We previously provided a summary of the new federal oversight framework for retail payment systems (the Oversight Framework) proposed by the Department of Finance Canada (the Department) in a paper titled, “A New Retail Payments Oversight Framework” (Consultation Paper).
The consultation period closed on October 6, 2017, and the responses haven’t yet been made public. While there is no confirmed timeline for their publication, we think that now is the perfect time to provide you with additional commentary and context on the Oversight Framework.
Because the retail payments space is complex and rapidly-evolving, the Oversight Framework, while a good first step, should be considered a preliminary move by the Department. Very few concepts in the Consultation Paper were finalized, no draft legislative amendments were proposed and no designated regulator identified. Gaining a deeper understanding of the context around the retail payments ecosystem at this early stage of the regulatory process will equip potential payment-system providers (PSPs) and other participants for more meaningful participation in what we anticipate will be an ongoing, collaborative approach to developing the final Oversight Framework.
2. What to expect next
This Consultation Paper is the Department’s second paper that focuses on the regulation of retail payments. The Oversight Framework set out in the Consultation Paper builds on the first, an April 2015 document - Balancing Oversight and Innovation in the Ways We Pay, on which the Department also sought industry feedback. When the Consultation Paper was released in July 2017, the Department’s planned next step was to propose new draft legislation that would implement the Oversight Framework. However, given the broad range of feedback the Department is likely to receive, the relatively preliminary nature of the Framework and the Department’s stated desire to work with the industry to develop appropriate policies mean that more consultation is a more-likely next step.
3. Why should I care about the Oversight Framework?
The retail payments market is quite vast, in both payment volume and value. According to Payments Canada:
- In 2015, Canadians made roughly 20.9 billion retail payment transactions, worth more than CA$8.9 trillion, up from CA$7 trillion in 2008;
- Between 2008 and 2015:
- The number of cash transactions fell by 30 percent, while the number of electronic transactions grew by 44 percent.
- The number of debit and credit card transactions increased by 40 and almost 70 percent, respectively.
As the Department states in its Consultation Paper:
- Looking forward, one estimate suggests that Canadian non-cash payments could reach a trillion dollars by 2020, with the potential of upwards of 15 percent of these payments being mobile, compared with one percent in 2015.
Bottom line: The Canadian retail payments market is big and continues to grow, with most of that growth happening in the electronic space, making it a market ripe for innovation.
4. Five Things about the Oversight Framework you should know
(a) The Oversight Framework marks an intentional shift to functional regulation.
This shift in regulatory approach is significant in the Canadian payments space, where regulatory efforts have been institutionally-based, and focused on prudentially-regulated entities, like banks and other “traditional” financial institutions. Moving to a functional approach broadens what the Department calls the “regulatory perimeter” – or the reach of the Oversight Framework. It does so by describing payment functions that could be performed by entities – PSPs, which aren’t traditional financial institutions or regulated from a payments perspective today.
Capturing non-traditional participants in the perimeter is notable for two reasons:
- First, because it means that the Oversight Framework will also apply to incumbents that haven’t historically been the focus of intense regulatory scrutiny in Canada. For example, card networks, such as Visa, MasterCard and Interac, insofar as they may be performing any of the payment functions that fall within the scope of the perimeter, would be covered by the Framework. Similarly, to the degree that traditional financial institutions (such as banks) perform functions that aren’t otherwise regulated, they could also be affected by the Oversight Framework. In other words, new entrants won’t be the only players impacted.
- Second, the broad and depth Oversight Framework means that the functions it proposes to regulate include those that are central to a retail payment. In fact, as described by the Consultation document, PSPs would be permitted to participate in each of the five core functions that make up an electronic retail payment and would not be relegated to the periphery.
As an illustration, one of the functions described by the Framework is the Provision and Maintenance of a Payment Account, which allows PSPs to provide and maintain an account held in the name of one or more end users for the purpose of making electronic fund transfers. These are activities that are only narrowly permitted by non-deposit-taking institutions. In Canada, this degree of PSP participation in retail payments would be unprecedented and represents a major shift, not only in regulatory approach, but also in the types of entities the Department of Finance thinks should be eligible to participate in all aspects of the retail payments system.
