Financial Services Regulation

The financial services sector in Kenya comprises of different sub sectors. These include banks,
insurance companies, securities markets, pension schemes and savings and credit cooperative
societies (SACCOs) among others.
The primary source of regulation is the constitution of Kenya Articles 36, 43 and 46. These sub
sectors are regulated by different statutory bodies which include the Insurance Regulatory
Authority Retirement Benefits Authority, Capital Markets Authority and Sacco Societies
Regulatory Authority. The Central Bank of Kenya regulates banks and micro finance institutions.
The Central Bank of Kenya is in various ways guided by the following pieces of legislation:
1. Constitution of Kenya 2010
2. Central Bank of Kenya Act (2015)
3. Banking Act (2015)
4. Microfinance Act (2006)
5. The National Payment System Act (2011)
6. Kenya Deposit Insurance Act 2012
1
A financial service refers to any economic service or product of a financial nature that is
provided by the finance industry. A financial service is also used to describe organizations that
deal with the management of money. Financial services generally include organizations in the
sectors of insurance, estate, trust and agency services, securities, deposit taking, loan and
investment services and all forms of financial or market intermediation not limited to the field of
the distribution of financial products.
Why regulate:
1. Prudential—to reduce the level of risk to which bank creditors are exposed (i.e. to protect
depositors)
2. Systemic risk reduction—to reduce the risk of disruption resulting from adverse trading
conditions for banks causing multiple or major bank failures
3. Avoid misuse of banks—to reduce the risk of banks being used for criminal purposes,
e.g. laundering the proceeds of crime
4. To protect banking confidentiality Credit allocation—to direct credit to favored sectors to
provide the best customer service in this competitive age.
Types of Financial Services regulation
There are four approaches to financial supervision currently employed across the world. These
include functional regulation, institutional or regulation by silos, twin peaks regulation and single
or unified regulation.
Before designing any framework, a country must understand the role of the proposed regulator,
the size and structure of the sector. It may also be important to take into consideration the
1
Porteous Bruce and Pradip Tapadar, Economic Capital and Financial Risk Management for Financial Services
Firms and Conglomerates (Palgrave Macmillan 2005)
economic, political, legal and historic considerations. The choice of regulatory framework should
ultimately be one that will be effective and efficient. It must be able to lay down rules or
principles of conduct of financial services, as well as ensuring that there are high levels of
compliance and supervision in the sector.
a) Institutional approach –
The institutional approach is where an organization‟s legal status determines the regulator which
is tasked to oversee its activities from both a safety and soundness and a business conduct
perspective. This model is deemed to be under strain, given the recent developments in the
financial sector
Challenges of regulation include: potential inconsistency in application of rules and regulations
by desperate regulators and duplicity of regulation in cases of inter-agency operations
b) Functional regulation
This is where the supervisory oversight is determined by the business that is being transacted by
the entity, without regard to its legal status. Each type of business in an organization may have
its own functional regulator. This approach to supervision remains quite common and appears to
work well, so long as coordination among agencies is achieved and maintained.
Advantages- consistent application of rules across different organizations.
Disadvantages- extraterritorial application of the law by virtue of innovation, offering services
beyond a territory. This in turn may lead to a company dealing with different regulators which is
costly and may lead to inconsistency of jurisprudence given the application of various laws.
c) Integrated approach to regulation
This is where a single regulator conducts both safety and soundness oversight and conduct of
business regulation for all the sectors of financial services. This approach can be effective and
efficient in smaller markets, where oversight of the broad spectrum of financial services can be
successfully conducted by one regulator. It has also been adopted in larger, complex market
where it is viewed as a flexible and streamlined approach to regulation.
Advantages: provides a unified focus to regulation and supervision without conflict of interest of
legal application. This leads to high quality regulatory outcomes.
The regulator has a panoramic view of the whole business from compliance to risk, management
quality and control issues.
Disadvantages: it may create a risk of a single point of regulatory failure. If the regulator fails to
identify a problem there is a void of accountability and checks and balances since there isn’t any
other to fill in the gap.
d) Twin Peaks approach to regulation
This approach is one in which there is a separation of regulatory functions between two
regulators. One performs the safety and soundness supervision function and the other, focuses on
conduct of business regulation. This approach is designed to garner many of the benefits and
efficiencies of the integrated approach. At the same time, it also focuses on addressing the
inherent conflicts that may arise from time to time between the objectives of safety and
soundness regulation and consumer protection and transparency. Some of the jurisdictions which
have adopted this model of regulation include Australia, Netherlands and the United Kingdom.
This approach may be the optimal means of ensuring that issues of transparency, market
integrity, and consumer protection receive sufficient priority. The approach is designed to ensure
that consumer protection principles apply uniformly across all financial products, regardless of
the legal status of the entity.
Case for Kenya
Kenya currently employs both the institutional and functional regulatory frameworks. This
model is such that each of the intermediaries in the sector is regulated by a different authority,
