Payment Service Provider (PSP) licensing in Nepal is regulated by Nepal Rastra Bank (NRB), the central bank of Nepal. PSPs facilitate electronic payment transactions between merchants and customers. The licensing process aims to ensure the safety, security, and reliability of payment systems in Nepal. Prospective PSPs must meet stringent financial, technical, and operational criteria set by NRB. The licensing requirements cover aspects such as capital adequacy, risk management, cybersecurity, and consumer protection. Applicants must demonstrate their capability to operate a robust payment infrastructure and comply with regulatory standards. The licensing process involves thorough scrutiny of the applicant’s business plan, financial stability, and technical capabilities.
Documentation Requirements for PSP License Application Process
The PSP license application process in Nepal requires submission of comprehensive documentation to Nepal Rastra Bank. Applicants must provide:
- Detailed business plan outlining proposed payment services
- Company registration certificate and memorandum of association
- Audited financial statements for the past three years
- Proof of minimum paid-up capital as specified by NRB
- Organizational structure and management team profiles
- IT infrastructure and security protocols documentation
- Risk management and compliance policies
- Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures
- Customer dispute resolution mechanism
- Agreements with partner banks and financial institutions
- Feasibility study and market analysis report
- Board resolution authorizing the license application
These documents undergo thorough review by NRB to assess the applicant’s eligibility and readiness to operate as a PSP in Nepal.
Legal Framework Governing Payment Service Providers Nepal
The legal framework for Payment Service Providers in Nepal is primarily governed by:
- Nepal Rastra Bank Act, 2058 (2002): Empowers NRB to regulate payment systems.
- Payment and Settlement Act, 2075 (2019): Provides the legal basis for electronic payments and settlements.
- Foreign Exchange Regulation Act, 2019: Regulates cross-border payment transactions.
- Electronic Transactions Act, 2063 (2006): Recognizes electronic transactions and digital signatures.
- Banks and Financial Institutions Act, 2073 (2017): Regulates financial institutions involved in payment services.
- NRB Licensing Policy for Payment Service Providers, 2076 (2019): Outlines specific licensing requirements for PSPs.
- Anti-Money Laundering Act, 2064 (2008): Mandates AML/CFT compliance for PSPs.
This legal framework aims to create a secure, efficient, and transparent payment ecosystem in Nepal while safeguarding the interests of consumers and maintaining financial stability.
Application Process for Payment Service Provider License
The application process for obtaining a Payment Service Provider license in Nepal involves several steps:
- Pre-application consultation with Nepal Rastra Bank
- Preparation of required documentation and business plan
- Submission of formal application to NRB’s Payment Systems Department
- Initial screening of application for completeness
- Detailed evaluation of application by NRB’s technical committee
- On-site inspection of applicant’s premises and infrastructure
- Presentation of business proposal to NRB’s licensing committee
- Addressing any queries or additional requirements from NRB
- Final review and decision by NRB’s Board of Directors
- Issuance of in-principle approval if application is successful
- Fulfillment of any conditions specified in the in-principle approval
- Granting of final PSP license upon meeting all requirements
This process typically takes several months and requires close coordination with NRB throughout the application review period.
Technical Requirements for Payment Service Provider Operations
Payment Service Providers in Nepal must meet specific technical requirements to ensure secure and efficient operations:
- Robust IT infrastructure with high availability and redundancy
- Secure data centers with disaster recovery capabilities
- Advanced encryption technologies for data protection
- Multi-factor authentication systems for user access
- Real-time transaction monitoring and fraud detection systems
- Integration capabilities with banking and financial networks
- Compliance with PCI-DSS standards for card payments
- API-based architecture for seamless integration with merchants
- Mobile and web-based payment platforms
- Automated reconciliation and settlement systems
- Comprehensive audit trails and logging mechanisms
- Scalable architecture to handle high transaction volumes
These technical requirements aim to maintain the integrity, confidentiality, and availability of payment services while ensuring compliance with regulatory standards.
Financial Requirements for PSP License Application Nepal
Nepal Rastra Bank stipulates specific financial requirements for PSP license applicants:
- Minimum paid-up capital of NPR 150 million for domestic PSPs
- Higher capital requirement of NPR 250 million for PSPs with foreign investment
- Proof of sound financial standing and profitability for existing companies
- Detailed financial projections for the first three years of operation
- Evidence of ability to maintain the required capital adequacy ratio
- Demonstration of sustainable revenue model and pricing structure
- Adequate provisions for operational and financial risk management
- Commitment to invest in technology and infrastructure development
- Financial capacity to handle settlement obligations and liquidity requirements
- Compliance with NRB’s foreign exchange regulations for cross-border transactions
These financial requirements ensure that PSPs have sufficient capital to support their operations and protect customer funds.
