The National Bank has defined requirements for the risk management system of non-financial payment service providers

National Bank determined requirements for the risk management system of providers of non-financial payment services in preparation for the implementation of open banking in accordance with the Law of Ukraine “On Payment Services”.

The corresponding provision applies to non-banking institutions that provide account information and initiate payment transactions. At the same time, payment institutions, issuers of electronic money and branches of foreign institutions that combine their activities with the provision of non-financial services must also comply with the requirements for the management system for financial providers.

The regulation establishes mandatory standards for building a risk management system, implementing internal documents for working with operational, cyber and security risks, as well as defining a methodology to ensure continuous service provision. In addition, there is a mandatory review of relevant documents on a regular basis. According to NBU Board Resolution No. 73, adopted on July 2, 2025, these regulations will enter into force on August 1, 2025.

It will be recalled that on June 17, the National Bank submitted for public discussion the draft Regulation on requirements for the risk management system of the provider of non-financial payment services. The document was developed in order to prepare for the launch of open banking in accordance with the Law of Ukraine “On Payment Services”. Its provisions will apply to the work of non-bank payment service providers that provide account information and initiate payment transactions (with the exception of banks).