Bottom line: The Oversight Framework’s use of functional regulation means new entities will be able to participate in the retail payments space in more meaningful, independent and innovative ways.
(b) The introduction of a functional regime won’t be seamless
While the consultation offers some important first steps towards the functional regulation of retail payments in Canada, the approach does present some challenges. The first of which is the challenge of regulating the space at all. As the Department mentions in the Consultation Paper, oversight efforts have not been focused on retail payments. It is possible that, as the Oversight Framework moves forward the Department may encounter jurisdictional issues with respect to certain functions. While those issues are beyond the scope of this summary, they are likely to be the subject of later debate and discussion.
Aside from jurisdictional issues, a functional regime can be challenging in and of itself. The success of such an approach hinges on the skillfulness with which each of the functions is selected and defined. Functions must be defined in a way that is both precise enough to be meaningful and flexible enough to be able to keep pace with rapid innovation.
It is also important to note that not all the proposed functions impact end users equally and therefore, not all aspects of the Oversight Framework would apply to the same degree across each function. For example, the Oversight Framework describes disclosure requirements for PSPs that engage with end users. However, what disclosure should look like will vary greatly across each function. As well, end users will often have a direct relationship with multiple entities for any one payment. For example, in an electronic, point-of-sale transaction, a consumer could have a direct relationship with a PSP, a merchant and a bank. How these multiple disclosures would be managed isn’t articulated in the Oversight Framework.
While the disclosure regime as contemplated by the Consultation Paper could be called cumbersome, the dispute resolution and complaint handling processes are more troubling. While a robust Oversight Framework requires at least some consideration of both measures to adequately protect consumers, as described in the Consultation Paper, it is likely that multiple and duplicative resolution bodies would end up reviewing a complaint arising from the same issue, payment error or consumer complaint. The Oversight Framework also introduces the use of an External Complaint Body (ECB), which a consumer can access if he or she has exhausted the internal dispute resolution process. However, who that ECB would be chosen, or whether it would be the same for all Oversight Framework participants (or if that is feasible) is unclear.
Rather than duplicating disclosure and dispute resolution requirements, the Oversight Framework should level the playing field and aid in standardizing documents and processes across the retail payments ecosystem, to the extent that such standardization is possible. Clear and transparent disclosures and dispute resolution procedures foster trust in payment systems, which, in turn, drive end-user adoption.
Bottom line:Disclosures and dispute resolution procedures will be important components of the Oversight Framework, but disclosure requirements should not be duplicative; similar payment products should attract similar types of disclosures, and a dispute resolution process that is fair, transparent and easy to navigate should be put in place.
(c) For most retail payments that are completed, the Oversight Framework will not be the only regulatory framework in place.
The Oversight Framework explicitly excludes a variety of different payments, notably the clearing and settlement of transactions made through systems designated under the Payment Clearing and Settlement Act2 (PCSA). For our purposes, these are systems operated by Payments Canada, such as the Large Value Transfer System (LVTS), the Automated Clearing and Settlement System (ACSS) – and either of their replacement systems, and eventually, a real-time payments system, should such a system also be designated as prominent under the PCSA.
Exactly what each of these systems do is less important to us than the fact that a large portion of retail payments will, at some point in their transaction flow, fall under the following Oversight Framework “exemption”:
The clearing and settlement of transactions made through systems designated under the Payment Clearing and Settlement Act.
Presumably what this statement means is that a payment could be both covered by the Oversight Framework and exempt, depending on its point in the transaction flow. For example, if Provision and Maintenance of a Payment Account and Payment Initiation are both functions that fall outside of clearing and settling through a designated system, then it appears as though the Oversight Framework would apply to those functions, while the rules for the designated system would apply to the portions of the transaction that are considered clearing and settlement.
This fragmentation raises a variety of interesting and complex questions for further discussion:
- How will the Oversight Framework and the designated system coordinate oversight responsibilities?
