Online sales in China are booming. Gigantic figures are regularly trotted out by commentators to illustrate the size of the online market, such as the recent jaw-dropping figures for online sales for China’s answer to St. Valentine’s Day, Singles’ Day (光棍节). That market is underpinned by payment services, and the number of payment services providers, and online payment services providers in particular, has grown exponentially along with the explosion in online sales. Online payment services, however, remains an area where foreign players are struggling to gain a foothold.
Rapidly developing industry
Third party payment service is a rapidly growing industry. So rapidly that regulatory authorities are struggling to keep up with changes. In March this year, the People’s Bank of China (“PBOC“), China’s central bank and the regulatory authority overseeing the third party payments industry, suspended the rollout by Tencent and Alibaba (two of China’s largest and best known companies in this space) of online credit cards and code (QR) scanning payments, ostensibly due to concerns about data privacy with this new system, but perhaps also partly because the authority needed time to understand their impact (and, according to some commentators, because these payment methods do not go through China UnionPay, which has a de facto monopoly on credit card network services in China). A regulation issued that same month by the PBOC together with the banking industry regulator, the China Banking Regulatory Commission (“CBRC“), addressed data privacy issues, among other matters. Drafts of that regulation had proposed to set significant limits on spending via online payment services, which would have severely impacted the industry. However, the final version requires only that banks set payment limits that are appropriate to customers’ risk tolerance levels.
Foreign participation in the industry
Foreign investors in this area are particularly limited by regulatory restrictions – some of which are explicit, while others seem to be a matter of unwritten policy. In this note, we briefly set out the regulatory “state of play”, mainly from the standpoint of for would-be foreign invested providers of online payment services.
People’s Bank of China’s requirements
A provider of third party payment (“TPP“) services in China must hold a payment services licence (a “Payment Clearance Operator“ or “PCO Licence“) issued by the PBOC, as well as an approved business licence on which the business scope section explicitly includes the particular service(s). The rules that impose this requirement (the “TPP Regulations“) do not expressly prohibit foreign-invested enterprises (“FIEs“) from becoming Payment Clearance Operators, but they do state that separate provisions regulating FIEs in this space will be issued. The TPP Regulations were issued in 2010 and, as at time of writing in mid-2014, special rules regulating FIE providers of TPP services have yet to be issued.
Payment licences have been issued to two FIEs
Under Chinese law, unlike in jurisdictions such as the UK and the US, the absence of a legal prohibition on an action does not necessarily mean that that action is permitted and lawful. Accordingly, the provision in the TPP Regulations that separate rules would be provided for FIEs in the online payments space was generally understood by the market to mean that, until such regulations were issued, the absence of a positive legal basis allowing them to do so meant that FIEs would not be permitted to obtain PCO Licences in China.
However, in July 2013, the PBOC issued PCO Licences to two FIEs: the China subsidiaries of Sodexo and Edenred (both French companies). Each was issued a licence permitting it to provide prepaid card services in China. With no specific regulations expressly authorising provision of TPP services by FIEs, the Sodexho and Edenred PCO Licences seemed to have been issued in something of a legal vacuum and took the market rather by surprise.
Under the TPP Regulations, the issue and acceptance of prepaid cards, along with online payment services and bill collection via bank cards (as well as any other payment services that the PBOC may specify) are payment services that may be provided by non-financial institutions in China, provided that they hold a PCO Licence.
We contacted the PBOC to ask its view on issuing PCO Licences to FIEs. The response was positive. We were told that the PBOC encourages FIEs to apply for PCO Licences. In terms of how to do so, we were told that, in the absence of specific regulations aimed at FIEs, FIE applicants for PCO Licences should simply refer to the requirements set out in the TPP Regulations. Broadly, those require that the main investors are properly established companies that have been providing information processing support services to financial institutions, or for e-commerce activities, for at least two years, are profitable, and that the proposed TPP service provider entity in China satisfies a number of conditions, including in relation to minimum capital requirements (RMB100 million for providers of services nationwide), organisational structure, facilities and staffing.
At the time of writing, the Sodexo and Edenred FIEs’ licences are the only two PCO Licences on the public record (of a total of 250 PCO Licences issued by PBOC) that have been issued to FIEs in China, and those are very limited in scope – allowing prepaid card services and not, for example, online payment services. To our knowledge, no FIE is licensed to carry out online payment services in China. However, if it is possible for an FIE to obtain a PCO Licence to carry out prepaid card business in China, then it should also be possible for an FIE to obtain a PCO Licence allowing it to engage in online payment services. Nevertheless, in practice, online payment services thus far seem to remain out of bounds for FIEs.
New pilot Free Trade Zone in Shanghai
Following the launch of the Shanghai Pilot Free Trade Zone (“FTZ“) in September 2013, the Shanghai Head Office of the PBOC issued opinions on the provision of cross-border RMB payment services in the FTZ. That set of opinions allows entities with a presence in Shanghai (inside or outside the FTZ), who hold an Internet payment business licence and a PCO Licence, to provide cross-border RMB payment services via the Internet. This follows a programme implemented by the State Administration of Foreign Exchange in 2013, which authorised a number of Chinese companies to provide cross-border foreign exchange payment services on a pilot basis. Permitting cross-border RMB online payment services will allow payment services providers to tap into the large volume of purchases made online by Chinese consumers from overseas sellers. This is potentially a huge market, as although cards bearing the UnionPay logo are increasingly accepted worldwide as China UnionPay expands its operations internationally, Chinese individuals tend to be very conscious of exchange rate risk and of restrictions on use of cards issued in China when buying direct on websites outside China. However, whether or not the FTZ will be a real additional opportunity for foreign players will still depend on the ability of FIEs to obtain the appropriate business scopes and PCO Licences and, possibly, telecommunications operating permits (see below).
