LogoRegulatory Alerts
2022-04-29

National Payment System Regulations 2022

The Government of Fiji issued the National Payment System Regulations 2022 to establish the legal framework for licensing, oversight, and operational conduct within the national payment system. These regulations empower the Reserve Bank of Fiji to impose conditions on payment service providers and system operators, conduct inspections, and enforce confidentiality and reporting obligations. The document further defines specific requirements for electronic money, insolvency proceedings, and consumer protections regarding unauthorized transactions and payment instruments.

Reserve Bank of Fiji logo

Fiji

Reserve Bank of Fiji

Click to view thumbnail

175 No. 17 GOVERNMENT OF FIJI GAZETTE SUPPLEMENT FRIDAY, 29th APRIL 2022 EXTRAORDINARY [LEGAL NOTICE NO. 58] NATIONAL PAYMENT SYSTEM ACT 2021 ________ National Payment System Regulations 2022 REGULATIONS PART 1—PRELIMINARY

  1. Short title and commencement
  2. Interpretation PART 2—LICENSING
  3. Application for a licence
  4. Imposition of conditions on operator, participant and settlement agents of a payment system
  5. Imposition of conditions on payment service provider
  6. Written directions
  7. Authority to approve or remove responsible persons PART 3—OVERSIGHT
  8. General provisions on execution of oversight
  9. Authority to perform inspections
  10. Collection, report and publication of data and other information
  11. Obligation of confidentiality of information PART 4—OBLIGATIONS OF A LICENSED PERSON
  12. Obligations of the payment service provider in relation to payment instruments
  13. Obligations of the payment service user in relation to payment instruments and personalised security credentials
  14. Notification and rectification of unauthorised or incorrectly executed payment transactions
  15. Evidence on authentication and execution of payment transactions
  16. Access regime to systems
  17. Access to payment accounts maintained with a bank
  18. Access to payment account in the case of payment initiation services
  19. Rules on access to and use of payment account information in the case of account information services

176 PART 5—SPECIFIC REQUIREMENTS RELATING TO ELECTRONIC FUNDS TRANSFER AND ELECTRONIC MONEY 20. Issuance of e-money 21. Agents 22. Products and services 23. Operations and risk management 24. Oversight, reporting and sanctions 25. Consumer protection 26. Unclaimed moneys PART 6—NETTING, INSOLVENCY PROCEEDINGS AND PARTICIPANTS’ LIABILITIES 27. Transfer orders 28. Revocation of transfer orders 29. Opening of insolvency proceedings 30. Insolvency proceedings not to have retroactive effect 31. Rights and obligations in insolvency proceedings 32. Collateral security PART 7—ENFORCEMENT 33. Penalties PART 8—DEMATERIALISATION OF SECURITIES 34. Central securities depository 35. Register 36. Register is prima facie evidence 37. Transmission of dematerialised securities PART 9—MISCELLANEOUS 38. Reserve Bank to determine actual existence of a system or service 39. Remedies 40. Implementing measures 41. Service of documents SCHEDULE 1—APPLICATION FOR LICENCE SCHEDULE 2—FEES SCHEDULE 3—PENALTIES

177 IN exercise of the powers conferred on me by section 56 of the National Payment System Act 2021 and in consultation with the Reserve Bank of Fiji, I hereby make these Regulations— PART 1—PRELIMINARY Short title and commencement 1.—(1) These Regulations may be cited as the National Payment System Regulations 2022. (2) These Regulations come into force on a date or dates appointed by the Minister by notice in the Gazette. Interpretation 2. In these Regulations, unless the context otherwise requires— “account information service” means an online service to provide consolidated information on one or more payment accounts held by the payment service user with another payment service provider or with more than one payment service provider, and includes such a service whether information is provided— (a) in its original form or after processing; or (b) only to the payment service user or to the payment service user and to another person in accordance with the payment service user’s instructions; “account information service provider” means a payment service provider that provides account information services; “account issuance service” means any of the following services— (a) the service of issuing a payment account to any person in Fiji; and (b) any service relating to any operation required for operating a payment account, including, other than a domestic money transfer service or cross-border money transfer service, any service that enables money to be placed in or withdrawn from a payment account; “account servicing payment service provider” means a payment service provider providing and maintaining a payment account for a payer; “authorised officer” means any person appointed by the Reserve Bank under the Act or these Regulations to perform certain duties as required by the provisions of the Act or these Regulations; “cash-in” means the delivery of currency to the e-money issuer or their agent in exchange for e-money of equal value added to the customer’s e-money account; “cash-out” means the transfer of e-money from the customer’s account to the e-money issuer or their agent in exchange for currency of equal value;

178 “cross-border money transfer service” means any of the following services— (a) any service of accepting money in Fiji, whether as principal or agent, for the purpose of transmitting or arranging for the transmission of the money to any person outside of Fiji; and (b) any service of receiving money from outside Fiji for, or arranging the receipt of any money from outside of Fiji, by any person in Fiji, whether as principal or agent; “days” means working days; “domestic money transfer service” means the service of accepting money for the purpose of executing or arranging for the execution of any of the following payment transactions, each of which is between a payer and payee that are not financial institutions and located in Fiji— (a) a payment transaction executed by way of or through a payment account; (b) a direct debit, including a one-off direct debit, through a payment account; (c) a credit transfer, including a standing order, through a payment account; and (d) accepting money from a person for transfer to the payment account of a different person; “e-money” has the same meaning as electronic money given in the Act; “e-money account” means the account with an e-money issuer in which the customer’s e-money balance is recorded and through which the customer transacts; “e-money issuance service” means the service of issuing e-money to a person for the purpose of allowing the person to make payment transactions; “e-money issuer” means a payment service provider that provides an e-money issuance service as licensed by the Reserve Bank; “merchant” means a person that contracts with a payment service provider for accepting payment for goods and services by means of payment instruments; “merchant acquisition service” means any service of accepting and processing a payment transaction for a merchant under a contract between the provider of the service and the merchant, which results in a transfer of money to the merchant pursuant to the payment transaction, regardless of whether the provider of the service comes into possession of any money in respect of the payment transaction, in a case where— (a) the merchant carries on business in Fiji or is incorporated or registered in Fiji; or (b) the contract between the provider of the service and the merchant is entered into in Fiji;