- Where will the lines be drawn between functions? While it is easy to imagine a payment flowing “through” a system, from a practical standpoint, that doesn’t always occur and there isn’t likely to be a bright light between the various functions. For example, Payments Canada’s rules have never been strictly relegated to clearing and settlement in the POS space and have often touched on aspects that directly relate to the end-user customer and could be considered Payment Initiation functions.
- On the opposite end of the spectrum, there is functionality that the Oversight Framework doesn’t contemplate, such as posting to customer accounts, which adds to the fragmented regulation of a retail payment.
- Finally, if a payment is made in a space that does not involve a designated system (for example, Visa, Mastercard, PayPal), then the entire payment is covered by the Oversight Framework, which gives very little information with respect to the functions of Authorization and Transmission and Clearing and Settlement. As written, the Oversight Framework cannot stand on its own to manage end-to-end risk for retail payments in non-designated systems without more detail on each of these functions.
Bottom Line: In spite of the name, there won’t be one unified Oversight Framework for retail payments. The same type of payment could be treated (from a regulatory perspective) in a different way, depending on what type of system that payment flows through. Moreover, a single payment could fall under more than one regulatory framework from end-to-end.
It is virtually impossible to imagine the operation of a payments system without a requirement for registration. Participants have to be tracked and identified in some manner. As such, comments received by the Department will likely focus on the nature of the registration requirements rather than the need for them at all.
Bottom line: To participate in a payments system, parties must be prepared to pass often rigorous registration requirements, which may vary in proportion to the risk they bring into the system.
(e) Adequate protection of end users and end-user funds can help drive adoption of new payment technology
Security and trust are two essential elements that drive the use of a payments system. If end users can’t be assured that their funds are securely held, available to them when they want them, and are protected from bankruptcy, legal and other claims, then they aren’t likely to choose new providers over incumbents.
Importantly, the consultation document proposes some measures to protect end-user funds, including setting up a trust account for safeguarding consumer funds and holding funds in a deposit-insured account held at a Canadian financial institution. While the Consultation Paper asks a few questions about these types of protection measures, we feel that it’s important to highlight two main points:
- Protection of end-user funds is a perennial concern in the retail payments space, particularly when the focus is on innovation. Because of the criticality of this issue, the Department is unlikely to consider lessening the proposed Oversight Framework safeguards, regardless of participant size or the value held in payment accounts.
- While the Oversight Framework endeavours to broaden participation in the payments system, safeguarding end-user funds will result in PSPs relying on traditional deposit-taking institutions’ willingness to provide them with trust accounts. It is easy to imagine tension in this type of relationship, even if it is required simply to manage risk.
Bottom line: End-user funds must be well-protected for a retail payment system to attract and maintain users, which are essential measures of success. Protection will require the participation of traditional deposit-taking financial institutions, which could result in tension between new entrants and traditional payments system participants.
(f) The interplay between tiering, innovation and competition
The Consultation Paper ties together the concepts of tiering with innovation and competition. With respect to tiering, the Department refers to the stringency of the regulatory measures and their applicability to smaller firms; firms that are less integrated into the payments system overall; or firms that pose less risk generally. If smaller firms are subjected to less-burdensome regulation, a barrier to entry into the retail payment market is removed, which, in turn, fosters innovation and increases competition.
Tiering can often make sense in theory. However, in practice, untiered schemes can be more appropriate in certain circumstances. As mentioned above, trust account requirements are likely not appropriate for tiering, while operational requirements may be more principles-based for smaller firms. Attention must be paid to mitigating risk, protecting consumers and fostering innovation in the retail payments space. It is notable that the Department of Finance is placing innovation and competition at the forefront of the regulatory framework, which could impact where that balance is struck.
Bottom line: The Oversight Framework will likely apply a spectrum of measures that range from high-level principles to prescriptive rules. How those measures will be calibrated remains to be seen and will have to balance the need for risk management with a desire to foster innovation and completion in the retail payments space.
5. We can help
The Canadian retail payments space is in the midst of dynamic and exciting times. From regulatory and legal perspectives, however, that same dynamism and excitement can breed uncertainty. At Dentons, we have extensive experience with payments law and policy and consumer protection issues. We would be pleased to provide you with guidance on the application and implications of the new Oversight Framework to your business. For more information, please contact Tracy Molino.