Payment Systems (Regulation) Act 1998 / Payment Systems and Netting Act 1998 — as amended by Payment Systems Act 2022
|
|
| Regulator |
Reserve Bank of Australia / ASIC |
| Jurisdiction |
AU |
| Status |
live |
| Applicability |
Platform |
The Payment Systems (Regulation) Act 1998 (PSRA) and the Payment Systems and Netting Act 1998
(PSNA), as amended by the Payment Systems (Regulation) Amendment Act 2024, form the primary
statutory framework for designated payment systems in Australia. The Reserve Bank of Australia
(RBA) designates payment systems and can impose access regimes and standards. ASIC has
concurrent jurisdiction over market conduct.
For an ADI, the key operational obligations are: compliance with the RBA's interchange fee
standards and surcharging rules (merchants may only surcharge up to the merchant service fee
cost of acceptance); participation in designated payment systems under access regime conditions;
and adherence to any RBA-published standards for designated systems (including card schemes,
BPAY, and NPP). The Payment Systems Act 2024 extended RBA powers to cover digital payment
platforms and buy-now-pay-later products.
Compliance register
This register maps every material obligation under the Payment Systems Acts to the platform
control or institutional process that satisfies it. It is the static traceability layer for
the Totara compliance report — dynamic data (module build status, test evidence, control test
dates) is overlaid at runtime.
Scope legend
| Symbol |
Meaning |
| 🤖 Automated |
Platform enforces or performs the obligation. Primary control mode is GATE, AUTO, CALC, or ALERT. Human action is not required in the normal case. |
| 📊 Evidenced |
Platform captures the evidence trail automatically. Human compliance decision sits on top. Primary control mode is LOG. |
| 🏛 Institutional |
Obligation is met by a process entirely outside the platform — training programmes, board governance, HR, legal. Platform may generate evidence inputs but does not own the process. |
| N/A |
Obligation does not apply to this deployment configuration. |
Build legend
| Symbol |
Meaning |
| ✅ |
Module built and deployed |
| 🔨 |
Module planned — not yet built (build_status: Not started) |
| ❌ |
Uncontrolled gap — no module attributed |
Interchange fee and surcharging standards
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| RBA Standard No.1 of 2016 (card surcharging) |
Card surcharging must not exceed the reasonable cost of acceptance (merchant service fee); excessive surcharging prohibited; bank must have processes to investigate merchant surcharge complaints |
🤖 Automated |
PAY-001, PAY-002 |
MOD-021 (AUTO) — interchange fee rate applied automatically from configured RBA-compliant interchange schedule; no manual override of interchange category; MOD-110 (GATE) — fee posting blocked if required disclosure has not elapsed for fee schedule changes |
🔨 |
| RBA interchange fee standard |
Weighted average interchange fees for credit and debit must comply with RBA caps; scheme rules must not circumvent RBA standards |
🏛 Institutional |
PAY-001 |
Interchange fee schedule compliance is managed through card scheme contracts and RBA reporting. MOD-021 applies the configured interchange schedule; schedule maintenance against RBA caps is institutional. |
— |
Access regime obligations
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| PSRA S.12 |
Participants in a designated payment system must comply with the access regime set by the RBA; ADIs with AFSL/banking authority generally have access rights |
🏛 Institutional |
PAY-001 |
Access regime participation is maintained through regulatory status (ADI licence) and payment system agreements. Platform does not own this obligation. |
— |
| PSRA S.18 |
Comply with RBA standards applicable to designated payment systems (e.g. NPP, BPAY, card schemes) |
🤖 Automated |
PAY-001, PAY-008 |
MOD-120 (AUTO) — NPP message format and processing standards applied automatically; MOD-119 (GATE) — BPAY payments validated against biller code, customer reference, and amount limits before submission to scheme; MOD-082 (AUTO) — nostro positions reconciled against correspondent statements on every settlement cycle |
🔨 |
Settlement netting (PSNA)
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| PSNA S.10 |
Netting arrangements in an approved netting agreement are enforceable notwithstanding insolvency of a participant |
N/A |
PAY-002 |
Netting enforceability is a legal and contractual obligation. The platform's settlement infrastructure operates within the netting arrangements agreed with the Sponsoring Participant. |
— |
| PSNA S.12 |
Settlement finality — payment obligations settled through a designated system are final and irrevocable on settlement |
🤖 Automated |
PAY-001 |
MOD-001 (GATE) — payment posting enforces settlement finality; entry is atomic and irreversible; no reversal of a settled payment without a new transaction; MOD-022 (LOG) — settlement records permanent and immutable |
🔨 |
Payment exceptions and returns
| Ref |
Obligation |
Scope |
Policy |
Platform controls |
Build |
| RBA NPP/BPAY returns standards |
Process payment returns and reversals in accordance with scheme rules; credit returned funds promptly |
🤖 Automated |
PAY-009 |
MOD-120 (AUTO) — Osko payment returns processed automatically with immediate customer notification and funds reversal; MOD-119 (AUTO) — BPAY dishonours and returns handled automatically; MOD-081 (AUTO) — every payment instruction reconciled against settlement confirmation; unmatched items escalated before close of business |
🔨 |
| Obligation |
Owner |
Platform evidence input |
| RBA regulatory engagement and consultation response |
Head of Payments / Chief Risk Officer |
— |
| Card scheme agreement compliance (Visa, Mastercard) — interchange schedule review and certification |
Head of Payments |
MOD-021 applies the schedule; schedule certification is institutional |
| RBA payment statistics reporting |
Head of Payments / Finance |
MOD-057 (AUTO) — statistical returns engine provides payment volume data |
| Access regime participation maintenance (ADI licence, scheme agreements) |
General Counsel / Head of Payments |
— |
| Merchant surcharge complaint investigation (for acquiring activities, if applicable) |
Head of Payments |
MOD-053 case management |
Coverage summary
| Area |
Total obligations |
Platform automated 🤖 |
Platform evidenced 📊 |
Institutional 🏛 |
N/A |
| Interchange and surcharging |
2 |
1 |
0 |
1 |
0 |
| Access regime |
2 |
1 |
0 |
1 |
0 |
| Settlement netting |
2 |
1 |
0 |
0 |
1 |
| Payment exceptions |
1 |
1 |
0 |
0 |
0 |
| Total |
7 |
4 (57%) |
0 (0%) |
2 (29%) |
1 (14%) |
All attributed modules are currently build_status: Not started — the compliance position will update as modules are built and deployed.
| Policy |
Title |
| PAY-001 |
Payment Operations Policy |
| PAY-002 |
Settlement Risk Policy |
| PAY-008 |
Payment Routing & Sponsor Abstraction Policy |
| PAY-009 |
Payment Exceptions, Returns & Reversals Policy |
Official documentation
Policies referencing this standard
- PAY-001 — Payment Operations Policy
- PAY-002 — Settlement Risk Policy
- PAY-008 — Payment Routing, Sponsor & Card-Scheme Abstraction Policy
- PAY-009 — Payment Exceptions, Returns & Reversals Policy
Compiled 2026-05-22 from source/entities/regulations/au-payment-systems-act.yaml