Steiner Case No Save Haven For Card Issuers, Acquirers, Processors or Merchants

I have a real problem with the facts and ultimate outcome for the cardholder in the recent case of Steiner v National Westminster Bank plc [2022] EWHC 2519 (KB) decided in October. I make no criticism of the lawyers or judge involved, but those in the payment card business should not see it as setting up any kind of safe haven. 

In essence, the court absolved a credit card issuer from liability for the price of a timeshare deal under section 75 of the Consumer Credit Act because the supplier of the timeshare ('CLC') was found not to be a party to the credit card 'arrangements'. Instead, those arrangements were found only to involve a separate company ('FNTC') that was not part of the same corporate group as CLC and was acting as a trustee and not as agent for CLC. 

Unfortunately, it seems the Mastercard rules were not fully explored, as the judge held:

13. Equally, there was no evidence before me as to the rules of the Mastercard network, but it was not suggested that they prohibited a merchant who was a member of the scheme from receiving payment under the scheme as trustee or agent for another.

However, the Mastercard rules effectively require that acquirers, merchants and sub-merchants (and the intermediate 'Payment Facilitator') must be party to the overall scheme arrangements, and it would be a breach of those rules if that were not the case (see Chapters 5 and 7). 

In addition, it appears that as a separate company and a trustee, FNTC was not lawfully able to handle funds due to CLC under the Payment Services Regulations 2017. There is no evidence that FNTC was a payment institution (or small payment institution) or the agent of one; and as a separate company and trustee it could not benefit from any of the exclusions from the need for authorisation/registration as a payment institution, the most common in such scenarios being the exclusion for a commercial agent or a group company collecting or making payments on behalf of other companies in the same group. 

In this specific case, there may have been good reasons why the Mastercard rules were not explored and/or the card acquirer, FNTC and CLC were not joined as defendants and subject to a barrage of claims and remedies to recover the funds (assuming that the card issuer could not have known of the apparent breach of scheme rules and FNTC's apparently unlawful conduct). There may have been shortcomings in the evidence or other issues involved in mounting the potential legal claims and remedies - not the least of which would be the necessary financial resources.

But I do not see this case as a reliable basis for anyone to start setting up trustees as payment processors in an attempt to avoid liability under supply contracts, card scheme rules, Payment Services Regulations and/or section 75 of the Consumer Credit Act!

FCA E-money and Payments Safeguarding Update - Clarity On Financial Services Compensation Scheme

The Financial Conduct Authority recently issued temporary updated guidance on the safeguarding obligations of e-money and payments institutions. There were several points that I raised during the consultation on the temporary guidance, but I acknowledge there might not have been adequate time or resources to address them. Indeed, they might be dealt with in the wider consultation due in 2020/21 on changes to the FCA's general guidance on e-money and payments regulation in the Approach Document. In the meantime, I have long been particularly interested in whether e-money and payments firms should be expected to explain the extent to which the Financial Services Compensation Scheme (FSCS) might protect deposits held by those firms with any bank that became insolvent. This is not a fanciful issue, as the insolvency of Wirecard AG has demonstrated. Wirecard's bank subsidiary is under 'emergency management' of the German financial regulator, while the FCA has allowed the e-money subsidiary to reopen after an unfortunate snap-freeze. I should point out that this post is for information purposes only, does not constitute legal advice and should not be relied upon to make any decision. Please contact me if you need assistance on any of the issues covered.

The FSCS covers eligible deposits held at banks, and not the services offered by or the electronic payment accounts of e-money or payment institutions. So the FCA is right to say that e-money and payments firms should not suggest to their customers that the FSCS applies to their activities or the accounts in their systems.  

However, there needs to be clarity on the extent to which there could be pass-through FSCS cover for the end-customers of e-money or payment institutions where money is held in an institution's ‘safeguarding' bank account at a bank which itself becomes insolvent (as opposed to the e-money or payment institution becoming insolvent), under the provisions of the Depositor Protection rules in the Prudential Regulation Authority Rulebook.

For convenience the relevant provisions are:

• Paragraph 1.26 of the updated FCA guidance states (as does the Approach Document): 

Payment and e-money firms should also avoid suggesting to customers that the relevant funds they hold for them are protected by the Financial Services Compensation Scheme. 

"relevant funds" are either funds that have been received in exchange for issued e-money or sums received from, or for the benefit of, a payment service user for the execution of a payment transaction or sums received from a payment service provider for the execution of a payment transaction on behalf of a payment service user; and they must be held in a certain type of bank account ('safeguarding account') or be appropriately insured.