agency or body. For instance, Insurance Regulatory Authority regulates the insurance sub sector,
Central Bank of Kenya regulates the banking sub sector, Capital Markets Authority regulates the
securities markets and the Sacco Societies Regulatory Authority regulates the Saccos and
societies sub sector.
Under this structure, each sub sector is regulated by a different regulatory entity, and in some
cases one sub sector may have more than one regulatory body exercising supervisory oversight
over its activities. An example would be where a company is registered under the Companies Act
and licensed to operate under the Insurance Act. Such a company is subject to regulation by the
Insurance Regulatory Authority. Further, if the company was to be listed publicly then it would
further be regulated by the Capital Markets Authority.
This existing regulatory model is affected by several challenges some of which include
subjective interpretation, leading to lack of compliance and poor governance, duplication of
regulations, insufficient regulation to adequately cater for all the businesses and services offered
by the sector and questions of independence of the different regulatory bodies among others.145
An example is the case of mobile money transfer services where although mobile phone business
is regulated by the Communications Authority of Kenya, the money transfer services undertaken
are under the banking aspects. This therefore poses several legal and financial risks which
include the lack of proper coordination among the different regulators to determine the scope of
each regulator. In addition, the consumers stand exposed to financial crimes, without recourse to
adequate compensation.
Globally, the financial services sector continues to evolve and different emerging trends are now
being witnessed. Some of these trends include cross selling of products across the different
industries such as bancassurance where banks are now mandated to offer insurance services on
behalf of insurance companies. Others are technological advancements such as online and
mobile banking services, new distribution services, such as digital currencies, mergers and
acquisition activity as well as increased competition such as the recent introduction of Mobile
Virtual Network Operators (MVNO’s). Some of these emerging trends do not even have clear
regulatory framework to govern their operations.
This fragmented model has developed over time and with the growth in the financial services
sector in Kenya, there have been calls for reform. These challenges and emerging trends
encapsulated above continues to exhibit inefficiencies, complexities, confusion and cost
ineffectiveness which ultimately affect the economic development of the country. The functional
or institutional model therefore remains inadequate to address the issues already highlighted.
The Ministry of Finance currently exercises oversight over these agencies.
(a) Central Bank of Kenya regulates all the commercial banks(Central Bank of Kenya Act
and Banking Act), non-bank financial institutions, mortgage companies, forex bureaus,
building societies and micro finance institutions.
(b) The Retirement Benefits Authority is responsible for regulating the pension sector and
regulates the retirement benefits schemes, pooled schemes, National Social Security Fund
administrators, fund managers and custodians.
(c) Insurance Regulatory Authority regulates all insurance companies, brokers, insurance
agents, assessors and loss adjustors, and health management companies.
(d) Capital Markets Authority regulates the securities markets, fund managers, central
depository systems, custodians, investment banks, collective investment schemes,
investment advisors, stock brokers, securities dealers, listed companies, credit rating
companies and venture capital firms.
(e) The Sacco Societies Regulatory Authority (SASRA) regulates all savings and credit co-
operative societies.
1. Banking Sector Regulation
Bank are regulated under the Banking Act which makes provisions for application for license to
carry on business as a bank from the CBK , restrictions on capital requirements and on
trading ,approval on location of business, amalgamation and transfer of business, accounts and
audits, information and reporting requirements and requirements as to liquidation under Section
34A.
The Central Bank of Kenya is authorized under the Act to perform any type of banking function,
for which it is mandated under the Central Bank of Kenya Act. The Central Bank of Kenya
enjoys all the powers of a central bank and therefore has the powers to make its own rules of
conduct or procedure for its good order and proper management. Through this function, the
Central Bank is therefore a regulator of all banking institutions in Kenya. The Central Bank also
acts as a banker to other institutions. This function enables it to monitor and provide regulations.
for the institutions, such as requiring institutions to furnish it with information that it may
reasonably require to enable it discharge its functions.
Developments in the banking sector- n convergence of services in the financial services
generally, between banking and telecommunications, mobile money transfer services, electronic
payment systems among others.
This has also resulted to the enactment of the National Payment Systems Act, which aimed at
legislating the regulation and supervision of payment systems and payment service provider.
a. Agency banking.
Agency banking was introduced in Kenya in 2010, through the 2Prudential Guidelines which set
out how banks and other financial institutions may conduct their business through agents. The
Prudential Guidelines define an agent to mean an entity that has been contracted by an institution
and approved by the Central Bank of Kenya to provide the services of the institution on behalf of
that institution, in the manner prescribed in the Prudential Guidelines. In order for an entity to be
eligible it must possess a business license or permit for a lawful commercial activity for at least
twelve months prior to the date of the application. The institution would be required to consider
an agent’s credit risk, operational risk, legal risk, liquidity risk, reputation risk and compliance
with rules for combating anti money laundering and financing of terrorism when considering
appointing a person/entity as its agent.
b. Electronic banking

