After extensive discussions, Azerbaijan's National Assembly officially passed the Payment Services and Payment Systems Law (the “Law”) on July 14th, 2023. This landmark legislation introduces a fresh regulatory framework governing payment services, payment systems, and the burgeoning fintech sector within Azerbaijan. The new Law also enforces more rigorous requirements for participants in the payments market.
Commencing its effect on October 14th, 2023, the Law mandates payment service providers (“PSPs”) including payment institutions (“PIs”) and e-money institutions (“EMIs”), as well as payment system operators (“PSOs”), banks, and non-bank credit institutions to align their operations with the Law's provisions by April 14th, 2024. This includes obtaining the required licenses or completing the obligatory registration process.
In this Article, we outline the core principles, prominent features, and potential impacts of this pivotal Law.
EXECUTIVE SUMMARY OF CERTAIN STEPS TO TAKE
Here are some points concerning certain actions to be taken by market players in order to comply with the Law:
The regulated entities (non-bank PSPs, PSOs, banks and non-bank credit institutions) must undertake all essential legal and technical measures to ensure the legitimacy of their businesses and minimize legal vulnerabilities by April 14th, 2024.
Capital and corporate requisites are among the first to consider. Private non-bank PSPs currently in operation shall fulfil capital requirements set by the Central Bank. Furthermore, it is imperative to appoint heads and managers possessing the required qualifications and ascertain that the qualifying shareholders and ultimate beneficiary owners align with the Law’s provisions.
Non-bank PSPs must obtain the required licenses by April 14th, 2024, otherwise, they will be ineligible to offer payment services. Additionally, entities planning to engage in PSO activities need to initiate the application process for the relevant license.
Subsequent actions to be taken encompass the reassessment of legal foundations and business operations. Given that the Law constrains the range of activities permissible for PSPs, they need to focus solely on the payment services and the other permitted activities.
Other pivotal measures are related to technical infrastructure. The PSPs need to recheck and enhance their technical capabilities, including developing new software and applications, using advanced technological solutions, and so on, to ensure the safety and sustainability of payment transactions, impeccable payment authorization, strong customer authentication and the protection of customer data. They may also need to automatize the contract conclusion process and further interactions with users in a way that the Law demands.
Now, let’s dive a bit deeper to get acquainted with the aims and contents of the new Law:
THE MAIN URGES AND IDEAS BEHIND THE LAW
Before the enactment of the Law, the Central Bank had implemented specific regulations pertaining to payment cards, processing activities, and both centralized and instant payment systems. Despite this, non-bank PSPs operating in Azerbaijan lacked a dedicated regulatory framework.
While credit card utilization, the use of online payment applications, and the funds circulating through payment instruments were on the rise, the absence of regulation used to result in inadequate user protection, limited security of payment methods and personal data, ambiguous interactions among PIs, EMIs, banks, and customers, and additional challenges. There was a need to keep the legislation up with recent technological advances in the field of fintech. Moreover, concerns about possible money laundering and terrorism financing practices using payment technologies were prevalent.
These issues prompted the necessity for a new legislative measure to define the legal status of PIs, EMIs, and PSOs. Based on the open banking conception, the new Law aims to establish a robust legal structure for payment services and systems, outlines the extent of payment services, enhances safeguards for customers, and guarantees transparency and stability within the payments realm.
CORE IMPLICATIONS OF THE LAW
Below are the attention-grabbing features of the Law:
- The scope of payment services – The regulated payment services encompass activities like inflow and outflow transactions through payment accounts, transactions via credit transfers, direct debits, credit cards, or similar payment instruments, issuance and utilization of payment instruments, money transfers, e-money issuance and transactions, payment initiation services, and account information services.
However, the scope of payment services excludes certain transaction types, namely cash currency exchanges, cash payments directly paid to recipients, transactions utilizing payment instruments exclusively for purchasing goods and services from the issuer's establishment, payment activities involving letters of credit, promissory notes, cheques, documentary collections, and so on. For instance, discount or bonus cards provided by certain stores do not fall within the Law's purview, thus exempting such stores from specific provisions designated for PSPs.
- PSPs and PIs – The entities authorized to offer regulated payment services are exclusively the Central Bank, Azerpost, banks, non-bank credit organizations, as well as duly licensed PIs and EMIs. While banks do not need a specific license to engage in these payment services, they are required to inform the Central Bank in advance about activities involving e-money issuance, transactions via e-money, and payment initiation and account information services. Non-bank credit organizations are permitted to provide payment services, excluding e-money, payment initiation, and account information services, specifically for loan-related purposes.
PIs refer to licensed non-bank PSPs, which may be Azerbaijan-based companies or the Azerbaijani branches of foreign entities, engaging in various payment services except for e-money-related services. These entities must possess an adequate capital amount that doesn't fall below the thresholds set by the Central Bank. PIs solely offering account information services are not obliged to hold licenses but are required to undergo registration with the Central Bank. In general, PSPs are allowed to establish their branches abroad or cooperate with foreign PSPs by notifying the Central Bank.
The Law establishes precise criteria for qualifying shareholders who possess at least a ten per cent share in PIs, EMIs, and PSOs as well as their ultimate beneficiary owners. Additionally, it determines eligibility qualifications for the leaders of executive bodies within PSPs and PSOs.
