Banking & Finance Updates - Recent Regulations And Guidelines Affecting The Banking And Finance Sector

1.0 INTRODUCTION

In the months of May and June 2020, the Central Bank of Nigeria (“CBN”) issued guidelines and regulations that impact on electronic payment channels as well as innovation and financial inclusion in the financial services sector. In this newsletter, we highlight key provisions of the regulatory publications issued by the CBN in May and June 2020.


2.0 REGULATORY UPDATES

This newsletter contains highlights of the following regulatory publications:

• CBN Guidelines on Operations of Electronic Payment Channels in Nigeria; and
• CBN Exposure Draft Framework for Regulatory Sandbox Operations.

 

3.0 CBN GUIDELINES ON OPERATIONS OF ELECTRONIC PAYMENT CHANNELS IN NIGERIA 2020

The CBN has over time implemented far-reaching reforms and issued regulations in the Nigerian Payments System, aimed at enhancing the resilience of the Payment Systems infrastructure and expanding electronic payment options. In this regard, the CBN had earlier issued the Guidelines for the Operation of Electronic Payment Channels, in 2016 (“2016 Guidelines”).

To further enhance service quality, particularly quick refunds when customers experience failed transactions, the CBN has amended the 2016 Guidelines by specifically revising the timelines for reversals and/or resolution of refund complaints on electronic channels as stipulated in the revised Guidelines for the Operation of Electronic Payment Channels (“2020 Guidelines”) which was published on May 31, 2020. The 2020 Guidelines which took effect from June 8, 2020 contains the following revised timelines:

(i) The reversal of failed automated teller machine (“ATM”) transactions where customers use the cards issued to them by their respective banks on the corresponding bank’s ATMs shall be instant as stated in the 2020 Guidelines, a revision of the previous timeline of three (3) days as stated in the 2016 Guidelines. However, the 2020 Guidelines states that where instant reversal fails due to technical issues of system glitch, the timeline for manual reversal is required not to exceed twenty-four (24) hours;

(ii) Refunds on failed ATM transactions where customers use the cards issued to them by their respective banks on another bank’s ATMs is required not to exceed forty-eight (48) hours;

(iii) Disputed or failed point of sale (PoS) or web transactions are required to be resolved within forty-eight (48) hours under the 2020 Guidelines; revised from the timeline of five (5) days as stipulated in the 2016 Guidelines;

(iv) Claims made by cardholders by way of notification to the relevant bank which issued the card, of the occurrence of an error involving his/her card must be investigated and resolved by the issuer2, within forty-eight (48) hours, as opposed to within T3+5 days as stipulated in the 2016 Guidelines. In order to meet this timeline, the acquirer is now mandated to immediately respond to the issuer’s request – as opposed to the three (3) days grace period under the 2016 Guidelines;

(v) Issuers are now required to immediately acknowledge complaints from cardholders and in conjunction with the acquirer and the platform provider, resolve such complaints within fortyeight (48) hours – revised from the timeline of T+3 days under the 2016 Guidelines;

(vi) Acquirers4 (in conjunction with issuers, switches and other stakeholders) are required to resolve disputed transactions between the merchant and the cardholder within forty-eight (48) hours under the 2020 Guidelines; revised from T+5 days as stated in the 2016 Guidelines; and

(vii) Merchants are mandated to immediately provide evidence to dispute requests from the acquirers under the 2020 Guidelines – this was revised from three (3) days as stated in the 2016 Guidelines.

Additionally, under the 2020 Guidelines, participants in the payments system are required to comply with the following requirements:

(i) All switches5 are to adjust the chargeback cycle in their dispute resolution systems to twentyfour (24) hours from seventy-two (72) hours;

(ii) All acquirer-initiated refunds are required to be initiated by all banks within forty-eight (48) hours;

(iii) Processors6 are required to provide daily settlement reports latest at 8 a.m. on a T+1 basis; and

(iv) Nigerian Inter-Bank Settlement System (NIBSS) is required to send daily reports on reversals to processors on or before 10 p.m. each day.

For more information on the 2020 Guidelines, please see here.

