North Macedonia
Answer ... In 2019 the government prepared a draft Payment Systems Act which seeks to implement several EU legislative instruments, including:
- the Second EU Payment Services Directive (2015/2366/EU);
- the Second E-money Directive (2009/110/EC);
- the EU Settlement Finality Directive (98/26/EC); and
- the Payment Accounts Directive (2014/92/EU).
The draft Payments Systems Act aims to open up the payments market and govern payment-related activities that are currently unregulated. These include money remittance, the operation of a payment account, the execution of payment transactions and the issue or acquisitions of payment instruments. In particular, the draft act covers the following three types of services:
- account information services, which allow third-party providers to pull digitised transaction data from a payment account that is operated by another payment service provider to give consumers and businesses an overview of their financial situation by consolidating information across the different payment accounts they may have with one or more payment service providers;
- payment initiation services, which allow third-party providers to initiate a push payment, such as a bank transfer, from an account operated by another payment service provider. This assists consumers in making online payments and informs the merchant immediately of the payment initiation, allowing for the immediate dispatch of goods or immediate access to services purchased online; and
- the issuance of card-based payment instruments by third-party payment service providers that request confirmation of the availability of funds from the payment service provider servicing the account.
Under the draft act, all third-party payment services providers must be authorised by the National Bank of the Republic of North Macedonia (NBRM), which is empowered to regulate, monitor and supervise their activities. To this end, the NBRM is competent to enact bylaws for technical standards on strong customer authentication and common and secure open standards of communication, as well as regulations on incident reporting and bylaws on security measures for operational and security risks. Parliament is expected to enact the draft act in 2020.