2. osborneclarke.com Private & Confidential
2
Agenda
• European payment services regulatory regime
– An overview - Objectives, Key measures and the 4-corner model
– Application to Mobile Payments - Different models
– Extension of scope of "payment services" - 'overlay' services
• Specific regulatory issues
• General observations
3. osborneclarke.com Private & Confidential
3
European payment services regulatory regime:
Objectives
Regulated field
of payment
services
Enhanced
competition
Greater
efficiency
Consumer
protection
Digital economy
4. osborneclarke.com Private & Confidential
4
European payment services regulatory regime:
Key measures
• Payment Services Directive (PSD)
• Second Electronic Money Directive (2EMD)
• Cross Border Payments Regulation
• Anti-Money Laundering Directive (MLD)
• Funds Transfers Regulation
• SEPA End Date Regulation
• Single Market Act (SMA II)
• EC's Green Paper: Towards an integrated European market for card, internet and mobile
payments
• EPC's White Paper: Mobile payments
• ECB's final recommendations on the security of internet payments (SecuRePay)
• Fourth Money Laundering Directive (4MLD)
5. osborneclarke.com Private & Confidential
5
European payment services regulatory regime:
Payment transactions – the four corner model
Payer Payee
Payer's PSP Payee's PSP
Sale of goods and services
Funds transfer
Framework
contract
Framework
contract
Payment
system
7. osborneclarke.com Private & Confidential
7
Mobile Payments – Different models
Broad term covering essentially 4 different models:
•Mobility (GPS; incentives)
•Purchasing service ('add to bill')
•Access/authentication ('remote payments' - mobile banking;
money remittance)
•Mobile phone as a payment instrument ('contactless' –
NFC: stickers, secure element provisioned)
8. osborneclarke.com Private & Confidential
8
Mobile Payments – Access/Authentication
Mobile phone as initiator
Payer Payee
Payer's PSP Payee's PSP
Sale of goods and services
Customer
Ts&Cs
Payment
system
Mobile App
Ts&Cs
Token
generator
Customer
Ts&Cs
Mobile App
Ts&Cs
9. osborneclarke.com Private & Confidential
9
Mobile Payments – Access/Authentication
Mobile phone as initiator and number as proxy
Payer Payee
Payer's PSP Payee's PSP
Sale of goods and services
Customer
Ts&Cs
Payment
system
Mobile App
Ts&Cs
Mobile phone
number proxy
database
Customer
Ts&Cs
Mobile App
Ts&Cs
10. osborneclarke.com Private & Confidential
10
European payment services regulatory regime:
Extension of scope of "payment services" to 'overlay'
services
• 3 types of 'overlay' services:
– services to aid authorisation/authentication (eg mobile phones, tokens, etc)
– services enabling access to payment accounts (eg for data aggregation)
– services enabling payment initiation
• Currently, TSPs (technical service providers) are exempt from PSD as they
do not enter into possession of the funds to be transferred
• Proposal to extend regulation to PAAS (Payment Account Access Services)
and PAIS (Payment Account Initiation Services)
• Why? Regulation can achieve harmonisation, enhance competition,
encourage the digital economy and provide appropriate user protection
• But? Different scenarios, each with a complex set of arrangements
12. osborneclarke.com Private & Confidential
12
Mobile Payments – Specific regulatory issues (1)
Payment services
• FI will hold regulatory licence and card scheme membership
• FI has core relationship with regulators and card schemes
• FI ultimately bears regulatory and legal risk; both parties reputational risk
• Typically Brand/MNO procures services but is distributing FI's
product/services
• Brand/MNO's role (including in distribution) may require it to be authorised
• Regulatory change (including of interpretation) is constant
• FI, not Brand/MNO, has contract with Customer
• Brand/MNO may nonetheless wish to 'own' Customer
• Roll-out across jurisdictions requires local advice
13. osborneclarke.com Private & Confidential
13
Mobile Payments – Specific regulatory issues (2)
General
• Customer lifecycle:
– Promotion
– Customer acceptance, including AML/KYC
– Funds flows – loading and redemption channels
– Complaints and claims handling
– Lost & stolen mobile phones
• Confidentiality - Data protection – Security
• Security
• Termination: Meaning? Exit assistance; Migration
14. osborneclarke.com Private & Confidential
14
Mobile Payments – Specific regulatory issues (3)
Data protection
• Key questions include:
– Who collects what data and when?
– Who is the data controller or data processor?
– What is the data – cardholder, transaction, activity, geo-location?
• Both FI and Brand/MNO need to use the same personal data for different
purposes
• Both have legal responsibilities for the same personal data
• Brand/MNO may wish to 'own' Customer, even though contract is with FI
• Meaning of 'ownership'
• Differences in local law and lack of legal certainty on key issues
15. osborneclarke.com Private & Confidential
15
Mobile Payments – General observations
• Convergence of:
– Financial services and digital businesses (including telecoms), each with different
regulatory regimes and sensitivities (eg security; lost and stolen; DP; VAT)
– Electronic funds transfers and card transactions (esp. online POS)
• Technological advances are enabling an accelerating rate of change in
payments; conversely, technology challenges also
• Increasing diversity of payment initiation, authentication, authorisation and
execution methods
16. Private & Confidentialosborneclarke.com
16
Contact details
Paul Anning is head of European law
firm, Osborne Clarke's Financial
Institutions Group and a specialist
financial services lawyer. Paul has
market leading experience and
expertise in the payments industry
where he has guided clients through
new product development, regulatory
change and transformational projects,
such as the creation of the UK's
Payments Council (which sets the
strategy for UK payments), the merger
creating VocaLink (the UK’s largest
payments processor), the UK's first
NFC enabled stored value mobile
payment solution (QuickTap) and the
acquisition of one of Europe's leading
prepaid card issuers.
Paul is well versed in the complexities
of the payments industry's network
arrangements. He also has a deep
knowledge of legal and regulatory
developments affecting the payments
industry, including key European
developments such as SEPA, PSD and
the 2EMD.
Paul and the Osborne Clarke Payments
team act for a range of clients from
infrastructure providers and traditional
credit institutions and GTS businesses
through to electronic money issuers and
corporates and retailers (including on
corporate card and co-branded
arrangements). Their Payments
practice is recognized externally as top-
tier ranking, with commentary such as -
"Osborne Clarke is one of the leading
practices working in the payments
services sphere" and in July 2012 an
award for "TMT Team of the Year 2012"
at The Lawyer Awards for their work on
Everything Everywhere and
Barclaycard's QuickTap product.
Paul Anning
Partner and head of Financial Institutions Group
T+44 (0) 20 7105 7446
paul.anning@osborneclarke.com
"A fabulous, full-
service firm stuffed
with bright and
efficient people"
Chambers UK
"Osborne Clarke is one of the leading practices
working in the payments services sphere"
Chambers UK