Applying for a permission

Payment Service Provider

About

The purpose of this page is to make sure that the application process is fully understood.

This section sets out:

  • What a Payment Service Provider is and what this regulated activity would allow you to do
  • Authorisation Process
  • Capital Requirements
  • Additional Information

What is a Payment Service Provider and what would this regulated activity allow you to do?

The term Payment Service Provider refers to a category of payment services that facilitates or acts as an intermediary in a cash transaction. The authorisation of this regulated activity falls under the scope of the Financial Services Act 2019.

Payment services may consist of:

  • Enabling cash withdrawals;
  • Enabling cash to be placed in a payment account;
  • Credit transfers, including standing order;
  • Issuing payment instruments or acquiring payment transactions; or
  • Money remittance.

Any firm wishing to provide these type of services must be authorised by the GFSC as a Payment Services Provider and is required to comply with certain rules when providing services or completing payment transactions.

As an Authorised Payment Service Provider, firms will be authorised to provide one or more payment services and will be required to comply with all legislative requirements.

A Payment Service Provider can apply for one of the below three classes of permissions, depending on the services to be provided:

Class A Class B Class C
6. Money remittance.

7. Payment initiation services.

8. Account information services.

1. Services enabling cash to be placed on a payment account as well as all the operations required for operating a payment account.

2. Services enabling cash withdrawals from a payment account as well as all the operations required for operating a payment account.

3. Execution of payment transactions, including transfers of funds on a payment account with the user’s payment service provider or with another payment service provider:

a. Execution of direct debits, including one-off direct debits.

b. Execution of payment transactions through a payment card or a similar device.

c. Execution of credit transfers, including standing orders.

4. Execution of payment transactions where the funds are covered by a credit line for a payment service user:

a. Execution of direct debits, including one-off direct debits.

b. Execution of payment transactions through a payment card or a similar device.

c. Execution of credit transfers, including standing orders.

5. Issuing and/or acquiring payment services.

If an applicant requests an authorisation for a range of services that falls within two different classes of permissions, then the applicant should select the class of permissions with the highest capital requirement. For example, we expect a firm wishing to conduct service 6 and 7 to request a Class B permission; a firm wanting to conduct service 6 and 4 to request a Class C permission. This means that a firm is only able to hold one class of payment services permission.

Agents

A Payment Service Provider may appoint agents. Agents provide payment services on behalf of the Payment Service Provider. These must register with the GFSC.

Credit Institutions / Electronic Money Issuers

Authorised Credit Institutions or Electronic Money Issuers are not required to apply for a separate payment service permission. These institutions will however need permission to ensure they carry on payment services under their authorisation and that they comply with the relevant payment services requirements.

 

Application Process

Applicants should submit an application pack with all relevant documents. We will not consider an application complete if there are any outstanding documents.

The application pack must consist of:

  • Application Fee;
  • Application Form;
  • Financial Projections for the next 3 years;
    • Stress Test on Financial Projections;
    • Profit and Loss account;
    • Balance Sheet;
  • Regulated Individual Form (for each Regulated Individual);
  • Controller Form (for each Controller);
  • Business Plan;
  • Risk methodology and/or threat assessment matrix; 
  • Mapping assessment of how the application meets the relevant legislative threshold requirements (i.e. statutory/regulatory criteria for licensing under relevant Act); and
  • Any other document the applicant considers the GFSC should take into consideration as part of the application.

Please request cloud access via E-mail at authorisations@gfsc.gi  in order to submit the Application Pack. Please include the following information in the subject field: ‘Name of Regulated Firm/Applicant – Application’. Paper copies are not required unless indicated by the Authorisation team.

Please note that we accept signed signature copies sent via e-mail and electronic signatures, which must originate from the Regulated Firm /Applicant’s domain.  

 

Additional Services

Regulated Firms that are already authorised by the GFSC may apply to extend their permission to provide additional financial or professional services. If you are seeking authorisation for additional services, please contact the Authorisation team in order for us to determine what documents are required for submission.

The below sets out an overview of the expected information requested:

  • Application Fee (if applicable);
  • Revised Business Plan;
  • Financial Projections for the next 3 years, clearly identifying the impact of the additional business:
    • Profit and Loss account
    • Balance Sheet
    • Stress Test on Financial Projections
  • Regulated Individual Form (for any new individual carrying out a Regulated Individual function);
  • Controller Form (for any new Controllers within the structure); and
  • Any other document the applicant considers the GFSC should take into consideration as part of the application.

 The Regulated Firm should consider the following:

  • What new services/permissions it requires;
  • The type of new business/activity;
  • Where the business will be sourced;
  • Resources to deal with the additional business;
  • The impact of the additional business on its capital requirements; and
  • What changes are being effected to its systems and controls.

Capital Requirements

The type of services conducted by the firm determines the capital requirements for a Payment Service Provider and hence the type of licence obtained.

The initial and ongoing minimum capital requirements are:

  • Class A Licence: €20,000
  • Class B Licence: €50,000
  • Class C Licence: €125,000

Details on the different methods of calculating the own fund required can be found in the Payment Services Regulations. An applicant should agree with the GFSC which method of calculating its own funds it should apply before we issue a final approval.

Before being authorised to conduct the proposed activity, regulated firms holding multiple permissions may be required to hold the aggregate of the capital required for each licence, and on an ongoing basis. In these cases, we will consider the level of capital on a case-by-case basis. Applicants should discuss this with the GFSC ahead of their application.

 

Additional Information 

The business plan should comprehensively set out:

  • How the payment services will be conducted;
  • How the firm will comply with the anti-money laundering requirements;
  • Target market;
  • Type of products;
  • Risk management function;
  • The firm’s risk appetite;
  • Corporate Governance arrangements;
  • Compliance arrangements;
  • How the firm complies with the mind and management requirements in Gibraltar;
  • Agents to be appointed and the controls in place to monitor and supervise these, if applicable;
  • Countries/jurisdictions in which it will provide its services including whether these services will be conducted through an agent; and
  • How the firm complies with the legislative requirements, in particular with the protection of consumers.

We will be seeking evidence that the firm has considered, documented and implemented the risk, compliance and operational issues associated with the proposed activities.

Applicants should ensure that the business plan is coherent with the firm’s risk appetite and capacity.