Beyond 2021: The future of payments regulation and digital innovation

In brief - An overview of the Federal Government's roadmap for the regulation of the Australian payments system, digital currencies and emerging payment methods 

On 8 December the Treasurer Josh Frydenberg announced a reform roadmap (Reform Roadmap) for a fast-track consultation process for regulation in connection with alternative digital (including private) currencies and emerging payment methods, and to establish new licensing and compliance regimes for:

• digital currency (including cryptocurrency) providers and exchanges, and custody arrangements 

• payments channels, such as Apple Pay 

• buy now pay later schemes

In some ways the announcement might be considered as a premonition for a future announcement. However, it crystallises the Government's focus on the payments sector and identifies an important key outcome for the reform: to modernise the existing licensing framework for payments service providers by replacing the current approach with one that is function-based, graduates regulatory requirements based on risk and clearly outlines the activities and functions that will be regulated.

Whilst the Teasurer's response relates to a range of recommendations in major 2021 payment system reviews, some insight into the nature of the proposed changes to the regulatory framework and its scope is canvassed in the final report of the Review of the Australian Payments System (Review) released by the Treasurer on 30 August 2021.

Scope of Payments System Review 

Whilst it is not 'earth shattering' in its conclusions and builds on the existing regulatory framework, the Review attempts to lay the foundation for future consideration of the integration of the regulatory framework applying to a diverse range of models and functionalities within the payment system sector. 

The Review was asked to investigate whether the regulatory architecture of the Australian payments system remains fit for purpose and is responsive to advances in payments technology and changes in consumer demand. This included an investigation of whether the regulatory framework adequately accommodates new and innovative services and its effectiveness in facilitating the implementation of government policy. 

The Treasurer described the scope of the Review as assessing the "adequacy of our current regulatory frameworks in light of rapid technological change and consumer preferences” and has acknowledged that “the Review recognised that there are regulatory gaps and reform is needed to ensure that the Government’s policy objectives can continue to be met in a digital environment".

Overall conclusion of the Payments System Review

The Review concluded that the overall strategic direction, vision and oversight for payments system regulation lies with Treasury. It recommended that Treasury be enhanced with new obligations and powers to protect the payments system and to establish an inclusive, specific, and dynamic strategic plan for its development.

Regarding the regulatory architecture, the Review found that three aspects need to be progressed:

1. Enhanced payments leadership from Government with the Treasurer setting the strategic direction of the payments ecosystem in collaboration with regulators and industry 

2. Aligned payments regulation through co-ordination between payments regulators and a payments regulatory framework focussed on functionality

3. Simplified payments licensing by establishing a single, integrated licensing framework for payment services that scales up as a payment services business expands and evolves, and which provides clear consumer protection and facilitates a transparent pathway for access to payment systems 

Current regulatory deficiencies 

It is clear that the current payments system regulatory framework is confusing, not integrated and produces some inconsistent or deficient regulatory results. Examples include:

• NPP Access - currently direct access to the NPP is contingent on a Payments System Provider (PSP) being licenced as an Authorised Deposit-taking Institution (ADI) and hence an applicant will need to be licensed as an ADI even if it doesn't engage in deposit taking services 

• Distinction between liquidity and storage functions - NCP facility authorisation does not distinguish between payment facilitators (providers that primarily move funds rather than holding them), and providers of stored value facilities (providers that store funds through accounts or wallets and also can move funds) 

• Regulator guidance - in some instances payments providers are not able to receive basic information regarding their regulatory obligations as, given the complexity of some functionalities, the regulators adopt a risk averse approach to providing stakeholders with informal and formal guidance

• Digital wallet - the complexities of the E-Wallet segment may result in a range of regulatory responses dependent on the characterisation of whether the product constitutes data holding, a payment facility or stored-value capability. In this regard, the Council of Financial Regulators announced in November 2020 that a new regulatory regime for digital wallets is likely to be created that will split responsibility between the financial market (ASIC) and prudential (APRA) regulators and will scale the regulatory burden depending on the size of the company and a 'stored value facility' will become a new type of licenced product

Key regulatory recommendations

Some of the headline recommendations for the integration and enhancement of the payments system and payment service regulatory framework include:

• Expanding the definition of a 'payment system' in order to broaden the Reserve Bank of Australia's (RBA) ability to designate new and emerging payment systems under the Payment Systems (Regulation) Act 1998 (PSRA), where it is in the public interest as defined in the PSRA - [Rec 6]

• Introduction of a single, payments licensing framework via a functional or activity based licence aligned with a defined list of payment functions - [Rec 9] 

• Development of a defined list of payment functions that require regulation - [Rec 8]

A simplified payments licence 

In implementing the new payments licensing framework, the Review envisages the following framework:

• separate authorisations for the provision of payments facilitation services and the provision of stored value facilities, and a two-tiered authorisation based on the scale of the activity performed by the payment service provider

• a simpler, functional licence that captures payment functions would also impose requirements based on the risks they pose on the system, by distinguishing payments facilitation from storing value

• the new payments licensing framework would be implemented under the AFSL regime. This could involve defining the authorisations under the new licensing framework as financial services that require an AFSL 

• applicants would apply for a payments licence solely through ASIC as a single point of contact, without a requirement to go through multiple regulators 

• ASIC would coordinate on behalf of licence applicants with other relevant regulators, for example, simplifying registration for other regulatory obligations such as AML/CTF, establishing links with other frameworks, including the proposed CDR accreditation and current ADI authorisation

• ongoing obligations under different authorisations under the licence would remain with the regulators responsible for overseeing those obligations

• holders of the new payments licence must comply with the ePayments Code, which would be mandated by regulation

• the new payments licensing framework could be implemented under the AFSL regime, potentially by defining the authorisations under the new licensing framework as financial services that require an AFSL 

Payments innovation

The Review recognises the payments system as a building block of Australia’s digital economy and that this segment is evolving continuously. 

