LogoRegulatory Alerts
2021-01-01

Circular No. 128: Authorization for Electronic Customer Inquiry

The Palestine Monetary Authority has authorized banks to obtain customer consent for data inquiries electronically rather than via direct written approval, supporting its fintech development strategy. Banks must implement verification systems that cross-reference customer ID and mobile numbers with PMA databases, use OTP-SMS consent as legally binding written approval, and restrict all data exchange strictly between the institution and the regulator. Each bank bears full liability for the accuracy of submitted customer information and must obtain prior regulatory approval before deploying the service.

Palestine Monetary Authority logo

Palestine

Palestine Monetary Authority

Click to view thumbnail

Palestine Monetary Authority

PALESTINE MONETARY AUTHORITY

Circular No. (2021/128)

To all banks operating in Palestine

Date: Wednesday, June 16, 2021

Subject: Authorization for Electronic Customer Inquiry

With reference to PMA Circular No. 2007/160 dated 28/10/2007 and Instructions No. 2/2017 dated 2/2/2017, which include directives on the necessity of obtaining written authorization for inquiring and declaring customer data to the PMA databases, and in alignment with the PMA's strategy aimed at enhancing support for the fintech sector in Palestine and directing banks toward adopting electronic channels for delivering financial services and products, we hereby inform you of the PMA's approval to grant banks the ability to obtain authorization for customer inquiry electronically instead of direct written authorization, provided that the following constraints and provisions are given due consideration when designing the electronic inquiry mechanism:

  • Design the mechanism to support matching customer ID number and mobile phone number data according to the PMA databases compared to the data sent by the prospective customer, ensuring alignment with the PMA regarding the programming of the authentication mechanism.
  • Rely, when implementing the verification and matching mechanism, on sending an SMS to the customer's phone number containing a verification code (OTP) that the customer is requested to enter to complete the process, which shall constitute the customer's written consent.
  • Data exchange shall be strictly limited between the banks and the PMA, and the customer shall not be shown any data derived from the PMA databases. The use of electronic authorization shall be strictly limited to reviewing the application submitted by the customer.
  • Each bank shall be responsible for the accuracy and currency of its customers' data declared to the PMA databases and shall bear full responsibility if any of the declared information is found to be incorrect.
  • Each bank shall retain a copy of the electronic authorization sent by the customer.
  • The approval under the above conditions does not include sending the inquiry and declaration authorization via email or fax.
  • Accordingly, bank management is requested to circulate the contents of this circular to relevant parties, emphasizing the necessity of obtaining prior PMA approval before launching the service.

Financial Stability Group
Palestine Monetary Authority

Note:
Ramallah and Al-Bireh - Palestine P.O. Box 452
info@pma.ps | Fax: +970 2 2415310 | Phone: +970 2 2415251
Gaza - Palestine P.O. Box 4026
Fax: +970 8 2844487 | Phone: +970 8 2825713

www.pma.ps

Share