• DP 6.2(5) contains the obligation on the FSCS to pay compensation where the bank account holder is not absolutely entitled to the eligible deposit, and another person (A) is absolutely entitled (see DP 6.10 below);

• DP 6.3 mentions trustee (other than bare trustees) and entitlements of beneficiaries, without being specific as to whether these might be statutory or non-statutory trust arrangements; and

• DP 6.10 provides: 

“For the purposes of this Part, the cases in which A is absolutely entitled to the eligible deposit include where:

(a) A is a beneficiary under a bare trust;

(b) the account holder is a nominee company which is holding money in the account for A;

(c) A is a client in respect of money which the account holder is treating as client money of A in accordance with FCA rules, the SRA Accounts Rules 2011 or an equivalent regime; or

(d) the FSCS is otherwise satisfied that A is absolutely entitled to the eligible deposit taking into account any information that the FSCS considers relevant.”

Therefore, it seems to me that, in the event of the insolvency of the bank where an e-money or payment institution's safeguarding account is held:

• the end-customer of the e-money/payments institution should have recourse against the bank under Depositor Protection rules for money in the safeguarding account (to which he or she is beneficially entitled via a claim on the relevant funds under the E-money/Payments Regulations) up to the £85,000 limit (extended in some cases for temporary high balances). This would be consistent with the position in relation to funds held in bank accounts covered by the FCA's client money rules (CASS), as well as other arrangements under the Solicitors Regulatory Authority rules relating to solicitors client accounts, for example. The PRA made clear this applied to peer-to-peer lending platforms, before those platforms became regulated by the FCA and were generally operating as bare trustees.

• In addition, while they could not be entitled to be compensated twice, under trust principles, end-customers should also be entitled to receive a proportion of any FSCS pay-out that the e-money or payment institution might receive as a customer of the bank in its own right in relation to the safeguarding account, according to the proportion that those end-customers’ funds bear to the total amount held in the safeguarding account. 

I would be interested to know the views of any other practitioners in this area.

Again, this post is for general information purposes only and does not constitute legal or professional advice. It should not be used as a substitute for legal advice relating to your particular circumstances. Please note that the law may have changed since the date of this article. Please contact me if you need assistance on any of the issues covered.

#PSD2: Bill Payment Services In Scope Of UK Regs?

The Treasury is currently consulting on regulations to implement the new Payment Services Directive (PSD2).  There is little commentary in the consultation paper and many old questions remain unanswered, with the regulations to go live on 13 January 2018.  Government policy is to simply gold plate 'copy out' EU directives, which creates a rod for the UK's own back leaves the FCA to say how it will interpret the new rules in a consultation paper it proposes to issue in Q2.  One issue is whether bill payment services are viewed as being in scope in the UK or other EEA member states. If so, providers will need to outsource the operation of the service to a duly authorised firm or its agent, or become authorised or the agent of an authorised firm. Timing for those options is now tight...

Bill payment services enable a customer to pay a supplier's bill by paying a third party, e.g. at the till in a local shop.  

The Financial Conduct Authority has said these services are not caught by the current Payment Services Regulations so long as the customer's payment to the third party discharges the customer's obligation to pay the supplier. In other words, in such a scenario the third party is the 'payee' or intended recipient of funds, not the supplier.

But the new Payment Services Directive (PSD2) instructs EU member states to treat these services as 'money remittance', unless they are treated as part of some other type of regulated payment service (recital 9).  And there is no word, yet, on whether or how the UK plans to deliver on this edict, which is critical to deciding which option existing providers should choose in the event their services are ruled in scope.  

An additional issue is that, even if bill payment services are ruled out of scope by the UK authorities, there is no way to 'passport' that interpretation to other member states in the EEA. So there is still the awkward possibility that a service provider offering the same type of service on a cross border basis from the UK (or from outside the UK) could find that another member state rules the service as being in scope of PSD2.  In that case, the same options would apply: outsource the service to a duly authorised firm or its agent, or get a local entity authorised or appointed as an agent in the relevant jurisdiction(s) - which might be useful when passporting disappears post-Brexit, in any event.  

The Future of EU Payments Regulation?

I thought it would only ruin the Summer. But it's taken me until Autumn to get my head around the European Commission's plans for a new Payment Services Directive, or 'PSD2' (nope, that's not the train). I'm told that leaves falling from the local trees is purely coincidental and not some kind of arboreal reaction to the complexity.

At any rate, my review of the proposals is now up on the SCL website, along with my earlier article on how card acquiring really works.

If you receive payments by direct debit or you operate an online marketplace, gift card programme, loyalty scheme, mobile/digital wallet, bill payment service, telecoms network, payment initiation service, account information service or a small payment institution you should be particularly concerned. Existing institutions will need to work carefully through the detail.

All will need to take the time to explain to the Commission how their services actually work, and how the regulations might unduly constrain innovation and competition.

The Commission aims to get the changes adopted by Spring 2014, and Member states will have two years to implement. The Commission is giving itself a further five years to review its effectiveness, so it will be along time before we have another opportunity to rectify the mistakes...

Image from EuropeanBusinessReview.

How Card-based Merchant Acquiring Works

The requirement for the European Commission to review the operation of the Payment Services Directive provides a great opportunity to consider, amongst other things, how card-based merchant acquiring works. I've explained my take on it in an article for SCL, complete with a you-beaut, funky graphic: 

How card acquiring works

View more documents from Simon Deane-Johns