The Central Bank of Nigeria (CBN) has unveiled a framework for Quick Response (QR) code payments, directing all issuers, acquirers, switches, processors and other participants in the country to ensure full interoperability of the schemes.
The CBN stated that the guidelines were in furtherance of its mandate to ensure the safety and stability of the Nigerian financial system, promote the use and adoption of electronic payments and foster innovation in the payments system.
The QR codes are a kind of matrix barcode representing information presented as square grids, made up of black squares against a contrasting background that can be scanned by imaging device, processed and transmitted by appropriate technology.
According to the apex bank, the codes can be used to present, capture and transmit payments information across payments infrastructure while the technology further enables the mobile channel to facilitate payments as well as presents another veritable avenue for promoting electronic payments for micro and small enterprises.
The framework provides regulatory guidance for the operation of the scheme and aims to ensure the adoption of appropriate QR code standards for safe and efficient payments services in Nigeria.
The apex bank, in a circular titled: “Framework for Quick Response (QR) Code Payments in Nigeria,” stipulated the acceptable QR code standards for implementing QR payments in Nigeria; interoperability of QR payments; roles and responsibilities of participants as well as risk management principles for QR code payments.
The CBN, however, warned that it will sanction any party that fails to comply accordingly with the QR regime, adding that all consumer complaints shall be resolved in accordance with the CBN Consumer Protection Regulation.
The guidelines provide that issuers and acquirers shall clearly define risk management policy and guidelines for the operation of the QR code scheme.
It stated:”QR codes shall, at a minimum, be encrypted (AES) and/or signed; QR codes payments applications, updates and patches shall be duly certified by the Payment Terminal Service Aggregator (PTSA); issuers and acquirers, shall agree minimum due diligence guidance for merchant on-boarding without prejudice to the KYC/AML requirements of the bank; issuers and acquirers shall ensure that only PTSA certified QR code shall
be utilised; issuers and acquirers shall ensure behavioural monitoring and fraud management systems are implemented to prevent, detect and mitigate fraud and money laundering.”
Also, the CBN unveiled a framework for regulatory sandbox operations, to a formal process for firms to conduct live tests of new, innovative products, services, delivery channels, or business models in a controlled environment, with regulatory oversight, subject to appropriate conditions and safeguards.
The CBN noted that the move will enable it to stay abreast of innovations while promoting a safe, reliable and efficient payments system to foster innovation without compromising on the delivery of its mandate.
The bank added that the objectives of the regulatory sandbox operation are to among other things, increase the potential for innovative business models that advance financial inclusion; reduce time-to-market for innovative products, services, and business models; increase competition, widen consumers’ choice and lower costs.
On providing appropriate safeguards to financial services consumers, the framework stipulated that an applicant shall identify the potential risks to financial institutions and financial consumers that may arise from the testing of the product, service or solution in the sandbox and propose appropriate safeguards to address the identified risks.
The CBN said in assessing the risks and evaluating the proposed safeguards, the bank will preserve sound financial and business practices consistent with monetary and financial stability; promoting the fair treatment of consumers; compliance with AML/CFT regulations; protecting the confidentiality of customer information;
promoting the safety, reliability and efficiency of payment systems and payment instruments as well as encouraging healthy competition for financial products and services. The CBN said:”Entities shall put in place testing parameters to limit risks to the financial system and for the consumers, while achieving effective testing processes.
“The participants shall set consumer protection safeguards, to guarantee consumer protection. Consequently, consumers participating in the testing phase need to be made aware of their rights and especially, be provided with information and contact details of the sandbox to report any complaint or problem they experience.
“The participants shall ensure proper maintenance of records during the testing period for a maximum of five years, to support reviews of the test by the bank.”
Click on link below to view the document