Entire section Custom print Link Text Only Rich Text Print

OB-2.1.1

AISPs and PISPs must establish a framework contract (a legal arrangement) with the customer prior to providing AIS or PIS services. The framework contract must provide the information set forth below that are relevant to the services they provide:

(a) The following information about the service and the provider:
i. the name, address and contact details of the PISP or AISP as the case may be;
ii. a description of the main characteristics of the service to be provided;
iii. the information or unique identifier that must be provided by the customer in order for a payment order to be properly initiated or executed;
(b) the form and procedures for giving consent to provide account information service, the initiation of a payment order and for the withdrawal of consent;
(c) provisions regarding the time of receipt of a payment order and the cut-off time, if any, established by the licensee and the maximum execution time for the payment services to be provided;
(d) whether spending limits for the use of a payment instrument may be agreed;
(e) the detail of all fees and charges payable by the customer to the PISP/AISP, including those connected to the manner in and frequency with which information is provided or made available and, where applicable, a breakdown of the amounts of any charges;
(f) the means of communication agreed between the parties for the transmission of information or notifications under this Module including, where relevant, any technical requirements for the customer's equipment and software for receipt of the information or notifications;
(g) The terms under which the customer may opt out from the use of the payment instrument;
(h) explicit consents required for generic marketing promotions by the PISP/AISP; and
(i) the terms of the framework contract and information.
(j) The following information about safeguards and corrective measures in compliance with PDPL:
i. where relevant, a description of the steps that the customer is to take in order to keep safe a payment instrument and how to notify the PISP/AISP for the purposes of obligations of the customer in relation to loss, theft, misappropriation, unauthorised use of the payment instruments and personalised security credentials;
ii. the secure procedures, by which the PISP/AISP will contact the customer in the event of suspected or actual fraud or security threats;
iii. the conditions under which the PISP/AISP stops or prevents the use of a payment instrument;
iv. the customer's liability, (payer or payee's liability for unauthorized payment transactions), including details of any limits on such liability;
v. how and within what period of time the customer is to notify the licensee maintaining customer account of any unauthorised or incorrectly initiated or executed payment transaction, and liability, if any for unauthorised payment transactions falling on the licensee maintaining customer account for execution of unauthorised payment transactions);
vi. liability, if any, in the event of initiation or execution or non-execution or defective or late execution of payment transactions;
vii. liability of parties in the event of a cyber-attack and loss of sensitive data; and
viii. the conditions for any refunds for payment transactions initiated by or through a payee.
(k) The following information about changes to and termination of the framework contract:
i. the time given to the customer to review and accept any proposed changes; which under no circumstances, shall be less than 10 calendar days;
ii. the proposed terms under which the customer will be deemed to have accepted changes to the framework contract in accordance, unless they notify the service provider that they do not accept such changes before the proposed date of their entry into force;
iii. the duration of the framework contract;
iv. where relevant, the right of the customer to terminate the framework contract and any agreements relating to.
(l) The following information about redress:
i. any contractual clause on the law applicable to the framework contract;
ii. the customer complaint procedures and the availability of alternative dispute resolution procedures for the customer and the methods for having access to them; and
iii. the name/title and contact number of the person designated to handle any queries or complaints.
Amended: July 2021
Added: December 2018