September 2018

Review of Retail Payments Regulation: Stored-value Facilities

An Issues Paper by the Council of Financial Regulators

Download the complete Report [860KB]

Request for feedback and comments

Interested parties are invited to comment on any or all of the issues raised in this paper by 19 October 2018. The Council of Financial Regulators (CFR) will also consider submissions on relevant aspects of retail payments regulation made in response to recent government inquiries.

While submissions may be lodged electronically or by post, electronic lodgement is strongly preferred. Please email responses in a Word or RTF format. An additional PDF may also be submitted.

Submissions should include the name of your organisation (or your name if the submission is made as an individual) and contact details for the submission, including an email address and contact telephone number where available.

Publication of submissions

All information (including name and contact details) contained in submissions will be made available to the public on the CFR website, unless you indicate that you would like all or part of your submission to remain in confidence. Automatically generated confidentiality statements in emails do not suffice for this purpose. Respondents who would like part of their submission to remain in confidence should provide this information clearly marked as such in a separate attachment. Any future request made under the Freedom of Information Act 1982 for a submission to be made available where it is marked ‘confidential’ will be determined in accordance with that Act.

Further consultation process

This review will inform CFR recommendations to the government on the regulatory framework for stored-value facilities and, potentially, a number of other areas relevant to the regulation of retail payments service providers that may have room for improvement. It is expected that interested parties will have further opportunity to comment on any specific changes to regulation administered by relevant agencies that may arise from the recommendations of this review.

1. Introduction

The main elements of the framework for Australian retail payments regulation were established following the recommendations of the Wallis Inquiry in the late 1990s. The Final Report of the 2014 Financial System Inquiry (FSI) concluded that the arrangements for payments system regulation had generally served Australia well, although there was room for improvement with regard to aspects of the framework for regulating participants in the retail payments system. A particular focus of the FSI was the arrangements for regulating purchased payment facilities (PPFs) – a category of stored-value facilities – which were viewed by the FSI as complex and subject to potential regulatory overlap. The report from the Productivity Commission's Inquiry into Competition in the Australian Financial System (PC Report) was published in August 2018 and recommended that the Council of Financial Regulators (CFR) review the regulatory framework for PPFs.

In this context, the CFR is reviewing the regulatory regime for stored-value facilities in Australia. Stored-value facilities potentially encompass a wider range of facilities – in which stored funds are used to make payments – than PPFs, which were defined as a specific category of stored-value facilities in 1998.[1] While the focus of the review is on the regulation of stored-value facilities, it will also consider the operation of a number of other areas relevant to the regulation of retail payments service providers that may have the potential to be improved or clarified.[2]

In broad terms, the review has the following objectives:

  • to identify opportunities to simplify the regulatory framework for stored-value facilities
  • to ensure that regulation does not pose an undue obstacle to innovation and competition, while maintaining appropriate levels of consumer protection and system-wide safety
  • to identify any changes necessary to enable regulation to adapt to recent and prospective developments in the payments market, including those associated with advances in technology and new participants
  • to identify opportunities to improve the ‘competitive neutrality’ of regulation
  • to improve the transparency and clarity of regulation, from the perspective of regulated entities, potential new entrants, and consumers and other users.

This Issues Paper provides further background and discusses the particular issues on which the CFR is seeking stakeholders' views; these are outlined in the ‘Issues for Consultation’ section. Interested parties are invited to make submissions on these issues or any other matters they consider to be relevant to the regulation of stored-value facilities. The review will also consider submissions on aspects of retail payments regulation within the scope of this review made in response to the FSI and the Productivity Commission Inquiry into Competition in the Australian Financial System. It is expected that any specific changes that arise from the recommendations of this review will be subject to further consultation by the relevant agencies.

2. Regulation of Stored-value Facilities

Australian Regulatory Arrangements

The Wallis Inquiry established the main elements of Australia's financial regulatory framework, based on the principle of ‘functional’ – as opposed to ‘entity-specific’ – regulation. In broad terms, the Australian Prudential Regulation Authority (APRA) is responsible for prudential regulation; the Australian Securities and Investments Commission (ASIC) is responsible for market conduct and elements of consumer protection; and the Reserve Bank of Australia (RBA) regulates the payments system and oversees the stability of the financial system as a whole. Each of these agencies has particular responsibilities in relation to participants in the payments system. Within this framework, the regulation of PPFs, in particular, has been identified as an area of complexity and potential regulatory overlap (see ‘Recommendations of Recent Inquiries’ section).