179 “over the counter transaction” means a transaction with a customer who does not otherwise have an account with the entity providing the transaction service; “payee” means a person that is the intended recipient of funds which have been the subject of a payment transaction; “payer” means a person that holds a payment account and allows a payment order from that payment account or where there is no payment account, a person that gives a payment order; “payment account” means an account held in the name of one or more payment service users, which is used for the execution of payment transactions; “payment initiation service” and “PIS” means a payment service to initiate a payment order at the request of the payment service user with respect to a payment account held by a different payment service provider; “payment service user” means a person using a payment service in the capacity of payer, payee or both; “personalised security credentials” means personalised features provided by a payment service provider to a payment service user for the purpose of authentication; “Register” means the Register of Government and Other Securities established under regulation 35; “responsible persons” means the board of directors of a licensed payment service provider or a licensed payment system operator and their proxies, including alternate directors and senior management; “sensitive payment data” means— (a) data on the payer, payee and their payment accounts, and includes personalised security credentials; but (b) for the activities of PIS providers and account information service providers, does not include the name of the account owner and the account number; “suspicious transaction” has the meaning given in sections 14 and 15 of the Financial Transactions Reporting Act 2004; “transaction” means any access to an e-money account by the account owner for the purposes of determining the status of the account or any action by the owner or a third party that results in the addition or reduction of e-money in the account; and “trust account” means an account held in a bank for and on behalf of the participants in the e-money service who have deposited cash in exchange for e-money.

180 PART 2—LICENSING Application for a licence 3.—(1) An application for a licence to provide a payment service or operate a payment system must be made to the Reserve Bank in the form prescribed in Schedule 1. (2) The application must be accompanied by the applicable licence fee prescribed in Schedule 2. (3) The application must be accompanied by— (a) documents of registration, including the certificate of incorporation and the memorandum and articles of association; (b) for a payment service provider, a certified copy of a current licence from the relevant authority in Fiji or elsewhere, and in the case of an e-money issuer, a certified copy of the agreement or deed where a custodial trust relationship exists with the payment service provider; (c) a list of the type of services to be offered and the programme of operations to offer these services; (d) information on the public interest that will be served by the provision of the payment service; (e) a business plan, including an indicative budget for the first 3 financial years that demonstrates that the applicant is able to operate efficiently and safely; (f) evidence that the payment service provider and operator each hold the initial capital as determined by the Reserve Bank; (g) a description of— (i) the governance arrangements of the applicant and internal control mechanisms, including administrative, risk management and accounting procedures, which demonstrate that these governance arrangements, control mechanisms and procedures are proportionate, appropriate, sound and adequate; (ii) the internal control mechanisms that the applicant has established to comply with its anti-money laundering obligations set out in the Financial Transactions Reporting Act 2004; and (iii) the structural organisation of the applicant including, where applicable, its intended use of agents, cash merchants, branches and outsourcing arrangements, and its participation in a national or international payment system; (h) how the applicant is going to clear and settle payment obligations; (i) the identity of— (i) responsible persons for the management of the payment service provider or operator; (ii) the custodial trustees holding the cash which is represented in the payment service of the applicant; and

181 (iii) persons who, if the activities for which the licence is being sought are to be conducted in a separate division, are responsible for the management of that division; (j) the address of the head office; (k) the terms and conditions that will apply to its customers, agents and cash merchants; (l) a valid Taxpayer Identification Number and tax compliance certificate from the relevant tax authorities in Fiji or elsewhere; (m) a current credit rating report from a credit reference bureau; (n) a letter of no objection from the home regulatory authority where the applicant is a subsidiary of a foreign company, recommending the applicant to operate a payment system or payment service in Fiji; and (o) such other requirements and information as the Reserve Bank deems necessary. (4) The Reserve Bank must process the application within such time as the Reserve Bank determines and must inform the applicant of the outcome in writing. (5) A licence granted under the Act and this regulation is valid for such period that the Reserve Bank determines and is not transferable to any other person and cannot be assigned to a legal successor without the approval of the Reserve Bank. (6) A licence may be subject to a renewal process or the payment of an annual licence fee for the continuation of the licence as determined by the Reserve Bank. (7) An application for renewal of a licence must be submitted to the Reserve Bank at least 60 days before the licence expires or within a timeframe as determined by the Reserve Bank. Imposition of conditions on operator, participant and settlement agents of a payment system 4.—(1) The Reserve Bank may, by notice in writing to a licensed operator, participant, or settlement agent— (a) impose new or additional conditions on the licence; or (b) vary or remove any condition or add to any such condition. (2) Without prejudice to the generality of subregulation (1), the Reserve Bank may specify conditions that relate to any of the following— (a) the conditions to be met by any person in order to have access to or become a participant of the payment system; (b) the operation of the system, including the clearing and settlement arrangements to be followed; (c) the interaction of the system with other systems; (d) the relationship of the system with its participants; (e) the appropriate actions to be taken by the participant or class of participants, or the operator or the settlement agent, in relation to its business;

182 (f) netting arrangements; (g) risk sharing and risk control mechanisms; (h) certainty of settlement and finality of payment; (i) the nature of financial arrangements among participants; (j) the operational systems and financial soundness of the clearing house; (k) the conditions that will apply if any function of the operator or the settlement agent is outsourced; (l) such other matters as the Reserve Bank may consider necessary or in the interest of the public or a section of the public; and (m) such other matters that in the view of the Reserve Bank pertain to a risk to the financial system. Imposition of conditions on payment service provider 5.—(1) The Reserve Bank may, by notice in writing to a licensed payment service provider— (a) impose new or additional conditions on the licence; or (b) vary or remove any condition or add to any such condition. (2) Without prejudice to the generality of subregulation (1), the Reserve Bank may specify conditions that relate to any of the following— (a) the protection of funds received from users; (b) the use of agents; (c) outsourcing of activities; (d) the issuance and management of specific payment instruments; and (e) such other matters as the Reserve Bank may consider necessary or in the interest of the public or a section of the public. (3) The Reserve Bank may issue directives and policies on the interoperability of systems between all participants in the national payment system. Written directions 6.—(1) The Reserve Bank must, prior to issuing any written direction, consult the person to whom it is directed and may also consult interested persons with respect to the content and effect of such measure. (2) The Reserve Bank may, by a written direction, specify that the operator of a system or a participant in such a system must, within such time as the Reserve Bank considers necessary— (a) cease or refrain from engaging in an act or course of conduct; (b) perform such acts as in the opinion of the Reserve Bank are necessary in the public interest; or (c) make, amend or repeal a payment system rule.

