Financial Technology, more popularly referred to as FinTech, is an industry composed of companies that use new technology and innovation with available resources in order to compete in the marketplace of traditional financial institutions and intermediaries in the delivery of financial services.
FinTech is a global phenomenon which has gained significant popularity in the last decade. However, in Pakistan, the industry is far from reaching a development level that could be considered in any way advanced. The development of FinTech in Pakistan not only lags considerably behind the United States and Europe, but it also pales in comparison to its more developed Asian counterparts, all of whom are contributing significantly to the development of the global FinTech industry with regular innovations.
FinTech has not been specifically defined in the Pakistani legal framework. However, legislation relevant to the basic framework constituting FinTech does exist. The Parliament has enacted the Payment Systems and Electronic Fund Transfers Act, 2007 (the PSEFT Act) to supervise and regulate payment systems and electronic fund transfers in Pakistan. Other elements of the PSEFT Act include the provision of standards for the protection of consumers and the determination of the respective rights and liabilities of financial institutions and other service providers. The regulation of the FinTech industry in Pakistan is primarily governed by the PSEFT Act.
It has to be kept in mind that any business entity operating in Pakistan’s banking and financial sectors, in addition to industry-specific regulations, is subject to primarily the Constitution of the Islamic Republic of Pakistan, 1973 (the Constitution), the Companies Ordinance, 1984 (the Companies Ordinance), the Securities and Exchange Commission of Pakistan (the SECP) Act, 1997, and the Banking Companies Ordinance, 1962, amongst others. In view of the above, the PSEFT Act is the primary sector specific legislation for the FinTech industry in Pakistan.
Payment Systems and Electronic Fund Transfers Act, 2007
As per the PSEFT Act, the State Bank of Pakistan (the SBP) is empowered to issue rules, guidelines, circulars, bye-laws, standards or directions as it considers appropriate to regulate the conduct of Operators of Payment Systems or any Service Providers.
The term Service Provider has been defined in the PSEFT Act as meaning “an operator or any other electronic fund transfer service provider”.
The term Electronic Fund Transfer is defined in the PSEFT Act as “any transfer of funds, other than a transaction originated by cheque, draft or similar paper instrument, which is initiated through an Electronic Terminal, telephonic instrument, point of sale Terminal, stored value card Terminal, debit card, ATM, computer magnetic tape or any other electronic device so as to order, instruct or authorise a Financial Institution to debit or credit an account”.
The term Financial Institution is defined in the PSEFT Act as “a financial institution as defined in the Financial Institution (Recovery of Finances) Ordinance 2001 and includes a banking company or any other Electronic Money Institution or person, authorised by the State Bank in this behalf that directly or indirectly holds an account belonging to a consumer”.
An Electronic Money Institution is defined in the PSEFT Act as “an undertaking that issues means of payment in the form of Electronic Money and is duly authorised to do so”.
The term Electronic Money is defined in the PSEFT Act as meaning “money transferred through an Electronic Terminal, ATM, telephone instrument, computer, magnetic medium or any other electronic device so as to order, instruct or authorise a banking company, a Financial Institution or any other company or person to debit or credit an account and includes monetary value as represented by a claim on the issuer which is stored in an electronic device or payment instrument, issued on receipt of funds of an amount not less in value than the monetary value issued, accepted as means of payment by undertakings other than the issuer and includes electronic stores of monetary value on a electronic device that may be used for making payments or as may be prescribed by the State Bank”.
A reading of the provisions of the PSEFT Act indicates that the purpose of the PSEFT Act is to regulate, monitor and control the activities pertaining to Payment Instruments and Payment Systems. For this purpose, the SBP can designate any Payment System as a Designated Payment System (DPS) and can also designate any Payment Instrument as a Designated Payment Instrument (DPI). The operators and issuers of the respective DPS and DPI have to comply with the terms and conditions provided in the Act, Rules and Regulations framed by the SBP under the PSEFT Act or the SBP Act or any other relevant law.