PPFs are facilities that enable funds to be stored in the facility for the purpose of making future payments. This potentially includes a range of payment products in which funds are prepaid and the facility maintains a ‘float’ of stored value for making payments. Prepaid products that are small and/or have a limited purpose – such as store cards that can only be used at a limited number of merchants – are typically exempted from many regulatory requirements.

At the time of the Wallis Inquiry, it was anticipated that the development of stored-value cards and ‘smart’ cards would begin to displace cash and ‘traditional’ payment cards (i.e. credit and debit cards) over the ensuing years. It was also thought that new participants outside the regulatory perimeter might offer these facilities. The focus on stored-value facilities was likely influenced by a number of initiatives which were piloted during the 1990s.[3] While these types of products did not take off as envisaged by the Wallis Inquiry, there has been increased attention in recent years on the potential for this segment of the market to grow as new types of electronic facilities emerge and the range of payment services offered expands.

In countries such as China, for example, mobile wallet services like AliPay and WeChat Pay have become very popular. These services enable users to make payments with funds loaded into the facility, as well as to access a range of other financial services (e.g. interest-bearing asset management products, crowdfunding and credit). In Australia, PayPal is the only APRA-regulated PPF provider. PayPal's core business enables a sender and a receiver to be parties to an online payment using existing payment instruments such as credit cards, debit cards and bank accounts.[4] Customers can also hold stored balance in their PayPal account and can choose to withdraw those funds to a linked bank account, pay for goods and services, or make peer-to-peer transactions within the PayPal network. No interest is paid on customers' PayPal balance. PayPal offers working capital loans to domestic businesses that have ‘a strong PayPal sales history’ via a related company that is a Registered Financial Corporation. In some other jurisdictions, there are PayPal-branded customer credit facilities.

Regulatory arrangements for PPFs have undergone a number of changes since they were introduced following the Wallis Inquiry. Initially, the RBA's Payments System Board was given responsibility for PPFs that were not offered by authorised deposit-taking institutions (ADIs), partly reflecting the view of the Inquiry that stored-value facilities would become a more prominent part of the financial system.[5] Responsibility for ‘widely available’ facilities, where the funds are redeemable on demand in Australian currency, was subsequently moved to APRA in the early 2000s on the basis that the money held in these facilities was similar to a bank deposit.[6] Another regulatory change in the early 2000s was that ASIC was given explicit responsibility for the financial services licensing, conduct and disclosure regime in relation to non-cash payment (NCP) facilities, a broader class of entities which includes PPFs.[7] Accordingly, ASIC, APRA and the RBA all now have regulatory roles in relation to PPFs, depending on the size and nature of the facility, and the risks being addressed (Figure 1).

  • APRA is responsible for supervising PPF providers that have payment obligations over $10 million (with deposit-like features) which are redeemable in Australian currency and are ‘widely available’ (more than 50 users). Providers of these facilities are deemed to be conducting ‘banking business’ under the Banking Regulations 2016, and are authorised and supervised by APRA as a special class of ADI.[8]
  • The RBA has regulatory responsibility for all other (non-ADI) PPF providers – i.e. those that are not widely available or redeemable in Australian currency – and is required to authorise or exempt non-ADI PPF providers from regulation. To date, the RBA has not authorised any PPF providers because the facilities that have been established have been relatively small and/or limited purpose. The RBA has granted class exemptions for certain low-value and limited purpose facilities.[9]
  • ASIC's responsibilities in relation to payments products – which includes stored-value facilities – form part of its broader responsibilities for administering the Australian financial services (AFS) licensing framework, as well as the consumer protections from the Australian Consumer Law which are replicated in the Australian Securities and Investments Commission Act 2001.

    ASIC takes a flexible approach to administering its obligations in relation to payments products, including granting exemptions for low-value facilities in which: funds held by any one client are not more than $1,000; total stored value held by all clients in the same facility is less than $10 million;[10] and the facility is not part of another financial product. Exemptions to some aspects of ASIC's financial services regime have also been granted for gift vouchers and gift cards, prepaid mobile phone accounts, loyalty schemes and electronic road toll devices.

Figure 1
Figure 1: Purchased Payment Facility Regulatory Framework

As noted above, at the time the current regulatory framework was put in place in the late 1990s, stored-value facilities were an emerging product offering. More recently, there has been a considerable expansion in the types of payment services available for consumers and businesses, including those that facilitate online transactions (e.g. cross-border purchasing/selling, payment after delivery and domestic mobile transactions). As discussed further in the ‘Issues for Consultation’ section, consideration of future regulatory arrangements will need to reflect newer and emerging products and services.