Compliance Standards for Payment Service Provider Business
Payment Service Providers in Nepal must adhere to stringent compliance standards:
- Implementation of robust Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) policies
- Regular submission of suspicious transaction reports to the Financial Information Unit
- Adherence to Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures
- Compliance with Nepal Rastra Bank’s reporting requirements and directives
- Implementation of internal control mechanisms and audit procedures
- Regular staff training on compliance and regulatory matters
- Adherence to data protection and privacy regulations
- Compliance with foreign exchange regulations for international transactions
- Implementation of consumer protection measures and dispute resolution mechanisms
- Regular compliance audits and assessments by independent third parties
These compliance standards aim to maintain the integrity of the payment ecosystem and prevent financial crimes.
Security Protocols Required for PSP License Nepal
Nepal Rastra Bank mandates strict security protocols for Payment Service Providers:
- Implementation of end-to-end encryption for all transactions
- Multi-layered firewalls and intrusion detection systems
- Regular vulnerability assessments and penetration testing
- Secure key management systems for cryptographic operations
- Implementation of secure coding practices for all applications
- Regular security audits by certified third-party auditors
- Compliance with international security standards such as ISO 27001
- Implementation of strong access control and user authentication mechanisms
- Real-time monitoring of security events and incident response procedures
- Secure data backup and recovery processes
- Physical security measures for data centers and operational facilities
- Regular security awareness training for all staff members
These security protocols aim to protect the confidentiality, integrity, and availability of payment systems and customer data.
Operational Guidelines for Payment Service Provider Services
Nepal Rastra Bank provides operational guidelines for PSPs to ensure smooth and compliant service delivery:
- Maintain clear segregation of customer funds from operational accounts
- Implement transparent fee structures and disclosure policies
- Establish Service Level Agreements (SLAs) with partner institutions
- Maintain adequate liquidity to meet settlement obligations
- Implement robust reconciliation processes for all transactions
- Provide clear and timely transaction receipts to customers
- Establish customer support channels with defined response times
- Implement business continuity and disaster recovery plans
- Conduct regular system maintenance and upgrades
- Maintain comprehensive transaction logs for audit purposes
- Implement dispute resolution mechanisms for customer complaints
- Adhere to prescribed transaction limits and thresholds
These guidelines ensure that PSPs operate in a manner that is transparent, efficient, and protective of customer interests.
Registration Process with Nepal Rastra Bank PSP
The registration process for Payment Service Providers with Nepal Rastra Bank involves:
- Submission of completed registration form to NRB’s Payment Systems Department
- Provision of detailed information about shareholders and directors
- Submission of certified copies of company registration documents
- Provision of business plan and operational model details
- Submission of audited financial statements and capital adequacy proof
- Provision of IT infrastructure and security documentation
- Submission of risk management and compliance policies
- Provision of details about proposed payment products and services
- Submission of agreements with partner banks and institutions
- Payment of prescribed registration fees to Nepal Rastra Bank
- Completion of on-site inspection by NRB officials
- Obtaining final approval and registration certificate from NRB
This registration process ensures that all PSPs are properly documented and vetted by the central bank.
Annual Reporting Requirements for Licensed Payment Providers
Licensed Payment Service Providers in Nepal must comply with annual reporting requirements set by Nepal Rastra Bank:
- Submission of audited financial statements within three months of fiscal year-end
- Provision of detailed transaction volume and value reports
- Reporting on compliance with AML/CFT regulations
- Submission of risk assessment and management reports
- Reporting on customer complaints and resolution statistics
- Provision of system downtime and incident reports
- Submission of updates on changes in shareholding or management
- Reporting on new product launches or service modifications
- Provision of details on partnerships and collaborations
- Submission of capital adequacy and liquidity reports
- Reporting on cybersecurity incidents and mitigation measures
- Provision of staff training and development reports
These reporting requirements enable NRB to monitor the financial health, operational efficiency, and regulatory compliance of PSPs.
Read More
- NGO and INGO Law in Nepal
- NGO and INGO Compliance in Nepal
- EXIM Code Registration and Renewal Process in Nepal
Risk Management Framework for Payment Service Operations
Payment Service Providers in Nepal must implement a comprehensive risk management framework:
- Identification and assessment of operational, financial, and technological risks
- Implementation of risk mitigation strategies and controls
- Establishment of risk appetite and tolerance levels
- Regular risk monitoring and reporting mechanisms
- Implementation of business continuity and disaster recovery plans
- Conduct of regular stress testing and scenario analysis
- Establishment of a dedicated risk management committee
- Implementation of fraud detection and prevention systems
- Regular review and update of risk management policies
- Integration of risk management into strategic decision-making processes
- Implementation of incident response and crisis management procedures
- Regular risk awareness training for staff at all levels
This risk management framework helps PSPs identify, assess, and mitigate potential threats to their operations and customer funds.