A Payment System is defined as “a system relating to payment instruments, or transfer, clearing, payment settlement, supervision, regulation or infrastructure thereof and includes clearing, settlement or transfer of Book Entry Government securities” whereas a Payment Instrument is defined as “any instrument, whether tangible or intangible, that enables a person to obtain money, goods or services or to otherwise make payment, but excludes Payment Instruments prescribed in Negotiable Instruments Act, 1881”. If the SBP is of the opinion that a Payment Instrument is in widespread use as a means of making payments and it is necessary to protect the interest of public and maintain the efficiency, integrity and reliability of a payment instrument, then the Payment Instrument may be declared as a DPI. The issuers of DPIs are required to obtain prior approvals from the SBP to issue a Payment Instrument. However, the SBP has the power to prohibit issuance of Payment Instruments by any person if the SBP is of the opinion that the issuance of a Payment Instrument is detrimental to the monetary policy of the SBP, or is detrimental to reliable, safe and efficient operation of the payment system or is contrary to public interest. As per the PSEFT Act, the SBP shall nominate one or more clearing houses to provide clearing and settlement services for a payment system on such terms and conditions as it may determine.
The PSEFT Act therefore provides a basic scheme through which DPSs and DPIs which are to be approved by the SBP are given legal recognition. These DPSs and DPIs are to be operated and managed by Payment System Operators (PSOs) or Payment Service Providers (PSPs). These PSOs and PSPs are regulated by the SBP through “Rules for Payment System Operators and Payment Service Providers (the Rules)” notified by the SBP.
The Rules provide for a regime whereby any person who is desirous of operating as a PSP or a PSO is required to obtain approval / permission from the SBP. The Rules place a restriction on a person who can make an application to the SBP for obtaining permission by making it mandatory that the applicant should be a company registered with the SECP. The Rules further make a Fit and Proper Test (the FTP) mandatory for the Sponsor(s), Shareholder(s), Director(s), Chief Executive and Key Officials of the prospective PSOs and PSPs. However, the FTP shall only apply to Sponsor(s) and Shareholder(s) who hold 10% or more shares directly or indirectly in the prospective PSO or PSP. Moreover, it is mandatory for the PSO or PSP to obtain clearance from the SBP of the proposed Director(s) and Chief Executives prior to their appointment. An existing company engaged in any other business can apply for approval to the SBP as a PSO or a PSP. However, the SBP may, at its discretion, require the establishment of a separate company specifically for the purposes of being a PSO or a PSP. If a person has been carrying on activities as a PSO or as a PSP prior to the notification of the Rules, then the same is required to comply with the requirements laid down in the Rules i.e. seeking approval/permission from SBP in accordance with the Rules within 90 days of the notification of the Rules.
After the aforementioned requirements mentioned are completed and if the SBP is satisfied, the applicant will be granted an In Principle approval by the SBP. Thereafter, the PSO or the PSP is required to fulfil the conditions mentioned in the In Principle approval. It is required to obtain operational readiness and to deposit a considerable sum as a security deposit. Subsequently, the PSO or the PSP is required to apply for commencement of pilot operations along with evidence that minimum initial capital requirements have been fulfilled. According to the Rules, the minimum initial capital required for a PSO or a PSP is Rs. 200 million, of which 10% shall be a security deposit. If a PSO or a PSP has more than one business application, then for each additional business application for each PSO or PSP, an additional 25% will be required as the minimum initial capital. PSOs and PSPs will be required to run pilot operations within 6 months of the In Principle approval for a period prescribed by the SBP, after which an assessment will be carried out by the SBP. Upon satisfactory assessment of the SBP, a PSO or a PSP shall be granted a final approval. Permission granted to a PSO or a PSP under the Rules is not to be considered as SBP designating them as a DPS or a DPI. However, the SBP may, in exercise of its discretion, designate a PSO or a PSP as a DPI or a DPS through a written order.
The SBP is empowered under the Rules to supervise and oversee the activities of PSOs and PSPs. All PSOs and PSPs are required to comply with the PSEFT Act, the Rules for PSOs and PSPs, Regulations, Circulars and Directives of the SBP and all other laws of Pakistan. In case of any violation, the SBP may cancel the permission granted to the PSOs and the PSPs or it may impose fines. The fines may be recovered by the SBP by directly debiting the amount of the fine from the security deposit of the PSO or the PSP. The PSOs and the PSPs in this instance are required to ensure that minimum requirement of the security deposit is maintained at all times i.e 10% of the minimum initial capital requirement. Furthermore, if the SBP establishes a national payment gateway in the future, all existing PSOs and PSPs will be mandatorily required to integrate with the newly established national payment gateway; a failure of which will render their permission liable to cancellation or the imposition of a fine, or both.