International Context

A number of jurisdictions have recently made changes to, or are currently reviewing, their regulatory arrangements for stored-value facilities. In some cases, this has been part of a wider review of retail payments regulation.

European Union – stored-value facilities are regulated as ‘e-money’ in the EU under the 2009 Electronic Money Directive (EMD). E-money is defined as electronically stored monetary value, issued in advance for the purpose of making transactions; this definition includes both prepaid cards and electronic prepaid accounts (for example, mobile wallets). Under the EMD, providers of e-money services must be authorised by national authorities under a licensing framework, and the EU maintains a public register of all e-money providers.

There are two licensing tiers in the EU framework. The upper tier applies to e-money providers that hold more than €5 million in total stored value. To obtain this licence, the provider must meet one-off requirements, such as setting up a home presence in an EU member state and meeting an initial capital requirement of at least €350,000. In addition, e-money providers are required to meet ongoing requirements, including: ensuring its own funds meet the capital threshold;[11] reporting periodically to regulators; and mitigating technological, operational, money laundering and terrorism financing (AML/CTF) and investment risks. The EU requires e-money providers to safeguard user funds, including depositing the funds into a separate account at a credit institution, or investing them in secure liquid low-risk assets and insulating them against other creditors' claims. E-money providers are permitted to provide certain other payment services, and there is no upper limit on the amount of stored value, but an e-money provider is not permitted to take deposits and conduct broader banking business.

In the lower tier, the EU permits member states to waive some regulatory requirements if the combined stored value of an e-money institution does not exceed the €5 million threshold. In the UK, which has adopted many elements of the EU framework, ‘small’ e-money providers have a lower initial capital requirement. Regulatory exemptions are given to ‘limited networks’, such as those with less than €1 million of annual transaction volumes. The EU Directives are implemented and administered by individual member states. In the UK, for example, responsibility for payments regulation is spread across the Financial Conduct Authority, the Prudential Regulation Authority and the Payment Systems Regulator.

Singapore – in January, the Monetary Authority of Singapore (MAS) completed consultation on a two-tiered licensing arrangement for a range of payments activities, including stored-value facilities.[12] The proposed ‘standard payment institution licence’ would permit businesses to accept and process transactions up to S$3 million on average in a month, or hold a float of up to S$5 million. Most of the compliance requirements for this category are one-off measures, such as the requirement to establish a physical presence in Singapore and a minimum capital requirement of S$100,000. The proposed ‘major payment institution licence’ would permit higher transaction values and float sizes, but would also impose additional risk mitigation measures on the licensee. Examples of the additional compliance requirements include safeguarding requirements for stored funds (such as all user funds must be guaranteed by a bank) and requirements to manage AML/CTF and technological risks. Payment providers would be prohibited from offering individual customer accounts above S$5,000 (with a maximum transfer amount of S$30,000 in a calendar year); accounts exceeding these caps would instead be regulated as bank deposits. The MAS – which is the central bank, prudential supervisor and securities regulator – is responsible for issuing licences to payments providers, monitoring compliance and issuing sanctions if licensing requirements are breached.

Hong Kong stored-value facilities are regulated in Hong Kong by the central bank, the Hong Kong Monetary Authority (HKMA). Stored-value facility providers are subject to requirements broadly similar to those in the EU, the UK and Singapore, albeit with different thresholds. The HKMA maintains a public register of licensees; there are currently 13 non-bank stored-value facility licensees in Hong Kong, including AliPay, WeChat Pay and PayPal, along with three banks that issue stored-value facilities.

3. Recommendations of Recent Inquiries

Recent government inquiries have recommended that the regulatory arrangements for stored-value facilities be reviewed for a number of reasons, including: the current framework is complicated and involves multiple regulators which, it has been argued, may deter potential new entrants and impose significant compliance costs; regulation may not be competitively neutral (for example, some PPF providers may be subject to certain stronger regulatory requirements than a traditional ADI when it is offering a similar service); and regulation may be ‘stifling’ the development of this segment of the payments system.

The 2014 FSI recommended ‘enhanced graduation’ of retail payments regulation, including by clarifying thresholds for regulation by APRA and ASIC (see Box A).[13] In particular, the FSI suggested that a new, APRA-administered prudential regime should apply for PPFs, which would only capture those of ‘sufficient scale’. The FSI recommended using clear numeric thresholds, for example, to determine which facilities are ‘large and widely used’.[14] Within this new prudential regime for PPFs, entities would be able to choose between: (i) a tier with low compliance costs and prudential requirements, but requiring a 100 per cent liquidity ratio;[15] and (ii) a tier with a lower liquidity ratio but strengthened other prudential requirements. The FSI argued that the second tier would address concerns that APRA-regulated PPF providers currently face a higher liquidity requirement than traditional ADIs, which may be hindering competition. The FSI suggested that this could create a perverse incentive for smaller entities to limit their growth to avoid being subject to the PPF prudential regime.

