Standards Authority

As the operator of the UK’s retail payment systems, we are at the heart of how individuals and businesses receive their salaries, pay their bills, and make online and mobile banking payments. In fact, more than £7 trillion flows through Bacs, Faster Payments, and cheques every year.

But our role doesn’t end there. We have a vision to be the smartest way to move money, now and in the future. And we are determined to power payments, champion innovation and give the UK choice in how it pays.

A core element of this is developing and setting the standards that underpin and enable these aspirations to deliver a best-in-class platform and services now, and into the future.

This vital work is done through the Standards Authority, which is responsible for the definition of standards for Pay.UK’s services, encompassing those for the New Payments Architecture programme.

These include, but are not limited to, the ISO 20022 standard for financial transaction messages, as well as the common standards behind innovative overlay services such as Confirmation of Payee and Request to Pay.

Supporting all of this is the Standards Framework, which outlines the governance, key principles, definitions and procedures for the development, modification and periodic review of standards within Pay.UK.

It also establishes key policy principles to be utilised in a consistent manner whenever there is a decision regarding which standard to implement, ensuring that these continue to align with our strategic objectives, design principles, organisational risk appetite, and monitoring and ensuring compliance.

We will publish details of the Standards Framework  and plan to continue to refine and develop this approach.

Pay.UK will use the Standards Framework to help:

  • Mandate the fixed data boundary of payments new services and our platform – including the technical [data] interface and data exchange format between customers and infrastructure providers of that payment service
  • Set standards to specify the outcomes enabled by our payment services and our platform (including infrastructure)
  • Set standards where there is a clear and demonstrable market need, this may include defining how the users of the standard will provide assurance of their adherence
  • Enable attestation to and monitor adherence of the data boundaries of payment services
  • Put in place controls to provide assurance and limit systemic risk
  • Facilitate collaboration to allow market participants to work together to define standards.

When doing so we will consider the implications with respect to data protection and clearly define where we are acting as a data processor or controller.