On April 30, 2021, as part of the 2021 federal budget, the Canadian government introduced Bill C-30, An Act to implement certain provisions of the budget tabled in Parliament on April 19, 2021, and other measures (the “Bill”) for first reading in Parliament. Included in the Bill is the initial draft of the proposed Retail Payment Activities Act (the “RPAA”), which, if enacted, would represent the first regulatory oversight framework for retail payment services providers in the Canadian market.
Application of the RPAA
The RPAA, as drafted, would apply to “payment service providers” (PSPs) located both in and outside Canada. Both a PSP situated within Canada that performs a “retail payment activity” for an end-user in Canada and a PSP situated outside Canada that “directs” retail payment activities at persons in Canada would have the same responsibilities under the RPAA. The definition of a “retail payment activity” leaves open the possibility that the RPAA will apply to transfers of e-money or cryptocurrency as well as fiat currency: it is a payment function that is performed in relation to an electronic funds transfer (EFT) that is made in the currency of Canada or another country or “using a unit that meets prescribed criteria.” A PSP is defined as is an individual or entity that performs payment functions as a service or business activity that is not incidental to another service or business activity. Hopefully, guidance will be provided before the RPAA comes into effect, defining how one can determine whether payment functions provided by a person are “incidental” to related activities.
Certain entities and activities are exempt from the application of the RPAA by the terms of the draft legislation, and the legislation will also give the federal government the authority to create further exemptions by regulation. As noted, the definition of PSP contains within it an exemption for persons that perform payment functions as a service or business activity that is incidental to another service or business activity. Further, the RPAA provides for the following express exemptions:
- Closed-loop gift cards or similar instruments: Payment functions performed in relation to an EFT that is made with an instrument issued by a merchant (or by an issuer that is not a PSP and has an agreement with a group of merchants) that allows the holder of the instrument to purchase goods or services only from the issuing merchant or any merchant in the group.
- Payment functions giving effect to eligible Canada Deposit Insurance Corporation Act contracts.
- Cash withdrawals from ATMs.
- Payment functions performed using a system under section 4 of the Payment Clearing and Settlement Act (including Interac e-Transfers).
- Payment functions performed exclusively between affiliated entities.
- Additionally, entire categories of entities are exempted from the RPAA on the basis that they are already regulated under existing legislation, namely regulated financial institutions (banks, authorized foreign banks, a credit society, and savings and credit unions), companies governed by the Insurance Companies Act (Canada) or the Trust and Loan Companies Act (Canada), and trust companies regulated by provincial legislation.
Impact of the RPAA
Entities and individuals subject to regulation by the RPAA will be obligated to register with the Bank of Canada (the “BoC”). A transitional period will be provided, during which PSPs in Canada that are presently performing retail payment activities for end-users in Canada or PSPs located outside Canada that are currently directing retail payment activities at persons in Canada may continue their activities while applying for registration with the BoC. On the other hand, new PSPs will be required to apply for registration before conducting any retail payment activities. The draft RPAA proposes that the BoC maintain a public registry of registered PSPs, PSPs whose applications were refused, and PSPs whose applications were revoked.
In addition to the requirement to register, the RPPA will require that registered PSPs satisfy certain disclosure requirements, including filing an annual report with the BoC. The RPAA will also impose specific requirements upon registered PSPs regarding the holding and handling of end-user funds. Registered PSPs will also be required to implement and maintain a risk management and incident response framework meeting certain prescribed requirements.
At present, many PSPs operating in the Canadian market have registered as “money services businesses” with the Financial Transactions and Reports Analysis Centre of Canada (“FINTRAC”) under Canada’s anti-money laundering legislation (the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, or “PCMLTFA”). Separate record-keeping and reporting obligations apply to entities registered under the PCMLTFA, and we anticipate that before the RPAA comes into force, we will see regulatory guidance outlining how entities should navigate being regulated by two separate government entities while performing the same activities.
 C-30, An Act to implement certain provisions of the budget tabled in Parliament on April 19, 2021 and other measures, 2nd Sess, 43rd Parl, 2021, (first reading 30 April 2021); most recent published text retrieved at https://parl.ca/DocumentViewer/en/43-2/bill/C-30/first-reading.