THE CENTRAL BANK is looking to establish a regulatory framework for merchant payment acceptance activities for financial institutions looking to provide these services, a draft circular showed.
The proposed framework posted on the Bangko Sentral ng Pilipinas’ (BSP) website will create new sections in the Manual of Regulations for Payment Systems (MORPS) once finalized.
Stakeholders are given until Dec. 15 to give their feedback on the proposed circular.
The framework will cover BSP-supervised financial institutions (BSFIs) and nonfinancial institutions that conduct merchant payment acceptance activities in the Philippines.
Merchant payment acceptance activities are services that allow retailers to accept various payment instruments by collecting and processing the related transaction information.
Allowing merchants to accept different forms of payments from their customers will facilitate the smooth flow of funds in the economy and improve the adoption of digital payments, the central bank said.
“For digital payments to thrive, minimum standards and good practices to safeguard the funds received from customers of merchants and to protect the rights and interests of end-users (i.e., merchants, customers) that deals with entities that facilitate merchant payment acceptance must be established,” the BSP said.
The proposed framework will ensure that financial institutions will adopt appropriate governance structures and proper measures to manage risks to their business model, it said.
These risks include risks to settlement, operations, data protection, information technology (IT) and cybersecurity, anti-money laundering and countering terrorist and proliferation financing (AML/CTPF) and end-user protection.
The central bank also proposed a capital requirement for merchant acquirers or entities that directly or indirectly enable businesses to accept different payment instruments. These firms maintain relationships with payment schemes and card networks and settles funds accepted on behalf of retailers in accordance with a written agreement.
Under the draft rules, minimum capital for a large-scale merchant acquirer is at P20 million, while small-scale merchant acquirers should have a minimum capital of P5 million.
“As necessary, separate guidelines shall be issued to cover capital requirements for payment facilitators, payment gateways, and other entities conducting merchant payment acceptance activities, which may consider additional criteria other than aggregated inflow and outflow of transactions, such as number of merchants serviced,” the BSP said.
Under the framework, merchant acquirers and payment facilitators should complete funds settlement to both physical and e-commerce merchants after two days at the maximum.
“In the event that the period to transfer the collected funds is more than the agreed maximum number of days as stated above, a merchant acquirer or payment facilitator shall undertake risk-mitigating measures to ensure that liquid assets are insulated from risks,” the BSP said.
Entities that provide merchant payment acceptance services will also adopt a pricing mechanism that is reasonable, transparent, market-based and proportional to the costs of the services offered, it said.
In applying for license to conduct merchant payment acceptance activities, entities may need to secure an approval from the BSP. If an institution is granted a license, it is expected to comply with the operational standards and requirements in the MORPS.
“For an entity that intends to handle merchant onboarding and merchant payment processing, including transfer of funds to transaction accounts of merchants, it shall secure a Merchant Acquisition License with the appropriate department of the BSP,” it said.
“Covered BSFIs that provide merchant payment acceptance services as part of their normal or allowed business operations do not require a separate license from the Bangko Sentral,” the BSP said.
Financial institutions will also be expected to comply with AML/CTPF requirements as merchant acquirers and payment facilitators will be considered as covered persons under the Anti-Money Laundering Act.
“They shall maintain a proportionate system of verifying the true identity of their merchants and, in case of corporate clients, require a system of verifying their legal existence and organizational structure, as well as the authority and identification of all persons purporting to act on their behalf,” the central bank said.
Entities that offer merchant payment acceptance services should also design and implement IT risk management commensurate with their size, nature and types of products and services.
“There shall be a robust and effective information technology and fraud risk management framework and processes, including corresponding governance structures, and controls, to ensure financial stability, operational resilience, and consumer protection,” the BSP said. — Keisha B. Ta-asan