However, whilst the Review identifies examples of payment innovators and disruptors and makes some comments on their interaction with the regulatory architecture, it does not conduct a deep dive on their potential regulation under a new revised payments regime. 

In this regard, the Review does not identify a road map for the regulation of:

• digital wallets

• buy now pay later arrangements

• central bank digital currencies 

• cryptocurrencies (including stablecoins), 

• de banking

The Review otherwise lays the foundation for consideration of these matters at the feet of the Treasurer and considers that the Government, through the Treasurer, is best placed to undertake this enhanced leadership function.

The rationale appears to be that the Treasurer is not limited by the mandates of the financial regulators and has the flexibility to respond to issues that fall outside the remit of individual regulators.

The regulatory approach in this regard will become clearer when the Treasurer issues high level principles, strategy and policy in a strategic plan for the payment services sector.

In our experience, in advising on technology-driven payment solutions, one area which is integral to payments innovation and to which the Review gives limited consideration is big data management and consumer privacy. 

To some extent, in the payments sector, this has been separately dealt with in the recent introduction of a consumer data right, which gives effect to an 'open-banking' model for certain consumer data. However, the interrelationship between data and payments will necessitate a co-ordination between regulatory regimes in any future reconfiguration of the payment systems regulatory framework.

Treasury - next steps

The Treasurer, on 8 December in the Reform Roadmap, provided the Government's response to the 15 recommendations in the Review and for the other major 2021 payment system reviews. Importantly, that Treasury will lead policy review for (among other items):

• the Government’s Digital Economy Strategy, which is designed to enable Australia to be a world-leading digital economy and society by 2030

• modernising the existing licensing framework for payments service providers by replacing the current approach with one that is function-based, graduates regulatory requirements based on risk and clearly outlines the activities and functions that will be regulated

• updating the PSRA to ensure the RBA can accommodate the changing payments landscape

• in respect of de-banking, tasking the Council of Financial Regulators, assisted by other relevant agencies, with advising the Government on policy options by mid-2022

• for cryptocurrency and digital currencies, preparation of a report by the Board of Taxation for a review of an appropriate policy framework for the taxation of digital transactions and assets

• consideration on an appropriate regulatory structure for innovative new corporate structures like Decentralised Autonomous Organisations (DAOs) 

• consultation early next year on new regulations to bring crypto exchanges under a similar regulatory regime to licensed financial services providers

• consideration of whether Australia should adopt a 'central bank digital currency' (CBDC) in the retail market

Implications for the payments sector?

The issue of regulatory overlap and insufficiency in the current regulatory framework to respond to innovation, particularly in the digital payments sector, has been longstanding and regulatory reform in the payments sector has been wanting for some time. 

Fortunately, the Review confirms the need for regulatory integration of the various payment system and services segments and co-ordination between regulators together with an overarching strategic plan set by the Treasurer, which is a step (closer) for Government and business engagement on the regulatory reform required and to respond to innovation going forward.

In short, the momentum which has been building for the next generation of payments regulation includes:

• Relevantly, the Council of Financial Regulators recommended regulatory reform for 'stored-value facilities' and that this should replace 'purchased payment facilities' in the regulatory framework.

• In our opinion, the Review is supportive of the Council of Financial Regulators recommendation and in particular, the Review provides that there should be separate authorisations for the provision of payments facilitation services and the provision of stored-value facilities, and two tiers of authorisations based on the scale of the activity performed by the payment service provider.

• The Final Report for the Senate inquiry into Australia as a Technology and Financial Centre (Senate Inquiry), recommends that, in accordance with the findings of the Review, common access requirements for the New Payments Platform should be developed by the RBA, in order to reduce the reliance of payments businesses on the major banks for the provision of banking services.

• The Senate Inquiry furthered the pursuit of a business and regulatory framework for 'stored-value facilities' and recommended that the Australian Government establish a custody or depository regime for digital assets with minimum standards under the Treasury portfolio.

• Critically, the Review puts the spotlight on the rapid business driven change in the payments sector. In our opinion this is highly important, as it is indicative that these new and emerging payment products and services can better service society and the regulatory regime should not be a barrier to this.

What will the payments regulatory landscape look like in 2022? 

Based on the Treasurer's recent response, we anticipate that the following changes to the payments regulatory framework will be implemented in the foreseeable future:

By mid-2022:

• Payments System Strategic Plan to coordinate system-wide innovations, ensure regulators collaborate effectively and respond to future innovations in the payments sector

• advice on a new single, tiered payments licensing framework 

• separate consultation on regulation of crypto exchanges 

• advice on a scheme to address the due diligence requirements of banks in relation to 'de-banking', whereby fintechs, crypto-businesses and other users of cryptoassets are denied access to banking services

• consultation on a licensing framework for Digital Currency Exchanges and an appropriate custody or depository regulatory regime and provide advice on these issues

• advice on policy framework for the taxation of digital transactions and assets

By end of 2022

• reform of the current one-size-fits-all payment licensing arrangements to a functionally based framework adopting graduated, risk-based regulatory requirements 

• position on establishing a CBDC in Australia 

• possible inclusion of BNPL and digital wallets as designated payments methods under the Payments Systems Act

• designating new and emerging platforms, such as Apple Pay, as payments systems

• a regulatory framework identified for a custody or depository regime for digital assets

• potential regulatory structure for DAOs and how they can be incorporated into Australia’s legal and financial regulatory frameworks