Legal Advice on becoming an EMI licence, PSP or a Payment service provider or Online Payment Transfer Company like Pay Pal in Pakistan?

The Electronic Money Institutions (EMI) regulations are a cornerstone of the evolving financial landscape, introduced to foster innovation, inclusivity, and security in the digital payments ecosystem. Their primary aim is to provide a robust legal and operational framework that encourages the safe proliferation of non-bank entities in the financial sector. As traditional banking services struggle to penetrate underserved areas, these regulations bridge the gap, empowering EMIs to extend essential payment services to unbanked and underbanked populations, particularly in rural and remote regions.

A key objective of these regulations is to balance innovation with security. By defining clear rules for licensing, governance, and operational conduct, the State Bank of Pakistan (SBP) seeks to mitigate risks inherent in digital payments, such as fraud, money laundering, and data breaches. EMIs are mandated to implement robust customer due diligence (CDD) mechanisms, employ advanced technology like biometric verification, and ensure that funds are safeguarded in trustee accounts or secure government securities. These measures not only protect customers but also bolster trust in electronic money systems, a critical factor for widespread adoption.

Interoperability is another cornerstone of the EMI regulations, ensuring seamless integration between EMIs, traditional banks, and other financial service providers. This is essential for fostering competition and innovation while avoiding the fragmentation of financial ecosystems. Through APIs and centralised platforms like Raast, customers gain the flexibility to transfer funds and make payments across different platforms with minimal friction, enhancing user experience and financial inclusion.

Furthermore, the regulations underscore the importance of corporate governance and risk management. By requiring EMIs to establish strong internal controls, diverse boards, and robust oversight mechanisms, the SBP aims to create resilient institutions capable of withstanding operational and financial shocks. This focus on governance not only reduces systemic risks but also aligns Pakistan’s financial practices with international standards, enhancing the country’s reputation in global markets.

At their core, the EMI regulations are about enabling innovation while safeguarding public interest. By encouraging new business models, such as enhanced e-wallets and cross-border payment solutions, they pave the way for financial empowerment and economic growth. Simultaneously, the regulations ensure that this progress is achieved responsibly, with stringent requirements for AML/CFT compliance, data protection, and consumer grievance redressal. In essence, the EMI regulations are a strategic response to the rapidly changing financial landscape, ensuring that digital payment systems are inclusive, secure, and sustainable for all stakeholders.

The revised EMI regulations issued by the State Bank of Pakistan (SBP) on June 21, 2023, have introduced significant changes, both expanding opportunities and heightening compliance requirements for new applicants. The scope of services EMIs can now offer has broadened to include payment aggregation, bill and invoice aggregation, payment initiation, account information services, escrow services for domestic e-commerce, and inward cross-border remittances, creating avenues for revenue diversification and enhanced customer engagement. Additionally, higher monthly wallet limits, even for minors and freelancers, and the ability to integrate with financial institutions and fintechs via secured APIs foster greater innovation and collaboration within the financial ecosystem. However, the regulations emphasise stringent compliance measures, with applicants required to meet specific capital thresholds, such as a minimum of PKR 200 million for an Outstanding E-Money Balance (OEB) of up to PKR 4 billion. The multi-phased licensing process, including initiation, in-principle approval, pilot operations, and final commercial licensing, demands meticulous planning, adherence to timelines, and substantial resource allocation. While the expanded regulatory framework aligns with SBP’s objectives of digital payment adoption and financial inclusion, prospective applicants must carefully evaluate their financial and operational readiness to navigate these challenges effectively and leverage the opportunities presented.

A detailed comparison of the New and Old Regulations is given further below in this article.

Common Question: If someone wanted to set up a WISE or Paypal-like service in Pakistan would they want an EMI or PSP?

To establish a service similar to Wise (formerly TransferWise) or PayPal in Pakistan, the appropriate regulatory framework would depend on the specific services and functionalities intended to be offered. Here’s a breakdown of the two options:

• Electronic Money Institution (EMI):
  • Suitability for Digital Wallets and Money Transfer Services: If the primary focus is on digital wallets, prepaid cards, and facilitating digital payments and money transfers (similar to PayPal or Wise), an EMI license would be more appropriate. EMIs are tailored for businesses that provide innovative, user-friendly, and cost-effective low-value digital payment instruments.
  • Consumer-Focused Services: EMIs in Pakistan are expected to offer interoperable and secure digital payment products and services to end users, aligning well with the business model of companies like PayPal and Wise, which are consumer-centric and provide user-friendly interfaces for financial transactions.
  • Financial Inclusion and Digital Payment Adoption: EMIs play a crucial role in promoting financial inclusion and digitizing payments, which aligns with the objectives of services like PayPal and Wise that aim to simplify and democratize financial transactions.
• Payment System Operator (PSO) / Payment Service Provider (PSP):
  • Infrastructure and Payment Processing: If the service involves the operation of payment systems infrastructure, such as payment gateways, clearing houses, ATM switches, and POS gateways, then a PSO/PSP license would be more suitable.
  • Role as Intermediaries: PSOs and PSPs act as intermediaries in the financial market, providing the backbone for payment processing and routing. This is more aligned with businesses that focus on the operational side of payment systems rather than direct consumer interaction.

Key Considerations:

• Business Model and Services Offered: The choice between an EMI and a PSP/PSO license should be based on the specific services your business intends to offer. If the focus is on direct consumer services like digital wallets and money transfers, an EMI license is more appropriate. If the focus is on providing the infrastructure for payment processing, then a PSO/PSP license would be suitable.
• Regulatory Compliance: Both licenses come with specific regulatory requirements and capital stipulations as set by the State Bank of Pakistan. Compliance with these regulations is crucial for successful operation and sustainability in the financial market.
• Market Dynamics and Partnerships: Understanding the existing market dynamics, potential partnerships with banks and other financial institutions, and the evolving regulatory landscape in Pakistan are essential for making an informed decision.

In summary, for a service akin to Wise or PayPal that focuses on user-facing digital payment services, an EMI license is likely the more fitting option. However, the final decision should be based on a comprehensive analysis of the intended business model, services to be offered, and the regulatory environment in Pakistan.

