Payment system operators directed for managing money laundering-related risks

KATHMANDU, MARCH 5: Nepal Rastra Bank has directed payment system operators to adopt appropriate measures for identifying, assessing, and managing risks related to money laundering and financing of terrorism. This directive was issued as an amendment and addition to the Integrated Directive on Payment Systems, 2080 B.S, which was released for institutions authorized to operate payment systems.

The central bank believes that the absence of adequate provisions such as customer identification and verification, regular transaction and activity monitoring, and other appropriate measures in the systems operated by payment system operators increases the risks of money laundering-related activities.

According to the directive, payment system operators must define the hazards associated with money laundering and financing of terrorism within their systems and take appropriate measures to identify, assess, and manage these threats. They are also required to manage the risks arising through their systems effectively.

These institutions must ensure that customers can deactivate and reactivate various electronic payment services through electronic means (such as related apps or web portals).

After each transaction, the operator is required to immediately send an SMS notification to the customer. Additionally, if a customer requests a message through other electronic channels, this must also be provided.

When issuing an electronic card to a customer, the institution must provide informational materials that include details such as applicable fees, transaction limits, interest rates on card usage, and any other benefits the card provides, along with the application form.

For ATM transactions, customers should be able to clearly see and understand the name and contact number of the relevant staff at the ATM location, as well as the name, address, and telephone number of the institution in both Nepali and English. This information should be regularly updated and kept on record.

In case of technical issues such as an ATM not functioning, insufficient cash in the machine, failure to dispense cash, or any other problem, the institution must ensure that the information is promptly communicated to the institution operating the ATM. Furthermore, the information should also be relayed to the institution issuing the card if necessary.

Institutions holding a license must prepare and implement a dispute management procedure, including maximum timelines for resolving disputes. Customers should also be able to register disputes and track the status of resolution through the institution’s app and website.

Payment system operators must be registered as public limited companies

As per the amendments and additions to the said Integrated Directive, payment system operators are required to be registered as public limited companies. Institutions authorized to operate payment systems must convert into public limited companies by the end of Ashad 2085.

Furthermore, the operators must notify the Payment Systems Department about any agreements or understandings made with other domestic or international institutions related to the provision of payment services or the operation of payment systems.