One of the innovations that have emerged from the various ICT convergence processes and
models is the convergence of mobile telecoms and financial services resulting in the provision of
‘mobile financial services’ by mobile network operators.

In part because of the novelty of the field, there is no official or internationally accepted
definition of Mobile Financial Services (MFS). However, ‘mobile financial services’ is
commonly used as an umbrella term to describe any financial service that is provided using a
mobile device.

Mobile money is sometimes used as a substitute, although some use this term more narrowly to
refer to the underlying source of value for mobile payments.

This broad definition can be further delineated:

i. Mobile banking (m-banking) -is the use of a mobile device primarily as a channel to
conduct transactions from one or more bank accounts. These transactions may include
payments from one bank account to other bank accounts. Mobile banking services
typically offer a range of informational functions as well, such as balance enquiries,
simplified statements, transaction notifications, or account alerts. Mobile banking is a
subset of electronic banking (e-banking), which includes Internet banking and the use of
non-mobile channels such as ATMs and Point of Sale devices.
ii. Mobile payment-(m-payment) is the use of a mobile device to make a payment. M-
payment may involve creating a new instrument, such as e-money, to serve as the source
from which and to which value is transferred. However, m-payment may be made using
an existing instrument or store of value such as a bank account, although the term is
sometimes used to describe only those payments that are not from a bank account. There
are a variety of types of mobile payments, including:
2
Prudential Guidelines For Institutions Licensed Under Section 33(4) The Banking Act
 a. Person-to-person (P2P): also known as a mobile money transfer or mobile
remittances between persons.
b. Person-to-business (P2B): the payment of bills, goods, and services, and
purchase of airtime. The reverse, Business-to-person (B2P) occurs when
businesses pay people (for example, in wages or for goods delivered) and is
broadly referred to as m-commerce.
c. Business-to-Business (B2B): entails transactions between businesses, such as
between a manufacturer and a wholesaler, or between a wholesaler and a retailer
conducted on a mobile platform.

MFS can be described further under the following models;

a. Bank Model

This is whereby a bank, or any other licensed financial services institution such a micro-finance
institution (MFI), is the main institution licensed to provide mobile financial services under the
Banking Act. This model is distinguished by the fact that clients, or recipients of the mobile
financial service, are required by the Central Bank of Kenya Prudential Guidelines to have a
bank account.

The mobile financial services provided are mobile banking services such as payments, account
balance inquiry, and monetary transfers between accounts. These services are accessed through
the Internet or through a mobile phone-based system where the mobile phone company provides
menu-based communications services in partnership with a bank.

However, neither the mobile network operator nor the cell phone company, is involved in any
underlying financial transactions, all of which pass through the client’s bank account and for
systems will make it significantly easier to exercise fiduciary oversight over the payment
process.

b. Mobile Network Operator Model

Under this model, a mobile service provider transforms its wireless network messaging
functionality into a Subscriber Identification Module (SIM) based platform for providing mobile
financial services as Value Added Services (VAS) under its telecommunications license. The
SIM based service enables its subscribers to transfer funds and make payments in the form of
electronic money to each other, which transactions are settled through the MNO's established
agent network.

In contrast to mobile banking services, the payment transactions occur entirely within the
MNO’s network, and do not require the subscriber to have a bank account. The funds in transit -
paid in by the remitter but not yet withdrawn by the recipient, are in principle on deposit in a
separate trust account with one or more banks and are therefore not deposits in the context of
banking business.
MNOs make use of the banking facilities, in the form of trust accounts. This requirement is part
of the authorization and licensing conditions spelt out by the Central Bank of Kenya. The MNO
only executes client payment instructions and does not perform the credit assessment and a
bank’s risk management role. The Mobile network operator model of mobile financial services is
different from the mobile banking model in three significant aspects:

 Cash exchanged for electronic value are not repaid and remains in control of the customer
at all times. To offer M-PESA services the agent must deposit a float of cash upfront in
an M-PESA account, held by a local bank. As such there is no credit risk to either the
customer or the mobile network operator.
 Customer funds are not on-lent in the pursuit of other business or interest income. All
funds are to be maintained in a pooled trust account at a reputable bank, and cannot be
accessed by the mobile network operator to fund its business. Hence, there is no
intermediation, which is a key part of the deposit taking definition.
 No interest is paid on customer deposits, or received by the mobile network operator on
the float. This is a further factor which indicates that the e-value created is not in fact a
deposit.

Therefore, these services arguably do not constitute banking business as defined under Section 2
of the Banking Act. Therefore, they do not require the extent of regulatory oversight required for
deposits that are used in banking.

The depository bank has no involvement in or responsibility for payments through the MNO
system. Mobile banking has relatively high costs of a bank account opening (minimum balance,
service charges, fully Know-Your-Customer (KYC) requirements, and travel time to a branch),
compared to the easy, low cost and increasingly universal access to cell phone services.

The MNO model is therefore highly effective in bringing informal cash transactions into a form
of formal financial system, thereby expanding access to financial services.

c. Hybrid Model

Since the inception of mobile financial services by MNOs, there has been increased competition
between the banks and MNOs in the provision of mobile banking and mobile money transfer
services respectively. In addition, there has also been competition within the banking industry,
and also between the mobile network operators on the other hand.

This has resulted in innovative integration of mobile banking and mobile money transfer and
payment services, so as to add value to the services offered by banks to their banking customers,
and MNOs to their subscribers. This integration has resulted onto the evolution of a hybrid type
of mobile financial service model. In this model, banks, MNOs and/or other third parties partner
to offer mobile financial services that combine mobile banking services and mobile money
transfer services. The various types of integration are aimed at fulfilling certain business
objectives.
The strategic objectives of mobile network operators include churn reductions and, to a lesser
degree, increase in Average Revenue per User (ARPU), customer acquisition and market
differentiation. On the other hand, the banks’ main motives are outreach expansion, customer
acquisition, cost reduction and traffic diversion from bank branches.

This integration has resulted into the evolution of a hybrid type of mobile financial service
model. In this model, banks, MNOs and/or other third parties partner to offer mobile financial
services that combine mobile banking services and mobile money transfer services. Such hybrid
models are mobile network operator-based money transfer services that handle payments
internally with cash in/out through the MNO's agent network, yet link to formal banking services
including savings and loans such as Safaricom’s M-KOPA and M-Shwari, and insurance.