183 (3) Every direction issued under this regulation must be communicated to the person to whom it is directed and must come into operation from the effective date outlined in the direction. (4) A direction is binding on the person to whom it is directed. (5) As soon as is practicable after implementing a direction and completing any action required to be taken in connection with it, the person to whom it is given must notify the Reserve Bank that the direction has been implemented and the action completed. Authority to approve or remove responsible persons 7.—(1) The Reserve Bank has the authority to approve or remove responsible persons of an operator or a payment service provider licensed to operate in Fiji. (2) The Reserve Bank has the authority to reject a proposal for responsible persons for a system operator or a payment service provider based on but not limited to a determination of insufficient or inappropriate experience, personal bankruptcy, or conviction of an offence involving fraud, dishonesty or imprisonment. (3) The Reserve Bank may request the removal of a responsible person, if without reasonable justification the responsible person has failed to uphold regulations issued by the Reserve Bank, experienced a personal bankruptcy, or has been convicted of an offence involving dishonesty, fraud or imprisonment. (4) The request under subregulation (3) must be submitted in writing to the operator or the payment service provider and the responsibe person must be given the opportunity to be heard. PART 3—OVERSIGHT General provisions on execution of oversight 8.—(1) Licensed payment service providers and operators, including third parties to which a part of services has been outsourced, may be subject to Reserve Bank oversight. (2) The Reserve Bank may cooperate with bodies in other countries for oversight of payment systems and payment services. (3) The Reserve Bank has the right to exchange information with such bodies and persons and to notify them regarding deficiencies found during their oversight activities. (4) If the Reserve Bank discovers facts during its oversight activities indicating that criminal acts have been committed, it must notify the relevant body regarding criminal proceedings of this fact without unreasonable delay. Authority to perform inspections 9. For the purposes of section 19 of the Act, the Reserve Bank may inspect any books, premises, equipment, or other items as deemed necessary for the purpose of ensuring compliance with the Act and these Regulations, as well as retain such books, equipment and other items, and conduct interviews with relevant personnel. Collection, report and publication of data and other information 10.—(1) A licensed payment service provider or payment system operator, including any related third party, must submit to the Reserve Bank, on a periodic basis, data and information on payment transactions, as determined by the Reserve Bank.

184 (2) The data and information in subregulation (1) include— (a) the value and volume of transactions by payment instrument and type of transaction; (b) the value and volume of transactions in paragraph (a) disaggregated by gender, age and geographical location; and (c) any additional information when deemed necessary, in the form and manner determined by the Reserve Bank. (3) The Reserve Bank may make publicly available reports on relevant aspects of the national payment system in an aggregated form. Obligation of confidentiality of information 11.—(1) Authorised officers must respect professional confidentiality regarding facts acquired during oversight. (2) Information acquired during oversight must only be used by authorised officers for the purposes of carrying out their duties and where compelled by statutory requirements or a court of competent jurisdiction in Fiji. (3) The Reserve Bank may provide information acquired during oversight to a similarly functioning international body, under the condition that such bodies and persons have an obligation to safeguard the confidential and privileged information according to any cooperation agreement. (4) Information provided must be used only for the specific purpose or for the proceedings for which the information was made available. (5) Information supplied to international bodies must be in summary or aggregate form. (6) Transaction details must not be disclosed unless the affected participants and operator have been notified. (7) The Reserve Bank may request all relevant information it might need for its oversight activities from oversight bodies of other countries, according to any cooperation agreement. PART 4—OBLIGATIONS OF A LICENSED PERSON Obligations of the payment service provider in relation to payment instruments 12.—(1) A payment service provider issuing a payment instrument must— (a) ensure that the personalised security credentials are accessible to only the payment service user that is entitled to use the payment instrument; (b) refrain from sending an unsolicited payment instrument, except when replacing a payment instrument already given to the payment service user; (c) ensure that appropriate means are available at all times to enable the payment service user to make a notification under regulation 13(1)(b) or to request unblocking of the payment instrument; and (d) prevent all use of the payment instrument once notification under regulation 13(1)(b) has been made.

185 (2) On request by a payment service user for the unblocking of a payment instrument, the payment service provider must provide the payment service user with the means to prove, for 18 months after notification, that the paymentservice user made such notification. (3) The payment service provider must bear the risk of sending a payment instrument or any personalised security credentials relating to it to the payment service user. Obligations of the payment service user in relation to payment instruments and personalised security credentials 13.—(1) A payment service user entitled to use a payment instrument must— (a) use the payment instrument in accordance with the terms governing the issue and use of the payment instrument, which must be objective, non￾discriminatory and proportionate; and (b) notify the payment service provider, without undue delay, on becoming aware of the loss, theft, misappropriation or unauthorised use of the payment instrument. (2) For the purposes of subregulation 1(a), the payment service user must, in particular, as soon as in receipt of a payment instrument, take all reasonable steps to keep its personalised security credentials safe. Notification and rectification of unauthorised or incorrectly executed payment transactions 14.—(1) Apaymentservice user may obtain rectification of an unauthorised orincorrectly executed payment transaction from a payment service provider only if the payment service user notifies the payment service provider without undue delay on becoming aware of any such transaction giving rise to a claim. (2) The payment service provider must rectify any unauthorised or incorrectly executed payment transaction within 30 days after the notification from the payment service user. (3) Where a PIS provider is involved, the payment service user may obtain rectification from the account servicing payment service provider. Evidence on authentication and execution of payment transactions 15.—(1) If a payment service user denies having authorised an executed payment transaction or claims that the payment transaction was not correctly executed, the payment service provider must prove that the payment transaction was authenticated, accurately recorded, entered in the accounts and not affected by a technical breakdown or some other deficiency of the service provided by the payment service provider. (2) If the payment transaction is initiated through a PIS provider, the burden is on the PIS provider to prove that within its sphere of competence, the payment transaction was authenticated, accurately recorded and not affected by a technical breakdown or other deficiency linked to the payment service of which it is in charge. Access regime to systems 16.—(1) Pursuant to section 17 of the Act, the Reserve Bank may impose an access regime in respect of a payment system, on the person who determines access to the system, regardless of whether the person is a participant, an operator or a settlement agent, on such terms and conditions as the Reserve Bank may consider appropriate.