A more general recommendation of the FSI regarding payment service providers was that AFS licences should be required only by entities providing access to large, widely available payment systems. This recommendation effectively suggested that the flexible approach which ASIC currently applies to exemptions to the AFS licensing requirement would be replaced by exemptions in the law, and suggested that ASIC's current approach of granting class exemptions would no longer be necessary. The FSI argued that consumers would receive basic consumer protection regulation from the ePayments Code, which should become mandatory.[16]

In addition, the FSI recommended that regulators should publish a clear guide to payments regulation for the industry, particularly for new entrants, because greater transparency would help ensure that regulation is better understood by industry and encourages future innovation.

Box A: FSI Recommendation 16

Enhance graduation of retail payments regulation by clarifying thresholds for regulation by the Australian Securities and Investments Commission and the Australian Prudential Regulation Authority.

Strengthen consumer protection by mandating the ePayments Code. Introduce a separate prudential regime with two tiers for purchased payment facilities.

The Productivity Commission recently released the final report from its Inquiry into Competition in the Australian Financial System (PC Report; see Box B).[17] The PC Report largely supported the recommendations of the FSI with regard to PPFs, arguing that PPFs face complex and ‘potentially stunting’ regulation (which imposes significant compliance costs) that can deter entry and expansion. The commission observed that use of stored-value facilities such as AliPay and PayPal has grown rapidly in other jurisdictions and suggested that the regulatory framework in Australia may be limiting growth in the local market.

The commission made similar recommendations to the FSI with regard to the development of clear regulatory thresholds and the possible introduction of a tiered prudential regime for PPFs. It suggested that PPFs with stored value below $10 million should remain exempt from prudential regulation; facilities with stored value between $10 million and $50 million should be regulated by the RBA's Payments System Board or otherwise be exempted; and those with stored value above $50 million and allowing individual customers to hold above $500 should be regulated by APRA. The commission recommended a lower threshold on individual holdings than the FSI (which suggested $1,000). As suggested by the FSI, those PPFs regulated by APRA would be able to choose between: (i) a tier with low prudential requirements but requiring a 100 per cent liquidity ratio; and (ii) a tier with a lower liquidity ratio but otherwise higher prudential requirements.

Box B: PC Recommendation 17.5

The Council of Financial Regulators should review the current regulation of Purchased Payment Facilities (PPFs).

The review should develop an approach to simplify the regime, develop clear thresholds for regulatory responsibility and reduce barriers to growth in this sector. The review should consult on and design a tiered regulatory structure for PPFs, including one tier that does not attract prudential regulation.

The review should be completed by end-2018 at the latest and provide a path forward for regulators by mid-2019.

4. Issues for Consultation

The CFR welcomes stakeholders' feedback on the issues raised in this paper, particularly regarding potential improvements to the regulatory framework for stored-value facilities.

Market Developments and Regulation

The CFR is interested in stakeholders' views on issues relating to the market for stored-value facilities, the competitive environment and the potential impact of regulation on innovation and competition.

1. What is the outlook for stored-value facilities in Australia?

The PC Report suggested that, with appropriate regulation, stored-value facilities have the potential to grow rapidly in Australia. An alternative view could be that Australia has a highly banked population and consumers already have good access to a range of safe and convenient payment methods; a new stored-value facility would need to provide a demonstrable benefit over the customer's existing payment options (e.g. cards or established stored-value facilities such as PayPal) in order to gain widespread adoption.[18] In some other jurisdictions, such as China, the growth of stored-value facilities (e.g. AliPay) has been associated with the adoption of non-bank payment services in areas that may have been underserved by the traditional banking sector.

The CFR welcomes feedback on issues relevant to the industry outlook. For example, how do you view customer demand for stored-value facilities in Australia? What are the perceived benefits of stored-value facilities for consumers in the context of payment services that are already available (e.g. credit and debit cards, and bank deposits)? In functional terms, in what ways does ‘stored value’ differ from a bank deposit? To what extent are providers of stored-value facilities seeking, or are likely in the future, to expand and differentiate the range of services they offer (e.g. by offering ‘buy now, pay later’ facilities or multi-currency accounts for online cross-border payments)?