This is done in partnership with a regulated financial institution by enabling communications

with the bank and transfers between the user's SIM-based mobile money transfer account (e-
wallet) and accounts at the bank. Most mobile financial services are hybrid, drawing on the
relative strengths of the partners involved.

In Kenya, mobile financial services including M-PESA, Airtel Money, and Orange Money,
offered by mobile telecommunications companies were originally under the pure (MNO) model.
However, increased integration of some of these mobile money services with mobile banking
services has created hybrid models.

Financial Services Providers

These include:
1. Banks
2. Banking Agents
3. Telecommunication Providers
4. Insurance Companies: Regulated under the Insurance Act 2015, by the Insurance
Regulatory Authority for insurance business, reinsurance and investments. Other
authorities regulating this industry include: Registrar of companies under the companies
Act, Unclaimed Financial Assets Authority under the unclaimed financial assets act,
Kenya Revenue Authority, Capital Markets Authority, Competition Authority.
5. Saccos: Regulated under the Savings and Credit Cooperative Societies Act. Regulated by
Sacco Regulatory Authority (SASRA).
6. Retirement and pension schemes under the Retirement Benefits Act, regulated by the
Retirement Benefits Authority.
The Digital Payments Ecosystem
3
The constantly evolving payments ecosystem is a complex network of different, often
unconnected systems. From cash to cards to mobile in real-time, the payments ecosystem
continues to expand. History has led to many country-specific electronic payment methods,
which are not interoperable.
3
https://www.transactioninnovationforum.com/wp-content/uploads/2019/11/equinx-Digital-Payments-
Whitepaper_FINAL-15Nov2018.pdf
The need to deliver global interoperability is driving more interconnection among participants in
the payments market. Just like people gather together in cities to gain the synergies of a social
networking, for business and leisure, there is a parallel in the “urbanization of IT,” with
payments players creating infrastructure with direct access to data sources, service providers,
networks and clouds to gain the performance and cost benefits of interconnection.
The graphic below is a general representation of the thousands of different payments players
actively participating in the market, some locally and some globally:

4
These include:
1. Payment Service Providers : Banks , Mobile Network operators, Payment Service
Intergrators (Paypal KopoKopo, iPay, JamboPay, PesaPal, M-Payer, Lipuka, Moca,
Paysure and KrossPay) , Saccos and Micro Finance Institutions
2. Payment Instruments: these are available methods for purchasing goods and services that
facilitate the movement of money. They include: cash, Bank Cards, Mobile payments,
Cheques, Bank transfers (EFT, SWIFT, RTGS)
3. Infrastructure available : This refers to the system , along with banks and non-bank
agents, which serves to provide services to customers which are not serviced by bank
branches or ATMs. They include: Point of Sale mashines, ATMs, Mobile money agents,
banks, internet, PDQ.

4
https://icta.go.ke/pdf/Digitizing%20Govt%20Payments%20Kenya%20Study_FINAL.pdf
Pillars necessary to ensure effective payments include:
1. Security: being able to confirm user’s identity for data and consumer protection. Security
must address authenticity, privacy, integrity and non-repudiation.
2. Distribution: this is the geographical reach of financial services with respect to points of
access.
3. Devices: this relates to the front end options available to citizens to access financial
services.
4. Payment Processing: this refers to the back end support systems and their capability to
process payments.
5. Integration: this is the extent to which payment systems are interlinked.
Regulatory Framework
The regulation of financial services is primarily conducted by the central bank under the CBK
Act and the National Payment Systems Act and Regulations 2014.
In addition, the regulatory framework and authority is determined by the sector. For example, the
Kenya Revenue Authority imposes tax on providers of these services e.g tax imposed on m-pesa
transactions then KRA will be an additional regulatory authority to CBK.
Key Acts include:
1. Central Bank of Kenya Act -creating the Central Bank of Kenya and defining its
mandate.
2. Sector specific laws e.g Insurance Act, Banking Act etc.
The Kenya National Payment System
5
A payments System refers to a system or arrangement that enables payments to be effected
between a payer and a beneficiary, or facilitates the circulation of money, and includes any
instruments and procedures that relate to the system. According to the Bank of International
Settlements (BIS), a payment system “consists of a set of instruments, banking procedures and,
typically, interbank funds transfer systems that ensure the circulation of money.” They are a
major channel by which shocks can be transmitted across domestic and international financial
systems and markets.
Therefore, National Payments System are the conduits through which buyers and sellers of
financial products and services make transactions and are an important component of a country’s
financial system.
In Kenya participants comprise of the Central Bank of Kenya, the Government, Commercial
Banks, Financial Institutions and Payment System Providers.
Payment Service Providers (PSPs)are defined as:

5
https://www.centralbank.go.ke/national-payments-system/
 i. a person, company or organization acting as provider in relation to sending, receiving,
storing or processing of payments or the provision of other services in relation to
payment services through any electronic system;
ii. a person, company or organization which owns, possesses, operates, manages or controls
a public switched network for the provision of payment services; or
iii. any other person, company or organization that processes or stores data on behalf of such
payment service providers or users of such payment services.
Role of Central Bank of Kenya in National Payments System
The Central Bank’s overall objective as provided under Section 4 A (i)d of the Central Bank of
Kenya Act is to formulate and implement such policies as to best promote the establishment,
regulation and supervision of efficient, effective payment, clearing and settlement systems.
In this regard, the Central Bank seeks to ensure that payment systems do not generate high level
of risks to participants and users of financial services; continue to operate without major
disruptions; offer efficient, reliable and safe payment services to customers and have the
necessary and regulatory legal framework.
The Central Bank participates in the payment system as a:
a. User of payment systems: To affect its own transactions.
b. Facilitator of settlement: By providing settlement accounts at the Central Bank to
enable Commercial banks exchange obligations.
c. Provider of payment systems: It operates and owns the KEPSS system which is
used to facilitate real time transactions.
d. Supervisor: Supervises the operations of the Nairobi Automated Clearing House
on behalf of Kenya Bankers Association in order to maintain integrity and
confidence.
e. Provider of liquidity: The bank provides liquidity to the system so as to facilitate
efficient operation of the settlement system.
f. Overseer of the payment system: So as to promote efficiency and soundness in
the payment system.
g. Catalyst/collaborator; as a catalyst the Bank spurs change in the payment
landscape through policy guidelines and as a collaborator provides a platform for
open dialogue with all stakeholders geared towards improvement of the national
payment system.
Types of payment systems.
National Payments Systems in Kenya are classified into two categories; Large Value
(Wholesale) and Low Value (Retail) Payment Systems. The classification is based on the terms
of values and volumes processed.
1. Large Value Payment Systems
They include:
Kenya Electronic Payment and Settlement System (KEPSS)
The Kenya Electronic Payment and Settlement System (KEPSS) is a Real Time Gross
Settlement (RTGS) system, meaning that transactions are cleared and settled on a continuous
basis. The real time transfers settled through KEPSS are debited and credited in the commercial
banks’ accounts held at the Central Bank, where the banks hold the required cash reserves. [link:
Monetary Policy – Reserve Requirements] Throughout the day, the commercial banks transfer
funds between their accounts dependent upon their customers’ RTGS payment instructions.
KEPSS is classified as a Systemically Important Payment Systems (SIPS) due to the value of
transactions it processes and its impact in the economy. The system was implemented on July 29,
2005 and is wholly owned and managed by the Central Bank of Kenya (CBK). An RTGS system
is defined as a gross settlement system in which both processing and final settlement of funds
transfer instructions take place continuously (i.e. in real time) from one bank to another. The
transactions are settled individually, continuously and in real time in the accounts of the
participants in the Central Bank provided that the sending participant has sufficient covering
balance or credit (settlement limit). RTGS systems mitigate systemic settlement risk inherent in
large value net settlements.
KEPSS implementation facilitated the mitigation of risks associated with the previous paper-
based inter-bank settlement system, transformed the management of liquidity in the banking
industry, reduced the systemic importance of the Automated Clearing House (ACH) and
enhanced financial stability while providing an efficient mechanism for monetary policy
transmission. KEPSS has continued to register remarkable growth in both volume and value of
transactions.
Benefits of an RTGS system:
a. Real time funds transfer
b. Finality of funds settlement
c. Risk control mechanism
d. Simple payments process
e. Optimization of liquidity
f. Efficient funds management
g. Allows large value transfers between banks
h. Enables fund movement between cities
i. Permits on-line real time query of the funds position
Regional Payment Systems
The need to enhance efficiency in payment systems within the East African Community (EAC)
and Common Market for East and South Africa (COMESA) regions – and therefore promote
regional trade and economic integration – resulted in the development of two regional payment
systems. The East African Payment System (EAPS) and the Regional Payment and Settlement
System (REPSS) objectives are to facilitate cross border payment and settlement within the EAC
and COMESA regions, respectively. Both are integrated in KEPSS.
East African Payment System (EAPS)
EAPS is a funds transfer mechanism used to transfer money from one bank to another across the
border within the East African Community countries of Kenya, Rwanda, Tanzania and Uganda.
Transactions are carried out in the EAC local currencies. EAPS services are offered to bank
customers (public) through RTGS between 8:30am to 4:00pm EAT (East African Time) on
weekdays (Monday to Friday), excluding public holidays.
2. Retail / Low Value Payment Systems
Efficient retail payment systems, including payments cards and mobile money transfers,
facilitate e-commerce and robust commercial activities within an economy. Recent developments
in retail payment systems, as well as technological developments, have provided customers with
a wide array of choices, allowing them to demand greater levels of efficiency and safety in their
transactions. Further, final settlement of transactions from many of these retail systems are
channeled through the RTGS, thus enhancing safety and efficiency.
i. Nairobi Automated Clearing House
This infrastructure is used to clear cheques and Electronic Fund Transfers in the country. The
Central Bank of Kenya in conjunction with the Kenya Bankers Association and in liaison with
the Ministry of Finance implemented the value capping policy in October 2009. This reduced
values cleared to less than Kshs. 1 million per cheque pushing payments above that ceiling
amount to the RTGS. In October 2011, the Cheque Truncation Project was operationalized,
reducing the clearing period from T+3 to T+2. In the year 2013, the clearing cycle was further
reduced to T+1, enabling faster turnover of cheque funds in the economy.
ii. Payments Card Industry
Payment cards include credit, debit and prepaid cards, which hold a strong foothold not only in