We noted above that the PCO Licences obtained by the Sodexho and Edenred FIEs (the only FIEs to have obtained such licences to date according to public record), permit the holders to carry out prepaid card services and not online payment services.
Internet/telecoms industry regulator’s requirements
Prepaid card services are subject to the PBOC licensing requirements discussed above. The provision of online payment services may, however, fall under both the payments and the telecommunications legal regimes in China, and therefore into the regulatory ambit of both the PBOC and the government department that oversees the Internet and telecommunications industries, the Ministry of Industry and Information Technology (“MIIT“). However, the position is not entirely clear.
China’s telecommunications regime imposes licensing requirements on providers of telecommunications services. In particular, that requires providers of “transaction processing services” must hold a Value-added Telecommunications Services Licence (“VATS Permit“), issued by MIIT.
The 2013 draft Catalogue for Classification of Telecommunications Services defines “transaction processing services” as “the use of transaction processing platforms linked to communications networks (including the Internet) to provide the public with public platform services in relation to various financial or securities transactions, or transactions of e-commerce-related commodities or services“. (Emphasis added)
Do online payments services providers need a VATS Permit?
Based on the wording underlined above, and the fact that the TPP Regulations do not require providers to obtain VATS Permits from MIIT as a precondition to being able to provide online payments services, it is arguable that the requirement for a VATS Permit does not apply to those carrying out online payments services via another party’s platform or portal (through Taobao, for example). In such case, it is Taobao that provides the public platform through which customers access the payment processing service; the payment services provider serves only those individual persons/entities with whom/which it contracts to provide services – rather than to the public at large. The argument runs that VATS Permits for online payment processing are only required for parties who offer transaction processing services through their own portal or platform which is open to the public at large. In that scenario, it is the public transaction processing platform provider (ie Taobao) that would need the VATS Permit for transaction processing services. We asked the MIIT on a number of occasions and at several of its branches, whether a provider of online payments services must hold a VATS Permit. We got mixed answers: half of the officials we spoke to were of the view that a VATS Permit is required and half were of the view that it is not.
Difficult for foreign investors to obtain
Telecoms, and the Internet in particular, is a sensitive area in China and, under Chinese law, VATS Permits are generally available only to joint venture FIEs in which a Chinese investor (or investors) hold at least 50% of the equity interests. Even then, the MIIT has issued relatively few (less than 30 according to its website) VATS Permits to FIEs. As a result of MIIT’s (whether real or perceived) unwillingness to issue these licences to FIEs, many foreign investors have opted to invest in China’s telecoms sector through nominee or indirect structures, such as the variable interest entity (“VIE“).
This structure has been used in a wide variety of industries, even beyond those, such as the media, telecoms and the Internet, where foreign investment restrictions are most commonly encountered, but it remains highly controversial in the eyes of many Chinese officials and is subject to a variety of regulatory and legal threats and challenges, which we do not discuss in this note. The 50% cap on foreign investment has been relaxed in the FTZ in relation to certain types of VATS, and in some cases it has been removed entirely. For transaction processing services in the FTZ, the cap on foreign investment has been raised only slightly – to 55%. (To see our commentary about FTZ–specific rules on VATS, please click here.) Outside the FTZ the 50% cap remains.
This means that, even in the FTZ, in order to obtain a VATS that permits transaction processing services, an FIE must be a Sino-foreign joint venture company. In turn, that means that a foreign investor must find, and agree terms with, a Chinese partner and deal with all the associated relationships and administration before it can even begin to apply for permission to provide these services. It is, at the time of writing, too early to know whether the MIIT will be more generous with granting VATS licences to joint venture FIEs in the FTZ than it has been to date to those elsewhere in China. Initial signs are, however, promising; we see the recent FTZ rules delegating authority for approving applications down to the local Shanghai Telecoms Administration Bureau (from central MIIT) as a first step in the direction of loosening central control on this highly regulated sector – even if the decision on which telecoms services are to be opened up to foreign investment within the FTZ ultimately remains firmly within the hands of central MIIT.
Foreign non-financial institutions can provide cross-border payment services in cooperation with Chinese banks where the latter act as international remittance agents and the former as principals.
International remittances are overseen by yet another regulator, the CBRC.
 Measures for the Administration of Payment Services of Non-financial Institutions, effective 1 September 2010, and Detailed Implementing Rules for the Administration of Payment Services of Non-financial Institutions, effective 1 December 2010.
 Implementing Opinions of the Shanghai Head Office of the People’s Bank of China on the Provision of Cross-border RMB Payment Services by Payment Institutions in Shanghai Municipality, effective 18 February 2014. Click here to see our commentary on financial reforms in the FTZ.
 Under Guiding Opinions on the Pilot Services of Cross-border E-commerce Foreign Exchange Payment by Payment Institutions, effective 2 February 2013.
 This is still a draft for comments and is not yet law, but provides an indication of what the final definition may look like going forward.
 Based on, and consistent with, China’s World Trade Organisation (“WTO“) commitments, although how MIIT has interpreted these is a more contentious issue.