Your access and use of SAMA Regulatory Rulebook and its content is considered as an acceptance and approval of commitment by you without any limitation or condition to the following:
SAMA Regulatory Rulebook is a platform that aims to assist the regulated entities to access SAMA regulatory content adeptly and efficiently.
SAMA Regulatory Rulebook is still on its development and soft launch stage. SAMA is not liable for its contents and does not warrant or represent that (the Services related to the platform, information or material presented in the platform) is displayed free of any inaccuracies, omissions, or errors (“Faults”). SAMA accepts no liability for any loss, claim or damage resulting from any use of the platform, and any decisions made, or actions taken based on the information contained in or generated by the platform.
SAMA Regulatory Rulebook has no legal effect and it does not aim to amend or revoke any legal provisions. The Rulebook still Contains some documents under review, including translated versions. Therefore, SAMA Regulatory content circulated through SAMA official channels remains in force.
Without prejudice to the terms of use of SAMA website Hereby, you acknowledge that any illegal, unauthorized use and/or any breach of any of these provisions may result in legal actions against you.
Effective from Jun 13 2023 - Jun 12 2023 To view other versions open the versions tab on the right
(1)
A Payment Account Service Provider must grant a Payment Initiation Service Provider and a Payment Account Information Service Provider and each other Payment Service Provider access to Payment Accounts provided that the Payment Services User Consent is received, taking into account providing the access on an objective, non-discriminatory and proportionate basis and in such a way as to allow the Payment Service Provider to deliver Relevant Payment Services in an unhindered and efficient manner.
(2)
The payer's payments account service provider must:
(a)
Communicate with and transfer information securely to a Payment Initiation Service Provider and a Payment Account Information Service Provider in accordance with the regulations, rules, circulars, controls and instructions related to cyber security issued by SAMA and competent authorities in the Kingdom;
(b)
Put in place the necessary policies and procedures to ensure that Payment Services Orders and other requests by the Payer are Authenticated and authorized correctly;
(c)
Ensure that any fees applied have been agreed to by the Payer and that such fees are consistent with any regulations, rules, circulars, controls and instructions issued by SAMA;
(d)
Immediately after receipt of the Payment Services Order, provide to the Payment Initiation Service Provider all information on the execution of the Payment Transaction and all accessible information.
(e)
Treat a Payment Services Order from the Payment Initiation Service Provider in the same ways as a Payment Services Order received directly from the Payer;
(f)
Respond to a Payment Services Order from the Payment Initiation Service Provider in a timely manner;
(g)
Treat the data request from the Payment Account Information Service Provider in the same way as a data request received directly from the Payer;
(h)
Respond to data requests from the Payment Account Information Service Provider in a timely manner;
(i)
Not require the Payment Initiation Service Provider or Payment Account Information Service Provider to enter into a commercial contract before complying with the preceding requirements in this Article.
(3)
A Payment Account Service Provider may deny the Payment Transactions initiation or the access to a Payment Account by a Payment Account Information Service Provider or a Payment Initiation Service Provider based on reasonably justified and duly evidenced reasons relating to unauthorized or fraudulent access. In such cases, the Payment Account Service Provider must:
(a)
Inform the Payment Account Information Service Provider or Payment Initiation Service Provider of the incident and the reason for denial of access;
(b)
Notify SAMA immediately regarding the incident in such form that SAMA may direct and include the details of the case and the reasons for taking a deny action; and
(c)
Restore account access to the Payment Account Information Service Provider or Payment Initiation Service Provider once the denial of access is no longer justified.
