Search
Exact matches only
Search in title
Search in content
Search in comments
Search in excerpt
Filter by Custom Post Type
Payment Services

In recent years the payment industry has changed beyond recognition. Technological developments such as internet and mobile payments offer consumers real alternatives to the traditional payment landscape. However, such services have found it extremely difficult to break the monopoly that the banks have traditionally held over the industry. This was a point acknowledged by the European Union when it introduced the revised Payment Service Directive (‘PSD2’), part of the purpose of which was to increase innovation and improve market access for payment service providers.

PSD2, implemented in January 2018, acknowledged the increased security risk relating to electronic payments due to the ‘growing technical complexity of electronic payments.’ The Directive, therefore, set out rules concerning:

  • Strict security requirements for electronic payments
  • Transparency of conditions and information requirements for payment services;
  • The rights and obligations of users and providers of payment services.

The Financial Conduct Authority (FCA) requires that all applicants seeking authorisation as a payment service provider provide a robust suite of IT security policy and procedures alongside a detailed risk assessment. Recent EBA guidance has established that security measures must be audited by an operationally independent individual with ‘expertise in IT Security and Payments’ and that the frequency and focus of such audits should be applicable to the firm’s risks.

The Payment Services team are highly knowledgeable in the regulatory requirements imposed on firms operating in this industry. The team will use its experience to provide a tailored solution to your firm. Types of payment services firms we work with include:

Some of the ways in which the team can help your firm include but are not limited to:

FCA applications: To submit your application to become a Payment Services Provider an applicant must have in place the requisite documentation. This will include documents such as a regulatory business plan, a suite of compliance policies and procedures and an IT security risk assessment. Thistle can assist you with template documents and work with you to tailor these to your firm’s specific requirements. Thistle can also do a gap analysis on the policies and procedures currently in place and help you action any outstanding points.

Small Payments Institutions Registration:  We can help you become a Small Payments Institution and ensure you are up to date with your regulatory requirements.

REP018  We can provide support and guidance for firms needing to complete their REP018 report.

Auditing: The team is also experienced in conducting audits on firms operating within the payment industry, these audits can be based on general compliance matters or can be tailored to address any specific areas required such as IT systems, complaints policies and procedures and training programmes. In line with the European Banking Authorities guidance, Thistle can conduct a joint audit with an operationally independent individual with expertise in IT Security and Payments to meet the regulatory testing framework requirements.

Financial Crime Policy and Procedures: The Payment Services team works closely with the Financial Crime team and is well versed in assisting payment firms in updating their policies and procedures in line with a risk-based approach, as required by the Money Laundering Regulations 2017

Regulatory Returns:  We can help you should you need any assistance with submitting regulatory returns on GABRIEL.


Popular Services

Sector Services

Contact Us




Choose Sector*


“The Payment Service Team at Thistle really helped making a difficult process, so much easier. Thank you for all your help.”



Caroline Plambeck / jumblebee

“Thistle helped us to become registered as an Account Information Service Provider (AISP) with the FCA. They were highly proactive and provided detailed guidance and feedback on what was a complex application process. Our caseworker Shazana was experienced and always available to answer any questions we had. We would not hesitate in using Thistle again for any of our compliance needs.”



Glenn Drake / QuickFile

“We used Thistle Initiatives to handle our Payment Services compliance obligations namely re-authorisation of SPI licence. Very professional service. Kept us informed step by step and assisted with all documentation. Many thanks to Nadia Lemard and her team. I would definitely put Thistle on your ‘short list’ of potential compliance consultants.”



Geoff Tully / Senit Remittance Ltd

“Thistle Initiatives provided professional support and guidance to achieve Orient Exchange’s Small Payments Re-Registration. Thank you for your assistance.”



Kishore Lalwani / Orient Exchange