You are on page 1of 18

Prepaid Payment Systems A Discussion Paper


Private and Confidential

Prepaid Payment Systems: Global Business and Regulatory Environment

Most of the Prepaid Payment Systems can be classified as follows: Prepaid Cards Internet Accounts/Wallet/Purse Mobile Accounts/Wallet/Purse Remittance Cards (Domestic or International) These products can be open or close ended or hybrid of two as classified below:
New Payments Systems Prepaid Cards Open-ended Bank Prepaid Cards with ATM withdrawal domestic as well as International Internet Bank Accounts, Internet Virtual Accounts with Cash Withdrawal across the globe Mobile Banking Account with all features of traditional banking and cash Close-ended Limited Usage prepaid cards only for payments, without Cash withdrawal Internet Accounts / Wallets/Purse for specific usages with no cash withdrawal Mobile Accounts / Wallets/Purse for specific usages with no cash withdrawal Pure Domestic Semi-Open/Close ended Prepaid Cards like No Frills Account Cards for branchless banking with KYC and prespecified limits Internet Accounts / Wallets/Purse for specific usages with cash withdrawal in to specified bank accounts etc. Mobile Accounts / Wallets/Purse for specific usages with cash withdrawal in to specified bank accounts etc. Domestic or International but with specified value for specific transaction and total during the year

Internet Accounts/ Wallets/ Purse

Mobile Accounts/ Wallets/ Purse


Across the globe; no limits

Prepaid Cards
All prepaid programs operate on the same core premise: a positive balance is loaded into an account associated with a card and drawn down through purchase activity (the value is not literally loaded on the card but is reflected into an account on providers server). Prepaid programs are powerful solutions for facilitating access to and spending ones money with greater security and efficiency than cash or cheques. The institutions that issue the specific prepaid products develop the detailed features including maximum and minimum value limits, fees and terms of use.

Private and Confidential

Prepaid programs can be open-loop or closed-loop: In an open-loop program, cards are accepted and processed across the globe at any MasterCard / Visa or similar merchants across the globe besides these cards can also be used to withdraw the money from the card using ATMs In a closed-loop program, acceptance is limited to specific geographic locations, generally domestic. In some cases the card may be used by only a specific merchant, merchants chain within a geographic area and at best immediate related merchant group. An example is a gift card that is issued by merchants for use only in their store(s); calling cards, prepaid mobile cards for airtime top and value added services would fall into similar category. In hybrid semi-closed programs, a prepaid card may be accepted by a wider range of merchants, such as within a specific shopping mall or across category of merchants like online, mobile, voice for pre specified payment usage. Prepaid cards can be reloadable or non-reloadable: Reloadable Cards offer the cardholder the ability to replenish the value on the card as needs arise; Non-reloadable or single use cards are used until the balance is drawn down to zero and then discarded. Prepaid Cards can be used in a variety of ways:
Transit Pass; Gift giving; Voucher replacement; Reimbursement to employees; Business travel and expense management; ePayments (payment on internet/mobile/phone); Personal spending cards; Payroll and employee incentives payment; Promotions Scheme; Insurance claims settlement; Unbanked financial service; Limited Value Remittance; Young adult (age 16 and older) controlled spending.

Prepaid cards look and function like a credit card at the point-of-sale or on Payment Gateway on Internet, Mobile or Phone. Merchants handle the card just as they would handle a credit card. Most of the prepaid cards carry the same security protection features as other Credit/debit cards.

Private and Confidential

Prepaid Types can also be defined as follows: Close Loop (B2B: Channel Collection) (B2C: Gift, Travel, ePayments Account; Single purpose one time use like prepaid mobile, calling cards etc.) Open Loop (B2C: e-money related products like multipurpose reloadable card with redemption, ATM, Remittance features etc.) Other Hybrids: (Payroll, Transit, Government Disbursements, insurance)

Following are some of the key information shared by International Prepaid Card Forum on Prepaid Card Industry:

Private and Confidential

Prepaid Cards are issued under two models i.e. The Bank Led Model and Non-Bank Led Model. The Bank Led Model where the cards are issued by Bank, but distributed through a retail agent through specific program manager (Agent Network). Under this model, an Agent Network, instead of a bank branch completes the formalities of acquiring the customer. Any customer stored funds and the debit/credit are held and controlled by a bank. The agent is allowed to participate in funds in and funds out on behalf of the bank. Most of these cards are open loop cards with features like ATM withdrawal etc. The Non-bank Led Model where the cards are issued by independent Payment Service Provider through its network of the retail agents. The Agent Network completes the formalities of acquiring the customer. The Funds debit/credit are responsibility of the Payment Service Provider. Most of these cards are Close Loop cards or Hybrid Cards with specific services like payments, transit, insurance, gift, remittance etc. Banks are generally used for Treasury Management in some cases.

