PISP&AISP license acquisition

Account Information Service Providers (AISP) are digital platforms that compile and present consolidated details regarding payment accounts owned by users and maintained with various financial service providers. Consequently, AISPs gain access to these payment accounts and bear the responsibility of ensuring user data security.

Entities holding AISP license are authorized to perform the following functions:

Entities holding such a license are authorized to perform the following functions:

Collecting and integrating account-related data.
Conducting financial assessments and managing budgets.
Evaluating creditworthiness and assessing financial stability.
Assisting in accounting and corporate finance activities.
Overseeing transactions and implementing fraud prevention measures.

Payment Initiation Service Providers (PISP) are

online platforms that obtain access to a user’s payment account to initiate financial transactions on their behalf, provided that explicit consent and authentication are granted. These services serve as an alternative to traditional online payments via debit or credit cards. Legislative regulations oversee PISP activities to ensure compliance with security standards when interacting with payment accounts.

A PISP license grants authorization to offer various financial solutions, including:

Facilitating customer purchases and payments for goods and services across websites and mobile applications.
Allowing users to directly pay for bills (such as rent, utilities, and subscriptions) from their bank accounts via secure payment initiation.
Managing domestic and international fund transfers on behalf of clients.
Providing platforms or services for peer-to-peer (P2P) transactions, enabling seamless and secure money transfers between individuals.
Offering subscription-based models that automate recurring service payments.

Licensing Availability

PISP and AISP licenses can be obtained in most European Union nations, the European Economic Area, and the United Kingdom. Businesses intending to offer such services must secure the relevant license from their respective national regulatory authority.

For instance, in the UK, the Financial Conduct Authority (FCA) regulates these licenses, whereas, in France, the Prudential Supervision and Resolution Authority (ACPR) is responsible. In the United Arab Emirates, equivalent permissions are referred to as Payment Service Provider (PSP) licenses, which can be acquired through the UAE Central Bank. The UAE Electronic Payment Systems Regulation (EPSR) classifies payment service providers into four categories, including retail and micropayment service providers.

Additionally, in Dubai’s financial hub, the Dubai International Financial Centre (DIFC), businesses can apply for AISP and PISP licenses via the Dubai Financial Services Authority (DFSA). The licensing procedure involves paying a registration fee (starting from $5,000) and an annual license fee ($5,000).

Licensing Process

In many jurisdictions, firms aiming to offer only account information services can obtain an AISP license.

Applying for a PISP license involves multiple essential steps, which may vary across different regulatory environments. It is crucial to provide precise documentation in accordance with relevant regulations and collaborate with authorities to enhance the application’s quality and minimize the likelihood of rejection or delays.

General Requirements

Companies seeking to obtain a PISP or AISP license must meet the following core criteria:

Maintaining the required minimum capital and adhering to capital adequacy regulations.
Paying the prescribed fee for application assessment.
Establishing a secure technological infrastructure to ensure transaction security and customer data protection (including encryption, access control mechanisms, and data recovery protocols).
Implementing clear Anti-Money Laundering (AML) and Counter-Terrorist Financing (CFT) measures for customer verification and transaction surveillance.
Developing robust risk management frameworks to identify and mitigate operational, financial, and regulatory risks.
Complying with data protection laws such as the General Data Protection Regulation (GDPR) within the EU.
Ensuring key personnel involved in the licensing process possess appropriate qualifications and expertise in financial services, risk management, and economic disciplines.
Submitting a comprehensive business plan outlining service offerings, target audience, financial projections, and other pertinent details.
Providing financial statements, including balance sheets, profit and loss statements, and cash flow reports.
Establishing corporate policies and procedures to ensure adherence to AML/CFT standards.