Kenya but globally, offering everyone better access to their money. The banking sector continues
to adopt more secure, convenient and safe technology at their cash points to curb insecurity and
at the same time enlighten their customers. In 2013, the industry, through the ‘Great Migration to
EMV Chip’ project, initiated shifting from magnetic strip based cards to chip enabled cards. This
process improved the security of cards and ensured they are globally interoperable, thus further
increasing their uptake.
iii. Mobile Phone Money Transfer Services
The mobile phone money transfer operators are authorized as Payment Service Providers under
the National Payment System Act 2011 and National Payment System Regulations 2014 under
various categories including; Provision of Electronic Retail Transfers, Small Money Issuer, E
Money Issuer and Designation of Payment Instrument.
Laws regulating them include:-
A. CBK Act
B. Banking Act
 C. Guideline on Agent Banking (2010), providing for the appointment of agents to extend
banking services within Kenya.
D. Draft Electronic Retail Transfers Regulation and Draft E-Money Regulation (stake holder
consultations have been organized and comments to the draft are now being integrated),
regulating electronic money issuance and exchange, as well as its transfer between
different parties within Kenya.
E. The Kenya Information and Communications Act (enacted 1998, amended in 2010 and
2013), providing the mandate of Communications Authority of Kenya (CA) and a
framework to regulate the information, communications, media, and broadcasting
subsectors.
F. A range of Kenyan information and communications regulations made by the Minister in
charge of Information and Communications in tandem with the CA to regulate various
aspects of the communications sector that include consumer protection, competition,
tariffs, numbering, inter-connection, quality of service, among others
G. The Kenyan Competition Act which includes which includes Consumer Welfare in its
part IV. That establishes the Competition Authority of Kenya as an independent agency.
Regulation of National Payment Services
Regulated by the CBK under the CBK Act, National Payments Act and Regulations. Key
definitions under the National Payment Systems Regulations include:
“electronic retail transfer” means a payment instruction issued by a payer to a payment service
provider to debit a payment account and to credit the payment account of the payee or to make
the funds available, directly or through another payment service provider, to the payee where the
payee does not hold a payment account, provided that the value being transferred does not
exceed the maximum amount as prescribed by the Bank;
“electronic retail payment service provider” means a payment service provider providing
electronic retail transfer services;
“e-money” means monetary value as represented by a claim on its issuer, which is—
(a) electronically or magnetically stored;
(b) issued against receipt of currency of Kenya or any other currency authorised by the Bank;
and
(c) accepted as a means of payment by persons other than the issuer;
“mobile payment service provider” means a telecommunications service provider licensed under
the Kenya Information and Communications Act, and authorized by Central Bank of Kenya to
offer payment services;
The CBK may by gazette notice designate a payment system if it is of the option that the
payment system does not pose any systemic risk, it is necessary and it is for the interest of the
integrity of the payment system.
Upon such designation, the CBK will automatically recognize the management body of such
payment system which shall be subject to the guidelines issued by the CBK. The payment system
management body shall manage, regulate all matters affecting the payment instructions e.g.
admit members.
A payment service provider(PSP) must be authorized by the CBK. Applications are made under
the regulations: Application in Form 1 accompanied by: documents of registration including
certificate of incorporation and the memorandum and articles of association.
a) Mobile Payment Service Provider e.g Safaricom and airtel and their agents
For a mobile payment service provider—
1. a certified copy of a current license from the Communications Authority of Kenya and a
certified copy of the management agreement where a custodial Trust relationship exists
with the mobile payment service provider;
2. the type of services to be offered and the programme of operations to offer these services;
3. information on the public interest that will be served by the provision of the payment
service;
4. a business plan including an indicative budget for the first three financial years which
demonstrates that the applicant is able to operate efficiently and safely;
5. evidence that the payment service provider holds the initial capital set out in the First
Schedule;
6. a description of—
a. the governance arrangements of the applicant and internal control mechanisms,
including administrative, risk management and accounting procedures, which
demonstrates that these governance arrangements, control mechanisms and
procedures are proportionate, appropriate, sound and adequate;
b. the internal control mechanisms which the applicant has established to comply
with its anti-money laundering obligations as set out in the Proceeds of Crime and
Anti-Money Laundering Act, 2009, the Prevention of Terrorism Act, 2012, and
the relevant Regulations and guidelines;
c. the structural organization of the applicant including, where applicable, its
intended use of agents, cash merchants, branches and outsourcing arrangements,
and its participation in a national or international payment system;
7. how the payment service provider is going to settle the payment obligations arising from
its provision of electronic retail transfers;
a. the identity of—
i. its directors and persons responsible for the management of the payment
service provider;
ii. the custodial trustees holding the cash which is represented in the payment
service of the applicant;
iii. persons who, if the activities for which authorization is being sought shall
be conducted in a separate division, are responsible for the management of
that division;
 8. the address of the head office;
9. terms and conditions that will apply to its customers, agents and cash merchants;
10. current tax compliance certificate from the Kenya Revenue Authority;
11. current credit rating report from the Credit Reference Bureau;
12. (a letter of no objection from the home regulatory authority where the applicant is a
subsidiary of a foreign company, recommending the applicant to establish a payment
system in Kenya;
The Bank shall, in considering an application under this paragraph assess—
1. the ability of the applicant to provide electronic retail transfers services safely and
efficiently;
2. if the applicant is engaged in other licensed commercial activities the potential of that
activity impairing or otherwise affecting -
i. the safety or the financial soundness of the payment service provider; or