2. How do you view the environment in relation to innovation and competition?

Many observers have suggested that the payments industry globally is in the midst of a period of significant innovation, associated with developments in technology and the influence of non-traditional payment service providers.

This review will consider the regulatory approach to stored-value facilities in the context of market developments and emerging business models that incorporate stored value. In this regard, the CFR welcomes insights on emerging and innovative payment services and business models, particularly how stored-value facilities feature in the outlook for competition in the retail payments market.

3. How can regulation appropriately balance consumer protection aims while supporting an innovative and competitive industry?

The CFR recognises the importance of limiting barriers to innovation and competition while supporting access to safe and efficient payment services. In this regard, recent inquiries have suggested that the current regulatory framework for stored-value facilities is having a detrimental effect on innovation and competition in the Australian payments market.

The CFR welcomes stakeholder views on the impact of current regulatory arrangements on innovation, particularly with regard to stored-value facilities. For example, to what extent are particular activities or innovations being constrained by current regulatory arrangements? Are there particular products or services – particularly those relating to the use of stored-value – that are being offered in other countries but not in Australia because of differing regulatory treatment?

The CFR also welcomes views on what is the appropriate degree of consumer protection for payment products, including the extent to which the level of consumer protection should be differentiated according to the features and risks of particular products (e.g. relatively ‘simple’ products may require less-intensive regulation). Is the current consumer protection framework – which comprises general protections in the Australian Securities and Investments Commission Act 2001, as well as a graduated application of the financial services framework in the Corporations Act – sufficient for these purposes, or would there be benefits from the application of other rules? The latter could include, for example, non-prudential safeguarding requirements in relation to funds loaded on stored-value facilities – such as requirements for stored-value facilities to hold funds in trust on behalf of clients and in relation to other types of facilities – or elements of the ePayments Code (which is currently voluntary).

Specific Issues for Consultation

The CFR is interested in the views of stakeholders on the following specific issues.

4. Is there potential to clarify the definition of stored-value facilities and the intended coverage of stored-value regulation?

It has been observed that the current legislative definition of a PPF – a facility under which a holder of stored value makes payments to another person on behalf of the user of the facility[19] – is a potential source of uncertainty (e.g. containing terms that may be wide or somewhat ambiguous). Moreover, the term ‘purchased payment facility’ does not appear to be widely used internationally in relation to stored-value facilities. The review welcomes feedback on issues regarding the scope and clarity of stored-value regulation, for example:

  • Is the current definition of a PPF a source of confusion for potential new entrants, including foreign entities?
  • Are there existing or emerging services that provide similar functionality to a PPF (as currently defined) but may not be adequately captured under current regulatory arrangements?
  • Should regulators give consideration to developing a set of principles to identify the kinds of services that ought to be regulated in relation to stored-value facilities, based on operational features (e.g. whether the service provider holds funds for a period of time or only initiates payments)? If so, do you have views on the nature of these principles?

5. What regulatory boundaries or thresholds for stored-value facilities are appropriate?

Recent inquiries have suggested that numerical thresholds could be used to distinguish various tiers of, or approaches to, regulation. The CFR welcomes further feedback on these proposals or alternative approaches that could be considered (e.g. those based on approaches in other jurisdictions).[20] As noted in the section on ‘Recommendations of Recent Inquiries’, suggestions of recent government inquiries have included:

  • Facilities with total stored value less than $10 million (and/or a limited number of people) could be largely exempted from prudential and licensing regulation.

    In general terms, this may not represent a significant departure from current arrangements under which small and limited purpose facilities have been exempted from most ASIC and RBA regulations.

    The CFR welcomes views on both the general issue of whether it is appropriate that certain types of stored-value facilities be exempted from certain regulation and practical approaches to determining such exemptions.

    While numerical thresholds could potentially play a role, principles-based criteria could also be considered. For example, exemptions could potentially apply for ‘related’ services that only hold user funds temporarily or for a short period while they are in transit from a payer's ultimate source of funds to the payee (such as some remittance services). In some cases, the provider may not be able to rely on ASIC's low-value exemptions or other exemptions from the Corporations Act. This could be because, even though the provider does not itself hold funds, it can potentially access a larger store of value such as a bank account or larger prepaid stored-value account. The CFR welcomes views on the appropriate regulatory approach to these types of ‘related’ services.

  • Facilities with stored value between $10 million and $50 million, and with more than 50 people, could be subject to some degree of regulation.

