Global menu

Our global pages


Payment Matters

  • United Kingdom
  • Financial services - Payment services


1. FCA updates on regulatory sandbox

15 June 2017 saw the update of the FCA’s regulatory sandbox webpage. Established as part of the FCA’s Project Innovate, the sandbox is a supervised space, open to both authorised and unauthorised firms, that provides firms with:

• reduced time-to-market at potentially lower cost;

• appropriate consumer protection safeguards built in to new products and services; and

• better access to finance.

The tools available through the sandbox include restricted authorisation, individual guidance, waivers and no enforcement action letters. The sandbox offers a space for firms to pilot innovative products and services in a live environment and particularly, testing how these ideas will fit in with existing frameworks.

What this means for you

The sandbox was open to initial applications in May 2016 and again for a second cohort closing earlier this year. The update provides some detail about these applicants. The FCA also announces that a third opening is now underway running until 31 July 2017.

2. PSR seeks input from payment service providers on authorised push payment scams

The Payment Services Regulator (PSR) issued a call for input from PSPs on 16 May 2017, seeking feedback to guide its work on authorised push payment (APP) scams following on from the publication of its final terms of reference in March. The document requests comments on whether it would be effective and proportionate for payment system operators to have a more significant role in reducing the damage to consumers caused by such APP scams.

What this means for you

The PSR is interested in reducing consumer harm from APP scams both by preventing APP scams in the first place and ensuring there is an effective response when APP scams are reported. The PSR has indicated that it is particularly interested in hearing from operators on:

• actions that operators could take directly themselves, such as the development of new capabilities into the central payment system technical infrastructure; and

• actions that operators could take to place additional requirements or responsibilities on PSPs that use the system in question.

The call for input will close on 30 June 2017. The PSR has requested any input to be sent by email to or by post to APP scams project team, Payment Systems Regulator Limited, 25 The North Colonnade, Canary Wharf, London E14 5HS

3. Mastercard and Visa face further action over fees

A new legal action has been launched against MasterCard and Visa in relation to alleged losses from the fixing of multilateral interchange fees. The action is seeking up to £300m in damages, although this is expected to rise as more firms are added to the action. This is another stage in a long-running row over processing fees in which large companies such as Tesco and Sainsbury’s, among others, have recently received settlements on.

What this means for you

Claimant firms are expected to begin issuing their claims in the Courts over the coming month. We will provide an update in a later edition once there has been further developments.

4. FCA criticised for PSD complaint handling

On 26 May 2017 the Office of the Complaints Commissioner (OCC) published a letter sent in response to a complaint earlier that month from a small business. The OCC’s response criticised the FCA’s handling of a Payment Services Directive (PSD) implementation complaint.

The complainant made contact with the FCA in June 2016 alleging that the intended acceleration of bank payment processing of bulk payments under the PSD had not been achieved. The complainant maintained that this still took 3 days through BACS and that the FCA condoned this situation. The FCA responded in January to confirm that this complaint had not been upheld because the payment is both credited and debited on day 3 of the BACS process and therefore, the BACS system is compliant with the PSD.

The OCC criticised the FCA’s response to the complaint for not providing sufficient information and found that the regulator also failed to ensure the complainant was updated as to the status of the complaint. The OCC requested the FCA to apologise and awarded £150 for the complainant’s time and trouble in pursuing the complaint and the inconvenience caused by the delays.

What this means for you

In relation to the substantive issue, the OCC considered the use of BACS to be compliant with the PSD, in line with the circumstances set out in the FCA’s Approach Document, stating that a BACS payment may be classed as a “future dated payment” i.e. day 3 of the BACS process is the future date on which the payment takes place. The OCC recognised that this response left the complainant without a substantive resolution as there is currently no alternative product which achieves quicker processing of bulk payments.

5. A focus on payments data report published

On 30 May 2017 Payments UK published a report entitled Changing Payments Landscape: A Focus on Payments Data. The report examines the drivers of change for the industry focusing on ethical, privacy, security and data protection issues. It also looks at the basics as to why data is so important to payments.

Data is fundamental to the payments process and many of the ongoing developments such as open banking and PSD2 are, in essence, about sharing data and maximising its potential so collaboration is seen as key moving forward. The report explores this and related issues to help inform the industry debate on the use and storage of data to ensure that the balance of security and unlocking the potential of data is achieved.

What this means for you

The report considers the different ways in which data will evolve over the coming years, such as:

• PSD2 will give customers more freedom to enable third party providers to access their online accounts (Jan 2018);

• Launch of an open Application Programming Interface (API) standard for banking (Jan 2018);

• The General Data Protection Regulation (replacing the Data Protection Act 1998) will apply (May 2018);

• Confirmation of Payee due to be introduced in the UK (2018);

• The EBA Regulatory Technical Standards on Strong Customer Authentication and Secure Communication will apply (2018/19); and

• Automated payment volumes are forecast to grow to 9.2billion (2025)

Given the rapid developments in payment data, organisations should be looking at ways to respond to these developments by re-evaluating their existing payment data systems.

6. EBA looks at role of distributed ledgers in international payments

The European Banking Authority (EBA) published a report on 22 May 2017 considering the benefits and options for cryptotechnologies for international payments. The report was produced by the EBA’s Working Group on Cryptotechnologies (WGC). The WGC is a collection of experts from the EBA drawn together to investigate business models for distributed ledger technology in relation to payments and transaction banking.

José Vicente, Chair of the WGC said:

“Our information paper shows how this technology could support industry players in meeting user expectations regarding speed, transparency and cost. We strongly believe that collaborative initiatives in this area, in particular, could unlock significant value for payment service providers and their customers.”

What this means for you

The report presents analysis exploring the opportunities for PSPs utilising distributed ledger technology through:

• lower operating costs;

• modernisation of the international payments value chain; and

• maintaining compliance with key regulatory requirements across worldwide markets.

