook”) to UK non-bank payment service providers and e-money issuers (collectively, “non-bank PSPs”). As proposed, EEA non-bank PSPs that have passported into the UK may also be affected.
Currently, the Principles for Business (and most of the Handbook) apply to firms authorised under the Financial Services and Markets Act 2000 (“FSMA”) but not to non-bank PSPs – writes Kai Zhang, Associate Director at Bryan Cave Leighton Paisner LLP.
This is because banks (including credit unions and building societies) that carry on payment services and e-money issuance do so under the banking regulation within the FSMA framework whereas non-bank PSPs are regulated, as applicable, under the Payment Services Regulation 2017 and the Electronic Money Regulations 2011 which are separate regimes sitting alongside the FSMA.
The Principles for Business are 11 overarching principles on how a firm must conduct its business/affairs. As proposed, some of the principles apply only to a non-bank PSP when it deals with consumers (which includes small businesses and charities that meet specified size requirements). It is submitted that the proposed extension does not seem necessary and may be intended to provide the FCA with more enforcement flexibility.
Firstly, there does not seem to be a clear rationale for extending the principles to non-bank PSPs. The FCA states that the ‘harm’ to be addressed is to prevent regulatory inconsistencies between banks that carry on payment services or issue e-money and non-bank PSPs that engage in the same activities, in other words, to have a level playing field.
However, the payment and e-money regimes have been deliberately designed to be different so that non-bank PSPs are subject to ‘lighter’ requirements. This is because non-bank PSPs and banks that carry on payment/e-money services are fundamentally different in terms of their risk profile.
Recital 34 of the EU Payment Services Directive 2015/2366 (repeating Recital 11 of Directive 2007/64/EC which first established the payment regime) succinctly summaries the difference as follows: “The requirements for the payment institutions should reflect the fact that payment institutions engage in more specialised and limited activities, thus generating risks that are narrower and easier to monitor and control than those that arise across the broader spectrum of activities of credit institutions”.
The Consultation Paper acknowledges, but does not address, this point.
There are also practical issues with applying the principles themselves. The requirements contained in the principles – which is also hinted in the Consultation Paper – are either already included in the payment/e-money regulatory regimes or not easily applied to non-bank PSPs. This may be illustrated by the two examples below.
Principle 10 requires a firm to protect its clients’ assets. A non-bank PSP is already subject to specific safeguarding requirements with respect to customer funds held overnight. However, it should be noted that small non-bank PSPs do not have to comply with such safeguarding requirements unless they choose to. Does this mean compliance with the specific requirements results in automatic compliance with Principles 10? If so, why Principle 10? If not, what additional requirements Principle 10 imposes?
For banks, the principles are justified because banks engage in multiple regulated activities and there may be ‘gaps’ between the complex rules applicable to various aspects of their business. General principles can function as a form of ‘catch-all’. However, for non-bank PSPs whose activities are narrow and specific in scope, such general principles may add more confusion than clarity (contrary to one of the stated objectives).
Principle 8 requires a firm to ensure the suitability of its advice. These are clearly intended for businesses such as investment advice. It is difficult to contemplate how such requirements apply to a non-bank PSP.
For FSMA firms, the FCA seems to be increasingly focusing on the Principles for Business as basis for its enforcement actions rather than by referencing breaches of specific rules in the Handbook. Given the potential issues, one may wonder if the proposed extension is to enhance the FCA’s ability to intervene in the payment/e-money sectors.
If so, there should be clear parameters on the exact scope of each of the principles. As currently proposed, extension of these overarching principles may likely present significant compliance challenges to non-bank PSPs.