Private and Confidential

Following is the summary of the study of various countries status for Prepaid Card Payment systems and their Regulatory status in summary form; country wise specific details are added as Annexure 1: Prepaid Payments Systems and Regulatory Status in Various Countries
Country Key Existing Relevant Regulation Guidelines on Authorisation of Providers of Purchased Payment Facilities (by Australian Prudential Regulation Authority) No direct regulation Mpayment of Visa Regulation under implementa tion (?) Bank Led Models Non-bank led Models Non-bank Agent Network status Western Union Key Products category


Paymate, PayPal, Bpay

Payments, remittance, mobile, card based, stored value


Agent based simplified bank account PayPal, AliPay, 99Bill, QQ UMPay (mobile)

Payments; Remittance;


No clear regulation specific to payments

PBOC working on implementat ion of PSO regulations covering payments (non-bank model)

IC Cards for transit, online payments, online escrow, mobile payments, Utility prepaid cards, emoney related products; Gift Cards Remittances, stored value, card based, online payments Remittance; other payments

Hong Kong

Hong Kong Joint Financial Investigations Unit (Remittance Business) Not directly regulated by specific payments related regulation Directly Regulated by the Central Bank Wagepoint

Octopus, PayPal, Alipay


M-Pesa by Safaricom



PayPal, Malaysia Online, Tunemoney

E-money, electronic payments, stored value, remittances

Private and Confidential


Regulations under implementat ion for emoney and payments Not directly regulated by Central Bank. Regulated through Seven Member Board Not directly regulated Regulated directly by Central Bank under Stored Value Funds Regulation

Initial focus on bank led model

Experiment s on nonbank led models as well Gcash Telco led Payment; Remittance; mobile related VAS


Smart Money

Russia Singapore

Webmoney Maybank Ezlink, PayPal Card based, internet based, mobile payments

South Africa

Mazansi Account

Wizzit; MTN Mobile Money; Net1

Tanzania Thailand

Directly Regulated by the Central Bank Regulated by Central Bank with specific Act and Guidelines Paysbuy, The Smart Card, Payment Solutions, Advanced Mpay, True Money Co Online payments, stored value, mobile payments


Brief summary: Annexure Country Wise Regulations in CD

Most of the developed countries where the regulations are being provided for the Payments Systems have been on the basis of the Risk. These possible risk categories have also been defined as Open Payment Systems, Closed Payment Systems and Semi Open/Close Systems. These systems have been classified based on risk parameters like Identification, Value Limits, Geography, Funding in, Funding out, Usage Limits, Currency Denomination.

Private and Confidential

Risk Parameters Identification Value Limits Geography

Open-ended Anonymous Generally no limit International Transactions

Close-ended Identity available in form of KYC Specified limit Clear Geographic usage mostly pure Domestic Primarily bank accounts or bank instruments Not possible or only in bank account Prefixed annual, transaction and periodic limits Only Local currency non liquid and non convertible

Funding-in Options Funding-out Options Usage Limits Currency Denomination

All options including cash Globally anywhere in all forms including ATM Cash withdrawals No Limits Local currency but highly liquid like USD and easily convertible in other currencies

Semi-Open/Close ended Basic KYC available directly or indirectly Limits May or may not be specified, but for specified usages May have Geographic Details but for specific usages within Geographic boundaries specified Pre specified and Bank instruments Possible but with additional formalities and for specified purposes May or may not be specified but for specific usage only Local Currency but strong currency like USD, Euro