4.0 CBN EXPOSURE DRAFT FRAMEWORK FOR REGULATORY SANDBOX OPERATIONS

In furtherance of its commitment to build a financial services sector that promotes amongst other things, innovation, effective service delivery, healthy competition and financial inclusion, the CBN on June 23, 2020, released an exposure draft framework for regulatory sandbox operations in Nigeria (the “Draft Framework”). The CBN regulatory sandbox (the “Sandbox”) will allow firms conduct live tests of new and innovative products, services, delivery channels, or business models in a controlled environment, with regulatory oversight, subject to appropriate conditions and safeguards.

The Sandbox will be a closed testing environment designed for safely experimenting with web or software products and will enable the CBN to stay abreast of the latest developments in payment solutions and emerging technology in financial services, whilst simultaneously ensuring appropriate consumer protection.

The Draft Framework sets out the objective of the Sandbox operations to include:

(i) increase in the potential for innovative business models that advance financial inclusion;

(ii) reduction of the time-to-market period for innovative products, services, and business models;

(iii) clearly defined roles and responsibilities of stakeholders and the operations of the regulatory sandbox for the Nigerian payments system industry;

(iv) ensuring adequate provisions in regulations to create an enabling environment for innovation without compromising on safety for consumers and the overall payments system; and

(v) providing an avenue for regulatory engagement with FinTechs in the payment space, while contributing to economic growth.

Importantly, the Draft Framework clearly states that the Sandbox cannot be used to circumvent existing laws and regulations, and as such, is unsuitable for a proposed product, service or solution which is already appropriately addressed under prevailing laws and regulations. In addition, products already rejected by the regulators or the Federal Government of Nigeria shall not qualify for the Sandbox trials.

The Sandbox participants include both existing CBN licensees (financial institutions with FinTech initiatives) and other local companies (including financial sector companies, technology companies and telecommunication companies intending to test an innovative payment product or service that may be deemed acceptable by the CBN). Innovators whose proposed solutions involves technologies which are currently unregulated by the CBN may also apply to participate in the Sandbox. Such innovators will be issued a Letter of Approval (LoA) by the CBN to test their innovation upon entry into the Sandbox.

To be eligible as a Sandbox participant, the Draft Framework outlines the following criteria:

(i) the product, service, or solution is innovative with clear potential(s) to:

• improve accessibility, customer choices, efficiency, security, and quality in the provision of financial services;
• enhance the efficiency and effectiveness of Nigerian Financial Institutions management of risks;
• address gaps in or open up new opportunities for financial benefits or investments in the Nigerian economy;
• ensure that applicants will provide any proposed project for the benefit of the public within transaction limits (in terms of value and volume) for better risk management and mitigation (which must not be exceeded during the testing period)

(ii) the applicant has conducted an adequate and appropriate assessment to demonstrate the usefulness and functionality of the product, service or solution and identified the associated risks which should be devoid of adverse effect to existing structures and consumer experience;

(iii) the applicant has the necessary resources to support testing in the Sandbox, including the necessary expertise to mitigate and control the potential risks and losses arising from offering the product, service or solution;

(iv) the applicant should have a realistic business plan to deploy the product, service or solution on a commercial scale in Nigeria after exiting from the Sandbox.

Firms eligible to apply to be included in the Sandbox include existing CBN licensees and other local companies. These firms will be required to apply to the CBN through an online application platform, accessed via the CBN official website. The CBN would have placed an invitation to apply to the Sandbox on its website and local newspaper adverts. A Sandbox application must be submitted along with a cover letter signed by an authorized signatory of the entity and addressed to the Director, Payments System Management Department, Central Bank of Nigeria, Abuja.

A successful application must identify the potential risks to financial institutions and financial consumers that may arise from testing the product, service or solution in the Sandbox, and propose appropriate safeguards to address the identified risks. In assessing the risks and evaluating the proposed safeguards, the CBN will consider the preservation of sound financial and business practices which are consistent with monetary and financial stability; the promotion of fair treatment of consumers; compliance with anti-money laundering regulations; protection of the confidentiality of customer information, amongst others.

