Payment Service Provider Licensing Process in Nepal

CONSULT
EXPERTS TODAY

Payment Service Provider (PSP) licensing in Nepal is regulated by Nepal Rastra Bank (NRB), the central bank of Nepal. PSPs facilitate electronic payment transactions between merchants and customers. The licensing process aims to ensure the safety, security, and reliability of payment systems in Nepal. Prospective PSPs must meet stringent financial, technical, and operational criteria set by NRB. The licensing requirements cover aspects such as capital adequacy, risk management, cybersecurity, and consumer protection. Applicants must demonstrate their capability to operate a robust payment infrastructure and comply with regulatory standards. The licensing process involves thorough scrutiny of the applicant’s business plan, financial stability, and technical capabilities.

Documentation Requirements for PSP License Application Process

The PSP license application process in Nepal requires submission of comprehensive documentation to Nepal Rastra Bank. Applicants must provide:

  • Detailed business plan outlining proposed payment services
  • Company registration certificate and memorandum of association
  • Audited financial statements for the past three years
  • Proof of minimum paid-up capital as specified by NRB
  • Organizational structure and management team profiles
  • IT infrastructure and security protocols documentation
  • Risk management and compliance policies
  • Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures
  • Customer dispute resolution mechanism
  • Agreements with partner banks and financial institutions
  • Feasibility study and market analysis report
  • Board resolution authorizing the license application

These documents undergo thorough review by NRB to assess the applicant’s eligibility and readiness to operate as a PSP in Nepal.

Legal Framework Governing Payment Service Providers Nepal

The legal framework for Payment Service Providers in Nepal is primarily governed by:

  1. Nepal Rastra Bank Act, 2058 (2002): Empowers NRB to regulate payment systems.
  2. Payment and Settlement Act, 2075 (2019): Provides the legal basis for electronic payments and settlements.
  3. Foreign Exchange Regulation Act, 2019: Regulates cross-border payment transactions.
  4. Electronic Transactions Act, 2063 (2006): Recognizes electronic transactions and digital signatures.
  5. Banks and Financial Institutions Act, 2073 (2017): Regulates financial institutions involved in payment services.
  6. NRB Licensing Policy for Payment Service Providers, 2076 (2019): Outlines specific licensing requirements for PSPs.
  7. Anti-Money Laundering Act, 2064 (2008): Mandates AML/CFT compliance for PSPs.

This legal framework aims to create a secure, efficient, and transparent payment ecosystem in Nepal while safeguarding the interests of consumers and maintaining financial stability.

Application Process for Payment Service Provider License

The application process for obtaining a Payment Service Provider license in Nepal involves several steps:

  1. Pre-application consultation with Nepal Rastra Bank
  2. Preparation of required documentation and business plan
  3. Submission of formal application to NRB’s Payment Systems Department
  4. Initial screening of application for completeness
  5. Detailed evaluation of application by NRB’s technical committee
  6. On-site inspection of applicant’s premises and infrastructure
  7. Presentation of business proposal to NRB’s licensing committee
  8. Addressing any queries or additional requirements from NRB
  9. Final review and decision by NRB’s Board of Directors
  10. Issuance of in-principle approval if application is successful
  11. Fulfillment of any conditions specified in the in-principle approval
  12. Granting of final PSP license upon meeting all requirements

This process typically takes several months and requires close coordination with NRB throughout the application review period.

Technical Requirements for Payment Service Provider Operations

Payment Service Providers in Nepal must meet specific technical requirements to ensure secure and efficient operations:

  1. Robust IT infrastructure with high availability and redundancy
  2. Secure data centers with disaster recovery capabilities
  3. Advanced encryption technologies for data protection
  4. Multi-factor authentication systems for user access
  5. Real-time transaction monitoring and fraud detection systems
  6. Integration capabilities with banking and financial networks
  7. Compliance with PCI-DSS standards for card payments
  8. API-based architecture for seamless integration with merchants
  9. Mobile and web-based payment platforms
  10. Automated reconciliation and settlement systems
  11. Comprehensive audit trails and logging mechanisms
  12. Scalable architecture to handle high transaction volumes

These technical requirements aim to maintain the integrity, confidentiality, and availability of payment services while ensuring compliance with regulatory standards.

