*Issues Guidelines For Non-Bank Merchant Acquiring
THE Central Bank of Nigeria (CBN) has said that only licensed switching and processing companies, besides acquiring banks, shall be allowed to process and settle transactions on behalf of merchants in Nigeria.
The regulator said this in a regulatory framework issued last week for a risk-free operation of non-bank merchants acquiring in the country.
Acquirers refer to payment processors in the card transaction chain. They authorise transactions and route them to the appropriate card networks.
The guideline, released recently and signed by the Director, Payments System Management Department, Musa Jimoh, said the document was part of its mandate to facilitate a sound electronic payment system.
The framework covers the rights and obligations of the parties involved in the non-bank merchant acquiring process, minimum operational standards and responsibilities of the regulator, among others.
Those involved in the value chain, according to the CBN, are non-bank acquirer, settlement bank/sponsor bank, merchant’s deposit money bank, card schemes, other payment schemes and the Nigeria Central Switch (NCS).
The regulatory framework followed an exposure draft released earlier by the regulatory authority in furtherance of the development of the payment system in the country.
“The Bank shall approve non-bank acquirers as it deems necessary from time to time,” it said.
On risk mitigation, the document said non-bank acquirers would be required to have in place adequate policies for the management of risks associated with the acquiring services just as “necessary agreements shall be executed with parties to the acquiring services.
“The non-bank acquirer shall have and implement policies that include minimum standards established by the payments schemes (including card schemes) to mitigate risk to the payment system.
The policies shall be approved by the acquirer’s board of directors or as appropriate, an executive management committee. Upon request, these policies shall be made available to relevant schemes,” the CBN added.
A non-bank acquirer, according to the guideline, shall also maintain minimum standards in accordance with the guidelines on electronic payment channels in Nigeria and risk controls to monitor merchant activity.
“Participants shall develop and provide an appropriate governance structure, to manage the risk inherent in the acquiring service. There shall be documented and approved policies in place, which support the risk management function and highlight the acquiring programme strategy, including targeted merchant segments, various entities/agents involved, their responsibilities, likely risks and mitigation procedures.
“Non-bank acquirers shall comply with all applicable security standards and shall ensure all merchants who store, transmit and use sensitive card data are payment card industry and PCI DSS-certified.”
An acquirer is also mandated to ensure compliance with the respective payment scheme rules while protecting stakeholders, including merchants, consumers, schemes and participants. As part of proactive measures to reduce risk, acquirers would have a fraud monitoring/behavioural management solution in place.
The regulator also noted that an acquirer “shall maintain merchant agreements that meet the respective scheme’s minimum requirements for disclosure, and clearly define obligations of acquirer, merchant and other parties.”
“It shall have appropriate merchant agreement(s) in place with each merchant prior to provision of transaction acquiring services,” it said.
The responsibilities of a non-bank acquirer as listed by the bank include controlling merchant approvals as per pre-determined policies and procedures and providing payment scheme acceptance privileges following the respective payment scheme rules.