Payment factories exempted from the German Payment Services Supervision Act [ZAG]
In late November 2017, a notice issued by the German Federal Financial Supervisory Authority [BaFin] on the German Payment Services Supervision Act [ZAG], which became effective on 13 January 2018, caused considerable unrest among corporates. This exempted only payment services between group companies from the regulation, but explicitly not payments from or to a group. Following discussions between BaFin and a number of industry associations, this legal view was now modified in early August. However, several requirements must be met for this purpose.
According to the wording under item 3 m) of the notice, both the operation of a payment or collection factory and the triggering of payment transactions involving group company accounts by the staff of a shared services centre, the central collection of account information and other central services customary at many corporates relating to payment transactions and cash management would be classified as payment services. The result would be having to obtain permission from and supervision by BaFin, as well as compliance with equity requirements, collateral requirements and additional criteria.
Due to intervention by a number of industry associations, BaFin announced in January that the operation of a payment factory would initially not be considered as a violation against the ZAG until clarification of the open issues.
Following intensive discussions with BaFin, industry associations – under the coordination of the Association of German Treasurers [Verband Deutscher Treasurer] – presented their legal opinion in a letter and elaborated on this using examples. Accordingly, the operation of centralised cash management systems – especially the central processing of payment transactions by payment factories or in shared services centres – is exempted from the obligation to obtain permission, to the extent that suitable measures ensure payment processing that is fully compliant with the law at all times. The corresponding requirements that must be fulfilled include (i) concluding agreements with the involved group companies on the payment services to be rendered, (ii) complete documentation of all payment transactions, (iii) the establishment of processes and systems designed to prevent in particular money laundering, sanction violations and terrorist financing as well as (iv) the regular and transparent examination of the internal control system and remedying any irregularities identified in the process.
BaFin confirmed this legal view in early August, but reserved the right to take measures if there are indications of matters affecting payment services law. As a result, the risk of directly violating the law due to the existence of a payment factory, account authorisations of the SSC or other activities of a central cash management system is averted. Therefore, companies can use such functions in order to raise the efficiency and security of unquestionably reasonable processes and systems in payment transactions without obtaining permission from the Federal Financial Supervisory Authority. However, it should be examined in each case whether the corresponding necessary measures (refer to items i-iii above) have also been fully, effectively and transparently (for a third party) implemented.
Source: KPMG Corporate Treasury News, Edition 83, August 2018
Author: Prof. Dr. Christian Debus, Partner, Finance Advisory, email@example.com
© 2018 KPMG AG Wirtschaftsprüfungsgesellschaft, ein Mitglied des KPMG-Netzwerks unabhängiger Mitgliedsfirmen, die KPMG International Cooperative (“KPMG International”), einer juristischen Person schweizerischen Rechts, angeschlossen sind. Alle Rechte vorbehalten.