FDATA North America Responds to the Bank of Canada’s Retail Payments Supervision Consultation

May 21, 2024

Contact: Laine Williams, (202) 897-4757, lwilliams@allonadvocacy.com 

May 21, 2024, Washington, DC – The Financial Data and Technology Association of North America (FDATA), a trade association representing more than 30 financial technology companies and consumer-permissioned data access platforms in Canada and the United States, today responded to the Bank of Canada’s Retail Payments Supervision Consultation regarding its new supervisory guidelines for payment service providers (PSPs). FDATA North America expressed broad support for the Retail Payments Activities Act (RPAA) regulations while requesting additional clarity in the Bank’s guidance.

FDATA North America highlighted that implementation of the RPAA regulations will establish a robust regulatory framework for as many as 2,500 PSPs, significantly advancing Canada’s financial services modernization. In the response, FDATA North America emphasized that the RPAA regulations should facilitate the inclusion of payment use cases into Canada’s consumer-driven banking framework, as announced by Deputy Prime Minister and Minister of Finance Chrystia Freeland in the 2024 budget. By incorporating payment initiation use cases at this early stage, Canada can align with other G7 nations that have already established non-bank PSP regulations and open finance frameworks.

In its comments, FDATA North America provided detailed responses to key aspects of the supervisory guidelines. For operational risk and incident response, it urged comprehensive due diligence for outsourced service providers, flexible compliance standards like SOC II Type 2 audits, clear thresholds for distinguishing different types of PSPs, and an extended 24-hour reporting period for material breaches. It proposed that PSPs report incidents solely to the Office of the Privacy Commissioner (OPC) to reduce duplicative reporting. For safeguarding end-user funds, FDATA requested clarity on the definition of “holding funds” and recommended excluding firms that facilitate transactions but don’t hold funds. Additionally, it called for explicit criteria for changes warranting notification, particularly for cloud migration, to help PSPs manage risks while complying.

A full copy of the response is available here.

Follow Us

Recent Press Releases

FDATA Releases Statement on Introduction of The Guidelines for Use, Access, and Responsible Disclosure (GUARD) of Financial Data Act

Data Privacy, FDATA Press Releases
No results found.

Twitter Feed

Load More

Related Posts

FDATA Core Principles for Consumer Financial Data Rights
Advocacy/Issues, Blog, Open Banking

FDATA Core Principles for Consumer Financial Data Rights

In honor of Consumer Protection Week, FDATA is highlighting a core principle of modern consumer protection: consumers should control their own financial data. Strong, enforceable data rights under Section 1033 ensure Americans can securely access and share their information with the services and tools of their choice—without unnecessary fees, friction, or restrictions.
.
No results found.