The Payment Services Act (“PS Act”) came into effect on January 28, 2020. The PS Act adopts the activity-based licensing framework in view of the different kinds of activities and new developments in payment token services.
PS Act will enhance the regulatory framework for payment services, strengthen consumer protection and promote the confidence in the use of e-payments. The Money-Changing and Remittance Businesses Act (“MCRBA”) and the Payment Systems (Oversight) Act (“PS(O)A”) will be repealed with the commencement of the PS Act.
PS Act regulates the following payment services:
- Account issuance services;
- Domestic money transfer services;
- Cross-border money transfer services;
- Merchant acquisition services;
- E-money issuance services;
- Digital payment token services; and
- Money-changing services.
Payment Services that are excluded from the PS Act:
- E-money that is for a limited purpose;
- Virtual currency that are for a limited purpose; and
- Payment services conducted by licensed or exempt entities under the Securities and Futures Act and the Financial Advisers Act.
Types of licenses:
- Money-changing Licence;
- Standard Payment Institution Licence (“SPIL”); and
- Major Payment Institution Licence (“MPIL”).
A business holding a major payment institution licence will be regulated more comprehensively.
Conditions for Application
An applicant of SPIL / MPIL licence should:
- Be a company incorporated in Singapore or overseas;
- Have a permanent place of business in Singapore or a registered office in Singapore; and
- Have at least 1 executive director who is a Singapore citizen or Permanent Resident, or a person belonging to a class of persons prescribed by MAS.
An applicant of Money-changing licence should:
- Have a permanent place of business or a registered office in Singapore.
For all the 3 licences, MAS must be satisfied:
- That applicant is fit and proper person and meet the Guidelines on Fit and Proper Criteria;
- To the Financial condition of the applicant; and
- That the Public interest is served by granting the licence.
For Account Issuance Service
- Business holding this licence must not assist users in withdrawing e-money from their accounts and exchanging the e-money for Singapore currency if the user is resident in Singapore.
- Agreement or arrangement must not be entered to make this possible.
- In addition, MPIL that provide this service must restrict users from holding more than S$5,000 in their e-wallet at any point in time.
- Prevent users from transferring more than S$30,000 within each year to accounts other than the user’s previously-nominated bank accounts.
For e-Money Issuance Service
- Business holding this licence are prohibited from lending any customer money; or
- Using any customer money, or interest earned on any customer money to finance any business activity.
Existing Store Value Facility (SVF) licence-holder or a remittance licence-holder under the PS(O)A or MCRB have 6 months from the commencement of the PS Act to inform MAS in writing of the specific payment services that you are conducting. Re-application for a licence under the PSA is not required.
Variation / Changes of Licence
- Changing types of payment services provided by the SPIL or MPIL
- Changing the money-changing licence to SPIL or MPIL
- Changing the SPIL licence to money-changing licence or MPIL licence
- Changing the MPIL licence to money-changing licence or SPIL licence
Exempt Service Provider
- Bank licensed under the Banking Act;
- Merchant bank approved as a financial institution under the MAS Act;
- Finance company licensed under the Finance Companies Act;
- Person licensed to carry on the business of issuing the credit cards or charge cards in Singapore under section 57B of the Banking Act; and
- Any other person or class of persons that may be prescribed.
Exemption applies to any holder of money-changing licence whose provision of money-changing services is solely incidental to its business of keeping or managing a hotel.
Risk Mitigating Measures
There are four key risks common across many payment services. The PS Act aims to mitigate risks while facilitating growth and innovation.
The PS Act has implemented the following controls to further enhance protection offered by responsible financial institutions to individuals and sole proprietors from losses arising from unauthorised transactions or erroneous transactions.
- Safeguarding money received from customers through liability, guarantee and trust account; and
- Includes contractual obligations with safeguarding institution and additional reporting and monitoring mechanisms.
With the controls in place, should a MPIL surrender its licence or have its licence revoked, MAS may enforce the security to the extent required to pay any sums outstanding and claimed by payment service users who are customers of the MPIL. As such, customers may recover part of the sums outstanding claimed against the MPIL. But it is not intended to nor can it insure customers against all losses.
Anti-Money Laundering (“AML”) / Countering the Financing of Terrorism (“CFT”)
The PS Act imposes AML/CFT measures on persons carrying on a business in providing payment services that have been assessed to pose Money Laundering (“ML”)/Terrorist Financing (”TF”) risks.
All payment service providers should abide by the prescribed principles in the MAS Notices relating to AML and CFT when conducting their operations and business activities, exercise due diligence when dealing with customers, conduct its business in conformity with high ethical standards, guard against facilitating money laundering or terrorism financing, cooperate and assist the law enforcement authorities in Singapore to prevent ML and TF.
The payment service provider shall assess the AML/CFT risks and take appropriate measures to mitigate the risks when developing new products, business practices, delivery mechanisms and technologies.
In general, the AML/CFT measures will include requirements to conduct customer due diligence, monitor transactions, perform screening, report suspicious transactions and keep adequate records. The requirements may differ depending on the risk profiles of the customers or transactions.
There are many e-payment solutions in Singapore, but they may not necessarily interoperate with each other. Consumers may not be able to make payments directly to each other or to merchants if both parties use and accept different payment methods. One way to tackle this issue is to encourage the interoperability of payment acceptance solutions so that consumers and merchants have a simple and standardised payments experience.
In order to achieve the objective stated above, MAS may impose an access regime on a designated payment system operator or major payment institution to mandate that these entities allow third parties to access their system. In addition, MAS may mandate any MPIL to participate in a common platform to facilitate the interoperability of widely used payment accounts, including large e-wallets and bank accounts. Finally, MAS may require any MPIL to adopt common standards to make widely used payment acceptance methods, such as QR codes.
Technology Risk Management (“TRM”)
MAS Guidelines on TRM will apply to all licensees. These Guidelines set out IT risk management principles and best practices to guide financial institutions in establishing a robust TRM framework, strengthening of cybersecurity controls, enhancing system resiliency, and implementing strong authentication measures to protect customer data, transactions and systems. These are best practices which the payment institutions are expected to adopt.
Reach out to us:
RHT Compliance Solutions