Level I: Basic Registration and Information for the Central Banks to have direct access on the growth and information which may be required from time to time in their function as Monetary Authority. Such regulation is primary for the Payment Systems which are low risk and primary close ended systems. Level II: At Level II certain Payment Systems may be regulated based on the different payment instrument and services they deliver in their respective country and they may have different requirement for different payment systems for different instrument they run. Some of them may require specific licensing subject to certain terms and conditions, some specific identity related regulation like KYC, Certain limits on value of transactions or reporting in case of transactions above certain specified values. These primarily are Hybrid Payments System. Level III: Open Loop Prepaid Payment Systems which have elements of Systemically Important Systems as specified by CSPP may be regulated at Level III which may be more close to current banking system compliances, however while regulating such payments systems only specific services and products that qualify as nature of Systemically Important should be regulated as Level III and other services which are not of the same risk or criticality should be regulated at appropriate level.

Private and Confidential

Countries like Singapore, Australia, and whole EU region where New Payment systems are very popular have provide adequate detailed guidelines to differentiate and regulate the Payment Systems based on their Systemically Important nature and Possible Risks. Various studies conducted by International bodies on Prepaid Payments Systems both Bank Led or Nonbank Led through Agent Network has been found successful and some of the key observations are as follows: Prepaid Payment Systems can dramatically reduce the cost of delivering financial services to poor people and the unbanked. Prepaid Payment Systems are used mainly to facilitate small payments or to pay bills, and not for savings or credit thus reducing possible risks drastically. Poor, Unbanked and Underserved people have begun using Prepaid Cards and similar systems as an alternative to banking for financial services mainly in programs Led by Bank, including in countries like India. Banks or Nonbanks view agent networks as key to achieving their business strategy and access to consumers in Poor, Unbanked and Underserved Category. (Retail Chains, Cyber Caf, Post Offices) Prepaid Payment Systems provide mechanisms to identify the funds owner more effectively. Prepaid Payment Systems Track the utilization, frequency etc providing BETTER END USE Monitoring, with audit trail to detect money laundering and any such suspicious activity. Prepaid Payment Systems Offer Regulators an opportunity to estimate the total CASH being used for an END USE- something which cannot be done with CASH to CASH. E-commerce and M-commerce industry may only be INCLUSIVE if supported with Prepaid Payment Systems. Banking services penetration today is far lower than cellular services and failure to provide for a non-bank option will restrict the ability for the underserved to participate in emerging payment services. Soon, DTH, etc will exceed the penetration on banking services as well. Prepaid Payment Systems can help individuals build up a credit or commerce history to enable FINANCIAL institutions look into appropriate solutions for them.

Payment Systems Regulations in most of the countries are at evolution stage across the globe with exception to countries like Singapore, Australia and European Union where such Prepaid Payment Systems are regulated by well developed matured laws and where most of the products are well matured and accepted. Like Ezylink in Singapore, Oyester in UK. Most developing countries are in process of putting together a regulatory framework for Payments and Settlement Systems, Emoney, Mobile Banking, and Information Technology related laws. These are some of the basic framework for new business models and payments

Private and Confidential

systems. Most of the countries where the regulations are specified in form of Act, Guidelines and Guidance following matters are covered by such Regulations/Guidelines: Applicability of the Laws/Regulation o Specific players, systems who are covered by the Laws o Specific categories which are exempt or conditions for exemptions o Type of regulation based on size and scale of the payment system like small money license in EU for eMoney issuers who issue eMoney products up to certain values. Authorisation for existing or new players o Authorization process and applicability o Process for Existing and New Players Conditions for Authorisations o Power and specific additional conditions that may be asked to be complied by regulator at the time of Authorisation Reporting Requirements o Systems that are required to Report o Systems that may not need Authorisation but may still need to Report on matters like suspicious transactions and general payments system providers regular financials and other relevant information from time to time o Monthly, Annual Reports and their Format Incorporation related and entity type etc o Matters related to which entities are entitled to run Payments Systems o Some countries insist that Payments System should be run by company incorporated in the same country and must have specific corporate structure i.e. Public/Private entities only. Matters related to Ownership of Payment System/Provider o Certain countries insist on certain structure on ownership i.e. Domestic etc. Corporate Governance Related o Most of the countries expect the Payment System Providers to ensure high corporate governance requirement o This could be in terms of representation of independent directors o Various committees with independent representatives o Regular reporting of the financials and publishing of the same to authorities from time to time o Internal Audit requirements besides Statutory Audit Treatment of Funds: Deposit, Advance; Accounts Payable o Most of the countries treat the money collected for Prepaid Account/Card as Accounts Payable or Advance against future payments.