Financial Requirements for PSP License Application Nepal

Nepal Rastra Bank stipulates specific financial requirements for PSP license applicants:

  1. Minimum paid-up capital of NPR 150 million for domestic PSPs
  2. Higher capital requirement of NPR 250 million for PSPs with foreign investment
  3. Proof of sound financial standing and profitability for existing companies
  4. Detailed financial projections for the first three years of operation
  5. Evidence of ability to maintain the required capital adequacy ratio
  6. Demonstration of sustainable revenue model and pricing structure
  7. Adequate provisions for operational and financial risk management
  8. Commitment to invest in technology and infrastructure development
  9. Financial capacity to handle settlement obligations and liquidity requirements
  10. Compliance with NRB’s foreign exchange regulations for cross-border transactions

These financial requirements ensure that PSPs have sufficient capital to support their operations and protect customer funds.

Compliance Standards for Payment Service Provider Business

Payment Service Providers in Nepal must adhere to stringent compliance standards:

  1. Implementation of robust Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) policies
  2. Regular submission of suspicious transaction reports to the Financial Information Unit
  3. Adherence to Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures
  4. Compliance with Nepal Rastra Bank’s reporting requirements and directives
  5. Implementation of internal control mechanisms and audit procedures
  6. Regular staff training on compliance and regulatory matters
  7. Adherence to data protection and privacy regulations
  8. Compliance with foreign exchange regulations for international transactions
  9. Implementation of consumer protection measures and dispute resolution mechanisms
  10. Regular compliance audits and assessments by independent third parties

These compliance standards aim to maintain the integrity of the payment ecosystem and prevent financial crimes.

Security Protocols Required for PSP License Nepal

Nepal Rastra Bank mandates strict security protocols for Payment Service Providers:

  1. Implementation of end-to-end encryption for all transactions
  2. Multi-layered firewalls and intrusion detection systems
  3. Regular vulnerability assessments and penetration testing
  4. Secure key management systems for cryptographic operations
  5. Implementation of secure coding practices for all applications
  6. Regular security audits by certified third-party auditors
  7. Compliance with international security standards such as ISO 27001
  8. Implementation of strong access control and user authentication mechanisms
  9. Real-time monitoring of security events and incident response procedures
  10. Secure data backup and recovery processes
  11. Physical security measures for data centers and operational facilities
  12. Regular security awareness training for all staff members

These security protocols aim to protect the confidentiality, integrity, and availability of payment systems and customer data.

Operational Guidelines for Payment Service Provider Services

Nepal Rastra Bank provides operational guidelines for PSPs to ensure smooth and compliant service delivery:

  1. Maintain clear segregation of customer funds from operational accounts
  2. Implement transparent fee structures and disclosure policies
  3. Establish Service Level Agreements (SLAs) with partner institutions
  4. Maintain adequate liquidity to meet settlement obligations
  5. Implement robust reconciliation processes for all transactions
  6. Provide clear and timely transaction receipts to customers
  7. Establish customer support channels with defined response times
  8. Implement business continuity and disaster recovery plans
  9. Conduct regular system maintenance and upgrades
  10. Maintain comprehensive transaction logs for audit purposes
  11. Implement dispute resolution mechanisms for customer complaints
  12. Adhere to prescribed transaction limits and thresholds

These guidelines ensure that PSPs operate in a manner that is transparent, efficient, and protective of customer interests.

Registration Process with Nepal Rastra Bank PSP

The registration process for Payment Service Providers with Nepal Rastra Bank involves:

  1. Submission of completed registration form to NRB’s Payment Systems Department
  2. Provision of detailed information about shareholders and directors
  3. Submission of certified copies of company registration documents
  4. Provision of business plan and operational model details
  5. Submission of audited financial statements and capital adequacy proof
  6. Provision of IT infrastructure and security documentation
  7. Submission of risk management and compliance policies
  8. Provision of details about proposed payment products and services
  9. Submission of agreements with partner banks and institutions
  10. Payment of prescribed registration fees to Nepal Rastra Bank
  11. Completion of on-site inspection by NRB officials
  12. Obtaining final approval and registration certificate from NRB

This registration process ensures that all PSPs are properly documented and vetted by the central bank.

Annual Reporting Requirements for Licensed Payment Providers

Licensed Payment Service Providers in Nepal must comply with annual reporting requirements set by Nepal Rastra Bank:

  1. Submission of audited financial statements within three months of fiscal year-end
  2. Provision of detailed transaction volume and value reports
  3. Reporting on compliance with AML/CFT regulations
  4. Submission of risk assessment and management reports
  5. Reporting on customer complaints and resolution statistics
  6. Provision of system downtime and incident reports
  7. Submission of updates on changes in shareholding or management
  8. Reporting on new product launches or service modifications
  9. Provision of details on partnerships and collaborations
  10. Submission of capital adequacy and liquidity reports
  11. Reporting on cybersecurity incidents and mitigation measures
  12. Provision of staff training and development reports

These reporting requirements enable NRB to monitor the financial health, operational efficiency, and regulatory compliance of PSPs.

