The New Iraq Electronic Payment Regulation

November 2014

At the beginning of April 2014, and according to Article 27 of the Electronic Signature & Electronic Transactions Law No. 78 of 2012, which stated that the electronic transfers of money should be regulated by a regulation that to be suggested by the Central Bank of Iraq (CBI), the Iraqi Council of Ministers issued Regulation No. 3 of 2014 regarding the Electronic Payment Services of Money (The “Regulation”).  This Regulation covers all the electronic payment activities including issuing the electronic payment tools, managing the deposits and cash withdrawals through ATMs and selling points, implementing of electronic payment processes (payable and receivable) that their money be guaranteed by the credit of the services user or by any means of digital communications or information technology, and implementing of electronic payment processes in accordance with the overall settlement system or the clearing mechanism system.

The provider of the electronic payment services (The “Provider”):

The Provider of such services should be licensed by the CBI.  The license is valid for 5 years, and can be renewal based on a written request submitted by the Provider to the CBI within 90 days before the license expiry date.  The Provider should be a legal entity, has the technical and organisational skills to operate the required mechanism, taking all measures to secure and protect the electronic transactions, ensures that the CBI can enter into the used system at any time for the supervision and control purposes, and has submitted an economic feasibility study to the CBI in this regard.  The Provider is able to appoint an agent/s and authorise him to provide the electronic payment services.  The Provider should submit to the CBI all the agent information including name, address, the internal control mechanisms used by the agent, description to the provided services by the agent, and any additional information considered necessary by the CBI.  The agent name will be recorded in a record that can be seen by the public at the CBI, and the Provider is obliged to inform the CBI with any changes related to the agent to be amended in the above mentioned record.  Article 16 of the Regulation listed the Provider obligations as following:

1. Implementing the settlement processes through the immediate overall settlement system.
2. Providing interoperable systems according to the technical standards set by the CBI.
3. Providing the CBI with the required measures and procedures according to the Money Anti-Laundry Laws.
4. Providing appropriate measures to protect the security and confidentiality of information from any intrusion and to protect customers’ records and information based on the laws and international best practices, which shall be reviewed periodically.
5. Determining the procedures that regulate the agents’ work and the selling points.
6. Operating a payment system which is able to contribute to the effective and stable performance in the financial system, in line with the best international practices and standards related to the electronic payment systems, including the infrastructure principles of the financial market issued by the Bank for International Settlements.
7. Providing electronic payment services which comply with the standards and instructions issued by the CBI.
8. Adopting appropriate regulatory measures in order to reduce the risk of loss or lack of related funds or assets.
9. Sending the electronic payment accounts data to the CBI separately from the consolidated balance sheet attached with it, in case that the Provider provides other activities than the electronic payment services.
10. Providing the CBI with the required data and information related to the provided electronic payment services, and the compliance to the conditions imposed by the CBI.
11. Determining the appropriate means which enable the CBI to directly enter into the used electronic system by the Provider for the supervision and control purposes.
12. Preparing database to the customers.

In addition to the above obligations, and if the Provider providing the electronic payment services through the mobile phone, he is obliged to:

• Sign written agreements with mobile operators, and provide the CBI with copies of the same.
• The payment process to be inside Iraq, and by national currency.
• Settlement of accounts through the immediate overall settlement system, or doing the same through a guarantor bank in the absence of a settlement bank account.

How to do the electronic payment process? And what is the service contract in such process?   

According to the Regulation, the electronic payment process can be done when the Provider informs the customer (in advance) by the maximum time to proceed with the payment process, in addition to provide the payee with the other necessary information such as the Identification Number, payer information, the paid amount (in the currency that used in electronic payment account where the amount deposited), exchange rate adopted by the Provider, Provider fees, and the amount entitlement date.

The electronic payment command considered as delivered to the Provider at the time when the latter received the payment directly or indirectly from the payer, and if the delivery time was in a day which is not within the Provider’s working days, so the command considered delivered to the Provider as the first command in the next working day.  In case that the Provider refused to proceed with the electronic payment process, he shall inform the customer with the reasons for rejection, and the corrective measures for the mistakes that led to the rejection.  The customer cannot withdraw the electronic payment command after the same delivered to the Provider.  The Provider fees should be deducted from the customer as soon as the money transfer process completed unless there is an agreement between the payer and the Provider that the latter fees can be deducted from the transferred amount before recording the same in the payee account provided that the total amount and the fees amount should both be clearly mentioned in the information provided to the payer.

The contracts of the electronic payment services are divided to “continuous service contracts” (contracts that organising continuous payment services to customers) and “single service contracts” (contracts that organising the use of the electronic payment service once).  Continuous service contracts should include the following:

1. The Provider name.
2. The address and contact details of the Provider’s headquarter (main office), or the agent in case that the service done thorough a Provider’s agent.
3. The Provider’s official information including the CBI license number and date.
4. Description of the key features of the electronic payment service that is going to be served.
5. The Provider fees.
6. The information that to be provided by the customer.
7. Information about protection measures and correction mechanisms in the event of an error.
8. The contract duration.
9. The maximum duration to implement the electronic payment services.
10. Calculating methods of the interest, and the possible changes in the same
11. Means of communication, which have been agreed upon between the parties, for the purpose of delivering the information or notices.
12. Guarantees for any improper use of the service.

Single service contracts should include the following:

1. Information about the payer, payee, paid amount, date, and time, and all should be recorded in the electronic payment special form.
2. The maximum period of time to complete the process.
3. The Provider fees.
4. The exchange rate adopted by the Provider.

The customer rights:

The customer has the right to know all of his rights and obligations. The Provider shall inform the customer in this regard, including placing a bulletin board at the entrance of the Provider’s workplace.  The customer has the right to be financially compensated in the case of delayed money transfers for the agreed period, and in the case of loss or lack of his money as a result of negligence or mismanagement.