Additionally, the report sets out some specific use cases such as distributed KYC registries and low-value P2P/B2C payments.

The Group is set to continue its work and will be focusing on evaluating implementation scenarios for international payments and examining security issues in the use of cryptotechnologies.

7. CMA consults on rules and guidance for regulated payment systems appeals

The Competition and Markets Authority (CMA) launched a consultation on the draft rules and guidance of procedure to govern appeals that may be made to the CMA under section 79 of the Financial Services (Banking Reform) Act 2013. The draft guidance is designed to assist participants involved in making an appeal.

Section 79 applies to certain decisions made by the Payment Systems Regulator (PSR) under the Act which, in certain circumstances, are appealable to the CMA by any person who is affected by the decision (CMA-appealable decisions).

The CMA may allow appeals if it is satisfied that the PSR’s decision was wrong on one or more of the following grounds:

• That the PSR failed properly to have regard to, or give appropriate weight to, the matters to which the PSR must have regard, in the carrying out of its functions;

• That the decision was based, wholly or partly, on an error of fact; or

• That the decision was wrong in law.

Where the CMA allows an appeal, it must quash the decision and may refer the matter back to the PSR with a direction to reconsider and make a new decision in accordance with its ruling, or substitute the CMA’s decision for that of the PSR.

What this means for you

The CMA is seeking comments from both individuals and organisations on its draft rules and guidance. The consultation is now open and will draw to a close at 17:00 on 12 July 2017. Responses should be sent either by email to or by post to The Regulatory Appeals Team, Competition and Markets Authority, Victoria House, 37 Southampton Row, London WC1B 4AD.

8. PSR outlines next steps for competition in payment systems infrastructure

Following a review published in December 2016 the Payment Systems Regulator issued a final decision outlining reforms to the UK payment systems infrastructure on 20 June 2017.

Last year’s review discovered a lack of effective competition in the provision of central infrastructure for BACS, Faster Payments and LINK, the main retail payment systems. The PSR confirms that the following remedies are to be implemented to ensure improved innovation for customers:

• that all future central infrastructure contracts must be subject to a competitive procurement process; and

• BACS and Faster Payments will adopt a common international messaging standard.

What this means for you

The aim of these changes is to deliver fair, open and transparent procurement of central payment systems infrastructure and lower barriers to encourage more new entrants, particularly technology providers, to the market which, in turn, will drive new and innovative products and services.

The PSR expects industry to begin preparations for its procurement exercises straightaway so that benefits, for users of payments systems, including consumers, can be seen from 2020. Faster Payments has also already adopted common messaging standards.

9. Draft PSD2 regulatory standards to be amended

The European Commission has written to the European Banking Authority, confirming that it has made amendments to the EBA’s draft regulatory standards on strong consumer authentication and secure open standards of communication.

The substantive changes suggested by the European Commission include:

• the inclusion of independent auditing of the security measures in cases where the transaction risk analysis exemption is applied in accordance with Article 16 of PSD2;

• a new exemption to the application of strong customer authentication for certain corporate payments using dedicated payment processes or protocols which already achieve the high levels of security of payments aimed for by PSD2;

• the introduction of direct fraud reporting to the European Banking Authority by payment service providers; and

• contingency measures in case of unavailability or inadequate performance of the dedicated communication interface

The updated draft regulatory standard was attached to the European Commission’s letter, available here.

What this means for you

The European Banking Authority is expected to respond in due course and it is likely that the EBA will issue a new version of the regulatory standards on strong customer authentication and secure open standards of communication.

In the meantime, implementation work should be underway to analyse how your existing processes compare to the EBA RTS requirements. Payment service providers must identify where new processes need to be built to comply as certain RTS requirements may take a significant amount of time to implement. If you would like assistance with your analysis of the RTS, please contact Richard Jones.

10. Industry pushes back on the Polish authority’s plans to implement PSD2

FinTech companies and associations, operating across Poland, have come together to lobby against the Polish Ministry of Finance to change the transposing draft law. In particular, companies have said the three month timescale for third party payment providers (i.e. account information and payment initiation service providers) to be authorised by the Financial Supervision Authority is too short and should be extended to a minimum of 6 months. They have also criticised the introduction of a limit regarding the funds which third party payment providers can hold per user.

What this means for you

As we have previously reported, there have been ongoing discussions and concerns regarding the regulation of payment initiation and account information service providers and this demonstrates that similar issues are being considered in various European jurisdictions. If you have operations in Poland, you should, therefore, closely monitor the outcome of the consultation, including the consultation response which should be published by the Ministry of Finance.

11. Industry responds to the European Commission’s consultation on FinTech

The British Bankers’ Association (BBA) and Payments UK (PUK) have issued a joint response to the European Commission’s consultation ‘FinTech: A more competitive and innovative European financial sector’. The BBA and Payments UK broadly welcome the European Commission’s initiative, although they warn that due to the extensive amount of work progressing at pace across the EU, there is a risk of duplication and error if there is not proper co-ordination.

We are also aware that the European Securities and Markets Association (ESMA) has responded to the consultation, similarly welcoming the initiative but commenting that it is important that the necessary business models all support improving the consumer experience and develop financial inclusion.

The consultation has since closed on 15 June and we are waiting on the European Commission to issue a response. You can access the published a copy of the consultation and the responses on the European Commission’s website here.

What this means for you

As we have previously reported, there have been ongoing tensions and concerns regarding the mandatory PSD2 objectives of enhancing security, competition, fostering innovation and providing consumers with choice. We, therefore, recommend that you monitor the outcome of this consultation closely to identify the European Commission’s plans regarding the promotion of fin-tech companies and innovation within the European financial sector.