Private and Confidential

Risk Management and Internal Control: Operational Risk; Fraud; System Security; disaster recovery; data backup; System integrity o Most of the countries provide regulatory guidelines and requirements around ensuring regular uptime of the services and ensuring the integrity of the system, security and adequate arrangements by Payments System Providers to have Data Backup and Disaster Recovery System. o Adequate internal controls to mitigate risk against Fraud etc are responsibility of the Payments System provider Information and Accounting System: Reporting requirement for regular reports, internal and statutory audit for authenticity of the reports o Very few countries talk about Accounting System being used by Payments System Provider however insist on adequate Auditing of Reports and Financial statements by appropriate internal and statutory auditor to ensure authenticity of the information and reports Minimum Capital Structure o Few countries regulation provides power to regulator to specify minimum capital structure or additional capital requirement to be added as special condition at the time of authorization on case to case basis if deemed appropriate by the regulator.

1. Prepaid Payment Systems in India

The Prepaid Payment System in India has been in existence for long primarily with the beginning of Calling Cards by MTNL (Virtual Calling Cards VCCs), Voice Over IP (VOIP) Cards, and Long Distance Calling Cards, Prepaid Mobile Recharge Cards. Most of these were from Telecom industry to provide the customer access to telecon services as per customers affordability i.e.; in different denominations, and also to keep them within control of their budget. Corporate Gift Vouchers and Food Coupons have been in existence for long for various tax-related benefits and incentives. Gift and Discount vouchers/coupons have been in place for long by various branded outlets, superstores and malls across the country. The recent entrant has been general purpose reloadable prepaid cards for payments on internet, mobile and phones and recently on POS. Most of these are targeting domestic customers in India from middle class families who want to control their budget and risks. Few years back Oriental Bank of Commerce also had launched Indias first prepaid card with MasterCard which was open-loop since customer could acquire the card with limited KYC and also withdraw money from ATM. Recently most of the banks have launched various formats of prepaid cards like Gift Card and Travel. Travel Cards are primarily targeting customers who travel abroad and instead of carrying Travellers Cheques Travel Cards are promoted for its ease and convenience and reduction in risk for these customers.


Private and Confidential

Nonbank prepaid card products are regulated by countrys general laws like Contract Act, Consumer Protection Act etc. Indian Parliament has recently passed the Payments and Settlement Systems Act 2007. This Act has provided authority to the Reserve Bank of India (RBI) to regulate Payments and Settlement Systems in the country. It is proposed to regulate most of the open loop prepaid payments by the RBI and a guideline can be provided for close loop card with requirement to provide various information from time to time in view of Public Interest and ensuring the integrity of these payment systems.

2. Prepaid Payment Systems: Industry Observations on Regulatory Framework

Matters of Prepaid Payment System which may need to be covered by regulations/Guidelines in interest of the Industry and the country are as follows: Applicability of the Laws/Regulation

It is important to ensure that any system that holds customer funds has adequate controls to protect those funds. For Open Loop Prepaid Systems which provide funds out, redemption or international remittance services may be covered by the proposed law, such products may be on either the Bank Led Model or permit Payment Systems under the Payment and Settlement Act which can demonstrate adequate controls, capital and liquidity requirements to ensure the protection of customer funds. Where the risks are lower, such as in a Close Loop Prepaid Payment System which are providing specific payment services to limited merchants and there is no cash redemption may be exempted from licensing under a regulation, and be required to register and comply with general guidelines for their registration and annual information for data collection point of view should be provided. Hybrid Prepaid Payment System also be exempted from licensing under a regulation, but they should be asked to register and in some case be authorized, operating under a regular code of conduct and basic guidelines. They may be asked to provide additional information from time to time in proportion to the risk. Authorization for existing or new players

Authorization for existing or new players of Open Loop Prepaid System should be applicable and accordingly appropriate rules may be provided. Adequate time and support should be provided for existing players whose track record is proven to good in terms of their
12 Private and Confidential

deliverables and settlement with parties to authorize them on time bound basis to ensure that no uncertainty is created for existing consumers and merchants participating in existing system. New Players must seek Authorization before commencing the business of Prepaid Payment System. Conditions for Authorisations