    The PC Report suggested that these types of facilities could be regulated (or exempted) by the RBA's Payments System Board. While the RBA currently shares regulatory responsibility for PPFs, it is worth considering alternative arrangements. One alternative could be for these ‘medium-sized’ facilities to be regulated by ASIC under the AFS licensing regime. The RBA's role could instead focus on its existing powers to designate and regulate payment systems on the basis of system-wide competition, efficiency or systemic risk concerns, rather than on the regulation of individual PPFs. This would be consistent with a simpler regulatory framework. In practice, the RBA has not been required to authorise or supervise a PPF provider because the non-ADI facilities that have been established have been small and/or limited purpose (as discussed in the section on ‘Regulation of Stored-value Facilities’). In this context, ASIC's consumer protections could be bolstered by:

    • Ensuring the appropriate operation of provisions to safeguard value. In particular, the CFR notes the importance of Corporations Act (Part 7.8) safeguards on client money that require AFS licensees that hold funds on behalf of clients to hold these funds on trust in an Australian ADI or approved foreign bank.

      There appears to be a prevailing industry view that these rules do not apply to money loaded into stored-value facilities because that money is used to purchase an increased interest in the product.[21] The CFR queries whether this interpretation is consistent with the legislative intent of the client money rules in the Corporations Act. The effect is that customers who load money to a stored-value facility would be treated as unsecured creditors if the issuer of the facility became insolvent.

    • Ensuring that additional consumer protections are applied consistently, such as by making the ePayments Code – which contains disclosure requirements as well as rules about unauthorised transactions and mistaken payments – mandatory.

    However, reliance solely on the licensing, conduct and disclosure regime in the Corporations Act to underpin consumer protection for these ‘medium-sized’ facilities could result in additional risks to consumers. This situation could arise because ASIC's AFS licensing regime would be the sole framework for these types of facilities.

    In considering potential updates to the regulatory framework, the review will have regard to the scope of any additional protections and the extent to which those protections may, or may not, be able to address any consumer risks associated with any change in the level of prudential regulation of stored-value facilities.

  • Widely available facilities with stored value above $50 million and allowing individual customers to hold more than $1,000 (FSI recommendation) or $500 (PC Report) could be subject to the highest degree of regulation. It has been suggested that these facilities be prudentially regulated and supervised by APRA (in addition to the consumer protections of the ASIC regime).

    Consideration could also be given to a higher threshold for APRA supervision – for example, facilities holding over $100 million in stored funds and, potentially 1,000 users or allowing individual holdings over $1,000. This could help ensure that only those entities of sufficient scale are supervised by APRA, with prudential regulation applying only to those businesses whose failure could have a broader impact; a higher threshold may also be more robust to potential growth in the market. However, an implication of a higher threshold for APRA supervision is that ASIC's AFS licensing regime would be the sole framework for a potentially broader class of stored-value facilities. This would reinforce the importance of ensuring that Corporations Act safeguards on holding client money are operating effectively and considering the extent to which these (and other consumer protections) are sufficient to address any increase in consumer risk arising from a higher threshold for prudential supervision (see above).

    A related consideration with regard to regulatory thresholds is that, in practice, non-ADI operators of stored-value facilities have tended to partner with ADIs, with the ADI typically being the product issuer and the holder of the stored funds. If the threshold for prudential regulation was to increase, this could reduce the regulatory incentives to partner with ADIs and result in an expansion of non-prudentially regulated operations and therefore a larger amount of stored funds that would be ‘at risk’ in the event of future corporate insolvencies. The CFR welcomes views on whether changes to thresholds would affect partnering arrangements and create additional risks for consumers.

    The CFR welcomes feedback on how to determine which entities could be subject to APRA's prudential supervision. As discussed below, numerical thresholds could potentially be combined with broader criteria. The CFR also welcomes views on whether caps should be imposed in relation to maximum individual account sizes and/or annual payment flows, before payment products should be regulated as ADI deposits (as has been proposed in Singapore, for example).

6. Are there other criteria that could be used to define regulatory boundaries for stored-value facilities?

Recent inquiries have suggested that numerical thresholds may help provide clarity for regulated entities. However, strict thresholds may also create incentives for business models to be structured so as to avoid regulation and may not necessarily take account of the nature (and risks) of the services offered by individual facilities.

As noted above, one issue is potential criteria for regulatory exemptions. Another issue concerns the determination of which facilities should be subject to APRA's prudential supervision. The policy intent of current arrangements is that users of widely available facilities offering ‘deposit-like’ functionality have a greater degree of assurance that their funds will be safe because the facility is required to comply with certain prudential standards determined by APRA. At present, this determination is based on the size/availability of the facility and the features of the services provided, including that the user of the facility is able to demand repayment in Australian currency of part or all of the balance of the facility (for example, by transferring the funds to a bank account).

