Transformational Mobile Payments Projects What are the central regulatory issues to address? Paul Anning 5 July 2013
Jun 23, 2015
Transformational Mobile Payments ProjectsWhat are the central regulatory issues to address?Paul Anning5 July 2013
osborneclarke.com Private & Confidential
2
Agenda
• European payment services regulatory regime
– An overview - Objectives, Key measures and the 4-corner model
– Application to Mobile Payments - Different models
– Extension of scope of "payment services" - 'overlay' services
• Specific regulatory issues
• General observations
osborneclarke.com Private & Confidential
3
European payment services regulatory regime: Objectives
Regulated field of payment
services
Enhanced competition
Greater efficiency
Consumer protection
Digital economy
osborneclarke.com Private & Confidential
4
European payment services regulatory regime:Key measures
• Payment Services Directive (PSD)
• Second Electronic Money Directive (2EMD)
• Cross Border Payments Regulation
• Anti-Money Laundering Directive (MLD)
• Funds Transfers Regulation
• SEPA End Date Regulation
• Single Market Act (SMA II)
• EC's Green Paper: Towards an integrated European market for card, internet and mobile payments
• EPC's White Paper: Mobile payments
• ECB's final recommendations on the security of internet payments (SecuRePay)
• Fourth Money Laundering Directive (4MLD)
osborneclarke.com Private & Confidential
5
European payment services regulatory regime:Payment transactions – the four corner model
Payer Payee
Payer's PSP Payee's PSP
Sale of goods and services
Funds transfer
Framework contract
Framework contract
Payment system
osborneclarke.com Private & Confidential
6
Mobile Payments
osborneclarke.com Private & Confidential
7
Mobile Payments – Different models
Broad term covering essentially 4 different models:
•Mobility (GPS; incentives)
•Purchasing service ('add to bill')
•Access/authentication ('remote payments' - mobile banking; money remittance)
•Mobile phone as a payment instrument ('contactless' – NFC: stickers, secure element provisioned)
osborneclarke.com Private & Confidential
8
Mobile Payments – Access/AuthenticationMobile phone as initiator
Payer Payee
Payer's PSP Payee's PSP
Sale of goods and services
Customer Ts&Cs
Payment system
Mobile AppTs&Cs
Token generator
Customer Ts&Cs
Mobile AppTs&Cs
osborneclarke.com Private & Confidential
9
Mobile Payments – Access/AuthenticationMobile phone as initiator and number as proxy
Payer Payee
Payer's PSP Payee's PSP
Sale of goods and services
Customer Ts&Cs
Payment system
Mobile AppTs&Cs
Mobile phone number proxy
database
Customer Ts&Cs
Mobile AppTs&Cs
osborneclarke.com Private & Confidential
10
European payment services regulatory regime:Extension of scope of "payment services" to 'overlay' services
• 3 types of 'overlay' services:
– services to aid authorisation/authentication (eg mobile phones, tokens, etc)
– services enabling access to payment accounts (eg for data aggregation)
– services enabling payment initiation
• Currently, TSPs (technical service providers) are exempt from PSD as they do not enter into possession of the funds to be transferred
• Proposal to extend regulation to PAAS (Payment Account Access Services) and PAIS (Payment Account Initiation Services)
• Why? Regulation can achieve harmonisation, enhance competition, encourage the digital economy and provide appropriate user protection
• But? Different scenarios, each with a complex set of arrangements
osborneclarke.com
11
Mobile Payments – ContactlessTypical structure for partnering arrangements
osborneclarke.com Private & Confidential
12
Mobile Payments – Specific regulatory issues (1)Payment services
• FI will hold regulatory licence and card scheme membership
• FI has core relationship with regulators and card schemes
• FI ultimately bears regulatory and legal risk; both parties reputational risk
• Typically Brand/MNO procures services but is distributing FI's product/services
• Brand/MNO's role (including in distribution) may require it to be authorised
• Regulatory change (including of interpretation) is constant
• FI, not Brand/MNO, has contract with Customer
• Brand/MNO may nonetheless wish to 'own' Customer
• Roll-out across jurisdictions requires local advice
osborneclarke.com Private & Confidential
13
Mobile Payments – Specific regulatory issues (2)General
• Customer lifecycle:
– Promotion
– Customer acceptance, including AML/KYC
– Funds flows – loading and redemption channels
– Complaints and claims handling
– Lost & stolen mobile phones
• Confidentiality - Data protection – Security
• Security
• Termination: Meaning? Exit assistance; Migration
osborneclarke.com Private & Confidential
14
Mobile Payments – Specific regulatory issues (3)Data protection
• Key questions include:
– Who collects what data and when?
– Who is the data controller or data processor?
– What is the data – cardholder, transaction, activity, geo-location?
• Both FI and Brand/MNO need to use the same personal data for different purposes
• Both have legal responsibilities for the same personal data
• Brand/MNO may wish to 'own' Customer, even though contract is with FI
• Meaning of 'ownership'
• Differences in local law and lack of legal certainty on key issues
osborneclarke.com Private & Confidential
15
Mobile Payments – General observations
• Convergence of:
– Financial services and digital businesses (including telecoms), each with different regulatory regimes and sensitivities (eg security; lost and stolen; DP; VAT)
– Electronic funds transfers and card transactions (esp. online POS)
• Technological advances are enabling an accelerating rate of change in payments; conversely, technology challenges also
• Increasing diversity of payment initiation, authentication, authorisation and execution methods
Private & Confidentialosborneclarke.com
16
Contact details
Paul Anning is head of European law firm, Osborne Clarke's Financial Institutions Group and a specialist financial services lawyer. Paul has market leading experience and expertise in the payments industry where he has guided clients through new product development, regulatory change and transformational projects, such as the creation of the UK's Payments Council (which sets the strategy for UK payments), the merger creating VocaLink (the UK’s largest payments processor), the UK's first NFC enabled stored value mobile payment solution (QuickTap) and the acquisition of one of Europe's leading prepaid card issuers.
Paul is well versed in the complexities of the payments industry's network arrangements. He also has a deep knowledge of legal and regulatory
developments affecting the payments industry, including key European developments such as SEPA, PSD and the 2EMD.
Paul and the Osborne Clarke Payments team act for a range of clients from infrastructure providers and traditional credit institutions and GTS businesses through to electronic money issuers and corporates and retailers (including on corporate card and co-branded arrangements). Their Payments practice is recognized externally as top-tier ranking, with commentary such as - "Osborne Clarke is one of the leading practices working in the payments services sphere" and in July 2012 an award for "TMT Team of the Year 2012" at The Lawyer Awards for their work on Everything Everywhere and Barclaycard's QuickTap product.
Paul AnningPartner and head of Financial Institutions GroupT+44 (0) 20 7105 [email protected] "A fabulous, full-
service firm stuffed with bright and efficient people"
Chambers UK
"Osborne Clarke is one of the leading practices working in the payments services sphere"
Chambers UK