Publication date: December 12, 2023
The following fictional case scenarios provide examples to help differentiate payment functions performed using a designated system under section 7 of the Retail Payment Activities Act (and exempted as a result) from other non-exempted payment functions related to the same transaction.
The examples provided are not a replacement for the Criteria for registering payment service providers supervisory policy, but rather they are meant to complement the policy. They should be read in conjunction with the policy.
These examples build off each other. We recommend reading them in the order they appear.
Case scenario: Payment service provider using a designated payment system
Company A is a fintech company that offers pre-paid accounts and payment transfer services to its clients. To receive and carry out electronic funds transfers (EFTs) from or to end users using another payment service provider (PSP), Company A uses a system that is designated under section 4 of the Payment Clearing and Settlement Act (PCSA).
Company A maintains an account that stores end users’ personal information and the payment credentials generated for them. To send funds, clients connect to the Company A online interface and enter the transaction details. PSP A’s website captures the information to initiate the EFT and sends a payment instruction to the designated payment system. Further processing of the transaction takes place on the designated system, with the transferee eventually receiving the funds.
When one of their clients is receiving funds, Company A makes the funds available in their Company A account after the transfer is completed on the designated payment system. Company A holds the funds until the client transfers further or withdraw those funds.
Although a designated payment system is involved in the EFTs that are sent and received for Company A’s clients, Company A is not the operator of the system. The PSP performs multiple payment functions that are not carried out on the system, such as:
- providing and maintaining an account;
- holding funds on behalf of an end user;
- initiating an EFT
- authorizing an EFT, or
- transmitting, receiving or facilitating an instruction in relation to an EFT
This means that Company A is still subject to the RPAA and needs to register with the Bank of Canada, assuming it meets the other registration criteria.
Case scenario: Designated payment system operator
Company B, owned by a group of financial institutions, operates the designated payment system used by Company A.
In operating the system, Company B performs the following retail payment functions on behalf of its members, as defined in section 2 of the RPAA:
- the transmission, reception or facilitation of an instruction in relation to an EFT
- the provision of clearing and settlement
These are the only payment functions Company B performs. They are excluded from the RPAA under the designated systems exclusion of section 7 of the RPAA. As a consequence, Company B does not need to register with the Bank of Canada as a payment service provider.
Case scenario: Designated payment system operator with multiple lines of business
In addition to the clearing and settlement services performed on its designated system, Company B starts distributing a new risk-management tool that manages rules in real time to flag or decline suspicious transactions with a high fraud risk score. It offers this service to other entities, including other PSPs, on a platform that is separate from the designated system. Clients can choose to opt in for an additional fee.
In offering risk-monitoring services, Company B is performing the payment function the authorization of an EFT as defined in section 2 of the RPAA. This function is not performed using a system that is designated under subsection 4(1) of the PCSA, which means that the designated systems exclusion of section 7 of the RPAA does not apply. Company B needs to register with the Bank of Canada, assuming it meets the other registration criteria.
Disclaimer
The case scenarios are illustrative examples reflecting the Bank of Canada’s interpretation of certain requirements set out in the Retail Payment Activities Act (RPAA). All names, facts and descriptions in these scenarios are entirely fictitious and do not reflect any real or actual individuals or entities.
Additionally, they do not represent legal advice and should not be used as a replacement for seeking such advice if an individual or entity is unsure about whether they are required to register with the Bank of Canada as a payment service provider. The nature of the products and services offered by each individual or entity will vary, as will the circumstances around offering these products and services. Therefore, any individual or entity that may be subject to the RPAA should assess their own situation on a case-by-case basis according to their own facts and circumstances. Any entity or individual that may be subject to the RPAA is ultimately responsible for determining whether they are required to register with the Bank.
The examples provided are not a replacement for the Criteria for registering payment service providers supervisory policy, but rather they are meant to complement the policy. They should be read in conjunction with the policy.
Topic(s):
Registration