On Nov. 15, RSA GVT issued directive on credit payment instructions.
RSA GVT issued RSA CB directive on issuing of electronic funds transfer credit payment instructions on behalf of the payer in the National Payment System (NPS).
Purpose
Impose requirements on persons issuing electronic funds transfer credit payment. instructions on behalf of the payer, using screen scraping, or any other tool in the NPS.
To mitigate risks identified in para 2.5 including lack of data privacy, exposure to fraud.
Screen scraping is largely conducted without informed consent of the payer.
Registration Requirements
No person may issue electronic funds transfer credit payment instructions on behalf of a payer in the NPS unless that person: is registered with RSA CB;
And has obtained informed consent of the payer prior to issuing such a payment instruction/initiating such a payment; or exempted from registration by RSA CB.
RSA CB reserves the right to decline application for registration if requirements in this directive are not met; reasons for declining application will be disclosed to applicant.
Provisions
Directive includes provisions related to marketing; consumer awareness; informed consumer consent; operational risk; payer data protection and dispute resolution.
Enforcement
Contravention of this directive is an offence in terms of section 12(8), NPS Act.
RSA CB may terminate the registration of a person registered in terms of this directive where such person fails to comply, or if it is in interest of safety and efficiency of NPS.
Any person whose registration has been terminated shall immediately cease to issue electronic funds transfer credit payment instructions on behalf of any payer.
Effectiveness
Directive is effective 90 days after publication, i.e. on Feb. 13, 2025.