ii. the ability of the Bank to monitor compliance of the payment service
provider with this regulation;
3. the history, character and integrity of the applicant’s significant shareholders, proposed
directors and senior officers;
4. the suitability of its trustees, directors and senior officers as per requirements of these
Regulations; and
5. the core capital held by the applicant as required in the First Schedule.
Upon receiving a complete application and all information required, and is satisfied that the
applicant has met all the application requirements, the bank shall advise the applicant to pay the
prescribed authorization fees as set out in the First Schedule.
Where the Bank approves any payment service provider, the Bank shall, within seven days of
receipt of authorization fees, issue an authorization certificate to the applicant.
Where the Bank rejects an application for authorization, the Bank shall communicate the reasons
for its decision to the applicant within seven days.
However, a person who makes an application to be a payment service provider shall first apply
to the CBK for approval of the proposed name.
The applicant shall forward three proposed names in order of preference to the Bank for
consideration.
The applicant shall, once the Bank accepts the proposed name, reserve the name with the
Registrar of Companies.
An applicant shall not use the name approved for any other purpose, unless the Bank grants the
applicant an authorization.
A person who makes an application for a new product shall apply to the Bank for an approval of
the name of the proposed product subject to any intellectual property rights that may be in
existence.
The Bank shall assess and approve trustees, significant shareholders, directors and senior
managers in control of a payment service provider.
The Bank shall, for the purposes of assessing suitability of trustees, directors or senior managers
in control of a payment service provider, have regard to the criteria prescribed under the Second
Schedule.
An application for renewal of authorization as a payment service provider shall be made to the
Bank at least two months prior to the expiry of the authorization and shall be-
(a) In Form 2 as set out in the First Schedule;
(b) Accompanied by any other information as the Bank may Require plus annual renewal fee.
Bank Agents as Payments Service Providers Regulation 15
A payment service provider may appoint an agent or a cash merchant to perform cash services:
Provided that the payment service provider can execute electronic retail transfers or e-money
issuance that supports the cash services in real time.
A contract for the provision of retail cash services entered into between a payment service
provider and an agent or a cash merchant shall not be exclusive.
An agent or cash merchant may provide services to multiple payment service providers or
institutions: Provided that the agent or the cash merchant –
(a) has a separate contract with each institution for the provision of such services; and
(b) has the capacity to manage the transactions for the different institutions.
According to Regulation 16: A payment service provider who intends to enlist a new agent or
cash merchant, shall at least fourteen days prior to commencement of such agency, notify the
Bank.
The notification above shall be accompanied by—
A. the procedure for recruiting agents or cash merchants;
B. a copy of the proposed agreement with the agent or cash merchant, which shall provide,
amongst others, that the agent or cash merchant is under an obligation, when requested to
do so by the Bank, to provide information and access to their premises, systems and
records;
C. the policies and procedures approved by the payment service provider for the provision
of cash services through agents or cash merchants, including compliance with the
Proceeds of Crime and Anti-Money Laundering Act, 2009, and the Prevention of
Terrorism Act, 2012, and associated Regulations and guidelines;
D. description of the technology to be used by the agent or cash merchant to deliver cash
services;
E. a risk assessment report of the provision of cash services through agents or cash
merchants including the control measures applied to mitigate the risks;
 F. the proposed security measures to be adopted for the premises of agents or cash
merchants;
G. the agent or cash merchant manual and any materials used for training agents or cash
merchants; and
H. such other information as the Bank may require the payment service provider to submit.
Appointment of Agents by Payment Service Providers
Read CBK Prudential Guidelines on Agents
A payment service provider may appoint, through an agreement, a person as an agent or a cash
merchant if that person—
(a) possesses such registration, business license, or permit as may be required for the
performance of its commercial activities;
(b) can lawfully provide the proposed services; and
(c) holds a payment account with a bank, financial institution or payment service provider.
If the proposed agent or cash merchant is not an institution, that agent or merchant-
(a) is financially sound and has provided the payment service provider with adequate documents;
(b) has provided evidence to the payment service provider indicating that its management has the
necessary experience and competence to perform the agency or cash services.
A payment service provider may, subject to regulation 17, appoint a wholesale agent or a
wholesale cash merchant to distribute e-money to agents or cash agents.
A payment service provider who uses the services of an agent or cash merchant to perform cash
services shall maintain records containing—
1. the name, physical address, postal address and telephone numbers of the agents or cash
merchants;
2. the physical address and telephone numbers of each of the outlets of the agent or cash
merchant where it provides cash services;
3. the identity of the persons responsible for the management of the agent or cash merchant;
and the Bank may insert this information in a public electronic register of agents or cash
merchants; and
4. a register of agents and cash merchants whose services have been suspended or
terminated and the reasons for such suspension or termination.
A payment service provider shall avail the records and information maintained to the Bank upon
request.
A payment service provider who uses the services of an agent or cash merchant to perform cash
services shall–
(a) provide adequate training and support to its agent or cash merchants, including an agent or
cash merchant manual containing the policies, rules and operational guidelines needed to ensure
safe and efficient provision of services to customers
(b) maintain effective oversight over the activities of its agents and cash merchants; and
(c) maintain records of the number, volumes and values of transactions carried out by each agent
or cash merchant.
A payment service provider shall, in identifying, selecting and contracting agents and or cash
merchants—
(a) exercise due diligence; and
(b) carry out suitability assessment of the agents or cash merchants.

