Currently what is outlined in the act provides for two primary protections. One, as I've mentioned, is the safeguarding of consumer funds. In essence, what the act requires is that payment service providers cannot commingle their corporate operating funds with funds that clients hold on account. In that way, it will provide broadly greater protections for users of the system.
The second requirement will be in terms of managing operational risk, for instance, ensuring that payment service providers structure their offerings in such a way that there's reliance against cybersecurity risks and whatnot, so they are operating their systems in a safe way. This way, the act will make the provision of retail payment services safer for consumers and for business users.
It does not include requirements around market conduct, such as liability and disclosure and those types of consumer protections. That is envisioned as a future element of the framework. Given the complementary jurisdiction between the federal government and provincial and territorial governments, the intention is that we would collaborate in terms of the development of what those protections will be.
The nature of those protections is unclear at the moment. For instance, would they be regulations or would we use some other tool? Those elements are all to be determined and, as I said, would be done in close collaboration with not only provinces and territories, but stakeholders more broadly.