Difference between an PSP and EMI  in Pakistan :

The distinction between Payment System Operators (PSOs), Payment Service Providers (PSPs), and Electronic Money Institutions (EMIs) is rooted in their respective roles and functions within the financial ecosystem, particularly in the context of Pakistan’s regulatory environment as governed by the State Bank of Pakistan (SBP).

Payment System Operators (PSOs) and Payment Service Providers (PSPs):

• Function and Scope: PSOs and PSPs are primarily involved in the operation and provision of payment systems related services. This includes managing electronic payment gateways, payment schemes, clearing houses, ATM switches, POS gateways, e-commerce gateways, and other related services. They act as intermediaries for the routing, switching, and processing of payment transactions.
• Regulatory Framework: They operate under the specific rules set by the SBP and are required to go through a three-stage authorization process: In-Principle approval, Pilot Operation approval, and Final Stage approval.
• Capital Requirements: PSOs/PSPs must maintain a minimum capital of PKR 200 million, with an additional 25% for each additional line of business. This requirement ensures financial stability and credibility.
• Restrictions: They are not permitted to act as custodians of consumer funds or perform any traditional banking functions as defined in the Banking Companies Ordinance, 1962.

Electronic Money Institutions (EMIs):

• Function and Scope: EMIs are entities that focus on offering digital payment instruments such as wallets, prepaid cards, and contactless payment instruments. Their aim is to promote digital payments, foster innovation in the payments industry, and increase financial inclusion.
• Regulatory Framework: EMIs operate under regulations issued by the SBP in 2019, under the Payment Systems and Electronic Fund Transfers Act, 2007. Their licensing also follows a three-stage process: In-Principle approval, Pilot Operation approval, and Final Approval (License).
• Focus on Digital Payments: EMIs are expected to offer interoperable and secure digital payment products and services, thus playing a pivotal role in the digitization of various types of payments.

Key Differences:

• Operational Focus: PSOs/PSPs are more focused on the infrastructure and mechanisms that facilitate payment processing (e.g., payment gateways, ATM switches), while EMIs concentrate on providing digital payment instruments to end-users (e.g., e-wallets, prepaid cards).
• Role in Financial Ecosystem: PSOs/PSPs act as intermediaries and facilitators in the broader financial market infrastructure, while EMIs are more consumer-focused, aiming to broaden digital payment adoption among the general public.
• Capital and Regulatory Requirements: Both have distinct capital requirements and regulatory pathways as mandated by the SBP, reflecting their different roles and risks in the financial system.

In summary, PSOs/PSPs and EMIs play complementary but distinct roles in Pakistan’s digital payment landscape, with PSOs/PSPs focusing on the operational aspects of payment systems and EMIs concentrating on consumer-facing digital payment solutions. Their coexistence and collaboration are crucial for the development of a robust, efficient, and inclusive financial ecosystem in Pakistan.

Current EMIs (Approved) in Pakistan (Source SBP Website)

The current landscape of Electronic Money Institutions (EMIs) in Pakistan presents a diverse array of companies offering digital payment solutions. These EMIs are pioneering the shift towards digital financial services in the country, providing various forms of e-money wallets and payment gateway services. Below is a summarised note on the existing EMI providers in Pakistan, along with their products, services, and regulatory status:

• M/s NayaPay Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
    • E-money wallet for Merchants
  • Date of Approval: August 30, 2021
  • Status: Live
• M/s Finja Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
    • E-money wallet for Merchants
  • Date of Approval: September 14, 2021
  • Status: Live
• M/s CMPECC Ltd.
  • Products/Services:
    • E-money wallet for Consumers
    • E-money wallet for Merchants
  • Date of Approval: March 22, 2022
  • Status: Live
• M/s SadaTech Pakistan Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
    • E-money wallet for Freelancers
  • Date of Approval: April 18, 2022
  • Status: Live
• M/s Wemsol Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers and Merchants
    • Payment Gateway for Consumers and Merchants
  • Date of Approval: July 08, 2020
  • Status: Pilot Approval granted
• M/s TAG Innovation Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
  • Date of Approval: October 07, 2022
  • Status: In-Principle Approval and Pilot Operations approval have been revoked by SBP
• M/s Akhtar Fuiou Technologies Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
  • Date of Approval: December 16, 2022
  • Status: Pilot Approval granted
• M/s EP Systems
  • Products/Services:
    • E-money wallet for Consumers
    • E-money wallet for Merchants
  • Date of Approval: January 18, 2023
  • Status: Pilot Approval granted
• M/s Hubpay Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
    • E-money wallet for Merchants
  • Date of Approval: February 02, 2022
  • Status: In-Principle Approval granted
• M/s Careem Payment Solutions Pvt. Ltd.
  • Products/Services:
    • E-money wallet for Consumers
  • Date of Approval: August 28, 2023
  • Status: In-Principle Approval withdrawn by the Company

Important Note: The In-Principle approvals granted by the State Bank of Pakistan (SBP) to these EMIs are based on a thorough review of their applications and the information they submitted. However, this approval should not be seen as an endorsement of the EMIs’ proposed business models or financial viability by the SBP. The SBP does not assume responsibility for any financial, legal, or reputational loss incurred by any entity or individual who establishes a business relationship with an EMI based solely on its In-Principle approval status.

This summary provides a snapshot of the evolving EMI sector in Pakistan, highlighting the varied services offered and the regulatory milestones achieved by these institutions. The sector is dynamic, with new players entering the market and existing ones expanding their services, all contributing to the digital transformation of Pakistan’s financial landscape.

Current Approved PSD’s in Pakistan (Source: SBP Website)

The Payment Systems Department of the State Bank of Pakistan plays a pivotal role in the oversight and regulation of the country’s payment infrastructure. This includes the authorization and supervision of Payment System Operators (PSOs) and Payment Service Providers (PSPs). The department ensures that these entities operate in compliance with established rules and regulations, thereby maintaining the integrity and stability of Pakistan’s financial system.

