David Shepherd
In our latest insights series, we explore the regulatory drivers for customer and third-party risk management, look at some key regulations, and unpack how organisations can remain compliant with evolving obligations. In this, the first in the series, we focus on the instant payments space.
- Explore the instant payments space, looking at some key regulatory drivers for customer and third-party risk management.
- Uncover key regulatory developments and how organisations can remain compliant with evolving obligations.
The instant payments space
Instant payments, which are both quicker and more secure than traditional credit transfers, have transformed the payments landscape, delivering 24/7 availability, seamless transactions and efficient functionality.
The sector is undeniably supporting the growth of the digital economy, with real-time funds transfers ensuring swift transactions and helping to accelerate the pace of business.
At the same time, however, sophisticated financial criminals have lost no time in leveraging the growth of the instant payments space to commit fraud – including account take-overs, deep fake fraud and more – often with far-reaching consequences for payment service providers (PSPs) and their customers.
80% of organisations were impacted by payment fraud attempts in 2023[1].
Key regulatory developments
Notably, the European Union is introducing new legislation that substantially impacts the instant payments space, specifically by changing requirements for sanctions screening.
The Instant Payments Regulation entered into force in April 2024, and PSPs will need to comply with the first obligations as of 9 January 2025.
There are a number of key changes to note. PSPs must be ready to receive instant credit transfers by the January deadline, with other requirements around sending instant payments becoming mandatory later in the year.
Funds must be transferred within ten seconds, at any time of day, but it is the changes to sanctions screening within this very tight timeframe that are creating the most challenges for providers.
Under the regulation, sanctions screening requirements have become substantially more stringent, with the requirement that PSPs must:
- Screen their full customer base on at least a daily basis, and
- Immediately after any new sanctions designation comes into effect
These requirements must be fulfilled against a complex and fast-moving sanctions backdrop, where ongoing geopolitical tensions mean that changes to global sanctions can occur on a near-daily basis.
It is also worth noting that PSPs must comply with both explicit and implicit sanctions. Explicit sanctions name the subject, but implicit sanctions can be more complex to navigate, since they extend to entities covered by a narrative statement on a sanctions programme.
Beyond the EU Instant Payments Regulation, a host of regulations – including the Payment Services Directive 2 (PSD2), MiCA and the 5th Money Laundering Directive (5MLD) in the EU, and Fednow in the US – apply. In the UK, the Faster Payments Service, which is designed to facilitate real-time payments for individuals and businesses across the UK[2], is regulated by the Payment System Regulator (PSR) and in India, the Unified Payments Interface (UPI), a system that powers multiple bank accounts into a single application to deliver seamless fund routing and payments[3], is overseen by the Reserve Bank of India.
Remaining compliant
Compliance with evolving regulations in the instant payments space is mandatory, and failure to comply can lead to hefty fines and potentially substantial reputational damage.
Nonetheless, many providers might be struggling to meet new obligations, particularly those that require robust sanctions screening within tight timeframes.
Specifically in terms of the requirements of the incoming EU Instant Payments Regulation, PSPs need to ensure access to high quality, up-to-date and accurate sanctions data that is delivered quickly and seamlessly.
Many providers simply do not have the manpower, financial or tech resources necessary to remain on the right side of the regulatory curve, but despite the challenges new regulations introduce, they are highly necessary to prevent and protect against rising financial crime within the instant payments industry.
While providers will need invest time and resources to implement comprehensive solutions that combine trusted data with leading technology to help them keep pace, these changes are ultimately for the greater good and will help to strengthen and support the integrity of the wider financial ecosystem.
2. https://www.wearepay.uk/what-we-do/payment-systems/faster-payment-system
Legal Disclaimer
Republication or redistribution of LSE Group content is prohibited without our prior written consent.
The content of this publication is for informational purposes only and has no legal effect, does not form part of any contract, does not, and does not seek to constitute advice of any nature and no reliance should be placed upon statements contained herein. Whilst reasonable efforts have been taken to ensure that the contents of this publication are accurate and reliable, LSE Group does not guarantee that this document is free from errors or omissions; therefore, you may not rely upon the content of this document under any circumstances and you should seek your own independent legal, investment, tax and other advice. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon.
Copyright © 2024 London Stock Exchange Group. All rights reserved.
The content of this publication is provided by London Stock Exchange Group plc, its applicable group undertakings and/or its affiliates or licensors (the “LSE Group” or “We”) exclusively.
Neither We nor our affiliates guarantee the accuracy of or endorse the views or opinions given by any third party content provider, advertiser, sponsor or other user. We may link to, reference, or promote websites, applications and/or services from third parties. You agree that We are not responsible for, and do not control such non-LSE Group websites, applications or services.
The content of this publication is for informational purposes only. All information and data contained in this publication is obtained by LSE Group from sources believed by it to be accurate and reliable. Because of the possibility of human and mechanical error as well as other factors, however, such information and data are provided "as is" without warranty of any kind. You understand and agree that this publication does not, and does not seek to, constitute advice of any nature. You may not rely upon the content of this document under any circumstances and should seek your own independent legal, tax or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither We nor our affiliates shall be liable for any errors, inaccuracies or delays in the publication or any other content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the publication and its content is at your sole risk.
To the fullest extent permitted by applicable law, LSE Group, expressly disclaims any representation or warranties, express or implied, including, without limitation, any representations or warranties of performance, merchantability, fitness for a particular purpose, accuracy, completeness, reliability and non-infringement. LSE Group, its subsidiaries, its affiliates and their respective shareholders, directors, officers employees, agents, advertisers, content providers and licensors (collectively referred to as the “LSE Group Parties”) disclaim all responsibility for any loss, liability or damage of any kind resulting from or related to access, use or the unavailability of the publication (or any part of it); and none of the LSE Group Parties will be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, howsoever arising, even if any member of the LSE Group Parties are advised in advance of the possibility of such damages or could have foreseen any such damages arising or resulting from the use of, or inability to use, the information contained in the publication. For the avoidance of doubt, the LSE Group Parties shall have no liability for any losses, claims, demands, actions, proceedings, damages, costs or expenses arising out of, or in any way connected with, the information contained in this document.
LSE Group is the owner of various intellectual property rights ("IPR”), including but not limited to, numerous trademarks that are used to identify, advertise, and promote LSE Group products, services and activities. Nothing contained herein should be construed as granting any licence or right to use any of the trademarks or any other LSE Group IPR for any purpose whatsoever without the written permission or applicable licence terms.
