Breaking down exceptions and exclusions in the Retail Payment Activities Act
As discussed in our previous articles on updates to the implementation of the Retail Payment Activities Act and its scope and requirements, all payment service providers operating in Canada were required to complete their registration with the Bank of Canada (the “BoC”) within the registration window from November 1, 2024, to November 15, 2024.
Building on the registration requirements outlined in our previous articles, it is equally important to address the exceptions and exclusions that may apply to certain entities engaged in retail payment activities. These entities should be aware of the key exclusions, which are categorized into two types under the Retail Payment Activities Act (the “RPAA”): entity-based exclusions and activity-based exclusions. This article provides an overview of both these exclusions.
Entity-based exclusions
Certain entities are fully exempt from the RPAA In general, the rational behind these exemptions is that these entities are already subject to another regulatory framework designed to achieve comparable objectives or are government entities. These include:
- banks and authorized foreign banks included in Schedules I, II or III of the Bank Act;
- insurance companies and fraternal benefit societies subject to the Insurance Companies Act and trust and loan companies subject to the Trust and Loan Companies Act;
- provincially regulated financial institutions (including credit unions, caisses populaires, insurance companies, trust companies and loan companies) that accept deposits transferable by order;
- the BoC;
- the Canadian Payments Association;
- the Provincial Crown and agents or mandataries of the Provincial Crown that accept deposits transferable by order; and
- the Society for Worldwide Interbank Financial Telecommunication (‘SWIFT’) messaging network.
Activity-based exclusions
Activity-based exclusions include certain types of retail payment activities posing limited risk to end users and activities that are prudentially regulated or not considered to be retail payments. Below are some examples of activity-based exclusions as outlined in the RPAA.
Merchant instruments
The RPAA exempts two types of merchant instruments, otherwise known as gift-cards. The first merchant instrument exclusion is known as the “Single Merchant Exclusion”; this applies to instruments (physical or electronic) issued by a merchant that can only be used to purchase goods or services from that merchant. An example would be gift cards issued by a coffee shop that can only be used at its locations.
The second is known as the “Group of Merchants Exclusion”; this applies to instruments issued by an issuer, who is not a payment service provider (a “PSP”), which are designated for purchasing goods or services exclusively from a specific group of merchants, as per an agreement between the issuer and those merchants. For example, a prepaid card issued by a shopping mall that can only be used at stores within that mall.
Both exclusions require that the instrument is restricted to the specified merchant(s). If the instrument allows broader use, the exclusions do not apply.
Agents and mandataries
An individual or entity is excluded from the application of the RPAA when it performs retail payment activities within the scope of its authority as agent or mandatary of a registered PSP. The registered PSP is responsible for ensuring that its agents and mandataries comply with the RPAA and is liable for any violation that is committed by its agents and mandataries acting within the scope of their authority as agent or mandatary.
When an agent or mandatory also performs retail payment activities outside of the agency relationship it has with a registered PSP, it may be required to register as a PSP under the RPAA, however the applicable obligations under the RPAA would apply only to its activities that are outside of its duties as an agent or mandatary.
Affiliated entities
Retail payment activities considered to be internal transactions are excluded from the RPAA. An internal transaction involves an electronic funds transfer (an “EFT”) made between affiliated entities, where the PSP is one of the affiliated entities and no other PSP performs payment functions for that EFT. Examples of transactions between affiliated entities may include transactions between a parent company and a subsidiary or between two subsidiaries of a parent company.
Conclusion
Note that, even if certain activities that you perform are excluded from the RPAA, you may still need to register with the BoC if you perform other non-excluded activities.
For assistance with determining if your business and/or it’s activities is exempt from the RPAA, please contact our Financial Services or Compliance teams.