Below is a legal note on the list of authorized PSOs and PSPs under the Rules for PSOs and PSPs:

• 1LINK Guarantee Ltd.
  • Authorized Payment System: ATM Switch, Interbank Fund Transfer Services/Utility Bill Payment Services, PayPak Scheme, POS Switch
  • Date of Approval: Varies (2015 – 2017)
  • Status: Live
• Virtual Remittance Gateway
  • Authorized Payment System: Electronic Payment Gateway
  • Date of Approval: April 17, 2017
  • Status: Live
• Webdnaworks (Pvt.) Ltd.
  • Authorized Payment System: White Label ATMs
  • Date of Approval: April 30, 2020
  • Status: Live
• NIFT (Pvt.) Ltd.
  • Authorized Payment System: Paper Based Instruments Clearing, E-Commerce Payment Gateway
  • Date of Approval: Varies (2016 – 2021)
  • Status: Live
• Avanza Premier Payment Services
  • Authorized Payment System: E-Commerce Payment Gateway
  • Date of Approval: May 21, 2021
  • Status: Live
• ForeePay Private Ltd.
  • Authorized Payment System: Payment Initiation Services/Account Information Services, Payment Aggregation Services
  • Date of Approval: Varies (2020)
  • Status: Approval for Pilot Operations granted
• Safepay (Pvt.) Ltd.
  • Authorized Payment System: E-Commerce Payment Gateway
  • Date of Approval: August 15, 2022
  • Status: Approval for Pilot Operations granted
• TPL Rupiya (Pvt.) Ltd.
  • Authorized Payment System: Mobile Payment Switch
  • Date of Approval: April 29, 2016
  • Status: In-Principle Approval granted
• Infotech (Pvt.) Ltd.
  • Authorized Payment System: Automated Clearing House, E-Payment Gateway
  • Date of Approval: August 08, 2016
  • Status: In-Principle Approval granted
• Mobidirect (Pvt.) Ltd.
  • Authorized Payment System: E-Commerce Payment Gateway
  • Date of Approval: August 04, 2017
  • Status: In-Principle Approval granted
• Zingdigicomm (Pvt.) Ltd.
  • Authorized Payment System: E-Commerce Payment Gateway and Person to Merchant Payments
  • Date of Approval: November 02, 2017
  • Status: In-Principle Approval granted
• Euronet (Pvt.) Ltd.
  • Authorized Payment System: Bulk Transfers & Instant credit/Invoice fee-based Payments Processing
  • Date of Approval: November 02, 2017
  • Status: In-Principle Approval granted

Important Note: The In-Principle approvals granted by the State Bank of Pakistan to PSOs and PSPs are based on the information provided by them and a review of their application under the Rules for PSOs/PSPs. These approvals should not be interpreted as an endorsement of the entities’ proposed business models or financial viability by the State Bank of Pakistan. The SBP will not bear responsibility for any financial, legal, or reputational losses incurred by any entity or individual who establishes a business relationship with a PSO/PSP based solely on its In-Principle approval status.

This note reflects the current status of authorized PSOs and PSPs in Pakistan, highlighting the diversity and specialization within the country’s payment systems landscape. It underscores the SBP’s commitment to facilitating a robust, secure, and efficient payment system environment, pivotal for the country’s financial stability and growth.

Payment Systems in Pakistan

The landscape of payment systems in Pakistan has undergone a transformative evolution over the past decade. This progression is marked by the introduction of advanced payment instruments, the expansion of electronic payment infrastructure, and the adaptation to shifting consumer preferences. These advancements have facilitated a significant migration from traditional paper-based instruments to a multifaceted array of electronic payment options. This migration is supported by an efficient and reliable clearing and settlement infrastructure, which has been instrumental in enhancing the overall effectiveness of the payment systems in the country.

Key Features of Pakistan’s Payment Systems:

• PRISM (Pakistan Real-time Inter-bank Settlement Mechanism): This system represents a cornerstone in large-value real-time fund transfers. PRISM is equipped with contemporary features that enhance liquidity saving and risk mitigation, making it a critical component of the financial infrastructure.
• Government Securities Settlement System: This system is fully integrated with the RTGS (Real-Time Gross Settlement) System, facilitating electronic settlement based on the Delivery versus Payment (DvP) Model 1. This integration ensures seamless and secure transactions within the government securities market.
• Real-Time Retail Payment System (Operated by 1Link): This system offers peer-to-peer (P2P) transfer capabilities, operational 24/7 through various Alternate Delivery Channels such as ATMs, Internet Banking, and Mobile Banking. It represents a significant advancement in providing accessible and continuous payment services to the general public.
• Paper Instrument Clearing Facilities: These facilities operate on a T+1 basis and are supported by an extensive network of more than 27 clearing/satellite centers across the country, ensuring widespread and efficient handling of paper-based transactions.
• Central Counter Party for Capital Market Transactions: This feature provides a centralized platform for the settlement of capital market transactions, enhancing the efficiency and security of these operations.
• Agent-Based Branchless Banking: Catering to the cash and fund transfer needs of millions, this feature has expanded financial services to a broader spectrum of consumers, particularly in underserved areas.
• Compliance with IBAN Standard: Pakistani banking systems now utilize account numbers compliant with the International Bank Account Number (IBAN) standard, facilitating international transactions and improving cross-border payment efficiency.
• Interoperable ATM Networks: Pakistan boasts one of the lowest interchange fees in the world for its fully interoperable ATM networks, making ATM services more accessible and cost-effective for consumers.
• PayPak – Domestic Payment Scheme: This recently launched scheme aims to provide a low-cost payment solution to both consumers and financial institutions, further diversifying the payment options available in Pakistan.

Role of the State Bank of Pakistan:

The State Bank of Pakistan (SBP) plays a critical role in the governance and regulation of these payment systems, as outlined in the Payment Systems & Electronic Fund Transfer Act 2007. The Payment Systems Department within the SBP is entrusted with the oversight and regulation of payment systems in Pakistan. This includes operating the PRISM System, which is a testament to the Bank’s commitment to ensuring the stability and efficiency of the national payment systems.

This legal note elucidates the diverse and sophisticated nature of Pakistan’s payment systems, highlighting the integral role of the State Bank of Pakistan in maintaining and regulating these systems for the benefit of the country’s financial stability and consumer convenience.

Legal Update: The PSPOD Circular No 03 of 2023 was issued on 21 June 2023 and addressed to Presidents/CEOs of All Banks, Microfinance Banks (MFBs), Payment System Operators (PSOs), Payment Service Providers (PSPs), Electronic Money Institutions (EMIs), and Prospective EMIs

The State Bank of Pakistan (SBP) has recently updated its regulations governing Electronic Money Institutions (EMIs), a strategic move designed to broaden the reach and capabilities of these modern fintech-driven payment entities. The amendments to the regulations are set to empower EMIs to extend enhanced services to a diverse customer base, including minors and freelancers. These services include expanded monthly wallet limits and the introduction of novel payment services like Payments Aggregation, Bill/Invoice Aggregation, Payment Initiation, Account Information, and Escrow Services for domestic e-commerce. Moreover, these institutions can now offer Services via Application Programming Interfaces (APIs) to Financial Institutions, Fintechs, Third-Party Service Providers (TPSPs), and facilitate Inward cross-border remittances.

Since the initial implementation of EMI Regulations in 2019, there has been a noticeable surge in interest among both local and international fintech companies to operate as EMIs within Pakistan. To date, the SBP has granted commercial operation licenses to four EMIs, with six additional EMIs in various stages of the licensing process. As of March 2023, these institutions have successfully established approximately 1.6 million e-money wallets, accumulating a total e-money volume of Rs. 2 billion.

The revised regulations, dated June 21, 2023, align with the SBP’s objective of fostering digital innovation in the financial sector by encouraging the participation of non-banking fintech companies in the payments arena. This initiative aims to extend the operational outreach of EMIs, thereby enhancing the adoption of digital financial services. The development of these new regulations involved comprehensive consultations with current and prospective EMIs, alongside other relevant stakeholders, ensuring that customers can access superior services from these regulated e-money providers.

The SBP anticipates that the updated regulatory framework will further attract fintech firms, both domestically and globally, to the EMI market in Pakistan. This influx is expected to introduce more innovative, cost-effective, and superior payment services, significantly contributing to the growth of digital financial inclusion within the country.

The Revised Regulations for Electronic Money Institutions (2023) show the State Bank of Pakistan’s (SBP), vision to invigorate the payments industry and further the agenda of financial inclusion through digital means, initially issued the Regulations for Electronic Money Institutions (EMIs) under the PSD Circular No. 01 of 2019. These regulations have significantly shaped the landscape of electronic money services in the country.

Since the implementation of these Regulations, there has been a notably positive reception from market participants. Numerous entities have acquired licenses to operate electronic money services, which underscores the success of these Regulations. Additionally, these measures have garnered appreciation and acceptance from foreign investors and institutions.

In a continual effort to boost the adoption of e-money services and to motivate both existing and new EMIs to develop innovative business models, use cases, and technological solutions, the SBP has undertaken a revision of these Regulations. This decision is influenced by both local experiences and global best practices in the field.

The revised Regulations are effective immediately. Existing EMIs currently offering e-money services are instructed to align their operations and processes with these updated regulations. A compliance report, confirming adherence to the revised standards, must be submitted to the SBP by no later than 30 September 2023.

This directive represents a significant step towards enhancing the efficiency and scope of digital financial services in Pakistan, encouraging innovation and competition in the sector, and ultimately contributing to the broader goal of financial inclusion.

Comment

The State Bank of Pakistan (SBP) has recently updated its regulations for electronic money institutions (EMIs), a move that is set to significantly boost the involvement of Islamic fintech companies in Pakistan’s electronic payment sector. These revised regulations, effective from 21st June 2023, are part of the SBP’s strategic initiative to expand the reach and functionality of EMIs in the country.

Under the new framework, EMIs are now permitted to offer a broader range of services. This includes increased wallet limits for various customer segments such as minors and freelancers, and the introduction of novel payment services. These services encompass Payments Aggregation, Bill/Invoice Aggregation, Payment Initiation, Account Information, Escrow Services for domestic e-commerce, and facilitation services via Application Programming Interfaces (APIs) for Financial Institutions, Fintechs, and Third-Party Service Providers. Additionally, the regulations now accommodate inward cross-border remittances.

This regulatory overhaul is anticipated to attract a greater number of fintech companies, both local and international, to venture into the EMI domain in Pakistan. The SBP foresees this development as a catalyst for bringing innovative, cost-effective, and superior payment services to the market, thereby promoting digital financial inclusivity within the nation.

Since the original introduction of EMI Regulations in 2019, there has been a notable upsurge in interest from fintech firms, both domestic and foreign, to operate as EMIs in Pakistan. The primary objectives of these regulations are to encourage digital payments, spur innovation in the payments sector, enhance financial inclusion, and establish a regulatory framework for non-banking entities in the payment landscape.

As of March 2023, the SBP has authorized four EMIs for commercial operations, with six more in various stages of licensing. While it has not been explicitly stated whether these EMIs adhere to Shariah principles, it is generally presumed that most, if not all, comply with these standards in Pakistan.

The EMIs have been successful thus far, having opened approximately 1.6 million e-wallets with a total value of PKR 2 billion (equivalent to US$6.95 million) in outstanding e-money.

In a significant development, Finja Invest, a Shariah-compliant e-wallet platform, has gained the distinction of being the first peer-to-peer (P2P) financing service provider in Pakistan to receive regulatory approval for its operations.

Pakistan’s Islamic fintech landscape, as documented in the IFN Fintech Landscape, comprises 12 Islamic fintech firms. According to the Global Islamic Fintech Index, Pakistan is currently ranked ninth among 64 countries. The Islamic fintech market in Pakistan is projected to grow to a value of US$2.8 billion by 2025.

