Retail Payment Activities Regulations (SOR/2023-229)

Marginal note:Safeguarding-of-funds framework

• 15 (1) A payment service provider that holds end-user funds must establish, implement and maintain a written safeguarding-of-funds framework that conforms to subsections (2) to (5) for the purpose of ensuring that

  • (a) end users have reliable access without delay to the end-user funds that are being held by the payment service provider; and

  • (b) if an event referred to in subsection 14(3) occurs in respect of the payment service provider, those end-user funds, or proceeds of the insurance or guarantee referred to in paragraph 20(1)(c) of the Act, are paid to end users as soon as feasible.

• Marginal note:Contents

  (2) The safeguarding-of-funds framework must describe the payment service provider’s systems, policies, processes, procedures, controls and other means for meeting the objectives referred to in subsection (1), including

  • (a) those in relation to the payment service provider’s use of liquidity arrangements and its holding of end-user funds in the form of secure and liquid assets;

  • (b) a requirement to keep a ledger, which is to be identified and classified as an asset in accordance with paragraph 5(1)(e), that sets out

    • (i) the name and contact information of each end user whose funds are held by the payment service provider, and

    • (ii) the amount of funds belonging to each of those end users that is held by the payment service provider at the end of each day; and

  • (c) in respect of the objective referred to in paragraph (1)(b),

    • (i) the means by which it will be ensured that the insolvency or bankruptcy administrator or trustee or other person appointed to carry out insolvency proceedings as defined in subsection 14(4), or the insurance or guarantee provider, as the case may be, is able to

      • (A) access all relevant records or documentation in relation to end-user funds,

      • (B) contact end users as soon as feasible, and

      • (C) identify any errors or deficiencies in the payment service provider’s ledger of end-user funds and address any shortfall in the funds to be returned to each end user,

    • (ii) the procedures to be followed to return funds to end users, and

    • (iii) the role of any of the payment service provider’s agents, mandataries or third-party service providers in facilitating the execution of the tasks referred to in subparagraphs (i) and (ii).

• Marginal note:Legal risks and operational risks

  (3) The safeguarding-of-funds framework must identify legal risks and operational risks that could hinder the meeting of the objectives referred to in subsection (1) and the means of mitigating those risks, including having regard to

  • (a) the jurisdictions in which the payment service provider, its end users, the providers of the accounts in which it holds end-user funds and, if applicable, its insurance or guarantee providers are located;

  • (b) the identity of the payment service provider’s account providers and, if applicable, its insurance or guarantee providers;

  • (c) the terms of the payment service provider’s trust arrangements with its end users, if applicable; and

  • (d) the terms of the payment service provider’s insurance policies or guarantees, if applicable.

• Marginal note:Identification of senior officer

  (4) The safeguarding-of-funds framework must, unless the payment service provider is an individual, identify a senior officer who is responsible for overseeing the payment service provider’s practices for safeguarding end-user funds and for ensuring the payment service provider’s compliance with sections 13 to 17 of these Regulations and subsection 20(1) of the Act.

• Marginal note:Approval

  (5) The safeguarding-of-funds framework must be approved

  • (a) by the senior officer, if any, at least once a year and following each material change that is made to the framework; and

  • (b) by the payment service provider’s board of directors, if any, at least once a year.

• Marginal note:Review of framework

  (6) The payment service provider must review, at the following times, the safeguarding-of-funds framework to ensure the framework’s conformity with subsections (2) to (5) and its effectiveness at meeting the objectives referred to in subsection (1):

  • (a) at least once a year;

  • (b) after any change to the means, among those set out in paragraphs 20(1)(a) to (c) of the Act, by which the payment service provider safeguards end-user funds; and

  • (c) after any of the following changes, if they could reasonably be expected to have a material impact on the manner in which end-user funds are safeguarded:

    • (i) the opening or closure of any account in which the payment service provider holds end-user funds,

    • (ii) a change in the entity that provides any account in which the payment service provider holds end-user funds,

    • (iii) a change to the terms of the account agreement in respect of any account in which the payment service provider holds end-user funds, or

    • (iv) in the case of a payment service provider that holds funds in accordance with paragraph 20(1)(c) of the Act, a change in its insurance or guarantee providers or to the terms of the insurance policy or guarantee.

• Marginal note:Record

  (7) The payment service provider must, in respect of each review, keep a record of the date on which it is conducted and its scope, methodology and findings.

• Marginal note:Report and approval

  (8) The payment service provider must ensure that the findings of each review are reported to the senior officer referred to in subsection (4), if any, for their approval.