186 (2) The Reserve Bank may take into consideration the following— (a) whether the imposition of the access regime would be in the public interest; (b) the interests of the current participants, operator and settlement agent; (c) the interests of persons who, in the future, may require or desire access to the system; and (d) such other matters as the Reserve Bank may consider relevant. (3) The Reserve Bank, in imposing an access regime, must ensure that the access regime is fair and not discriminatory. (4) The Reserve Bank may make variations to the access regime based on the considerations listed in subregulation (2). (5) The Reserve Bank may revoke an access regime based on the considerations listed in subregulation (2). Access to payment accounts maintained with a bank 17.—(1) Payment service providers may access a bank’s payment account services on an objective, non-discriminatory and proportionate basis and, such access must be sufficiently extensive as to allow payment service providers to provide payment services in an unhindered and efficient manner. (2) The bank must provide the Reserve Bank with duly motivated reasons for any rejection. Access to payment account in the case of payment initiation services 18.—(1) A payer may use a PIS provider to obtain payment services if the payment account is accessible online. (2) If the payer gives explicit consent for a payment to be executed, the account servicing payment service provider must perform the actions specified in this regulation in order to ensure the payer’s right to use the payment initiation service. (3) The PIS provider must–– (a) not hold at any time the payer’s funds in connection with the provision of the payment initiation service; (b) ensure that the personalised security credentials of the payment service user are not, with the exception of the user and the issuer of the personalised security credentials, accessible to other parties and that they are transmitted by the PIS provider through safe and efficient channels; (c) ensure that any other information about the payment service user, obtained when providing payment initiation services, is only provided to the payee and only with the payment service user’s explicit consent; (d) every time a payment is initiated, identify itself towards the account servicing payment service provider of the payer and communicate with the account servicing payment service provider, the payer and the payee in a secure way;

187 (e) not store the payment service user’s sensitive payment data; (f) not request from the payment service user any data other than those necessary to provide the payment initiation service; (g) not use, access or store any data for purposes other than for the provision of the PIS as explicitly requested by the payer; and (h) not modify the amount, the payee or any other feature of the transaction. (4) The account servicing payment service provider must–– (a) communicate securely with PIS providers; (b) immediately after receipt of the payment order from a PIS provider, provide or make available all information on the initiation of the payment transaction and all information accessible to the account servicing payment service provider regarding the execution of the payment transaction to the PIS provider; and (c) treat payment orders transmitted through the services of a PIS provider without any discrimination other than for objective reasons, in particular in terms of timing, priority or charges vis-à-vis payment orders transmitted directly by the payer. (5) The provision of payment initiation services is not dependent on the existence of a contractual relationship between the PIS provider and the account servicing payment service provider for that purpose. Rules on access to and use of payment account information in the case of account information services 19.—(1) A payment service user may use services enabling access to account information if the payment account is accessible online. (2) The account information service provider must— (a) provide services based on the payment service user’s explicit consent; (b) ensure that the personalised security credentials of the payment service user are not, with the exception of the user and the issuer of the personalised security credentials, accessible to other parties and that when they are transmitted by the account information service provider, this is done through safe and efficient channels; (c) for each communication session, identify itself towards the account servicing payment service provider of the payment service user and securely communicate with the account servicing payment service provider and the payment service user; (d) access only the information from designated payment accounts and associated payment transactions; (e) not request sensitive payment data linked to the payment accounts; and (f) not use, access or store any data for purposes other than for performing the account information service explicitly requested by the payment service user in accordance with any of the Reserve Bank’s rules on the matter.

188 (3) In relation to payment accounts, the account servicing payment service provider must— (a) communicate securely with the account information service providers; and (b) treat data requests transmitted through the services of an account information service provider without any discrimination for other than objective reasons. (4) The provision of account information services is not dependent on the existence of a contractual relationship between the account information service providers and the account servicing payment service providers for that purpose. PART 5—SPECIFIC REQUIREMENTS RELATING TO ELECTRONIC FUNDS TRANSFER AND ELECTRONIC MONEY Issuance of e-money 20.—(1) E-money issued pursuant to these Regulations must be denominated in Fijian dollars and each unit of e-money may be issued or redeemed at par value of one Fijian dollar. (2) There must not be any form of discount or premium on the issuance or redemption of e-money. (3) An e-money issuer must establish and maintain one or more trust accounts with a licensed commercial bank and must not be intermediated. (4) An e-money issuer must ensure that the trust account funds are equivalent to the amount of e-money in circulation at any given time. (5) The users of the e-money backed by the funds in the trust account are to be listed as beneficiaries and funds pertaining to each beneficiary must stay segregated from those of other beneficiaries. (6) Trust account funds must be held separate from and not co-mingled with the issuer’s operating account. (7) Trust account funds must be protected from any effects of insolvency of the trustee and cannot be included as liable to any creditors of the trustee. Agents 21. Subject to the Act, these Regulations, and any other policies issued by the Reserve Bank concerning the use of agents by financial institutions, an e-money issuer may employ agents, master agents, or agent network managers. Products and services 22.—(1) An e-money issuer may provide to end-users, directly or through agents, the following services— (a) cash-in or cash-out; (b) e-money funds transfer, whether to a customer of the same or a different e-money issuer; (c) bulk transfers for payment of social benefits, salaries or similar items; (d) automated bill payment services for the benefit of utility companies, schools, or Government agencies;