Old and New EMI Regulation Comparison Highlights

The New EMI Regulations can be accessed at https://www.sbp.org.pk/psd/2023/C3-Enclosure-Regulations-EMIs.pdf

Acronyms

• New Version: Introduces expanded acronyms like APIs (Application Programming Interfaces), BVS (Biometric Verification Service), and 2FA (Two-Factor Authentication), reflecting a shift towards technological advancements and enhanced compliance mechanisms.
• Old Version: Limited acronyms with no reference to these newer concepts.

Definitions

• New Version: Adds definitions like Escrow Services, Fintech, and Key Executive roles with precise functional distinctions.
• Old Version: Less detailed, lacks nuanced definitions for modern financial services.

Introduction

• New Version: Aims at aligning with international best practices and fostering financial inclusion through innovative digital services.
• Old Version: Focuses on removing entry barriers for non-banking entities but lacks the emphasis on global alignment.

Objectives

• New Version: Introduces objectives like encouraging new business models and ensuring technological integration.
• Old Version: Limited to foundational goals like consumer protection and financial inclusion.

Scope of Activities

• New Version: Broader scope includes API-based services, escrow for e-commerce, and stricter prohibitions on virtual currencies.
• Old Version: Narrower focus with fewer specified activities.

Licensing Procedure and Stages

• New Version: Adds an “Initiation Phase” to the existing three-stage process, with detailed conditions for each phase.
• Old Version: Three stages without an initiation phase or extensive requirements.

Governance Arrangements

• New Version: Specifies gender diversity, independent directors, and quarterly board meetings.
• Old Version: General governance provisions without such specific mandates.

Capital Requirements

• New Version: Additional security deposit arrangements (10% split between current accounts and government securities).
• Old Version: Similar capital requirements but without emphasis on diversification.

Customer Due Diligence (CDD)

• New Version: Introduces digital onboarding, biometric verification, and risk-based AML/CFT compliance.
• Old Version: Basic due diligence with less emphasis on digital tools.

Wallet Categories and Limits

• New Version: Enhanced wallets for individuals and minors, with detailed load limits and parental controls.
• Old Version: Uniform wallet limits without distinctions for minors.

Suspension and Revocation

• New Version: Broader grounds for suspension, including risks to payment system stability and public interest.
• Old Version: Fewer grounds for suspension.

Reporting and Record Retention

• New Version: Emphasises real-time reporting and longer retention periods.
• Old Version: Basic reporting and retention requirements.

Q & A on the Comparison of Old and New EMI Regulations

Acronyms

Q: How does the inclusion of APIs and BVS in the new regulations reflect changes in regulatory focus?
A: The inclusion of APIs (Application Programming Interfaces) highlights a shift towards greater technological integration and interoperability among EMIs, banks, and third-party service providers. Meanwhile, BVS (Biometric Verification Service) underscores a regulatory push for enhanced security and fraud prevention, requiring EMIs to adopt biometric technology for customer authentication.

Q: What does the introduction of 2FA (Two-Factor Authentication) imply for EMIs?
A: It mandates a more secure verification process for transactions and customer onboarding, reducing risks of unauthorised access. EMIs must now invest in systems that support dual verification methods, such as combining passwords with biometrics or one-time passwords (OTPs).

Definitions

Q: What is the significance of defining “Escrow Services” in the updated regulations?
A: By defining Escrow Services, the new regulations legitimise and regulate financial agreements where funds are held by a regulated entity during a transaction. This enables EMIs to offer secure services for e-commerce transactions, subject to SBP approval, and increases consumer trust.

Q: How does the broader definition of “Key Executives” in the new regulations impact EMIs?
A: The expanded definition includes roles like Heads of IT, Risk Management, and Compliance, ensuring greater accountability across critical functions. EMIs are now required to maintain records of the fit-and-proper tests for these roles and submit them to SBP on demand.

Q: How does the inclusion of “Fintech” in the new definitions affect EMIs?
A: It recognises the role of technology-driven financial innovation, encouraging EMIs to partner with or operate as Fintechs. This also places a regulatory framework around novel business models, promoting controlled growth.

Introduction

Q: How does the revised introduction in the new regulations align with global trends in electronic money?
A: The new introduction reflects international best practices by emphasising financial inclusion, digital innovation, and consumer protection. It also highlights the SBP’s intent to create a more competitive and robust payment ecosystem.

Q: What do the references to indigenous experiences in the new introduction indicate?
A: It shows the SBP’s adaptability, incorporating lessons learned from earlier EMI implementations in Pakistan. This allows the regulations to address specific market challenges while staying relevant to local contexts.

Objectives

Q: How do the objectives in the updated regulations promote financial inclusion?
A: The updated objectives explicitly aim to encourage innovation, such as new business models and use cases, to serve unbanked populations. EMIs are now incentivised to design products that cater to underserved demographics, such as minors and rural communities.

Q: Why do the new regulations emphasise corporate governance benchmarks?
A: To ensure that EMIs operate transparently and responsibly, aligning with international standards. Enhanced governance requirements also mitigate risks related to fraud, mismanagement, and financial instability.

Scope of Activities

Q: What activities have been added to the scope in the new regulations?
A: New activities include API-based services, escrow services for e-commerce, and cross-border payment products. These additions expand the functional landscape for EMIs, enabling them to integrate with broader financial ecosystems.

Q: How do the new regulations approach virtual currencies?
A: Virtual currencies are explicitly prohibited, signalling a cautious stance by SBP to mitigate risks associated with speculation, money laundering, and volatility.

Licensing Procedure

Q: How does the “Initiation Phase” introduced in the new licensing process improve compliance?
A: The “Initiation Phase” allows EMIs to prepare and align with regulatory expectations before full operations. It serves as an assessment period for readiness, ensuring that only well-prepared entities advance to the subsequent licensing stages.

Q: What documentation is required at each licensing stage under the new regulations?
A: Applicants must submit detailed operational plans, financial projections, trust account agreements, and security deposit undertakings. These requirements promote transparency and ensure EMIs are financially and operationally robust.

Governance Arrangements

Q: How does the inclusion of independent and female directors improve governance?
A: Independent directors provide unbiased oversight, while female representation promotes diversity and inclusivity, aligning with modern corporate governance principles.

Q: What additional responsibilities do boards have under the new regulations?
A: Boards must now hold quarterly meetings, approve all key executive appointments, and maintain detailed records of their decisions. These measures ensure active oversight and accountability.

Capital Requirements

Q: What are the changes in capital requirements in the new regulations?
A: The new regulations maintain the minimum capital but add a mandatory security deposit split between SBP accounts and government securities. This enhances liquidity and safeguards customer funds.

Q: How does the security deposit requirement impact EMI operations?
A: EMIs must allocate resources to maintain these deposits, ensuring operational stability and compliance with SBP’s financial safeguarding policies.

Customer Due Diligence (CDD)

Q: What advancements in CDD processes are introduced in the new regulations?
A: Digital onboarding and biometric verification are now mandatory. These measures streamline the onboarding process and enhance identity verification, reducing fraud risks.

Q: How must EMIs handle high-risk customers under the updated regulations?
A: High-risk customers require enhanced due diligence, including transaction monitoring and additional identity checks. EMIs must also report suspicious transactions promptly to the Financial Monitoring Unit (FMU).

Wallet Categories

Q: What are the new provisions for minors’ wallets in the updated regulations?
A: Minors’ wallets can only be linked to a parent or guardian’s account and have restricted load and transaction limits. This ensures controlled access and mitigates financial risks.

Q: What distinguishes enhanced wallets from basic wallets?
A: Enhanced wallets allow higher transaction limits (up to PKR 1,000,000) but require additional verification, such as income proof and CNIC/SIM pairing.

Suspension and Revocation

Q: What additional grounds for suspension are introduced in the updated regulations?
A: Public interest, endangerment to payment system stability, and operational inefficiencies are now grounds for licence suspension or revocation.

Q: How can EMIs mitigate the risk of licence revocation?
A: By maintaining compliance with all regulations, safeguarding customer funds, and promptly addressing any operational issues.

Reporting and Record Retention

Q: How have reporting requirements changed in the new regulations?
A: Real-time reporting of significant events and enhanced transparency in board decisions are now mandatory, ensuring timely regulatory oversight.

Q: Why are extended record retention periods significant?
A: They provide a reliable audit trail, essential for resolving disputes and demonstrating compliance during inspections.

Enhanced E-Money Wallets

Q: What controls must EMIs implement for enhanced e-money wallets?
A: EMIs must deploy transaction monitoring systems, conduct risk profiling, and ensure that verification processes are not outsourced.

Q: How do enhanced wallets support financial inclusion?
A: By offering greater flexibility and higher limits to users who meet stricter compliance standards, they encourage broader adoption.

E-Money Payment Instruments’ Limits

Q: What changes have been made to e-money payment instrument limits in the new regulations?
A: The new regulations set differentiated limits based on customer verification methods. For instance, CNIC-based verification allows a monthly limit of PKR 50,000, while biometric verification increases the limit to PKR 200,000. This ensures tighter control over higher-value transactions.

Q: How do these limits affect customer onboarding strategies for EMIs?
A: EMIs must develop systems that encourage biometric verification to enable higher transaction limits. This may require investing in biometric data capture technologies and partnerships with NADRA.

Issuance and Redemption of E-Money Payment Instruments

Q: How do the new regulations streamline the issuance of e-money payment instruments?
A: The new regulations mandate immediate issuance at par value upon receipt of funds, eliminating delays. They also require biometric verification for cash-based transactions, ensuring robust fraud prevention mechanisms.

Q: What are the compliance requirements for redemption of e-money?
A: EMIs must offer redemption at par value without imposing additional charges. Biometric verification is required for cash redemptions, ensuring that funds are returned to the rightful owner.

Safeguarding Customers’ Funds

Q: How do the new regulations enhance fund safeguarding mechanisms?
A: EMIs must segregate customer funds into trust accounts with at least an ‘A’ credit-rated trustee bank. Additionally, they are restricted from placing more than 50% of their balances with one trustee if the outstanding e-money exceeds PKR 100 million.

Q: What investment options are permitted for safeguarding funds?
A: EMIs are allowed to invest 50% of their three-month average daily outstanding e-money balance in government securities with a maturity of up to one year, providing a secure and liquid investment avenue.

Use of Agents

Q: What new requirements govern the use of agents in the updated regulations?
A: EMIs must seek SBP approval for engaging agents and develop a centralised Agent Network Management (ANM) policy. This policy should include agent onboarding procedures, training, service level agreements, and risk management frameworks.

Q: How do these agent requirements ensure customer protection?
A: By mandating training and risk management, the regulations ensure agents are equipped to handle e-money transactions responsibly, minimising risks to customers.

Interoperability

Q: Why is interoperability emphasised in the new regulations?
A: Interoperability facilitates seamless integration between EMIs, banks, and other financial entities, enhancing customer convenience and fostering a competitive ecosystem.

Q: How must EMIs achieve interoperability compliance?
A: EMIs must adopt APIs and integrate with centralised platforms that allow fund transfers and payments across different financial service providers.

Outsourcing of Functions

Q: What new requirements govern outsourcing of functions?
A: EMIs must obtain prior SBP approval for outsourcing critical functions. They are also required to conduct risk assessments of third-party providers and ensure that outsourced functions meet SBP standards.

Q: How does outsourcing compliance affect operational efficiency?
A: While it ensures greater oversight, the need for SBP approval and compliance monitoring may increase operational costs and timelines.

Complaint Handling Mechanism

Q: What changes have been made to complaint handling requirements?
A: EMIs must establish a dedicated framework with timelines for resolution. They are required to report unresolved complaints to SBP, ensuring accountability and customer protection.

Q: How do these mechanisms enhance consumer confidence?
A: By providing clear and time-bound redressal processes, EMIs build trust and loyalty among their customer base.

Security and Confidentiality

Q: How have the security requirements been enhanced?
A: The new regulations mandate robust cybersecurity measures, including data encryption, periodic penetration testing, and secure storage of customer information.

Q: What are the penalties for breaching confidentiality under the new regulations?
A: EMIs may face licence suspension, revocation, or financial penalties for failing to safeguard customer data, reflecting the seriousness of data breaches.

AML/CFT Requirements

Q: What new AML/CFT measures are introduced in the updated regulations?
A: The new regulations require automated transaction monitoring systems, pre-screening against sanctions lists, and enhanced due diligence for high-risk accounts.

Q: How do these measures align with international AML/CFT frameworks?
A: By integrating automated and risk-based compliance, the regulations align with FATF recommendations, ensuring global credibility for Pakistan’s EMI sector.

Risk Management Mechanism

Q: What risk management enhancements are included in the new regulations?
A: EMIs must implement periodic stress testing, maintain contingency plans, and monitor risks related to operational, liquidity, and credit exposures.

Q: How does this impact EMI operations?
A: It necessitates the development of advanced risk assessment tools and dedicated teams, increasing operational complexity but reducing vulnerabilities.

Oversight and Supervision

Q: How has SBP’s oversight role expanded in the updated regulations?
A: SBP now conducts unannounced inspections and requires detailed operational reports, ensuring continuous compliance and reducing systemic risks.

Q: What are the consequences of non-compliance discovered during inspections?
A: EMIs may face penalties, licence suspension, or revocation, depending on the severity of the breach.

Exit Plan

Q: Why is an exit plan mandatory under the new regulations?
A: An exit plan ensures continuity and protection of customer funds in the event of an EMI’s closure. It mandates clear strategies for fund redemption and customer communication.

Q: How does this requirement safeguard the payment ecosystem?
A: It mitigates risks of financial disruptions and ensures customer trust by providing a safety net in unforeseen circumstances.

Enhanced E-Money Wallets

Q: What are the primary differences between basic and enhanced e-money wallets in the updated regulations?
A: Enhanced wallets have higher transaction and load limits compared to basic wallets, but require stricter verification such as proof of income and biometric validation. Basic wallets cater to low-value transactions with minimal documentation requirements.

Q: How do enhanced wallets balance compliance with user convenience?
A: By providing higher limits to users who meet stricter compliance criteria, enhanced wallets support diverse financial needs while ensuring robust customer verification to mitigate fraud.

Basic E-Money Wallets for Minors

Q: Why were provisions for minors’ wallets introduced in the new regulations?
A: To promote financial literacy and inclusion for younger users under controlled conditions, minors’ wallets allow limited transactions with oversight from a parent or guardian.

Q: What safeguards are in place for minors’ wallets?
A: Minors’ wallets are linked to a parent or guardian’s account and include lower transaction limits and strict monitoring to prevent misuse or unauthorised access.

Enhanced E-Money Wallets for Minors

Q: How do enhanced wallets for minors differ from basic minors’ wallets?
A: Enhanced minors’ wallets allow slightly higher transaction limits but require more comprehensive parental approvals and monitoring, aligning with AML/CFT guidelines.

Q: What regulatory measures ensure the responsible use of enhanced wallets for minors?
A: EMIs must conduct stringent KYC checks on parents or guardians, set strict usage limits, and ensure transparency in transactions.

Exclusions in Wallet Limits

Q: What exclusions are specified in wallet limits under the new regulations?
A: Exclusions include promotional refunds, rebates, and discounts that do not contribute to the monetary value of the e-money wallet, ensuring accurate compliance without penalising customer benefits.

Q: How do these exclusions support customer trust?
A: By clearly excluding non-monetary items from limits, the regulations ensure transparency and allow users to benefit from promotions without regulatory interference.

Reporting Requirements for EMIs

Q: What are the new reporting requirements for EMIs?
A: EMIs must submit detailed quarterly reports to SBP, including financial statements, transaction volumes, agent performance data, and compliance updates on AML/CFT and governance.

Q: How does real-time reporting of significant events improve regulatory oversight?
A: Real-time reporting allows SBP to respond promptly to operational risks or compliance breaches, ensuring system stability and protecting customer interests.

Record Retention

Q: How has record retention been enhanced in the new regulations?
A: The updated regulations require EMIs to retain records for a longer duration, particularly those related to customer transactions and governance decisions, aligning with AML/CFT and audit requirements.

Q: What operational challenges might EMIs face in meeting these retention requirements?
A: EMIs must invest in robust data storage and retrieval systems to handle the increased volume of records while ensuring data security and accessibility for regulatory audits.

Power to Conduct Onsite Inspections of EMIs

Q: How does SBP’s expanded power to conduct unannounced onsite inspections impact EMIs?
A: This provision ensures continuous compliance but requires EMIs to maintain operational readiness at all times, increasing the need for strong internal controls.

Q: What are the consequences of non-compliance discovered during an onsite inspection?
A: Non-compliance may result in penalties, suspension of operations, or even licence revocation, depending on the severity of the violations.

Limits During Pilot Operations

Q: What transaction limits apply during the pilot phase under the new regulations?
A: The new regulations impose stricter limits during the pilot phase to mitigate risks, with biometric verification required for higher-value transactions.

Q: How do these limits ensure safe scalability for EMIs?
A: By restricting transaction volumes and monitoring operational readiness, these limits allow EMIs to refine processes and address potential risks before full-scale operations.

Limits During Commercial Operations

Q: How do transaction limits differ between pilot and commercial operations?
A: Commercial operations allow significantly higher transaction limits, contingent on compliance with biometric verification and other safeguards implemented during the pilot phase.

Q: What operational changes must EMIs implement as they transition to commercial operations?
A: EMIs must enhance transaction monitoring, ensure robust fraud detection systems, and scale agent networks to handle increased transaction volumes.

AML/CFT Requirements

Q: How do updated AML/CFT requirements address emerging risks?
A: The new regulations mandate automated systems for transaction monitoring, stricter customer profiling, and immediate reporting of suspicious transactions, ensuring proactive risk mitigation.

Q: How do AML/CFT compliance requirements align with international standards?
A: By adopting FATF-compliant measures, the regulations enhance Pakistan’s credibility in global financial markets and reduce risks of sanctions or penalties.

Risk Management Mechanism

Q: What role do periodic stress tests play in risk management under the new regulations?
A: Stress tests help EMIs assess their resilience to financial and operational shocks, enabling them to implement corrective measures proactively.