Customer Protection Guidelines for Payment Service Providers
Nepal Rastra Bank mandates specific customer protection guidelines for PSPs:
- Implementation of clear and transparent fee structures
- Provision of easily accessible customer support channels
- Establishment of fair and timely dispute resolution mechanisms
- Implementation of robust data protection and privacy measures
- Provision of clear terms and conditions for all services
- Implementation of secure authentication methods for transactions
- Provision of real-time transaction notifications to customers
- Establishment of refund and chargeback procedures
- Implementation of measures to prevent unauthorized transactions
- Provision of regular account statements to customers
- Implementation of customer education programs on safe payment practices
- Establishment of compensation policies for service disruptions or errors
These guidelines aim to protect customer interests and build trust in the payment ecosystem.
Renewal Process for Payment Service Provider License
The renewal process for Payment Service Provider licenses in Nepal involves:
- Submission of renewal application to NRB at least 90 days before license expiry
- Provision of updated financial statements and capital adequacy reports
- Submission of compliance reports for the previous license period
- Provision of details on any changes in shareholding or management
- Submission of updated business plan and growth projections
- Provision of reports on transaction volumes and values
- Submission of customer complaint resolution statistics
- Provision of details on new products or services launched
- Submission of updated risk management and compliance policies
- Provision of cybersecurity audit reports
- Payment of license renewal fees to Nepal Rastra Bank
- Completion of renewal inspection by NRB officials
The renewal process ensures that PSPs continue to meet regulatory requirements and maintain high operational standards.
Regulatory Supervision of Payment Service Provider Business
Nepal Rastra Bank conducts regulatory supervision of PSPs through:
- Regular on-site inspections of PSP premises and operations
- Off-site monitoring of financial and operational reports
- Review of compliance with AML/CFT regulations
- Assessment of risk management practices and controls
- Evaluation of customer protection measures and complaint handling
- Monitoring of system uptime and incident response capabilities
- Review of partnerships and outsourcing arrangements
- Assessment of cybersecurity measures and incident reports
- Evaluation of corporate governance practices
- Monitoring of capital adequacy and liquidity positions
- Review of new product and service offerings
- Assessment of compliance with NRB directives and guidelines
This regulatory supervision aims to maintain the stability and integrity of the payment ecosystem in Nepal.
FAQs:
- What is the minimum capital requirement for PSP license? The minimum paid-up capital requirement for a domestic PSP license in Nepal is NPR 150 million, while for PSPs with foreign investment, it is NPR 250 million.
- How long does the PSP licensing process take? The PSP licensing process typically takes several months, depending on the completeness of the application and the applicant’s responsiveness to NRB’s queries.
- Can foreign companies apply for PSP license? Yes, foreign companies can apply for a PSP license in Nepal, subject to higher capital requirements and compliance with foreign investment regulations.
- What are the main compliance requirements? The main compliance requirements include AML/CFT regulations, KYC procedures, data protection, cybersecurity standards, and adherence to NRB directives.
- Is there an annual renewal fee? Yes, PSPs are required to pay an annual renewal fee to Nepal Rastra Bank, the amount of which is specified in the licensing policy.
- What technical infrastructure is required? PSPs must have robust IT systems, secure data centers, encryption technologies, fraud detection systems, and integration capabilities with financial networks.
- How many directors are required for PSP? The minimum number of directors required for a PSP is typically specified in the company law of Nepal, usually ranging from 3 to 7 directors, depending on the company structure.
Table of Contents
- 1 Documentation Requirements for PSP License Application Process
- 2 Legal Framework Governing Payment Service Providers Nepal
- 3 Application Process for Payment Service Provider License
- 4 Technical Requirements for Payment Service Provider Operations
- 5 Financial Requirements for PSP License Application Nepal
- 6 Compliance Standards for Payment Service Provider Business
- 7 Security Protocols Required for PSP License Nepal
- 8 Operational Guidelines for Payment Service Provider Services
- 9 Registration Process with Nepal Rastra Bank PSP
- 10 Annual Reporting Requirements for Licensed Payment Providers
- 11 Risk Management Framework for Payment Service Operations
- 12 Customer Protection Guidelines for Payment Service Providers
- 13 Renewal Process for Payment Service Provider License
- 14 Regulatory Supervision of Payment Service Provider Business
- 15 FAQs: