Requirements

     

    Providers registered with the National Bank of Georgia or those interested in registering must meet the requirements of the following regulations and bylaws:

     

    Basis

    Requirement

    Decree of Governor of the National Bank of Georgia N29/04 on Approval of the Regulation on Registration and Regulation of Payment Service Providers

    Only a legal entity established under the Georgian legislation is entitled to provide payment services in Georgia following the registration at the NBG.

    An interested entity must file to the NBG the provider registration documentation, in compliance with the regulation.

    The provider is obliged to submit information to the NBG on the changes planned, outsourcing and agents' actions.

    Provider is required to meet the requirements of the head office, internal policy, risk management, complaint acceptance and review.

    The provider is obliged to meet the requirements for the customers’ funds and their placement.

    Decree of Governor of the National Bank of Georgia N1/04 on Approval of the Regulation of Providing Necessary Information to the Customer while Providing Payment Services

    Information available to the customers in a simple and understandable form.

    Information to be provided to the payer: unique code, amount and currency, fees, exchange rate, date.

    Information to be provided to the recipient: unique code, amount and currency, commission, exchange rate, date.

    Customers should be informed on provider, payment services, fees, exchange rates, amendments in the agreement, security, liabilities and dispute resolution.

    Information on the small-volume payment instrument and the transaction performed

    Decree N155/04 on Approval of Bylaw on Card Instruments

    The provider is allowed to issue a prepaid card only.

    The issuer is obliged to develop the card instrument release policy, the rules of use and complaint review procedures.

    Protect the confidentiality of information related to the card instrument holder, store and receive information as needed.

    Approval of bylaw on information complementary to transactions

    The transfer must be accompanied by: payer's name, account number, ID number, recipient's name and account number.

    The payer’s provider is obliged to supply the information.

    The recipient provider is required to implement effective verification procedures.

    The intermediary provider is required to implement effective risk-based procedures.

    Decree N156/04 on Approval of Strong User Authentication Regulation

    The provider is obliged to do strong customer authentication if the payment account is accessed remotely online, an e-payment is initiated, and there is an action through a remote channel, which is a risk carrier.

    The provider is obliged to have an instrument in place for monitoring payment transactions, to introduce and document security measures and to initiate scheduled inspections.

    Elements of authentication code: knowledge, ownership, uniqueness

    The provider is obliged to calculate fraud rates, which must be properly documented.

    Create customized security features in a secure environment and connect to customized security features securely through a single user;