Q: How does the requirement for contingency planning improve operational security?
A: Contingency plans ensure business continuity during emergencies, safeguarding customer funds and maintaining system stability.

Oversight and Supervision of EMIs

Q: How has SBP’s oversight role expanded under the new regulations?
A: SBP now monitors both operational and strategic aspects of EMI functions, requiring detailed reporting, regular audits, and compliance checks across multiple dimensions.

Q: What mechanisms ensure that EMIs adhere to oversight requirements?
A: EMIs must implement comprehensive internal controls, dedicate resources to compliance, and maintain transparency through regular disclosures to SBP.

Exit Plan

Q: Why is a robust exit plan mandatory under the updated regulations?
A: A robust exit plan ensures customer funds are safeguarded, and services are discontinued responsibly in case of operational closure or licence revocation.

Q: What elements must an EMI include in its exit plan?
A: The plan must detail procedures for fund redemption, customer communication, agent deactivation, and data archival.

Compliance Challenges

Q: How do the updated regulations increase compliance complexity for EMIs?
A: The expanded scope of activities, stricter AML/CFT measures, and real-time reporting requirements demand significant investments in technology, governance, and training.

Q: How can EMIs adapt to these challenges?
A: By leveraging advanced compliance tools, strengthening internal governance, and fostering partnerships with regulatory consultants and technology providers.

Interoperability

Q: How do the new interoperability requirements improve the financial ecosystem?
A: Interoperability fosters seamless integration between EMIs, banks, and other financial service providers, enabling customers to conduct transactions across platforms without friction, thereby enhancing convenience and promoting competition.

Q: What challenges might EMIs face in achieving interoperability?
A: EMIs may need to invest in API development, upgrade legacy systems, and comply with new data-sharing standards, all of which can be resource-intensive and require robust cybersecurity frameworks.

Outsourcing of Functions

Q: Why do the new regulations require SBP approval for outsourcing critical functions?
A: SBP approval ensures that third-party providers meet the regulatory standards for security, data protection, and operational continuity, reducing systemic risks associated with outsourced services.

Q: What are EMIs’ obligations when outsourcing to third parties?
A: EMIs must conduct risk assessments, include compliance clauses in service agreements, and regularly audit third-party operations to ensure adherence to SBP regulations.

Complaint Handling Mechanism

Q: How do the updated complaint resolution timelines protect consumers?
A: By mandating time-bound resolutions and requiring escalation to SBP for unresolved complaints, the regulations ensure that consumer grievances are addressed promptly and transparently.

Q: What role does SBP play in overseeing complaint handling?
A: SBP reviews reports on unresolved complaints, ensuring EMIs maintain accountability and continuously improve their customer service frameworks.

Security and Confidentiality

Q: What specific cybersecurity measures are mandated under the new regulations?
A: The regulations require data encryption, periodic vulnerability assessments, penetration testing, and secure storage of customer information to prevent data breaches and cyberattacks.

Q: How do the confidentiality provisions align with international standards?
A: By adopting global best practices for data protection, the regulations ensure compliance with frameworks like GDPR, bolstering customer trust and enabling cross-border partnerships.

AML/CFT Requirements

Q: What additional responsibilities do EMIs have under the updated AML/CFT framework?
A: EMIs must implement automated systems for transaction monitoring, screen all transactions against sanctions lists, and report suspicious activity to the Financial Monitoring Unit (FMU) without delay.

Q: How do these measures deter financial crimes?
A: Automated and risk-based monitoring ensures that high-risk activities are flagged early, reducing vulnerabilities to money laundering and terrorism financing.

Risk Management Mechanism

Q: How do contingency plans under the new regulations ensure operational resilience?
A: Contingency plans address scenarios like system failures, cyberattacks, or liquidity crises, ensuring that customer funds and data remain secure while minimising disruptions to services.

Q: What role does stress testing play in mitigating financial risks?
A: Stress testing helps EMIs identify potential vulnerabilities under extreme scenarios, allowing them to develop mitigation strategies proactively.

Limits During Pilot Operations

Q: How do pilot-phase transaction limits protect consumers and EMIs?
A: Lower transaction limits during the pilot phase allow EMIs to test their systems and processes in a controlled environment, reducing the risk of large-scale operational or financial failures.

Q: What criteria must EMIs meet to transition from pilot to commercial operations?
A: EMIs must demonstrate operational readiness, compliance with SBP’s requirements, and satisfactory performance during the pilot phase, including resolving any issues identified in inspections.

Limits During Commercial Operations

Q: How do higher transaction limits during commercial operations impact EMI growth?
A: Increased limits enable EMIs to cater to a broader customer base, support higher-value transactions, and compete effectively with traditional banking services.

Q: What compliance measures must EMIs implement alongside higher limits?
A: EMIs must ensure real-time transaction monitoring, robust fraud detection systems, and compliance with AML/CFT guidelines to mitigate risks associated with higher transaction volumes.

Governance Arrangements

Q: What new governance responsibilities do boards have under the updated regulations?
A: Boards are required to oversee risk management, approve key executive appointments, review operational performance quarterly, and ensure adherence to all regulatory requirements.

Q: How does the emphasis on independent directors strengthen governance?
A: Independent directors bring objectivity to decision-making, reduce conflicts of interest, and enhance the board’s ability to hold management accountable.

Capital Requirements

Q: How do the revised capital requirements enhance financial stability?
A: By mandating additional security deposits and diversification of funds into government securities, the regulations ensure that EMIs maintain liquidity and can meet their obligations even during financial stress.

Q: What operational changes must EMIs make to comply with the revised requirements?
A: EMIs must enhance financial planning, monitor outstanding balances regularly, and allocate funds strategically to meet ongoing capital and security deposit obligations.

Exit Plan

Q: How does a mandatory exit plan protect consumers and the financial ecosystem?
A: An exit plan ensures that customer funds are safeguarded, services are wound down responsibly, and operational continuity is maintained during transitions, minimising disruptions and reputational damage.

Call for Free Legal Advice +92-3048734889 

Email : [email protected]

https://joshandmakinternational.com