Read More

Risk Management Framework for Payment Service Operations

Payment Service Providers in Nepal must implement a comprehensive risk management framework:

  1. Identification and assessment of operational, financial, and technological risks
  2. Implementation of risk mitigation strategies and controls
  3. Establishment of risk appetite and tolerance levels
  4. Regular risk monitoring and reporting mechanisms
  5. Implementation of business continuity and disaster recovery plans
  6. Conduct of regular stress testing and scenario analysis
  7. Establishment of a dedicated risk management committee
  8. Implementation of fraud detection and prevention systems
  9. Regular review and update of risk management policies
  10. Integration of risk management into strategic decision-making processes
  11. Implementation of incident response and crisis management procedures
  12. Regular risk awareness training for staff at all levels

This risk management framework helps PSPs identify, assess, and mitigate potential threats to their operations and customer funds.

Customer Protection Guidelines for Payment Service Providers

Nepal Rastra Bank mandates specific customer protection guidelines for PSPs:

  1. Implementation of clear and transparent fee structures
  2. Provision of easily accessible customer support channels
  3. Establishment of fair and timely dispute resolution mechanisms
  4. Implementation of robust data protection and privacy measures
  5. Provision of clear terms and conditions for all services
  6. Implementation of secure authentication methods for transactions
  7. Provision of real-time transaction notifications to customers
  8. Establishment of refund and chargeback procedures
  9. Implementation of measures to prevent unauthorized transactions
  10. Provision of regular account statements to customers
  11. Implementation of customer education programs on safe payment practices
  12. Establishment of compensation policies for service disruptions or errors

These guidelines aim to protect customer interests and build trust in the payment ecosystem.

Renewal Process for Payment Service Provider License

The renewal process for Payment Service Provider licenses in Nepal involves:

  1. Submission of renewal application to NRB at least 90 days before license expiry
  2. Provision of updated financial statements and capital adequacy reports
  3. Submission of compliance reports for the previous license period
  4. Provision of details on any changes in shareholding or management
  5. Submission of updated business plan and growth projections
  6. Provision of reports on transaction volumes and values
  7. Submission of customer complaint resolution statistics
  8. Provision of details on new products or services launched
  9. Submission of updated risk management and compliance policies
  10. Provision of cybersecurity audit reports
  11. Payment of license renewal fees to Nepal Rastra Bank
  12. Completion of renewal inspection by NRB officials

The renewal process ensures that PSPs continue to meet regulatory requirements and maintain high operational standards.

Regulatory Supervision of Payment Service Provider Business

Nepal Rastra Bank conducts regulatory supervision of PSPs through:

  1. Regular on-site inspections of PSP premises and operations
  2. Off-site monitoring of financial and operational reports
  3. Review of compliance with AML/CFT regulations
  4. Assessment of risk management practices and controls
  5. Evaluation of customer protection measures and complaint handling
  6. Monitoring of system uptime and incident response capabilities
  7. Review of partnerships and outsourcing arrangements
  8. Assessment of cybersecurity measures and incident reports
  9. Evaluation of corporate governance practices
  10. Monitoring of capital adequacy and liquidity positions
  11. Review of new product and service offerings
  12. Assessment of compliance with NRB directives and guidelines

This regulatory supervision aims to maintain the stability and integrity of the payment ecosystem in Nepal.

FAQs:

  1. What is the minimum capital requirement for PSP license? The minimum paid-up capital requirement for a domestic PSP license in Nepal is NPR 150 million, while for PSPs with foreign investment, it is NPR 250 million.
  2. How long does the PSP licensing process take? The PSP licensing process typically takes several months, depending on the completeness of the application and the applicant’s responsiveness to NRB’s queries.
  3. Can foreign companies apply for PSP license? Yes, foreign companies can apply for a PSP license in Nepal, subject to higher capital requirements and compliance with foreign investment regulations.
  4. What are the main compliance requirements? The main compliance requirements include AML/CFT regulations, KYC procedures, data protection, cybersecurity standards, and adherence to NRB directives.
  5. Is there an annual renewal fee? Yes, PSPs are required to pay an annual renewal fee to Nepal Rastra Bank, the amount of which is specified in the licensing policy.
  6. What technical infrastructure is required? PSPs must have robust IT systems, secure data centers, encryption technologies, fraud detection systems, and integration capabilities with financial networks.
  7. How many directors are required for PSP? The minimum number of directors required for a PSP is typically specified in the company law of Nepal, usually ranging from 3 to 7 directors, depending on the company structure.