Use the latest browser recommended by Microsoft
Get speed, security and privacy with Microsoft Edge
This notice explains the minimum onboarding expectations applicable across the BiMPay ecosystem and is grounded in a risk-based approach to customer due diligence (CDD). While simplified due diligence (SDD) measures may be applied in lower-risk scenarios, they do not eliminate the payment service provider[1] (PSP)’s obligation to:
PSPs are responsible for risk assessments, onboarding, approval, and ongoing monitoring under AML/CFT laws and the Central Bank of Barbados (Bank) Guideline. BiMPay does not centrally approve or onboard customers.
These provisions apply to all PSPs, including commercial banks and credit unions. Linking PSP accounts to the BiMPay app is completed via token-based consent initiated within the PSP’s mobile or online banking platform, or another medium. The application provides the flexibility for any individual to seek to obtain an e-wallet from a PSP of their choice.
The framework allows for flexibility regarding the timing of verification, consistent with the Money Laundering and Financing of Terrorism (Prevention and Control) Act (the Act), AML Guideline and FATF Standards. Further, in keeping with Section 17 of the Money Laundering and Financing of Terrorism (Prevention and Control) Act, 2011-23 (MLFTA), the Bank’s AML/CFT Guideline provides for reduced or simplified identification and verification procedures by a financial institution.
The Guideline (paragraph 37(2)) speaks to licensees verifying and documenting the identity of the customer or account holder at the outset of a business relationship, meaning the earlier of an acceptance of the signed application/proposal, or the first receipt of funds from the customer. However, acceptance of funds from prospective customers prior to completion of verification is allowed where it would be essential not to interrupt normal conduct of business, such as non-face-to-face business (paragraph 45). A reasonable timeline for completion of verification must be established and risk management procedures with respect to conditions to utilising the business relationship prior to verification. Such conditions may include limitation of the number, types and/or amount of transactions that can be performed.
The BiMPay e-wallet onboarding process is designed to observe this flexibility regarding the timing of verification, that is:[2]
A PSP must provide BiMPay e-wallet services to customers who already have an existing commercial bank or credit union account with that PSP, unless there are exceptional circumstances such as an ongoing criminal matter or a freezing order is in place. Existing protocols with law enforcement should apply in such circumstances.
PSPs will decide when to opt-in to the BiMPay e-wallet for new and unbanked customers. When a PSP opts in, a link to that PSP will appear as an option for the applicant in the downloaded BiMPay app. A PSP that “opts-in” does so on condition that it verifies and on-board persons in thirty (30) minutes in straightforward, low-risk cases, or within five (5) business days where enhanced review is required. This applies to:
Service Level Objectives for Onboarding |
INSTANT LINKING FOR ALREADY BANKED CUSTOMERS VIA TOKEN-BASED CONSENT. 30-MINUTE COMPETION FOR NEW AND UNBANKED IN STRAIGHTFORWARD, LOW-RISK REMOTE ONBOARDING. SAME-DAY COMPLETION FOR ADDITIONAL IN-PERSON ONBOARDING SUBMISSIONS AT BRANCHES OR AGENTS OF PSPS THAT OPT TO OFFER THIS SERVICE EXCEPTIONS: UP TO 5 BUSINESS DAYS FOR ENHANCED DUE DILIGENCE, WITH INTERIM RESTRICTIONS APPLIED. REPORTING: PAYMENT SERVICE PROVIDERS REPORT MONTHLY MEDIAN AND 95TH-PERCENTILE ONBOARDING TIMES, AND THE SHARE COMPLETED WITHIN 30 MINUTES |
After the BiMPay app registration[3] with an email address and mobile number, a customer provides additional information to obtain an e-wallet. Each e-wallet must be bound to the customer’s email address, registered cell phone number, and device. PSPs must adopt appropriate controls as part of their risk-based AML/CFT programme in accordance with the requirements of the AML/CFT legislation and the Guideline. This includes sanction screening and transaction monitoring on an ongoing basis.
Resident non-nationals must have an account with a registered PSP in order to obtain an e-wallet. This applies to persons so designated under the Exchange Control Act, Cap.71 which includes nationals from CARICOM member jurisdictions under the full free movement arrangement.
After selecting a PSP, the individual will be required to enter the following information into the BiMPay e-wallet app:
Any person who provides false or misleading information at any time during the registration or onboarding process may be prohibited from obtaining a BiMPay e-wallet indefinitely.
PSPs must take a reasonable time to complete an individual’s verification in up to thirty (30) minutes for straightforward, low-risk cases. Where enhanced due diligence is required, for example a politically exposed person, the period may extend up to five (5) business days.
Upon satisfactory completion of verification, the PSP may allow access to a Tier 1 BiMPay e-wallet with the following transaction limits:
A SIM-swap or device change requires a step-up verification by the PSP and the imposition of a 24-hour cool-off before cash-out resumes. In such cases, the PSP may require the customers to present in person to a branch of the PSP. This provides for an agent-assisted recovery path.
Beyond a Basic Wallet
Each PSP is required to use a risk-based approach as set out in the Bank’s AML/CFT Guideline to determine any applicable limits to wallets beyond a basic wallet. A commercial bank or credit union may also determine, based on their existing knowledge of and ongoing relationship with a customer, that a higher limit, or no limit, is an acceptable risk. In such cases, the PSP may request additional information to determine, based on risk, the appropriate limit. PSPs must document additional information obtained and the rationale for the higher or no limit.
Beyond the minimum requirements outlined for the application of SDD, each licensed PSP remains responsible for determining its own risk appetite and approach to mitigating ML/TF risks, including carrying out effective ongoing monitoring and verification processes in accordance with the requirements in the MLFTA and the Bank’s Guideline.
SDD may be applied to individuals and sole traders. Businesses, companies and resident non-nationals shall be subject to the appropriate CDD and KYC requirements of their respective PSP based on the requirements for the application of a risk-based approach, as set out in the MLFTA and the Bank’s Guideline. KYC and monitoring records must be retained in accordance with the MLFTA.
The Bank may amend this notice based on experience and changes in standards or law and intends to consult stakeholders before material changes.
The Market Conduct Guideline is under review as part of the Bank’s commitment to keep pace with developments in the sector and feedback from industry. Commercial banks have progressed their digitisation efforts since the issuance of this Guideline and updates will be considered on, among other things, account opening expectations.
Effective date: unless stated otherwise, amendments take effect thirty (30) calendar days after publication.
[1] An entity licensed or authorised by the Central Bank of Barbados to provide payment services under the National Payment System Act 2021-1. This includes operators, participants and any third party acting on the behalf of either of them as an agent or by way of outsourcing agreements, whether entirely or partially operating in Barbados.
[2] Some comparative benchmarks are noted.
[3] Registration means successfully downloading and installing the BiMPay App.
The BiMPay wallet is part of the new national instant payment system in Barbados that lets you send/receive money using a phone number, email address or QR code, through the BiMPay e-wallet or through your bank’s app. The e-wallet is accessible to every Barbadian, including those who do not have an account at the financial institution. If you have an account at one of the six commercial banks or three largest credit unions (Barbados Public Workers Cooperative Credit Union, COB Credit Union, or Affinity Plus), you can opt to link the wallet to your existing bank account.
If you do not have an account at one of these institutions or if you don’t want to link the wallet to your existing account, you will have to choose an entity that is licensed by the Central Bank of Barbados as the custodian of your funds. In that way, your money is protected while you are under no obligation, unless you choose to do so, to sign up for other products or services from this institution that acts as the custodian of the money stored in your wallet.
Find out What BiMPay Is and How You’ll Use It
Step 1 – Check Requirements
Step 2 – Register
Applying for a BiMPay wallet is easier than opening an account with a bank or credit union. You will not be asked about your source of income or for proof of address nor will you have to go anywhere to sign any documents. The only information that you will be asked to provide is:
Because the BiMPay wallet does not require all the information that you would need to open a regular bank account, there are a few limitations on its usage. These are in the form of transaction limits:
Should you wish to increase your limit, you will need to contact the custodian institution. You will need to provide additional information. Thereafter, it will make an assessment based on your risk profile.
Not yet. At this stage the BiMPay wallet will be made available only to people who live in Barbados and those people living outside Barbados who have a BBD-denominated account at a Barbadian financial institution.
You can choose whether to send money using the recipient’s phone number, email address, account information, or by choosing one of the existing contacts in your phone. You can also scan the person’s or merchant’s QR code to pay. Once you have entered the amount, you will be shown the person/merchant’s name and be asked to confirm they are the intended recipient. Only after that confirmation can you send the payment. N.b. you will be asked to verify your identity via biometrics or by entering your PIN.
You can also receive payments using BiMPay. You will receive a notification whenever someone sends you money. In addition, the e-wallet allows you to request funds using its “Request to Pay” function.
BiMPay is free to individuals and businesses whose revenue falls below a certain threshold. Banks and credit unions can charge their larger business clients fees. Those fees would be negotiated between the individual entity and their financial institution based on their specific arrangement, not by the Central Bank of Barbados.
Read about Fees and Transaction Limits in BiMPay
Transactions are instant and typically cannot be reversed automatically — you’ll need to arrange a refund with the recipient. Your custodian or bank will have a process in place to help you with the “Request-for-Recall” procedure.
BiMPay transfers are near instant; mistakes usually require the other party’s agreement to refund. However, before you OK a payment with the BiMPay wallet, you will be shown the name of the person you are sending the money to so that you can double check that you made no mistake with the recipient. Only after you confirm will the money be sent.
Your custodian or bank will have a process in place to help you in this process with a so-called “Request-for-Recall” procedure.
BiMPay is limited to payments from BBD-denominated accounts held at financial institutions in Barbados, so you cannot use it for foreign currency transactions. However, if you are abroad but want to make a payment from your Barbadian account to another Barbadian account, you can do so using BiMPay.
You can send money to friends and family, pay a service provider such as a gardener, car washer; you can pay for goods and services, and make rental payments. These can be done by sending the money directly, scanning a QR code the payee presents to you, or approving a request for payment.
After BiMPay has gone live, you will see more and more shops, restaurants, utility companies, and even government agencies offering the possibility to pay via BiMPay.
BiMPay allows you to send money using “aliases” such as a phone number or email address. Behind the scenes, the system will match the bank account number or the wallet that that alias belongs to and do the rest.
Find out more about aliases and how they work.
Yes. BiMPay has several strong security features, including end-to-end encryption and fraud detection systems. However, it is still important for you to be wary of phishing attempts and other forms of fraud and scams. Never share your log-in information or passwords with anyone. Neither the Central Bank of Barbados nor your financial institution will ask you to disclose this information.