HOW TO OBTAIN A PTSP LICENSE IN NIGERIA

A Payment Terminal Service Provider (PTSP) license is one issued to financial technology companies for deploying, maintaining, and supporting POS terminals services. The Central Bank of Nigeria (CBN) is the regulatory body responsible for regulating and issuing PTSP licenses to companies.

This license is mostly used by financial technology (Fintech) companies such as Callphone Limited, 3Line Card Management, Appmart Integrated Limited, Betastack Technology Limited, Capricorn Digital Limited, Blusalt Financial Services Limited and a host of others.

Requirements for obtaining the License

1. Certificate of Incorporation of the company (The company must be registered with a minimum paid up share capital of NGN100,000)
2. Memorandum & Articles of Association
3. Form CAC 2A (now Status Report from CAC)
4. Form CAC 7A (now Status Report from CAC)
5. Tax Clearance Certificate for three (3) years of the company (if applicable) and Taxpayer Identification Number (TIN) of company
6. The company’s profile; detailing current type of business operation, products and services
7. Structure of holding company or parent company (if applicable)
8. Details of ownership: private/public; ultimate parent; any significant changes in ownership in the last two years
9. Total number of employees
10. Organogram
11. Functional physical address, contact e -mails from company’s domain and telephone numbers
12. Board Structure – showing at a minimum Chairman, CEO/MD, and at least, one (1) Independent Non -Executive Director and other Director(s)
13. Bank Verification Number (BVN), Curricula Vitae (CVs), proof of government issued identity (National Identification Number (NIN), International Passport, Driver’s Licence, Voter’s Card) of Board and top management team.
14. A business Plan which must include:
15. Nature of the business
16. Features of the scheme
17. Security features that will be put in place
18. 5 years financial projections
19. Proposed schedule of charges
20. Profit sharing arrangement
21. Diagrammatic illustration of transaction flows
22. Understanding of the nature of the POS business and support requirements
23. Terminal deployment and connectivity strategy
24. POS support strategy (on -site and offsite) and strategy to ensure failures are remotely detected and fixed within 72 hours
25. Transaction fees and other charges to be borne by customers
26. Strategy for ensuring 99.9% uptime for terminals
27. Training and merchant relationship management strategy
28. Customer care and issue resolution strategy
29. Project work plan that demonstrates readiness/ability to commence work.
30. Partnerships & Alliances – scope, duration, and other pertinent details
31. Competitive advantage/value proposition
32. Planned coverage area
33. Experience with this activity or something similar in the past
34. Information Technology policy of the company including:
35. Privacy Policy
36. Information Ownership/Disclosure/Loss Policy
37. Backup and Restore Policy
38. Network Security Policy
39. Encryption Policy
40. Confidential Data Policy
41. Password Policy
42. Third Party Connection Policy
43. Incidence Response Policy
44. Physical Security Policy
45. Enterprise Risk Management Framework
46. Dispute Resolution Framework
47. Contingency and Disaster Recovery Plan (Business Continuity Plan)
48. Duly executed agreements (drafts, as applicable) with the following:
49. Technical partners
50. Participating banks
51. Merchants
52. Telcos
53. Any other relevant party
54. Project Deployment Methodology
55. A document that shall outline the strategy of the shared agent network including current and potential engagements, geographical spread and benefits to be derived
56. Qualifying criteria for engaging agents such as:
57. Outreach
58. Competence
59. Integrity
60. Draft Service Level Agreements (SLAs) with sub-agents and Financial Institution (FI) Agent Banking Contract
61. Risk management, internal control, operational procedures and any other policy and procedures relevant to the management of an agent banking arrangement
62. Procedures for KYC and AML/CFT compliance
63. Fraud detection plan and standard of care
64. Consumer Protection Policy and Procedure Board Approval
65. Certifications such as:
66. Payment Card Industry Data Security Standard (PCIDSS) Certification (if applicable)
67. Payment Application Data Security Standard (PADSS) Certification or Compliance with CBN IT Standards for Solution Development (if applicable)
68. Payment Terminal Service Aggregator (PTSA) of Payment Terminal Application Certification
69. Other relevant certifications

Cost of obtaining the License

1. The share capital of the company (NGN100 Million) is to be deposited with CBN and once the application is approved, the funds will be returned to the applicant
2. Application fee of NGN100,000
3. The licensing fee is NGN1,0000,000
4. The service fee for processing the license is dependent on the professional assisting with such service

Timeline for obtaining the license

The Approval in principle (AIP) usually takes 2-3 months and is valid for 6 months while the final license takes 6-8 months. Please note that it is after grant of the final license the applicant can start carry out payment services.

Other regulatory requirements

1. The directors, shareholders, and key management personnel must have integrity, competence, and financial soundness as they may be interviewed by relevant security agencies for a background check. Please note that A payment service provider company is expected to maintain at least five directors.
2. A business plan that outlines the applicant operations, target market, technology infrastructure, risk management processes, and growth strategy.
3. Applicant must have a robust and secure technology infrastructure that complies with international standards such as secure data storage, encryption protocols, and measures to prevent fraud and cyber threats.
4. Applicants must adhere to the operational guidelines outlined by the CBN, covering areas such as customer service, dispute resolution, anti-money laundering (AML), and combating the financing of terrorism (CFT).
5. Applicant must establish a comprehensive risk management framework such as identifying, assessing, and mitigating risks associated with electronic payment services.
6. Applicant must comply with data protection laws, consumer protection regulations, and any other guidelines issued by the CBN.
7. Applicant must comply with Payment Card Industry Data Security Standard (PCI DSS) and other security standards.

Validity and renewal of the license

The license is granted for a specific period determined by CBN. The renewal of the license is also subject to CBN discretion based on satisfactory performance of the applicant.

Conclusion

Obtaining a payment license in Nigeria can be complex and as such it is important to consult the right professional to avoid making mistakes in the process. You can reach out to us if you would like to obtain this license.

You may also read on how to obtain a PSSP LICENSE IN NIGERIA