Skip to content

The Retail Payment Activities Act: the federal government’s proposed regulation of retail payments for FinTech

Kevin Landry and Annelise Harnanan (summer student)

In April 2021, the federal government introduced the draft Retail Payments Activities Act (“RPAA”) as part of Bill C-30, the Act to implement the 2021 federal budget. Under this legislation, the government has proposed to regulate payment services provided by financial technology (“FinTech”) companies.

Who does the RPAA apply to?

Subject to stated exclusions, the RPAA will regulate payment service providers (“PSP”s), which are individuals or entities that perform “payment functions” as a service or business activity that is not incidental to another service or business activity.

Specifically, the RPAA will apply to PSPs performing “retail payment activities”, which are payment functions performed in relation to an electronic funds transfer in the currency of Canada or another country using a unit that meets prescribed criteria. The definition of payment functions in the RPAA will capture a wide array of activities and includes:

  1. The provision or maintenance of an account that, in relation to an electronic funds transfer, is held on behalf of one or more end users;
  2. The holding of funds on behalf of an end user until they are withdrawn by the end user or transferred to another individual or entity;
  3. The initiation of an electronic funds transfer at the request of an end user;
  4. The authorization of an electronic funds transfer or the transmission, reception or facilitation of an instruction in relation to an electronic funds transfer; or
  5. The provision of clearing or settlement services.

To be caught by the RPAA, the retail payment activity must be conducted by a PSP that has a place of business in Canada or be performed for an end user in Canada by a foreign PSP that directs retail payment activities at people in Canada. Notably, an “end user” is not limited to consumers.

The wording of regulations yet to be formed under the RPAA are expected to clarify the precise scope of the Act, as well as the activities and parties caught under it.

Notable requirements

The Bank of Canada’s supervisory role

The RPAA gives the Bank of Canada (“BoC”) supervisory authority over PSPs performing retail payment activities to determine whether they are in compliance with the RPAA. The BoC must also promote adoption by PSPs of policies and procedures designed to implement their obligations stemming from the Act and monitor and evaluate trends and issues related to retail payment activities.

Operational and financial measures

In order to identify and mitigate operational risks and respond to incidents, PSPs that perform retail payment activities must establish, implement and maintain a risk management and incident response framework.

“Operational risk” is defined as a risk that any of the following occurrences noted below will result in the reduction, deterioration or breakdown of retail payment activities that are performed by a PSP:

  1. a deficiency in the PSP’s information system of internal process;
  2. a human error;
  3. a management failure; or
  4. a disruption caused by an external event.

An “incident” is described as an event or series of related events that is unplanned by a PSP and that results, or could reasonably be expected to result in, the reduction, deterioration, or breakdown of any retail payment activity performed by the PSP.

PSPs that perform retail payment activities must submit annual reports to the BoC that include prescribed information regarding their risk management and incident response framework.

If a PSP becomes aware of an incident that has a material impact on an end user, another PSP or a clearing house, the PSP must immediately notify the affected party and the BoC of the incident.

Safeguarding end-user funds

The RPAA places requirements on PSPs that perform a retail payment activity involving the holding of end-user funds. Such parties must:

  1. hold the end-user funds in a trust account that is not used for any other purpose;
  2. hold the end-user funds in a prescribed account or in a prescribed manner and take any prescribed measures in relation to the funds, the account or the manner; or
  3. hold the end-user funds in an account that is not used for any other purpose and hold insurance or guarantee in respect of the funds in an amount no less than the amount held in the account.

Registration

PSPs must register with the BoC prior to performing retail payment activities. They must file an application for registration, which must be in a prescribed form and manner and include certain information not limited to the name of the PSP’s agents that will perform the activities, details of the activities that will be performed, the number of expected end users and a description of the applicant’s risk management and incident response framework.

Applications may be refused for a variety of reasons, including reasons related to national security, the failure to provide any additional information requested, and disclosing false or misleading information. Once granted, registration may also be revoked for a variety of reasons. The RPAA does provide a right of appeal to the Federal Court following notice of intent to revoke registration.

Administration and enforcement

The BoC can verify compliance with the RPAA by requesting information from a PSP or directing a special audit of a PSP. The RPAA also enables an authorized person to examine the records and inquire into the business and affairs of a PSP that performs retail payment activities to ensure compliance with the Act.

In addition, if the BoC believes that a PSP has committed a violation of the RPAA, it may issue a notice of violation. Associated administrative monetary penalties may be levied up to a maximum of $10 million. The BoC may also offer to reduce the penalty by half if the PSP enters into a compliance agreement with the bank.