189 (e) credit products only if the issuer is licensed under the Banking Act 1995; (f) direct linkage between an account at a bank or non-bank deposit taking institution allowing for electronic transfers between a bank account and an e-money account; and (g) any other services provided by the e-money issuer approved by the Reserve Bank. (2) Subject to subregulation (3), e-money issuers are permitted to process over the counter funds transfers. (3) E-money issuers must capture, store and preserve both the sender’s and the recipient’s records for a minimum of 7 years from the date of establishment of the record or the completion of the transaction to which the record relates, whichever is later. (4) All e-money transactions must be cleared and settled within the time frame specified in the rules of the Reserve Bank on the matter and must comply with the provisions on non-repudiation contained in the Act. (5) Subject to approval by the Reserve Bank, e-money issuers may facilitate the purchase or servicing of certain financial products, including credit or insurance products, if offered in partnership with an institution otherwise licensed to offer such products and the identity of the product provider is disclosed to e-money customers. Operations and risk management 23.—(1) An e-money issuer must capture and store a digital image of all documents required for the opening of an account. (2) A system used to provide e-money services must provide at least the following capabilities— (a) maintain an audit trail of all transactions; (b) provide automatic blocking of attempted transactions that exceed prescribed transaction limits; (c) store photo or scanned images of identity documents provided by customers; and (d) support anti-money laundering and combating the financing of terrorism surveillance functionality for the detection, alert and analysis of suspicious transactions. Oversight, reporting and sanctions 24.—(1) E-money issuers must submit such returns in a form as may be approved by the Reserve Bank and within such time as required. (2) The Reserve Bank may examine an e-money issuer’s operations as the Reserve Bank considers necessary for the effective supervision of the e-money business. (3) The following apply for the purposes of an examination— (a) no notice to the issuer is required;

190 (b) the Reserve Bank must be given access to the e-money issuer’s places of business, including the place of business of any agent or critical service provider of the issuer; and (c) the Reserve Bank must have access to any book, record, document, information system or personnel of the issuer or any critical service provider of the issuer. (4) The Reserve Bank may designate and appoint a qualified independent person to conduct an audit of the operations, including the technology systems, of a licensee and the costs thereof are to be borne by the licensee. (5) Any final report of the auditor must be provided to the Reserve Bank within 10 days of receipt by the licensee. (6) Before issuing any penalty under this regulation, the Reserve Bank must provide written notice to an e-money issuer, including notice of intent to suspend or revoke any licence or approval, and may give the issuer a reasonable opportunity to make representations to the Reserve Bank in response. (7) For such purposes, communication by electronic mail to any responsible person or other contact designated by the issuer is considered sufficient notice. Consumer protection 25.—(1) Upon opening an e-money account, the issuer and any agent operating on behalf of that issuer must— (a) provide to all customers of the e-money service a complete listing of all fees and charges; and (b) for a customer not literate in the language used in written signage or other communications, provide an explanation, in a language known to the customer, of any fees or charges to which the customer may be subject. (2) The following information must be conspicuously displayed for the benefit of customers at any agent location where e-money services are provided— (a) the identity of the e-money issuer represented by the agent; (b) a complete schedule of fees and charges associated with any e-money transaction available at that location; (c) any unique identification number assigned to the agent by the e-money issuer or the Reserve Bank; (d) a telephone number or e-mail address of the e-money issuer where complaints may be lodged; and (e) a statement that the agent must not carry out transactions on behalf of customers. (3) All transaction data must be subject to end-to-end encryption while in transit and may be required to be authenticated by personalised security credentials.

191 (4) Agents must not enter the customer’s personalised security credentials or otherwise complete required entries on the customer’s phone. (5) All transactions are to be cleared and settled not more than 24 hours after a payment instruction has been initiated. (6) Agents must not initiate transactions when connectivity is interrupted or for any reason mobile network service is unavailable. (7) For any over the counter transaction, the recipient must receive a confirmation message on their mobile phone containing— (a) the sender’s name; and (b) the amount received. (8) Upon suspension or termination of an e-money account, the e-money issuer must notify the customer within 24 hours of the reason for the suspension or termination and give the customer a reasonable opportunity to respond. (9) An e-money issuer must maintain a process for receiving, evaluating and resolving customer complaints. (10) Information concerning complaint procedures must be provided to all customers when an account is opened and upon request at any other time. (11) Receipt of a complaint must be acknowledged by the e-money issuer within 24 hours of receipt. (12) The customer must be notified within 10 days of the status of their complaint and any steps taken to resolve the issue. (13) In the event of changes to the terms and conditions of an e-money account or any change to prices charged for e-money services, the account owner must be given written notice on their mobile phone not later than 10 days before any such changes become effective. Unclaimed moneys 26.—(1) An e-money account for which there are no transactions for a continuous period of 6 months may be considered dormant. (2) A dormant account may be suspended by the e-money issuer but the issuer must retain any account balance in the name of the customer for at least 12 months from the date the account is deemed dormant. (3) Every e-money issuer must, within 60 days after the financial year, publish in a daily newspaper or on the e-money issuer’s website, or other electronic means, a statement showing all dormant accounts. (4) Every statement published under subregulation (3) must state that dormant account holders, or their legal personal representative, as the case may be, must submit a claim to the e-money issuer within 3 months from the date of publication of the statement. (5) The unclaimed balance remaining in any dormant account for a period of 3 months after publication must be paid to the Reserve Bank and remains the property of the account owner.

