Online Payment Systems Technology in China
The regulations existing in China dealing with online payment systems and related technology.
Over the past decade, advancements and innovations in communications technology have paved the way towards rapid globalisation. A main aspect of this is the convergence of telecommunications and computer technology, which has produced e-Commerce, now an essential feature of everyday retail business-to-customer, or business-to-business transactions. However, this in turn has introduced complex issues of information security, fraud or unfairness to the market, and operational disruption to settlements.
Online payment systems have many benefits, including promoting customer satisfaction, the reduction of settlement times, increased transparency of information regarding pricing and participant identify and fraud detection, and greater security. However, to ensure these benefits constantly outweigh the inherent dangers that come along with employing online payment system technology, the Chinese government imposes substantive regulations and licensing requirements surrounding the Internet, the information technology infrastructure, retail and related logistics and distribution, and media, therefore ensuring information security, fraud and settlement issues or disruptions are kept to a minimum.
China further ensures the minimisation of risks by administering control of payment systems through the People’s Bank of China (PBOC), and administering control of banking institutions through the China Banking Regulatory Commission (CBRC), whose major functions are:
(a) to stipulate regulations and provisions for banking supervision; draft laws, and administrative regulations and make proposals for their drafts and amendments;
(b) to approve the establishment, amendment, termination and business scope of banking institutions and their subsidiaries;
(c) to supervise banking institutions and punish those of unlawful behaviour;
(d) to compile statistics and reports of banking institutions;
(e) to offer opinions and proposals with the Ministry of Finance and PBOC; and
(f) to be responsible for the routine management of supervisory boards of major state-owned banking institutions.
Regulation of Online Payment Systems
In China, online payment systems are regulated under the Administrative Measures of the People’s Bank of China on Payment Services Provided by Non-Financial Institutions (the “Payment Services Measures”), which came into effect in September 2010. According to Article 1, the aim of the Payment Services Measures is to enhance the healthy development of the payment service market, to regulate the payment services provided by non-financial institutions, and to prevent payment risks and protect the legitimate rights and interests of parties concerned.
Essentially, the Payment Services Measures prohibit entities that are not CBRC-regulated from engaging in online payment, issuing or accepting prepaid cards, or accepting bankcards, unless these entities obtain a Payment Business License from the PBOC. Therefore, non-financial institutions are obliged to entrust custodial functions over their money to banks or else fulfill the requirements for a Payment Business License, which require the applicant to:
(1) be a limited liability company or a joint-stock company legally formed inside the PBOC and is the corporate body of a non-financial institution;
(2) have a registered capital reaching the minimum requirements of the Payment Services Measures, which is RMB 100 million;
(3) have capital contributors meeting the requirements of the Payment Services Measures;
(4) have at least five senior managers who are specialists in the payment business;
(5) have anti-money laundering measures meeting the prescribed requirements;
(6) have payment facilities;
(7) have a good organisational structure, sound internal control rules and effective risk control measures;
(8) have business sites and safety precautions meeting the prescribed requirements; and
(9) ensure neither the applicant or any of its senior managers have received any punishment for any violation or crime committed through the payment business or illegally providing payment services in the last three years.
The Payment Services Measures also include in Article 5 an obligation on payment institutions to follow principles of safety, efficiency, honesty and fair competition, and to protect the national interest, as well as public or legitimate interests and rights of clients, and an obligation in Article 6 to comply with anti-money laundering laws. Therefore, the Chinese government has invested a lot of effort in this area to ensure the online payment systems operating in China maintain safe and sound.
Consumer Protection and Data Security
Under Article 1 of the People’s Republic of China on Protection of Consumer Rights and Interests (the “Consumer Rights Law”), its main purpose is to protect the legitimate rights and interests of consumers, maintain the socio-economic order and promote the healthy development of the socialist market economy.
Among many things such as the right to obtain true information of relevant commodities, the right to a fair deal, and the right to acquire knowledge concerning consumption and protection of consumer rights and interests, e-Commerce platforms can be held to joint or several liability with the seller and/or manufacturer of the goods or services sold, therefore imposing a duty of care on e-Commerce platforms to take an interest and requiring such platforms to know their vendors or their products well, which will maximise authentic contact details and minimise the sale of defective or fake goods, or any such other activities that would infringe on consumers’ rights. As well as this, the recent amendment to the Consumer Rights Law increased compensation standards and penalties for violations; expanded liability for businesses involved in false advertising; the development of e-commerce regulations; and the creation of consumer privacy protection standards.
Furthermore, there are many diverse laws, regulations and local ordinances concerned with data protection, including principally the Consumers Rights Law and the Regulation on Personal Information Protection of Telecom and Internet Users (the “MIIT Regulation”). The main obligations espoused in these general laws on data controllers is to ensure data is processed properly, and for companies and other legal entities to collect and use personal information with regards to
(a) principles of legitimacy, rightfulness and necessity when collecting and using personal information;
(b) policies regarding the purpose, manner and scope of collecting and using personal information;
(c) obtaining consent from any individual that has information collected;
(d) refraining from collecting or using personal information in breach of any laws or regulations and with the agreement of any individual that has information collected; and
(e) confidentiality and legality of the handling of the personal information.
The PBOC, in July 2015, has also issued the Administrative Measures on Online Payment Business of Non-banking Payment Institutions, which is currently seeking public opinion. The Measures seek to put in place more restrictions on online payment businesses and online transfer businesses carried out by non-financial institutions, including limiting the amount an individual can pay online to RMB 5,000 per day through third-party payment accounts, unless the customer’s identity can be verified by a security token and electronic signature. Therefore, although there are risks involved in using online payment services technology, China has counteracted with additional laws and regulations to ensure the minimisation of such risks.
An inherent danger with employing online payment service technology is the threat to information security as well as potential issues within the market in relation to fraud the questionable integrity of several online payment systems. However, as an economy that is rapidly growing, especially in the e-Commerce world, China has adapted exceedingly well by ensuring its various administrative bodies, such as the Ministry of Industry and Information Technology, the People’s Bank of China, and the China Banking Regulatory Commission, are minimising such risks through the creation of relevant laws and regulations to further the growth of the economy in a safe environment.
ABOUT THE AUTHOR: Matthew Murphy
Matthew has over 20 years of China and Asia Pacific legal and business experience, focusing on Intellectual Property, Mergers & Acquisitions (including anti-trust) and International Trade. Matthew has been listed as a leading corporate/IP lawyer by various publishers such as Euromoney, Chambers and the Legal 500 and is an arbitrator with the Hong Kong International Arbitration Centre, the Beijing Arbitration Commission, and an arbitrator and mediator with the Kuala Lumpur Regional Centre for Arbitration. Matthew is a regular contributor of articles on Chinese and IP law to major journals, and regularly teaches international IP and technology law at the post-graduate level at a number of leading universities.
Matthew would like to thank Joyce Chng for her valuable contributions to this article.
Copyright MMLC Group
More information about MMLC Group
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer. For specific technical or legal advice on the information provided and related topics, please contact the author.