Using relatively vague terms to describe what constitutes a regulated PSP this new regulatory regime, called the “Retail Payment Activities Act,” establishes several basic requirements on businesses, domestic and international, that are primarily selling a payment service in Canada to send or receive payments.
If that applies to your company, then you need to register with the Bank of Canada and attest to a range of compliance issues which includes how you manage risk and incident responses, annual reports regarding how you protect end user funds and manage trust accounts used with those funds, and information on third party service providers that that represent an operational risk.
This article includes a relatively long list on businesses that are excluded, so you may want to go to the article itself:
“On April 30, 2021, the federal government introduced An Act Respecting Retail Payment Activities (short title, Retail Payment Activities Act) (the “RPAA”). The much-anticipated RPAA comes in response to a consultation paper published by the Department of Finance in 2017, for a “New Retail Payments Oversight Framework” (the “2017 Consultation Paper”). We discuss the 2017 Consultation Paper here. The RPAA signals the government’s continued willingness to regulate new and increasingly complex “retail payment activities” driven by innovative payment methods and technologies.
The RPAA will serve as the first regulatory regime for retail payment providers in Canada. Not surprisingly, it comes in the midst of a broader regulatory response by a government focused on protecting consumers, fostering competition and promoting innovation in the digital age. Further evidence of this broader strategy can be observed in other recent legislative proposals like the Consumer Privacy Protection Act (“CPPA”), and amendments to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (“PCMLTFA”) and Payment Clearing and Settlement Act (“PCSA”).
Who will be regulated?
As a starting point, the RPAA will regulate “retail payment activities” that are either:
Performed by a “payment service provider” (“PSP”) that has a place of business in Canada, or
Performed for an “end user” in Canada by a PSP that does not have a place of business in Canada, but directs retail payment activities at individuals or entities that are in Canada.
End users are the individuals or entities that use a payment service to send or receive payment. A PSP is an entity that performs a “payment function” as a service or business activity that is not incidental to another service or business activity. The notion of what constitutes “incidental” to another service will likely be the subject of debate at the margins of this legislation. Given regulatory analyses in other areas like the registration of funds transmitters as moneys services businesses, the determination will likely focus on excluding companies where the payment function they facilitate is a minor component of their business model, rather than a central component of it. An example of a payment function that is “incidental” could be a non-bank lender who transfers funds to fund a borrower’s purchase. The funds payment function is simply a corollary to their true service – lending to consumers.”
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group