- EMIs and specific requirements – Apart from Azerpost and banks, only EMIs licensed by the Central Bank are authorized to issue e-money and conduct transactions using e-money. These EMIs have the capability to establish payment accounts for users. In practical terms, EMIs can provide customers with card-based or application-based e-money, enabling users to utilize it for diverse payments. It is important to note that e-money, as regulated by the Law, is distinct from cryptocurrencies, with its function as a digital equivalent of national currencies.
EMIs bear the responsibility of safeguarding funds deposited in the customers’ payment accounts by means of depositing them in dedicated bank accounts, obtaining insurance coverage, securing bank guarantees, or investing in low-risk assets. They are prohibited from issuing loans utilizing these deposited funds. Moreover, EMIs are obligated to furnish users with comprehensive information regarding service terms, conditions, fees, security measures, personalized security data, and other relevant particulars. Users retain the right to request the remaining balance of funds held in e-money payment accounts.
- Payment systems and PSOs – Before the Law, the authority to establish and operate multi-party money transfer systems, labelled as "payment systems," was vested solely in the Central Bank. As an illustration, the Central Bank introduced notable systems like the Real Time Gross Settlement System (AZIPS), the Instant Payment System (IPS), the Interbank Card System (ICC), and similar initiatives.
Under the new Law, a PSO, which could be either the Central Bank or a licensed legal entity, may establish a payment system. To achieve this, the PSO enters into an agreement with a minimum of three participants and formulates regulations governing the functioning of the payment system. The process of settlements among system participants occurs via their accounts held at either the Central Bank or a licensed bank functioning as a settlement agent.
The Law prescribes specific obligations related to capital, technical security, internal oversight, and risk management for PSOs, alongside stipulating prerequisites for education, experience, and criminal background of their managerial personnel. Furthermore, the provisions applicable to qualifying shareholders of PSPs are equally extended to respective shareholders of PSOs.
- Licensing and registration – The recent Law outlines the procedures for obtaining licenses by PSPs and PSOs, as well as the registration process specifically designed for PIs offering account information services. These processes are overseen and managed by the Central Bank.
- Customer Contracts – PSPs typically establish agreements, often in electronic form, with users before delivering payment services. The new Law imposes an obligation on PSPs to provide users with pertinent information, including details about the PSP, license specifics, and service-related particulars like unique identification codes, service charges, rates, contact details, and security information. This information is to be made available to users prior to the contract formation, without incurring any fees.
PSPs have the option to modify contract terms by giving a 30-day notice in advance; however, they retain the right to immediately apply new exchange rates without adhering to the notice period. Regarding unilateral termination by users, PSPs can set a maximum notification period of one month, free of charge. Upon termination, PSPs are mandated to reimburse users with the remaining funds in their payment accounts after deducting any unpaid service fees.
- Payment Transactions – PSPs may handle payment orders either directly or through payment initiation service providers. The Law mandates PSPs to furnish payers with all pertinent information both prior to and after the payment transactions. They are obligated to accept authorized payment orders and execute them no later than the end of the subsequent business day. Furthermore, the Law outlines PSPs' responsibilities towards users for erroneous payments and lays out conditions under which payers can revoke payments.
PSPs are also required to supply users with account information and apply strong customer authentication for electronic or online payments and transactions that carry fraud or misuse risks. In scenarios involving unauthorized payments from lost or stolen payment instruments, the liability of PSPs is capped at AZN 100, unless certain specified circumstances apply. Additionally, the Law grants PSPs the authority to temporarily suspend payment account activity for security reasons, fraud prevention, or in cases where users may default on loan payments.
- Transparency, accountability and supervision – PSPs, with the exception of payment initiation and account information service providers, are obligated to adhere to Azerbaijani laws concerning the prevention of money laundering, terrorist financing, targeted financial sanctions, and currency regulations. PSPs and PSOs are also compelled to promptly notify the Central Bank about any transaction or security incidents.
Annual and consolidated financial reports from both PSPs and PSOs are to be submitted to the Central Bank. Furthermore, the Law mandates these reports to be subjected to annual independent audits.
In ensuring PSPs' accountability to their customers, the Law mandates a seven-business-day timeframe for the examination of customer complaints, followed by communication of the findings to the customer.
The Central Bank maintains oversight over the operations of PSPs and PSOs. It possesses the authority to establish upper limits for interchange rates within payment systems and impose additional requirements on market participants. If instances of non-compliance with regulations are identified, the Central Bank holds the power to limit payment services from specific PSPs, terminate branch activities, mandate the removal of payment system participants violating regulations, or apply other corrective and preventive measures.
Furthermore, the Law introduces a regulatory sandbox tailored for innovative products and services within the domain of payment services. The duration of this sandbox cannot exceed five years.
You may access the full text of the Law via https://e-qanun.az/framework/54872
Relying on its extensive expertise and knowledge in the financial services sector, VLM and Partners stand ready to provide legal assistance in ensuring compliance with the provisions set forth by the Law.
For further details, you may contact us via vlm@vlm-az.com
Note: The Article above is merely for informatory purposes and does not, and is not intended to, constitute legal advice.