Conditions for Authorizations should be pre-specified to provide adequate opportunity for Payments Players to comply with the same in advance while submitting the application for authorization. Reporting Requirements

Prepaid Payments Systems which requires Authorization (Open Loop) may be subject to regular reporting of specific information in pre-specified formats on monthly and annual basis. Prepaid Payments Systems not requiring Authorisation and only being registered may also provide specific information like Financial Statements in pre-specified format on annual basis and for any specific matter in case required by Regulators on time to time basis. These reports should be primarily for Payments Statistics and in general interest of consumer protection. Incorporation related and entity type etc

It is advisable that only corporate entities which are subject to high governance standards be permitted to operate Prepaid Payment Systems. Corporate Governance Related

Regulatory may advise all Prepaid Payment Systems Open/Close/Hybrid to be subject to Strict Corporate Governance Requirements to ensure that the business of these systems is run in a transparent manner and uses best practices. Risk Management and Internal Control: Operational Risk; Fraud; System Security; disaster recovery; data backup; System integrity

Regulators may provide as general guidelines to be followed by all Prepaid Payments Systems to follow best practices in matters related to Risk Management, System Security and Integrity, Disaster Recovery, Data Backup and Consumer Service system.

Application Procedures for Authorisation and Registration

Private and Confidential

Regulator, like most of the countries, may provide the following system to deal with Application for Authorisation or Registration Preliminary Consultation: Provide names of appropriate officers and departments and their contact details, who shall be available to such Payment Service Provider for appropriate consultation, who may have various queries related to the Application and Application Procedures: Provide details of the application procedures and timelines, appropriate formats, rules etc. Submission of Application: Provide details of the persons to whom the application can be submitted and in various manner possible i.e. physical, electronic etc. Processing of Application and Authorisation/Registration: Provide details of internal general process being followed for processing of these application and general timelines and criterion on which basis Authorisation and Registration is completed.

In country like India where large population is unbanked and underserved Prepaid Path can lead to faster Financial Inclusion due to some of the inherent features of Prepaid Payment Systems like: Payments only product focused on safety and convenience (Nonbank Led) B2B Payment Collection product to enable 24*7 collections and also collections from remote areas (Nonbank Led) Microfinance (loan disbursement)/Credit primary to act as enabler and risk minimization (Nonbank and Microfinance Institutions led) Remittance (small money) Domestic for migrant population in Metro cities (Nonbank Led and Bank Led) No Frills Account to work as bank account for poor and unbanked (Bank Led)


Private and Confidential

3. Prepaid Payments Systems: Best Practices, Proposed Code of Conduct for Payments Systems
Principles of Business
A firm must conduct its business with integrity. A firm must conduct its business with skill, care, and diligence. A firm must take reasonable care to organise and control its affairs responsibly and effectively, with adequate risk management systems. A firm must maintain adequate financial resources. A firm must observe proper standards of market conduct. A firm must pay due regard to the interest of its customers and treat them fairly. A firm must pay due regard to the information need of its clients and communicate information in a way which is clear, fair and not misleading. A firm must manage conflicts of interest fairly, both between itself and its customers and between a customer and another client. A firm must take reasonable care to ensure the suitability of its advice and discretionary decisions for any customers who is entitled to rely upon its judgements. A firm must arrange adequate protection fir clients assets when it is responsible for them. A firm must deal with its regulator in an open and co operative ways, and must disclose to the FSA appropriately anything relating to the firm of which the FSA would reasonably expect notice.

(1) Integrity (2) Skill, care and diligence

(3) Management and control (4) Financial prudence (5) Market Conduct (6) Customer Interests

(7) Communications with clients

(8) Conflicts of interests

(9) Customers: Relationship of trust

(10) Clients assets

(11) Relations with Regulators


Private and Confidential

The Threshold Conditions

Threshold Conditions 1-Legal Status Threshold Conditions 2- Location Of The Office A firm carrying on e-money issuance must be a body corporate or a partnership. A firm, which is a body corporate, constituted under the law of any the united Kingdom must have its head office and, if it has one, its registered office in the United Kingdom. A firm which has its head office in the United Kingdom but is not a body corporate must carry on business in the United Kingdom. This condition requires us to be satisfied that any close links that a firm has with another person do not prevent effective supervision of that firm. This condition requires us to be satisfied that the firm has adequate resources in relation to the regulated activity or activates for which it has permission or for which permission is being sought. This condition requires us to be satisfied that the firm is fit and proper to be authorised and permitted to carry on the relevant activities.

