Back Custom print Link Text Only Rich Text Print

  • Payment Service Provider ("PSP")

    • AU-1.2.8

      Payment service providers, may act as an intermediary for the following services:

      (a) Services enabling cash to be placed in clients' money account and all of the operations required for operating the account;
      (b) Services enabling cash withdrawals from clients' money account and all of the operations required for operating the account;
      (c) The settlement of the direct debits of payment transactions;
      (d) Integrating customer delivery channels to enterprises to enable transactions at delivery channels (e.g. ATMs, POS, Interactive Voice Response, mobile, internet); and
      (e) Interfacing with external networks/institutions (e.g. national switch, VISA, MasterCard), enabling automated exchange of transactions between the enterprise and external networks.
      Amended: January 2019
      Amended: April 2017
      April 2016

    • AU-1.2.9

      Payment service providers also facilitate the payment of high volume periodic/repetitive bills (e.g. utility bills, phone bills etc), and customer initiated payments.

      April 2016

    • AU-1.2.10

      For purposes of Paragraph AU-1.2.8, clients' money account is defined as an account held in a retail bank which is used for the execution of payment transactions. The CBB has the right to stop this clients' money account at any time.

      Amended: January 2019
      April 2016

    • AU-1.2.10A

      When issuing any multi-purpose, electronic or otherwise, pre-paid cards, payment service providers must comply with the following requirements:

      (a) The maximum balance limit under each natural person must not exceed BD2,500;
      (bb) The maximum balance limit for each legal person must not exceed BD10,000 (Loading and transaction size).
      (b) The payment service provider must obtain a bank guarantee of BD100,000 from a retail bank licensed in the Kingdom of Bahrain; instead of the bank guarantee amount required under Paragraph AU-4.1.12.
      (c) Comply with all the requirements outlined under Module FC (Financial Crime);
      (d) All pre-paid plastic cards must be EMV compliant (chip and PIN and online authentication);
      (e) Any pre-paid card which is inactive for a period of six months must be placed in a dormant list; and
      (f) All transactions on pre-paid cards must be made through the client money account with a retail bank in Bahrain (See also Chapter GR-15, Client Money Requirements).
      Amended: April 2023
      Amended: July 2022
      Amended: January 2019
      Amended: October 2018
      Amended: October 2017
      Added: April 2017

    • AU-1.2.10B

      In addition to the requirements listed under Paragraph AU 1.2.10A, Payment service providers must maintain up to date Payment Card Industry Data Security Standards (PCI-DSS) certification. The initial certification must be obtained by 31st December 2017.

      Added: April 2017

    • AU-1.2.10C

      In order to maintain up to date PCI-DSS certification, payment service providers will be periodically audited by PCI authorised companies for compliance. Licensees are asked to make certified copies of such documents available if requested by the CBB.

      Added: April 2017

    • AU-1.2.11

      When a customer load cash into the card through kiosk or company/bank counter, the payment service provider must update the amount into the card immediately, and must deposit the relevant cash amount into the clients' money account within 24 hours.

      Amended: January 2019
      Amended: April 2017
      April 2016

    • AU-1.2.11A

      When owning or operating Cash Dispensing Machines (CDM) or Kiosks, payment service providers must comply with the requirements stated in Paragraphs AU-1.2.11B to Paragraph AU-1.2.11I.

      Added: April 2019

    • AU-1.2.11B

      Payment service providers must obtain CBB's prior written approval for owning or operating any Cash Dispensing Machine (CDM) or Kiosk.

      Added: April 2019

    • AU-1.2.11C

      Payment service providers must submit a written application to the Supervisory Point of Contact (SPoC) at the CBB, detailing the type of CDM or Kiosk, the proposed location(s) and the proposed security measures.

      Added: April 2019

    • AU-1.2.11D

      The application referred to in Paragraph AU-1.2.11C will be assessed on its individual merits, and at the CBB's sole discretion, taking into account factors which the CBB considers relevant including, but not limited to:

      (a) The suitability of the location(s) in question;
      (b) The level of overall activities of the applicant in the market as well as the size and make-up of its customer base; and
      (c) The type and range of facilities which the applicant proposes to offer through the CDM or Kiosk at the proposed location(s).
      Added: April 2019

    • AU-1.2.11E

      In addition to the information required by the CBB, further information/clarification may be requested by the CBB before it takes a decision regarding the application. The CBB's decision in this regard will be communicated to the applicant payment service provider in writing.

      Added: April 2019

    • AU-1.2.11F

      CDMs or Kiosks may be owned individually or jointly by ancillary service providers.

      Added: April 2019

    • AU-1.2.11G

      Payment service providers must not charge their customers for cash withdrawal transactions. When a customer uses CDMs, Kiosks or ATMs belonging to other banks or PSPs, the acquiring PSP/ bank may apply a charge capped at 100 fils per transaction to the issuing PSP.

      Added: April 2019

    • AU-1.2.11H

      Payment service providers must obtain the CBB's prior written approval for the termination/suspension of any of its CDMs or Kiosks.

      Added: April 2019

    • AU-1.2.11I

      The CBB may, at its sole discretion, require a payment service provider to terminate/suspend a CDM or Kiosk at any time.

      Added: April 2019

    • AU-1.2.11J

      Payment service providers must ensure they have a robust internal technological infrastructure and direct technical access to the EFTS, on an uninterrupted basis (24 X 7 days and 365 days in the year), to send, authorise and receive Fawri+/Fawateer direct credits on a real-time basis.

      Amended: April 2019
      Added: October 2018

    • AU-1.2.11K

      Payment service providers must maintain a daily value limit of BD1,000 for the total Fawri+ and Fawateer transactions (with assured immediate finality, i.e. within 30 seconds) for each STV card/IBAN account per day.

      Amended: April 2019
      Added: October 2018

    • AU-1.2.11L

      [This Paragraph was moved to BR-1.1.6 in July 2020].

      Amended: July 2020
      Amended: April 2019
      Added: January 2019