192 PART 6—NETTING, INSOLVENCY PROCEEDINGS AND PARTICIPANTS’ LIABILITIES Transfer orders 27.—(1) Transfer orders and netting are legally enforceable and, even in the event of insolvency proceedings against a participant, are binding on third parties, provided that the transfer orders were entered into a system before the moment of opening of such insolvency proceedings as defined in regulation 29(1). (2) Where, exceptionally, transfer orders are entered into a system after the moment of opening of insolvency proceedings and are carried out on the day of opening of such proceedings, they are legally enforceable and binding on third parties only if, after the time of settlement, the settlement agent, the central counterparty or the clearing house can prove that they were not aware, nor should have been aware, of the opening of such proceedings. (3) A written law, rule or practice on the setting aside of contracts and transactions concluded before the moment of opening of insolvency proceedings, as defined in regulation 29(1), must not lead to the unwinding of a netting. (4) Subject to any condition provided in the Act or any subsidiary legislation made under the Act, the moment of entry of a transfer order into a system is defined by the rules of that system. Revocation of transfer orders 28. A transfer order must not be revoked by a participant in a system, or a third party, from the moment defined by the rules of that system. Opening of insolvency proceedings 29.—(1) For the purposes of these Regulations, the moment of opening of insolvency proceedings is the moment when the relevant judicial or administrative authority handed down its decision. (2) When a decision has been taken in accordance with subregulation (1), the relevant judicial or administrative authority must immediately notify the Reserve Bank of its decision. Insolvency proceedings not to have retroactive effect 30. Insolvency proceedings must not have retroactive effect on the rights and obligations of a participant arising from, or in connection with, its participation in a system earlier than the moment of opening of such proceedings as defined in regulation 29(1). Rights and obligations in insolvency proceedings 31. In the event of insolvency proceedings being opened against a participant in a system, the rights and obligations arising from, or in connection with, the participation of that participant must be determined by the written law governing that system. Collateral security 32. The rights of a participant to collateral security provided to it in connection with a system must not be affected by insolvency proceedings against the participant which provided the collateral security, and such collateral security may be realised for the satisfaction of these rights.

193 PART 7—ENFORCEMENT Penalties 33.—(1) A person who commits an offence under the Act is liable on conviction to— (a) in the case of an individual, the applicable penalty prescribed in column 3 of Schedule 3; or (b) in the case of a body corporate, the applicable penalty prescribed in column 4 of Schedule 3, and for a director, manager or officer in charge for the time being, the applicable penalty prescribed in column 5 of Schedule 3. (2) A person who commits an offence under these Regulations or the Act for which no other penalty is provided is liable on conviction to— (a) in the case of an individual, a fine not exceeding $5,000 or imprisonment for a term not exceeding 12 months or both; (b) in the case of a body corporate, a fine not exceeding $50,000; and (c) in the case of a director, manager or officer in charge for the time being of a body corporate, a fine not exceeding $5,000 or imprisonment for a term not exceeding 12 months or both. (3) For the purposes of subregulation (2)(b), the court may, instead of imposing the prescribed penalty, impose a daily penalty until such time as the breach is resolved, at a maximum rate of 0.1% of annual gross revenue for every day the breach continues. (4) If a person is convicted under these Regulations or the Act, the Reserve Bank may— (a) issue a direction to the person or impose additional conditions on the person’s licence; or (b) vary, suspend or revoke the licence or licence condition. (5) It is a defence for a director, manager or officer in charge for the time being of a body corporate charged with an offence under these Regulations or the Act that the offence committed by the body corporate was committed without his or her consent and connivance and that he or she took all reasonable steps to prevent its commission. PART 8—DEMATERIALISATION OF SECURITIES Central securities depository 34.—(1) For the purposes of the Act, the Reserve Bank is appointed as the central securities depository of Government and statutory corporation securities, as well as any other securities deemed appropriate to be processed through such central securities depository. (2) A company approved by the Reserve Bank as a central securities depository under the Companies Act 2015 may act as a central securities depository of Government and any other securities as established by subregulation (1). (3) The Reserve Bank may establish, operate or participate in a central securities depository of Government and any other securities as established by subregulation (1).

194 (4) For the purposes of subregulation (1), the Reserve Bank may–– (a) enter into agreements with any other central securities depository and carry out transactions under the terms of those agreements as may be necessary for the settlement of transactions between members of those depositories and the members of any central securities depository operated by the Reserve Bank; and (b) make rules and guidelines for the operation of the central securities depository of relevant securities. Register 35.—(1) The Reserve Bank must keep a register to be known as the Register of Government and Other Securities. (2) The Register must include a computerised record of— (a) rights arising from dematerialised Government and other securities; (b) holders of these rights at any given time; (c) any possible rights of third parties to such securities; and (d) such particulars as may be issued by the Reserve Bank by directives or policies. Register is prima facie evidence 36.—(1) The Register is prima facie evidence of the legal title to any Government and other securities entered in the Register. (2) A copy of an extract of the Register, certified by the Reserve Bank, is admissible evidence in any court. Transmission of dematerialised securities 37. The Government and other securities recorded in the securities account of the respective holders must be transferred by book-entry transfer between these securities account holders accounts. PART 9—MISCELLANEOUS Reserve Bank to determine actual existence of a system or service 38.—(1) The Reserve Bank may, where it has reasonable grounds to believe that a system or arrangement exists for the clearing and settlement of payment obligations or settlement of securities, request a person who is a party to the system or arrangement to provide it with further information, records and documents relating to the system or arrangement as the Reserve Bank may require, in order to make a determination on the existence of a system covered by these Regulations. (2) The Reserve Bank may, if it has reasonable grounds to believe that a payment service is provided, request a person that is allegedly providing such service to provide it with further information, records and documents relating to the performed activities as the Reserve Bank may require, in order to make a determination on the existence of a service covered by these Regulations.