Threshold Conditions 3 Close Links Threshold Conditions 4 Adequate Resources Threshold Conditions 5 - Suitability

Source: Consultation Paper on: The Regulation of Electronic Money Issuers by Financial Services Authority

4. Proposed Code of Conduct for Prepaid Payment Systems

1. What is the Issuer Code of Conduct for Prepaid Cards? The Issuer Code of Conduct (Code) is designed to provide guidance to prepaid payment product issuers (Issuers) in the development, marketing, distribution and sales of prepaid payment products. The Code is based on a set of core principles agreed by the member of Payments Committee of IAMAI and broad guidelines covering each stage of the life cycle of prepaid payment product issuance. All references to a prepaid payment system in this Code shall mean any prepaid payment product (physical or virtual) including without limitation a card, e-voucher or code. The Code is designed to be applicable to Issuers in India. 2. Key Principles of the Code: To promote and demonstrate fairness to the end-user customer To encourage simplicity and clarity in all communications and interfaces with the customer To develop good practices in communication which are accurate and accessible To provide transparency to the customer in all terms and conditions relating to the prepaid payment system


Private and Confidential

3. Code of Conduct: The Code has been developed around three phases based on the life cycle of a prepaid payment product. A Customer purchase of a prepaid payment product: a) Marketing of prepaid: Target customer identification: - As good practice Issuers should ensure that segmentation strategies for targeting purposes positively exclude, where possible, any customer details for segments that should not be targeted for certain prepaid types, e.g. children Advertising and promotional standards -Issuers should encourage consistency throughout marketing campaigns to avoid misrepresentation (this includes consistent use of images and text across all marketing communications) -Issuers should strive towards clarity and transparency of promotional messages across all marketing campaigns to avoid confusion and misunderstanding -Images and text should not offend public morality b) Issuance/sale of prepaid: Customer due diligence (previously known as Know your customer or KYC) and antimoney laundering (AML) requirements vary from product to product like Open Loop, Close Loop or Hybrid. From the customer perspective the Issuer should have processes and communications messages in place to ensure that the customer understands why and how these requirements vary and provide clarity as asked by consumers. Terms and conditions relating to a prepaid service should be made available in a convenient and reasonable manner depending upon the type of service and the expectations of the customers such as in print or online, if required, to all customers. The Issuer should adopt best practices in transparency to the customer throughout the application and prepaid service issuance process. This information should be clearly advised before a prepaid card is actually sold/issued. Methods for reloading the prepaid service should be made clear to the customer when they register or are issued with it The customer should be advised of any legal responsibilities or restriction regarding prepaid service usage, e.g. the prepaid card should not be provided to children for certain purchases Terms and conditions should indicate whether the prepaid service has an expiry date It is recommended that the level of customer protection is shown in a question and answer format in both product literature and terms and conditions, e.g. -Do I lose money if the prepaid card is not used? - What happens when I purchase something that goes wrong? - If there is customer protection do I have to opt in or out? -What happens if the prepaid card is lost or stolen?


Private and Confidential

B - Usage of prepaid: Issuers should clearly disclose the company issuing the prepaid service. Issuers should ensure that the customer has reasonable opportunities to use the prepaid service. As a matter of best practice Issuers should endeavour to provide a means for customers to know the balance available to spend using their prepaid service, whether by SMS text, online, telephone or at a physical POS or reload network. Customer help desk contact numbers or email customer support should be clearly disclosed to the customers. C Termination or closure of the prepaid card: Issuers should develop rules and guidelines to communicate to the customer in the following circumstances: Provide information regarding who can terminate/Cancel a prepaid card for the Issuer and/or customer D - Advice to Prepaid Consumers: As prepaid services can vary significantly, read the terms of the offer fully Be sure to fully understand the fee structure; Be aware of any minimum or maximum value load requirements; Understand where the service/card is accepted. E Best Practice for Prepaid Businesses:


Private and Confidential