Regulating and supervising cross-border payment service providers - Executive Summary

Advances in digital technology are playing a key role in improving the efficiency and effectiveness of transferring funds across borders. New service providers supplying more delivery channels based on new technologies offer consumers access to more convenient, cheaper and faster options for conducting transactions, such as paying bills, purchasing goods and services, and transferring cash to others.

Banks have historically held the predominant role in providing cross-border payment services; however, non-bank payment service providers (PSPs) entering the cross-border payments market have generated significant changes in the market structure. Moreover, in some jurisdictions, these PSPs have become competitors to banks and expanded the range of payment options available to consumers while also assuming a complementary function to banks in other important domains.

The absence of a single, comprehensive set of international standards governing the provision of cross-border payment services has resulted in jurisdictions applying various approaches to regulating and supervising banks and non-banks. Both banks and non-banks are subject to the Financial Action Task Force standards for combating financial crime (money laundering, terrorism financing and other illicit financial activities).

Banks are subject to comprehensive international prudential supervisory standards set by the Basel Committee on Banking Supervision. Financial market infrastructures are subject to the standards set by the Committee on Payments and Market Infrastructures and the International Organization of Securities Commissions to promote their safety and efficiency and that of related arrangements. However, there are currently no comprehensive, globally agreed upon international standards that fully govern either supervision and oversight of the provision of payment services to consumers and businesses generally or prudential supervision and oversight of non-bank PSPs in their provision of such services.

The Financial Stability Board issues recommendations

Greater consistency in the treatment of payment services across PSPs supports an environment that facilitates reduced costs, increases delivery speed and improves financial access and transparency by establishing a level playing field, to the extent possible given differences in business models and risk profiles, for both banks and non-bank PSPs.

In December 2024, the Financial Stability Board (FSB) issued policy recommendations to strengthen consistency in the regulation, supervision and oversight of banks and non-banks in their provision of cross-border payment services in a way that is proportionate to the risks associated with such activities. The recommendations are addressed to competent authorities, such as central banks, financial supervisory authorities, consumer protection authorities, ministries of finance, financial integrity units and conduct authorities.  

The objective of these recommendations is to ensure that the same cross-border payment services when undertaken by both banks and non-banks are subject to similar regulation, supervision and oversight. The recommendations also call for regulatory and supervisory oversight that is aligned with, and proportional to, the risks present in business models related to cross-border payments and organisational structures of cross-border PSPs, whether banks or non-banks. This is consistent with a "same activity, same risk, same rules" approach.

Principles for developing recommendations

The principles and recommendations are intended to be high-level and recognise that national regulatory and supervisory frameworks are influenced by a range of considerations.

Cross-border payment supervisory and regulatory regimes should be designed to promote safe, resilient and efficient payment services. The supervisory and regulatory regimes applicable to cross-border payment activities should also be proportionate to the risks that they present.

Proportionality could improve consistency in the treatment of similar payment services across PSPs. For example, this could take the form of consistent application of regulatory requirements and resulting supervisory measures to bank and non-bank PSPs in cases where they provide similar or the same payment services with similar or equal risks. Furthermore, the supervisory and regulatory regimes for PSPs should respond to changes in national and international payment services landscapes.

Finally, the supervisory and regulatory regimes for PSPs should be clearly articulated, and those for cross-border payments should facilitate cooperation, coordination and information sharing within and across jurisdictions.

Recommendations

The FSB outlines six key recommendations to improve regulatory and supervisory consistency.

Recommendation 1

Competent authorities should conduct risk assessments of the cross-border payments sector, the aim of which should be to identify, understand and assess the risks associated with PSPs active within the authorities' jurisdiction in cross-border payment services.

Recommendation 2

Based on the findings of the payment sector risk assessments, competent authorities should review existing regulatory, supervisory and oversight regimes to ensure that the regimes: 1) address all the key risks identified; 2) are proportional to the risks identified, with particular attention to operational risks (eg fraud, cyber and third-party risks), resilience and financial crime risks; and 3) are applied consistently and in coordination with all relevant competent authorities across the sector. Competent authorities should consider undertaking or seeking adjustments to laws, regulations, and supervision and oversight models as needed.

Recommendation 3

Competent authorities' regulatory and supervisory regimes related to cross-border payments should be designed to promote consumer protection and address consumer harms.

Recommendation 4

Competent authorities should develop, publish and communicate payments-related supervisory and oversight expectations to promote safe and efficient payment services, including the guidance relating to application of the risk-based approach.¹

Recommendation 5

Competent authorities should: 1) review licensing or registration criteria for risk-proportionate requirements, including measures to promote consumer protection and address new services, such as account information services, payment initiation services, digital wallets, and the provision of services through agents and other intermediaries; and, if necessary, 2) adjust the licensing or registration processes for PSPs to incorporate requirements such as conducting fit and proper tests, reviews of anti-money laundering/combating the financing of terrorism compliance programmes and oversight of agents and other intermediaries.

Recommendation 6

Competent authorities both within and across jurisdictions should, where applicable, implement or expand cooperative arrangements for information sharing to support access to relevant information and data for comprehensively assessing risks, as well as the sources of frictions and, when appropriate, supporting regulatory or supervisory action. 

---

¹ A risk-based approach is a concept in which regulatory and supervisory measures are applied based on the risks posed by the activities or entities, taking into account limited supervisory resources.