Regulations

The Governor in Council, on the recommendation of the Minister of Finance, may make regulations respecting various provisions of the RPAA. These regulations may clarify the risk management and incident response framework that PSPs must establish, the nature of the accounts in which PSPs are to hold end-user funds, and the measures PSPs must take to ensure that end-user funds are payable to end users in the event of an insolvency or other specified events. The regulations may also designate the contravention of certain provisions of the RPAA or its regulations as violations of the RPAA to be dealt with under Part 5: “Administration and Enforcement” and establish the penalties to be made in respect of these violations.

Expected development

The First Reading of Bill C-30, which includes the RPAA, took place on April 30, 2021. The other legislative stages are yet to be completed. Most sections of the Act will come into force on a day that will be fixed by the Governor in Council.


This update is intended for general information only. If you have questions about the above, please contact the author(s) to discuss your needs for specific legal advice relating to the particular circumstances of your situation.

SHARE

Archive

Search Archive


 
 

TTC’s Random Testing Decision: A Bright Light for Employers in the Haze of Marijuana Legalization

April 11, 2017

Rick Dunlop In my December 15, 2016 article, Federal Government’s Cannabis Report: What does it mean for employers?, I noted the Report’s1 suggestion that there was a lack of research to reliably determine when individuals are impaired…

Read More

Unionization in the Construction Industry: Vacation Day + Snapshot Rule = Disenfranchisement

April 4, 2017

Rick Dunlop and Michelle Black On March 14, 2014, CanMar Contracting Limited (“CanMar”) granted a day off to two of its hard working and longer serving employees so they could spend time with their respective families. That…

Read More

Sometimes a bad deal is just a bad deal: unconscionability and insurance claim settlements in Downer v Pitcher, 2017 NLCA 13

March 16, 2017

Joe Thorne and Meaghan McCaw The doctrine of unconscionability is an equitable remedy available in exceptional circumstances where a bargain between parties, be it a settlement or a release, may be set aside on the basis that…

Read More

Privilege Prevails: Privacy Commissioner protects solicitor-client communications

March 16, 2017

Jonathan Coady After more than five years, the Prince Edward Island Information and Privacy Commissioner (the “Privacy Commissioner”) has completed her review into more than sixty records withheld by a local school board on the…

Read More

The Latest in Labour Law: A Stewart McKelvey Newsletter – Nova Scotia Teachers Union & Government – a synopsis

March 7, 2017

Peter McLellan, QC & Richard Jordan Introduction On February 21, 2017 the Nova Scotia Government passed Bill 75 – the Teachers’ Professional Agreement and Classroom Improvement (2017) Act. This Bulletin will provide some background to what is, today,…

Read More

Scotia Mortgage Corporation v Furlong: The Supreme Court of Newfoundland and Labrador weighs in on the former client rule in commercial transactions

March 1, 2017

Bruce Grant, QC and Justin Hewitt In the recent decision of Scotia Mortgage Corporation v Furlong1 the Supreme Court of Newfoundland and Labrador confirmed that where a law firm acts jointly for the borrower and lender in the placement…

Read More

The Ordinary Meaning of Insurance: Client Update on the SCC’s Decision in Sabean

February 21, 2017

The Supreme Court of Canada released its decision in Sabean v Portage La Prairie Mutual Insurance Co, 2017 SCC 7 at the end of January, finally answering an insurance policy question that had divided the lower…

Read More

Client Update: Outlook for the 2017 Proxy Season

February 8, 2017

In preparing for the 2017 proxy season, you should be aware of some regulatory changes and institutional investor guidance that may impact disclosure to, and interactions with, your shareholders. This update highlights what is new…

Read More

Client Update: The Future of Planning and Development on Prince Edward Island – Recent Amendments to the Planning Act

January 23, 2017

Perlene Morrison and Hilary Newman During the fall 2016 legislative sitting, the Province of Prince Edward Island passed legislation that results in significant changes to the Planning Act. The amendments received royal assent on December 15, 2016 and…

Read More

Plaintiffs’ medical reports – disclosure obligations in Unifund Assurance Company v. Churchill, 2016 NLCA 73

January 10, 2017

Joe Thorne1 and Justin Hewitt2 In Unifund Assurance Company v Churchill,3  the Newfoundland and Labrador Court of Appeal considered the application of our rules of court and the common law as they relate to disclosure of documents produced in…

Read More

Search Archive


Scroll To Top