The CFR is seeking views on whether there are other factors that should be considered in determining whether a facility has ‘deposit-like’ features. Examples of facilities which raise potential issues could include:

  • multi-currency facilities that are redeemable for Australian currency
  • facilities that are redeemable for foreign currency
  • ‘open-ended’ facilities, where money is held in a facility with no expiry date for use
  • ‘closed-loop’ systems involving funds that are not ‘redeemable’ for currency but can be used for certain purchases within the same system, or are referrable to the provision of property/services/giving of security (for example, facilities that allow in-app purchases similar to WeChat Pay, or allow purchases to be made within a network, such as gift cards).

A further question related to regulatory boundaries is whether providers of stored-value facilities should be restricted from offering certain other services that may take them into the realm of other regulated activities (as has been the approach to regulation in some other jurisdictions)? Examples may include the paying of interest on stored funds; the extension of credit or credit-like facilities; and ATM access.

7. What are your views on a ‘tiered’ approach to prudential supervision for stored-value facilities?

Recent inquiries have proposed a two-tier approach for APRA regulation of PPFs (see the section on ‘Recommendations of Recent Inquiries’). There is currently only one APRA-regulated PPF and, while there has been some recent interest in PPF licences, it is possible that the APRA-regulated PPF population could remain small for some time. There may therefore be a trade-off between introducing more tiering and achieving a simpler regulatory framework for stored-value facilities. As discussed above, a potential approach could be to increase the threshold for APRA regulation of stored-value facilities, with the APRA framework then being reviewed to ensure that it is suitable for the narrower range of (potentially larger and more sophisticated) facilities that would meet the threshold.

The CFR welcomes views on the appropriateness of a two-tier approach to stored-value facilities within the APRA regime, including how this could be balanced with the objective of a clearer and streamlined regulatory framework. The CFR also welcomes views on the alternative of a single APRA framework for larger/more sophisticated stored-value facilities, and what threshold(s) and/or other criteria might be appropriate for such an approach (see above).

8. What is the appropriate regulatory approach to emerging products and services?

The CFR recognises the importance of ensuring that regulation is able to adapt to changes in the market. In this regard, it is important to consider the impact of regulation on particular segments of the market and how regulation might apply to newer or emerging services. Although not limited to these issues, two areas on which the CFR is seeking views are:

  • The appropriate regulatory approach to payment accounts facilitated by a mobile device (e.g. mobile wallets) or other online wallet services. For example, do these services offer features of stored value, or do they largely facilitate consumer access to, and initiation of payments from, other payment products? To what extent do these services offer ‘deposit-like’ functionality?
  • The appropriate regulatory approach to ‘closed-loop’ systems. Services such as AliPay are examples of ‘closed-loop’ systems in which stored funds can be transferred to other users of the same system (as well as often by using a linked bank account or card). Although closed-loop systems have not taken off in Australia in the same way as they have in some other countries at this time, it is possible that they could become a more prominent part of the payments system in the future. An implication might be that substantial amounts of value are held in closed systems, potentially not redeemable in Australian currency (and therefore outside the current scope of APRA's prudential supervision).

9. How could the transparency and communication of regulation be improved?

Recent inquiries have noted that there is scope to improve the clarity and transparency of regulatory arrangements for payments service providers. As part of this review, the CFR agencies will consider measures to improve transparency, which is likely to include joint publication of a guide to the regulatory framework once any measures necessary to improve the framework have been implemented.

The review welcomes feedback on aspects of regulation that may be viewed as unclear or a potential source of confusion for industry and/or consumers; and on how the transparency and communication of regulation could be improved.

10. Are there other issues relating to the regulation of retail payment service providers which could potentially be improved or clarified?

While this review will have particular regard to regulation that applies to stored-value facilities, it will also consider some other aspects of the regulation of payment service providers that have been identified, or may be identified in the course of this review, as having scope for improvement. In particular, there are a number of issues relating to the appropriate operation and/or clarity of elements of the AFS licensing regime which may warrant further attention. These include (but are not necessarily limited to):

  • Ensuring the appropriate operation of legislative provisions to safeguard value held on behalf of clients (as noted above).
  • Clarifying the application of elements of existing exemptions in the Corporations Regulations that apply to some, but not all, remittance service providers and other service providers involved in electronic money transfers.[22]
  • Clarifying that services which only enable the receipt of payments are not regulated, provided that the payer's obligations are complete when payment is received by the service provider, and subsequent conduct of that service provider does not therefore involve a risk for the payer.