PSOs and PSPs are essentially required to provide an electronic platform for clearing, processing, routing and switching of electronic transactions. For this purpose, PSOs and PSPs can enter into agreements with banks, financial institutions, e-commerce service providers, merchants, other PSOs and PSPs or any other company authorised and approved under the law or by the SBP. However, PSOs and PSPs are required to take prior approval from the SBP for any product, scheme or service they are offering, any change in their Articles and Memorandum of Associations and any other significant change in their business. The SBP’s Rules strictly state that the PSOs and PSPs are to never act as custodians of the consumers’ money nor perform any banking function as defined in the Banking Companies Ordinance, 1962.
The Rules further provide that in case of any dispute between the PSO, PSP and the banks or any other party, the dispute shall be settled amicably. However, in case of failure of amicable settlement, the dispute shall be referred to an arbitration mutually agreed upon by the parties. The PSOs and the PSPs are required to maintain audited accounts and submit them annually to the SBP. Moreover, the PSOs and the PSPs are required to maintain and retain record of all transactions for a period of 10 years. The record pertaining to detailed system, application, database and network logs is required to be retained for a period of 1 year.
Branchless Banking and Mobile Banking
PSOs and PSPs are engaged by the banking sector in Pakistan for the provision of branchless banking and mobile banking services. In most instances, the PSOs and the PSPs are directly owned by the banks using them whilst in some instances, the banks outsource the services of the PSOs and the PSPs through an agreement. It is in this context that the SBP and the Pakistan Telecommunication Authority (PTA) have issued the Branchless Banking Regulations, 2011 (the BB Regulations) and the Regulations for Technical Implementation of Mobile Banking, 2016 (the MB Regulations). The purpose of these regulations is to allow commercial banks and financial institutions a cheaper alternative to conventional banking. The Regulations lay down models and activities which are permissible under the BB Regulations. Only financial institutions and banks can provide branchless banking services, while under the MB Regulations, a telecom operator or a third party can provide technical services to a bank or a financial institution through an agreement. A third party is required to obtain a class license from PTA prior to commencing the provision of technical services. Both the telecom operator and the third party who has obtained a valid license from PTA are required to seek prior approval from the SBP before entering into an agreement with a bank or a financial institution for the provision of technical services. The primary objective of allowing a third party to provide technical services is to enable interoperability among financial institutions and telecom operators. The minimum initial capital requirement for a third party is the same amount as that for a PSO or a PSP under the Rules notified by the SBP.
SBP Vision 2020
The SBP has issued a policy document titled “SBP Vision 2020”, a strategic plan for the years 2016-2020 (the SBP Vision). The objectives of the SBP Vision promises to bring positive changes in the facilitation, promotion and regulation of the FinTech industry in Pakistan. SBP Vision champions the objective, amongst others, of “developing modern and robust payments systems by ensuring that existing payment systems are safe, resilient and efficient while, at the same time, providing scope for new payments technologies to emerge”. With the exception of the SBP Vision, clear cut policies (if any) of the Government of Pakistan that promote the FinTech industry in Pakistan are inaccessible.
Tax Regime of the FinTech Industry in Pakistan
At present, the tax regime in Pakistan is enacted in the Income Tax Ordinance, 2001, the Sales Tax Act, 1991, the Federal Excise Act, 2005 and the Federal Board of Revenue Act, 2007. Across the provincial level, every province has enacted a separate legislation catering to the subject of sales tax. Therefore, the services rendered in the FinTech industry in Pakistan are subject to the existing tax regime prevalent in Pakistan. There is currently no inclination towards the promotion of the FinTech industry in Pakistan through tax exemptions from the Government of Pakistan.
The FinTech industry in Pakistan is currently undergoing a crucial stage of development. Due to the introduction of high speed internet technology in the country, it is expected that the FinTech industry is set to grow substantially in the coming years. A key reason for this is the easy access of high speed mobile internet in Pakistan.
As analysed above, the legal framework for the FinTech industry in Pakistan exists to assist and support stakeholders in the FinTech market in Pakistan. However, restrictions such as dual regulators, as well as minimum capital requirements, are issues that need to be reviewed by the SBP to make the FinTech industry in Pakistan more appealing to investors.
At present, there seems to be no initiative by any person to launch a system comparable to PayPal or BitCoin, hugely successful systems which are operating in developed countries. The current legal framework does not envisage the introduction of such systems as it has placed limitations on the PSOs and PSPs by making it mandatory for them to be backed by / affiliated with a participating bank. Although it is not completely restrictive, positive changes to the legal framework of the FinTech industry in Pakistan are definitely required in order for it to realize its true global potential.