Types of Agreements allowed under the NPSA

Interoperability agreements regulation 21
A payment service provider shall use systems capable of becoming interoperable with other
payment systems in the country and internationally.
A payment service provider may amongst other arrangement, enter into interoperable
arrangements.
Outsourcing Agreements Regulation 23
A payment service provider may enter into an agreement to outsource its operational functions of
provision of payment services.
A payment service provider who intends to outsource its functions under paragraph (1) shall
notify the Bank at least thirty days before such outsourcing agreement is implemented.
A payment service provider shall not outsource its material operational function in such a
way as to impair—
(a) the quality of internal control of the payments service provider; and
(b) the ability of the Bank to monitor compliance of the payment service provider with the Act
and the Regulations.
An operational function shall be regarded as material if a defect or failure in its performance
would materially impair–
(a) the continuing compliance of the payment service provider with the requirements of its
authorization under these Regulations,
(b) its financial performance; or
(c) the soundness or the continuity of its payment services.
Where a payment service provider outsources a material operational function under this
regulation, the payment service provider shall ensure that—
(a) the outsourcing does not result in the delegation by senior management of its responsibilities;
(b) the relationship and obligations of the payment service provider to its customers under this
regulation is not altered;
(c) the outsourcing contract provides that the Bank can exercise its oversight and supervisory
powers under this regulation in respect of the third parties to who functions are outsourced; and
(d) the requirements which the payment service provider is required to comply in order to be
authorized and remain so, including any conditions imposed by the Bank, are not undermined.
Obligations of Payment System Providers Regulation 25
A payment service provider engaged in electronic retail transfers, e-money issuance as well as
other commercial activities shall establish effective, transparent and adequate governance
arrangements to ensure continued integrity of its service.
The governance arrangements established under paragraph (1) shall include—
(a) a broad-based board of trustees which consists of people with caliber, credibility, integrity,
and fulfill the fit and proper criteria as set out in the Second Schedule.
(b) clearly defined and documented organizational arrangements, such as ownership and
management structure;
(c) segregation of duties and internal control arrangements to reduce the chances of
mismanagement and fraud; and
(d) the separation of payment services by the payment service provider in a separate business
unit from its other business units, including maintaining a separate management structure and
keeping separate books of account for its payment services division.
A payment service provider shall—
1. establish a Trust;
2. ensure all monies received are held in a Trust Fund;
3. ensure the balances in the Trust Fund shall not at any time be less than what is owed to
customers;
4. not transfer the funds to its own account used for normal business operations;
5. not mix the funds with the funds of any person other than payers and payees on whose
behalf the funds are held;
6. employ appropriate risk mitigation strategies to ensure that the funds held in the Trust
Fund are sufficiently diversified and placed in commercial banks licensed under the
Banking Act or Government of Kenya securities.
Under Regulation 29: A payment service provider shall—
(a) use systems which are able to provide an accurate and fully accessible audit trail of all
transactions from the origin of the electronic transfer payments to its finality; and
(b) keep records of every electronic transfer the payment service provider processes for a period
of at least seven years.
A payment service provider shall, within ten days of the end of every calendar month, submit to
the Bank in the form as set out in the Fifth Schedule, information regarding—
(a) the volumes, values and geographic distribution of each electronic retail transfer payment
instrument offered by it;
(b) incidents of fraud, theft or robbery;
(c) material service interruptions and major security breaches; and
(d) complaints reported, including remedial measures taken, those resolved and those
outstanding.
A payment service provider shall, within three months of the 31st December of every year,
submit to the Bank—
(a) audited financial statements covering its activities in Kenya together with a copy of the
auditor’s report;
(b) separate audited financial statements for the payment service provider and the Trust accounts;
(c) a system security audit report by a reputable independent audit firm on its payment services;
and
(d) any other information required by the Bank with respect to its payment services.
The Bank shall exercise oversight and supervisory powers over a payment service provider, its
agents, or cash merchants.
Consumer Protection
Provided under various legislations depending on the industry. However, some common
examples include:
1. Regulation 35 provides that a payment service provider shall provide—
(a) a clear and understandable description of the services which it offers and the rates, terms,
conditions and charges for such services and shall publish such information and display it
prominently at all points of service;
(b) clear terms to its customers, agents and cash merchants; and
(c) notification to customers, as well as the Bank, of any material changes in the rates, terms,
conditions and charges at which it offers its services and shall do so at least seven days before
the changes take effect.
A payment service provider shall provide its customers at the point of service with—
(a) the name of the payment service provider; and
(b) a telephone number or such other contact medium which provides access to its customer care
system.
2. Process personal data in line with the provisions of the Data Protection Act 2019.
3. Section 56 (3) of the Competition Act requires that a consumer shall be entitled to be informed
by a service provider of all the charges and fees intended to be imposed for the provision of a
service.
4. Section 36 Banking Act- establishment of the Deposit Protection Fund Board
5. CBK prudential guidelines on consumer protection 2013: information rights on
services/products, allowance of a cooling period for consumers, protection of assets against
fraud, giving reasonable notice to consumers before closing an account etc.