The Payment Services Directive 2015 (PSD2) has revolutionised financial services in the European Union by adding more transparency and greater data sharing among market participants. One of such innovations is open banking that allows for Third Party Providers (TPPs) to elevate access for payment service users via “Access-to-Account” or XS2A. The XS2A has two main uses- for supplying information and connecting a TPP to initiate payments on the instructions of the payment service user through such TPP. The latter TPP is known as a Payment Initiation Service Provider (a company with a so-called PISP license), which basically is a service enabling access to a user’s payment account to initiate the transfer of funds on their behalf with the user’s consent and authentication.
What is a Payment Initiation Service Provider (PISP)?
As briefly noted above, a Payment Initiation Service Provider (PISP) is a type of financial institution that provides a possibility of initiating payments on the accounts of the user held with other institutions. Differently from a closely related Account Information Service Provider (AISP) they can themselves allow for the user to perform actions that will lead to the transaction taking place.
Payment Initiation Service Providers (PISPs) are established in order to ease the use and access to the finances by the customers. They act as intermediaries that connect Account Servicing Payment Service Providers (ASPSPs) and provide consolidated access to the user’s payment accounts in one place by allowing them to easily execute payments. ASPSPs include banks, building societies, UK Payment Institutions (PIs), UK Electronic Money Institutions (EMIs) and credit card providers.
Examples of Payment Initiation Service Providers (PISPs)
PISPs can take a variety of different forms and can be complementary to the services offered by other financial institution. For instance, they can be Electronic Money Institutions that offer the possibility to initiate transactions from accounts that are held with other financial institutions. By doing so, they not only enhance the user experience but as well increase the use of their app. It incentivises the user to use other services offered by the same EMI even more. Another example would be a consolidation of payment acceptance via one PISP which would streamline online shopping for the merchant and its customers. In this case, payment via PISP could act instead of the conventional card transaction. By doing so, the costs for merchant would be reduced while the speed of transactions retained. These are just a couple of examples of how payment initiation services can function and in no manner it is an exhaustive list.
If we consider how the relationship of the parties looks like when speaking about traditional Payment Initiation Service Provider (PISP) involving online merchant and customer, it will look as follows:
Notably, payment initiation service is mostly a complimentary service that would supplement the offering of other financial service providers. At a minimum, it is advisable to have an account information service.
How to get a Payment Initiation Service Provider License (PISP license)?
After the adoption of the PSD2, payment initiation became one of the most promising services in terms of convenience for payment service users. Because of this reason and to fuel competition in the financial sector PISP require to be authorised by a national competent authority. Legally speaking there is no such thing as a PISP license and institution providing solely payment initiation services will be classified as a Payment Institution (or Authorised Payment Institution in the UK). It is not per se a separate type of authorisation, rather an additional service that is available for payment institutions. However, the PISP license can be considered as a separate type of license since different requirements apply to a Payment Institution authorised to provide only the payment initiation service.
Since this type of service includes a possibility to perform transactions on behalf of customers there are quite strict requirements for the institution wishing to become a PISP. As a bare minimum, it must have a concise risk management framework, knowledgeable management (who would be considered as fit and proper), and a detailed business concept. At least the following document package would need to be presented together with the authorisation application (depending on the business model):
Documents required for PISP
- Regulatory business plan;
- Financial model for 3 years;
- Programme of operations;
- IT risk management policy;
- AML/CTF policy;
- Financial crime prevention policy;
- Data protection policy;
- Statistical data collection policy;
- Incident reporting policy;
- Counterparty risk management policy;
- Complaints handling policy;
- Risk matrix;
- Business continuity plan;
- Internal audit policy;
- Terms and conditions.
Minimum capital and professional indemnity insurance for PISP license
When the firm wishes to provide only the payment initiation service and so to say get a PISP license, it is required to have at least EUR 50,000 as its initial capital. Additionally, PISPs are required to hold professional indemnity insurance or a comparable guarantee, which covers the territories in which the PISP offers the payment initiation service. Notably, the same guidelines prepared by EBA apply to the professional indemnity insurance calculation for PISP as those applicable to AISP. When calculating the amount of required professional indemnity insurance company must take into account:
- Risk profile;
- The type of activity;
- The size of activity.
EBA has indicated in their guidelines that the final formula looks as follows:
Minimum monetary amount of PII or comparable guarantee = Amount reflective of risk profile criterion + Amount reflective of type of activity criterion + Amount reflective of size of activity criterion
How are Payment Initiation Service Providers (PISPs) regulated?
Payment Initiation Service Providers are regulated under the PSD2 which is a directive of the EU. Because of the nature of such a type of legislative instrument, there will be national legislation in each member state that oversees the establishment and overall conduct of PISPs. In the UK they are regulated under the Payment Services Regulations 2017 that transposed the PSD2 into the national legislative framework. Furthermore, such legislation as anti-money laundering directives and data protection legislation is of due concern. They also have national equivalents in the member states or are consolidated as regulations at the supranational level with minor discrepancies stemming from national legislation clarifying certain points that are left for the discretion of member states. Apart from the aforementioned acts Payment Initiation Service Providers (PISPs) should consider national conduct of business and reporting requirements.
How PSP Lab can help?
The process of obtaining authorisation as a Payment Initiation Service Provider (PISP) can be tedious if you do not have a team of experts that can assist you with this process. Depending on the jurisdiction that you choose there will be specific considerations that must be taken into account. For instance, in some countries, it is a prerequisite to have a face-to-face meeting with a regulator or send documents via post to the regulatory authority. Luckily, you are in a right place. PSP Lab knows such twists and turns and can assist you with obtaining a license. Furthermore, we can help you to choose your modus operandi and streamline the processes even prior to the company becoming authorised. Reach out to us today in order to start with obtaining PISP License in the most convenient and timely manner.