195 (3) Every person who is required under subregulations (1) and (2) to provide information, records and documents must comply with such requests. Remedies 39. Any person that exercises one of the activities covered by these Regulations without having a licence issued by the Reserve Bank and— (a) continues to do so after the licence is revoked; or (b) is in breach of any term or condition imposed by the Reserve Bank, is subject to remedies as prescribed by the Reserve Bank under section 32 of the Act. Implementing measures 40. The Reserve Bank may issue relevant policies, notices, directives, circulars, instructions or other available measures to implement these Regulations. Service of documents 41.—(1) Where under the Act or these Regulations a document or notice may be, or is required to be, given to a person, the document or notice may be given by— (a) in the case of a body corporate— (i) leaving it at the registered office of the body corporate or the place or principal place of business of the body corporate in Fiji with a person apparently employed there; (ii) sending it by post to the registered office of the body corporate or to the place or principal place of business; or (iii) sending it by electronic mail to the e-mail address provided by the body corporate for the purpose of service of documents or notices; and (b) in the case of a financial institution— (i) delivering it to the main or principal place of business of the financial institution with a person apparently employed there; (ii) leaving it at any of the other branches of the financial institution in Fiji with a person apparently employed there; (iii) sending it by post to the place or principal place of business of the financial institution in Fiji; or (iv) sending it by electronic mail to the e-mail address provided by the financial institution for the purpose of service of documents or notices. (2) Areference in subregulation (1)to the registered office of a body corporate or financial institution includes a reference to a registered office that is outside of Fiji. Made this 29th day of April 2022. A. SAYED-KHAIYUM Attorney-General and Minister for Economy

196 SCHEDULE 1 (Regulation 3(1)) ________ APPLICATION FOR LICENCE APPLICATION FOR LICENCE FORM

  1. MANDATORY REQUIREMENTS FOR AN APPLICANT A: This application must be completed in English. B: The application must be addressed to the Governor of the Reserve Bank of Fiji (see address below) with a covering letter summarising the profile of the applicant and the licence applied for. C: The application and supporting documents required under Annex 1 must be true and correct.
  2. LICENCE APPLIED FOR Use this form for application for any of the following categories (please tick the appropriate box): ☐ Payment System Operator ☐ Payment Service Provider Payment Service Provider ☐ Activity A: Account issuance service ☐ Activity B: Domestic money transfer service ☐ Activity C: Cross-border money transfer service ☐ Activity D: Merchant acquisition service ☐ Activity E: E-money issuance service The service of issuing a payment account or any service relating to any operation required for operating a payment account such as an e-wallet (including certain multi-purpose stored value cards) or a non-bank issued credit card. Providing local funds transfer services in Fiji. This includes payment gateway services and payment kiosk services. Providing inbound or outbound remittance services in Fiji. Providing merchant acquisition services in Fiji where the service provider processes payment transactions from the merchant and processes payment receipts on behalf of the merchant. Usually the service includes providing a point-of-sale terminal or an online payment gateway. Issuing e-money to allow the user to pay merchants or transfer to another individual.

197 3. NAME OF APPLICANT (In capital letters in the order the names appear on the Registration Certificate, etc) Name of Applicant: ________________________________________________________ Application for (specify category of applicant) __________________________________ 4. APPLICANT’S CONTACTS 4.1 Physical Address ______________________________________________________ Town/City__________________________ Street/Road _______________________ Name of Building _____________________________________________________ 4.2 Mailing Address: ______________________________________________________

4.3 Phone Contact: Tel. No. _________________________ Mobile No. ______________________ Other Tel. Nos. ___________________________ E-mail Address:_____________________________________________________ 4.4 Authorised Contact Provide the following details of the person who will be liaising with the Reserve Bank of Fiji on this application. This person should be familiar with the application and able to address queries from the Reserve Bank of Fiji on the application. The applicant accepts responsibility for all submissions and representations which will be made by this authorised personnel/contact person. Name of contact person Designation Entity (if not the applicant) Contact Number E-mail Address 5. OTHER INFORMATION ABOUT THE APPLICANT 5.1 State whether any of the partners/ directors/ shareholders is an undischarged bankrupt. (If so, provide details) __________________________________________________

5.2 State whether any of the partners/ directors/ shareholders have a beneficial interest in any other business licensed to provide payment services. ______________________

5.3 Has any previous application by you been rejected or cancelled under the National Payment System Act 2021? (If so, provide details) ___________________________

198 6. REFEREES The following details should be completed by two different referees who have known the entity/person in a professional capacity. 1st Referee______________________________________________________________ I certify that the information given in this form is true and correct to the best of my knowledge. Full Name: ______________________________________________________________ (Block letters as the names appear on the person’s birth certificate) Postal Address: P.O. Box: ___________________________ Postal Code: _________________________ Post Office Town/City: ____________________________________________________ Phone and Fax Contact: Tel. No. ________________________ Fax No. _________________________________ Mobile No. _______________________ Alternative Tel. No. ______________________ E-mail Address: __________________________________________________________ Occupation: ______________________ Signature:_______________________________ 2nd Referee _____________________________________________________________ I certify that the information given in this form is true and correct to the best of my knowledge. Full Name: ______________________________________________________________ (Block letters as the names appear on the person’s birth certificate) Postal Address: P.O. Box: ___________________________ Postal Code: _________________________ Post Office Town/City: ____________________________________________________ Phone and Fax Contact: Tel. No. _________________________ Fax No. ________________________________ Mobile No. ______________________ Alternative Tel.No. _______________________ E-mail Address: __________________________________________________________ Occupation: _______________________ Signature: _____________________________ 7. DECLARATION I/We hereby declare the information we have provided in this application is true and correct to the best of my/our knowledge. I/We also understand that it is an offence to give false information in support of any application. Name…………………………………………………………………….. Designation……………………………………………………………… Signature………………………………………………………………… Date………………………………………………………………………

199 8. COMPLETED APPLICATION FORMS SHOULD BE RETURNED TO: Reserve Bank Bldg, Pratt Street Private Mail Bag Suva, Fiji Tel: (679) 331 3611 Fax: (679) 330 2094 E-mail Address: info@rbf.gov.fj ANNEX 1: SUPPORTING DOCUMENTS TO BE SUBMITTED At a minimum, every new application must be accompanied by:

  1. Documents of registration, including the certificate of incorporation and the memorandum and articles of association.
  2. For a payment service provider: (a) a certified copy of a current licence from the relevant authority in Fiji or elsewhere; and (b) in the case of an e-money issuer, a certified copy of the management agreement where a custodial trust relationship exists with the payment service provider.
  3. Evidence that the payment system operator and payment service provider hold the initial capital set out in Schedule 2. For applicants seeking to conduct more than one regulated payment service, the Reserve Bank of Fiji will make a determination of the relevant capital requirements to be met based on the applicant’s systemic importance and risk profile.
  4. A business plan, at a minimum, which includes the following: (a) a description of your organisation and the business concept; (b) details of the proposed system configuration with block diagrams, proposed technology interface with other licensees, network and terminal equipment and/ or customer premise equipment (CPE) and the standards they conform to, etc; (c) for payment service providers that are conducting e-money account issuance services, outline details for e-money account issuance services that the applicant intends to provide and if the applicant intends to provide more than one type of account, indicate the details such as load limit, redemption limit, channels of loading, channels for redemption and spending and indicate if it is incidental to any services; (d) an indicative budget for the first 3 financial years that demonstrates that the applicant is able to operate efficiently and safely in Fiji; (e) a list of the type of services to be offered and the programme of operations to offer these services (including the terms and conditions that will apply to customers, agents and cash merchants);

200 (f) details on the mechanisms that have been put in place to protect users’ funds in the eventuality of system failure, revocation/suspension of licence and/or insolvency; and (g) information on the public interest that will be served by the provision of the payment service or payment system. 5. A valid tax compliance certificate from the relevant tax authority in Fiji or elsewhere. 6. A current credit rating report from a credit reference bureau (if applicable). 7. A letter of no objection from the home regulatory authority where the applicant is a subsidiary of a foreign company, recommending the applicant to operate a payment system or payment service in Fiji. 8. Details of: (a) the applicant’s governance arrangements and internal control mechanisms, including administrative, risk management and accounting procedures, which demonstrate that these governance arrangements, control mechanisms and procedures are proportionate, appropriate, sound and adequate; (b) the internal control mechanisms which the applicant has established to comply with the Financial Transactions Reporting Act 2004, its regulations and guidelines; (c) the applicant’s structural organisation including, where applicable, its intended use of agents, cash merchants, branches and outsourcing arrangements, and its participation in a national and/or international payment system. 9. Details of the identity of: (a) responsible persons for the management of the payment service provider and operator; (b) the custodial trustees holding the cash which is represented in the payment service of the applicant; and (c) persons who, if the activities for which the licence is being sought are to be conducted in a separate division, are responsible for the management of that division. 10. If applicable, a detailed list of the volumes and value of transactions for the last 12 months. Pursuant to regulation 3(3) of the National Payment System Regulations 2022, the Reserve Bank of Fiji may require further information to be accompanied with a new licence application for a payment system operator or payment service provider.

201 SCHEDULE 2 (Regulation 3(2)) ________ FEES Payment System Operator Description Licence Application Fees (VEP) Non￾Refundable Minimum Capital Requirement Annual Licence Fees (VEP) Operator of a payment system in Fiji An entity that operates any system or arrangement for the processing, clearing or settlement of funds, but does not include: a. a clearing house recognised under any other written law; b. an in-house system operated by a person solely for the person’s own administrative purposes that does not transfer, clear or settle funds for third parties; and c. such other systems or arrangements as may be prescribed under the Act or any regulations made under the Act. $20,000 $200,000 $20,000 Payment Service Provider Activity A – Account issuance service The service of issuing a payment account or any service relating to any operation required for operating a payment account such as an e-wallet (including certain multi-purpose stored value cards) or a non-bank issued credit card. $1,000 $50,000 $1,000 Activity B – Domestic money transfer service Providing local funds transfer service in Fiji. This includes payment gateway services and payment kiosk services. Activity C – Cross-border money transfer service Providing inbound or out￾bound remittance services in Fiji.

202 Payment System Operator Description Licence Application Fees (VEP) Non￾Refundable Minimum Capital Requirement Annual Licence Fees (VEP) Activity D – Merchant acquisition service Providing merchant acquisition services in Fiji where the service provider processes payment transactions from the merchant and processes payment receipts on behalf of the merchant. Usually the service includes providing a point-of-sale terminal or an online payment gateway. Activity E – E-money issuance service Issuing e-money to allow the user to pay merchants or transfer to another individual. SCHEDULE 3 (Regulation 33(1)) ________ PENALTIES Provision in the Act Offence Penalty in the case of an individual Penalty in the case of a body corporate Penalty in the case of an officer of a body corporate Section 14(2) Operating without a licence A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both A fine not exceeding $100,000 A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both Section 16(8) Failure to comply with directives A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both A fine not exceeding $100,000 A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both Section 18(5) Failure to comply with directives A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both A fine not exceeding $100,000 A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both

203 Provision in the Act Offence Penalty in the case of an individual Penalty in the case of a body corporate Penalty in the case of an officer of a body corporate Section 24(8) Failure to submit application with prescribed fee to the RBF A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both A fine not exceeding $100,000 A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both Failure to seek the approval of the RBF to use agents Failure to register agents with the RBF Failure to inform customers of agents Section 35 Obstruction of officer A fine not exceeding $10,000 or imprisonment for a term not exceeding 5 years or both [LEGAL NOTICE NO. 59] INVESTMENT ACT 2021 ________ Investment (Reserved and Restricted Activities) Regulations 2022 IN exercise of the powers conferred on me by section 5(1) of the Investment Act 2021, I hereby make these Regulations— Short title and commencement 1.—(1) These Regulations may be cited as the Investment (Reserved and Restricted Activities) Regulations 2022. (2) These Regulations come into force on the date the Investment Act 2021 comes into force. Interpretation 2. In these Regulations, unless the context otherwise requires— “Act” refers to the Investment Act 2021; “foreign investor” has the meaning given by section 2 of the Act; “Investment Fiji” means Investment Fiji continued in existence under section 4 of the Investment Fiji Act 2022; “minimum investment threshold” refers to a foreign investor’s contribution or paid-up capital for a business undertaken or carried in Fiji;

Share