Transformational Mobile Payments - What are the central regulatory issues to address?

Transformational Mobile Payments ProjectsWhat are the central regulatory issues to address?Paul Anning5 July 2013

osborneclarke.com Private & Confidential

2

Agenda

• European payment services regulatory regime

– An overview - Objectives, Key measures and the 4-corner model

– Application to Mobile Payments - Different models

– Extension of scope of "payment services" - 'overlay' services

• Specific regulatory issues

• General observations

osborneclarke.com Private & Confidential

3

European payment services regulatory regime: Objectives

Regulated field of payment

services

Enhanced competition

Greater efficiency

Consumer protection

Digital economy

osborneclarke.com Private & Confidential

4

European payment services regulatory regime:Key measures

• Payment Services Directive (PSD)

• Second Electronic Money Directive (2EMD)

• Cross Border Payments Regulation

• Anti-Money Laundering Directive (MLD)

• Funds Transfers Regulation

• SEPA End Date Regulation

• Single Market Act (SMA II)

• EC's Green Paper: Towards an integrated European market for card, internet and mobile payments

• EPC's White Paper: Mobile payments

• ECB's final recommendations on the security of internet payments (SecuRePay)

• Fourth Money Laundering Directive (4MLD)

osborneclarke.com Private & Confidential

5

European payment services regulatory regime:Payment transactions – the four corner model

Payer Payee

Payer's PSP Payee's PSP

Sale of goods and services

Funds transfer

Framework contract

Framework contract

Payment system

osborneclarke.com Private & Confidential

6

Mobile Payments

osborneclarke.com Private & Confidential

7

Mobile Payments – Different models

Broad term covering essentially 4 different models:

•Mobility (GPS; incentives)

•Purchasing service ('add to bill')

•Access/authentication ('remote payments' - mobile banking; money remittance)

•Mobile phone as a payment instrument ('contactless' – NFC: stickers, secure element provisioned)

osborneclarke.com Private & Confidential

8

Mobile Payments – Access/AuthenticationMobile phone as initiator

Payer Payee

Payer's PSP Payee's PSP

Sale of goods and services

Customer Ts&Cs

Payment system

Mobile AppTs&Cs

Token generator

Customer Ts&Cs

Mobile AppTs&Cs

osborneclarke.com Private & Confidential

9

Mobile Payments – Access/AuthenticationMobile phone as initiator and number as proxy

Payer Payee

Payer's PSP Payee's PSP

Sale of goods and services

Customer Ts&Cs

Payment system

Mobile AppTs&Cs

Mobile phone number proxy

database

Customer Ts&Cs

Mobile AppTs&Cs

osborneclarke.com Private & Confidential

10

European payment services regulatory regime:Extension of scope of "payment services" to 'overlay' services

• 3 types of 'overlay' services:

– services to aid authorisation/authentication (eg mobile phones, tokens, etc)

– services enabling access to payment accounts (eg for data aggregation)

– services enabling payment initiation

• Currently, TSPs (technical service providers) are exempt from PSD as they do not enter into possession of the funds to be transferred

• Proposal to extend regulation to PAAS (Payment Account Access Services) and PAIS (Payment Account Initiation Services)

• Why? Regulation can achieve harmonisation, enhance competition, encourage the digital economy and provide appropriate user protection

• But? Different scenarios, each with a complex set of arrangements

osborneclarke.com

11

Mobile Payments – ContactlessTypical structure for partnering arrangements

osborneclarke.com Private & Confidential

12

Mobile Payments – Specific regulatory issues (1)Payment services

• FI will hold regulatory licence and card scheme membership

• FI has core relationship with regulators and card schemes

• FI ultimately bears regulatory and legal risk; both parties reputational risk

• Typically Brand/MNO procures services but is distributing FI's product/services

• Brand/MNO's role (including in distribution) may require it to be authorised

• Regulatory change (including of interpretation) is constant

• FI, not Brand/MNO, has contract with Customer

• Brand/MNO may nonetheless wish to 'own' Customer

• Roll-out across jurisdictions requires local advice

osborneclarke.com Private & Confidential

13

Mobile Payments – Specific regulatory issues (2)General

• Customer lifecycle:

– Promotion

– Customer acceptance, including AML/KYC

– Funds flows – loading and redemption channels

– Complaints and claims handling

– Lost & stolen mobile phones

• Confidentiality - Data protection – Security

• Security

• Termination: Meaning? Exit assistance; Migration

osborneclarke.com Private & Confidential

14

Mobile Payments – Specific regulatory issues (3)Data protection

• Key questions include:

– Who collects what data and when?

– Who is the data controller or data processor?

– What is the data – cardholder, transaction, activity, geo-location?

• Both FI and Brand/MNO need to use the same personal data for different purposes

• Both have legal responsibilities for the same personal data

• Brand/MNO may wish to 'own' Customer, even though contract is with FI

• Meaning of 'ownership'

• Differences in local law and lack of legal certainty on key issues

osborneclarke.com Private & Confidential

15

Mobile Payments – General observations

• Convergence of:

– Financial services and digital businesses (including telecoms), each with different regulatory regimes and sensitivities (eg security; lost and stolen; DP; VAT)

– Electronic funds transfers and card transactions (esp. online POS)

• Technological advances are enabling an accelerating rate of change in payments; conversely, technology challenges also

• Increasing diversity of payment initiation, authentication, authorisation and execution methods

Private & Confidentialosborneclarke.com

16

Contact details

Paul Anning is head of European law firm, Osborne Clarke's Financial Institutions Group and a specialist financial services lawyer. Paul has market leading experience and expertise in the payments industry where he has guided clients through new product development, regulatory change and transformational projects, such as the creation of the UK's Payments Council (which sets the strategy for UK payments), the merger creating VocaLink (the UK’s largest payments processor), the UK's first NFC enabled stored value mobile payment solution (QuickTap) and the acquisition of one of Europe's leading prepaid card issuers.

Paul is well versed in the complexities of the payments industry's network arrangements. He also has a deep knowledge of legal and regulatory

developments affecting the payments industry, including key European developments such as SEPA, PSD and the 2EMD.

Paul and the Osborne Clarke Payments team act for a range of clients from infrastructure providers and traditional credit institutions and GTS businesses through to electronic money issuers and corporates and retailers (including on corporate card and co-branded arrangements). Their Payments practice is recognized externally as top-tier ranking, with commentary such as - "Osborne Clarke is one of the leading practices working in the payments services sphere" and in July 2012 an award for "TMT Team of the Year 2012" at The Lawyer Awards for their work on Everything Everywhere and Barclaycard's QuickTap product.

Paul AnningPartner and head of Financial Institutions GroupT+44 (0) 20 7105 [email protected] "A fabulous, full-

service firm stuffed with bright and efficient people"

Chambers UK

"Osborne Clarke is one of the leading practices working in the payments services sphere"

Chambers UK