The Draft Framework also highlights the documentary requirements for all Sandbox application trials:

(i) board approval (where applicable);

(ii) certificate of incorporation;

(iii) company profile and functional contact – e-mails, telephone numbers, office and postal addresses;

(iv) memorandum and articles of association;

(v) shareholding structure of the company;

(vi) forms CAC 1.1 (application for registration);

(vii) CVs of board and management of the company;

(viii) organogram of the company;

(ix) project plan alongside a detailed business proposal;

(x) key outcomes that the testing is intended to achieve;

(xi) a document that outlines the strategy of the trials to be conducted in the Sandbox trials including current and potential engagements, geographical spread and benefits to be derived;

(xii) AML/CFT KYC policy; and

(xiii) any other information that the CBN may require from time to time.

The proposed testing period for a product within the Sandbox will vary depending on the specifications of the product and should be indicated in the application; all testing periods will be measured in months and should take no longer than 6 months, unless an extension is sought and obtained from the CBN after testing has begun and results are being seen. The Sandbox as structured under the Draft Framework, consists of the following phases:

 

1. Filing requirements – CBN’s approval to participate in the Sandbox will be communicated thirty (30) working days post-completion of the application requirements. Thereafter, the CBN will engage participants on, amongst other things, issues such as testing parameters including the scope and duration of the test as well as regulatory flexibilities requested by an applicant. Prior to entry into a Sandbox cohort, an applicant would have filed documents which describe, inter alia, its organization including its financial standing and expertise; the financial service to be experimented on; customer communications plan which must include risk disclosures; targets and key performance indicators to determine the success of an experiment.

2. Reporting requirements while in the Sandbox – This requires participants in the Sandbox to adhere to consumer protection safeguards in order to guarantee consumer protection. Participants are also required to submit an interim report to the CBN on the progress of the test and a final report within thirty (30) calendar days from the expiry of the testing period. Both reports must be confirmed by the Chief Executive Officer (CEO) of the company.

3. Exit conditions and approval for expiration - During this stage, the CBN decides whether the product being tested should be introduced into the market. A participant is required to compare the results of their test against their original objectives and specify how it intend to scale-up the technology. Should the applicant wish to extend the testing period, it must apply to the CBN no later than thirty (30) calendar days before the expiration of the original testing period.

4. Evaluation and review of an approval – At any point during a company’s participation in the Sandbox, the CBN retains the right to evaluate and review whether or not the product, solution or service should continue to be tested in the Sandbox. Reasons for the removal of a participant will include:

(i) failure to comply with the safeguards highlighted in the Draft Framework;

(ii) submission of false, misleading or inaccurate information, or where a company has concealed or failed to disclose material facts in its application;

(iii) contravention of any applicable law administered by the CBN or any applicable law in Nigeria or abroad, which may affect the participant’s integrity or reputation;

(iv) liquidation;

(v) breach of data security and confidential requirements;

(vi) carrying on business in a manner that is detrimental to consumers or the public; or

(vii) failure to effectively address technical defects, flaws or vulnerabilities in the product, service or solution which gives rise to recurring service disruptions or fraud incidents.

Innovators which are selected as eligible participants of the Sandbox at the same time for the same period will form a Sandbox cohort, and there will be one cohort per year. Typically, a cohort will be made up of a pre-determined number of innovators, as the type of innovators to be accepted into a cohort will be based on the Sandbox eligibility criteria and the Sandbox objectives.

For more information on the Draft Framework, please see here.

This update is for general information purposes only and does not constitute legal advice. If you have any questions or require any assistance or clarification on how these measures could apply to you or your business, please contact the persons listed below7:

 

 

1 Please note that the periods under review are May and June 2020
2 Under the 2020 Guidelines, an Issuer is defined as a licensed financial institution that issues payment tokens to customers.
3 T means transaction day, or the date a customer logs the complaint.
4 Under the 2020 Guidelines, an Acquirer is defined as a bank or any other legal person concluding contracts with merchants concerning acceptance of payment by means of an electronic payment token.
5 Under the 2020 Guidelines, Switching is defined as a system that captures electronic financial transactions from touch-points, applies rules, determines destinations, delivers the transactions and gives appropriate feedback.
6 Under the 2020 Guidelines, a Processor processes card transactions.
7 The authors would like to acknowledge the contribution of the following associates to this newsletter: Ifeoluwa Ogunbufunmi, Oluwatobi Pearce, Esther Adeniji, Daniel Jayeoba, Oluwatosin Mudele and Gboyega Ahove.