5. Next Steps

Interested parties are invited to provide written submissions by 19 October 2018.

The review will make recommendations on the overall framework for the regulation of stored-value facilities. It is expected that interested parties will have further opportunity to comment on any specific changes to regulation administered by relevant agencies that may arise from the recommendations of this review.


The Payment Systems (Regulation) Act 1998 defines PPFs as: ‘a facility (other than cash) in relation to which the following conditions are satisfied: (a) the facility is purchased by a person from another person; and (b) the facility is able to be used as a means of making payments up to the amount that, from time to time, is available for use under the conditions applying to the facility; and (c) those payments are to be made by the provider of the facility or by a person acting under an arrangement with the provider (rather than by the user of the facility)’. [1]

See Q. 10 in the ‘Issues for Consultation’ section. For clarity, the review is concerned with regulation that relates to payment services or activities – i.e. regulatory requirements for payment service providers or participants in retail payment systems, rather than the payment systems or the system overall. [2]

Including the Mondex and Visa Cash systems. [3]

According to the Reserve Bank's latest Consumer Payments Survey, PayPal was used to make about one quarter of the number of online payments in 2016. [4]

The Wallis Report on the Australian Financial System (1997), ‘Chapter 9: Stability and Payments’, Final Report, June. [5]

See <>. [6]

Non-cash payments are payments made or caused to be made, otherwise than by the physical delivery of Australian or foreign currency in the form of notes and/or coins. The Financial Services Reform Act 2001 introduced NCPs as financial products under the Corporations Act 2001 as ASIC viewed these products as clearly being intended to be regulated as part of the financial services regulatory regime. [7]

At this time, PayPal is the only entity licensed and supervised by APRA as a PPF provider, a special class of ADI. Unlike deposits in ADIs up to $250,000 per account holder, funds held in PPFs are not protected under the Australian Government's Financial Claims Scheme. ADIs also provide a range of these facilities, for example operating open-loop prepaid card facilities. ADIs do not require a separate authorisation to engage in this business under the Payment Systems (Regulation) Act 1998. [8]

The RBA's regulatory responsibilities for PPFs stem from the Payment Systems (Regulation) Act 1998. Under section 9(3) of the Act, the RBA may declare that the Act does not apply to a specified PPF or to a class of facilities. To date, the RBA has exempted: loyalty schemes; gift card facilities; electronic road toll devices; prepaid mobile phone accounts; limited value (less than $10 million) facilities; limited participant (less than 50 payees) facilities; and the Westfield insurance card facility. The RBA may also exempt corporations from the Act, under section 25. To date, the RBA has exempted corporations that are guaranteed by an ADI or government authority. [9]

Under current arrangements, a provider could potentially offer a number of different facilities and not be required to hold an AFS licence if individual facilities do not exceed the $10 million threshold. [10]

‘Own funds’ means funds where at least 75 per cent of the Tier 1 capital is in the form of Common Equity Tier 1 (CET1) and Tier 2 capital is equal to or less than one-third of Tier 1 capital. [11]

The licence permits the following payments activities: account issuance services; e-money services; virtual currency services; merchant acquisition services; money changing services; domestic money transfer; inward and outward remittances. A separate licence is available for money-changing businesses. Under this framework, an entity providing multiple regulated payments activities would only be required to hold one licence. [12]

Financial System Inquiry (2014), Final Report, November, available at <>. [13]

See Q.5. in the ‘Issues for Consultation’ section. The FSI also suggested that there should be no distinction based on whether funds could be redeemed for Australian currency, as currently exists. [14]

In practice, this could mean, for example, that all customers' stored value is held in liquid assets such as bank deposits. [15]

The ePayments Code is a voluntary code of practice administered by ASIC that regulates electronic payments, including ATM, eftpos and credit card transactions, online payments, internet and mobile banking and BPAY. The Code sets out requirements on: how subscribers should provide terms and conditions, receipts and statements to consumers; determining who pays for unauthorised transactions; and the recovery of mistaken internet payments. The FSI and PC Report recommended that the ePayments Code be made mandatory. [16]

Productivity Commission (2018), ‘Competition in the Australian Financial System’, August, available at <>. [17]

RBA (2014), Submission to the Financial System Inquiry, March, pp 224–226. [18]

See footnote 1. [19]

Unlike the approaches adopted or proposed in some other jurisdictions, recent inquiries have not suggested that an entirely new licensing regime for payment service providers be introduced in Australia. [20]

See section 981A(2) of the Corporations Act. [21]

See regulation 7.1.07G of the Corporations Regulations 2001. [22]