(1)Confidential information must not be disclosed by a primary recipient, or by any person obtaining the information directly or indirectly from a primary recipient, without the consent of—
(a)the person from whom the primary recipient obtained the information, and
(b)if different, the person to whom it relates.
(2)In this section “confidential information” means information which—
(a)relates to the business or other affairs of any person,
(b)was received by the primary recipient for the purposes of, or in the discharge of, any functions of the Payment Systems Regulator under this Part, and
(c)is not prevented from being confidential information by subsection (4).
(3)It is immaterial for the purposes of subsection (2) whether or not the information was received—
(a)as a result of a requirement to provide it imposed by or under any enactment;
(b)for other purposes as well as purposes mentioned in that subsection.
(4)Information is not confidential information if—
(a)it has been made available to the public by virtue of being disclosed in any circumstances in which, or for any purposes for which, disclosure is not precluded by this section, or
(b)it is in the form of a summary or a collection of information that is framed in such a way that it is not possible to ascertain from it information relating to any particular person.
(5)Each of the following is a primary recipient for the purposes of this section—
(a)the Payment Systems Regulator;
(b)the FCA;
(c)a person who is or has been employed by the Payment Systems Regulator or the FCA;
(d)a person who is or has been engaged to provide services to the Payment Systems Regulator or the FCA;
(e)any auditor or expert instructed by the Payment Systems Regulator or the FCA;
(f)a person appointed to make a report under section 82;
(g)a person appointed under section 83.
(6)Nothing in this section applies to information received by a primary recipient for the purposes of, or in the discharge of, any functions of the Payment Systems Regulator under the Competition Act 1998 or the Enterprise Act 2002 by virtue of section 59 or 61.
(For provision about the disclosure of such information, see Part 9 of the Enterprise Act 2002.)
(1)Section 91 does not prevent a disclosure of confidential information which—
(a)is made for the purpose of facilitating the carrying out of a public function, and
(b)is permitted by regulations made by the Treasury under this section.
(2)For the purposes of this section “public functions” includes—
(a)functions conferred by or in accordance with any provision contained in any enactment;
(b)functions conferred by or in accordance with any provision contained in the EU Treaties or any EU instrument;
(c)similar functions conferred on persons by or under provisions having effect as part of the law of a country or territory outside the United Kingdom;
(d)functions exercisable in relation to specified disciplinary proceedings.
(3)Regulations under this section may, in particular, make provision permitting the disclosure of confidential information or of confidential information of a specified kind—
(a)by specified recipients, or recipients of a specified description, to any person for the purpose of enabling or assisting the recipient to discharge specified public functions;
(b)by specified recipients, or recipients of a specified description, to specified persons, or persons of specified descriptions, for the purpose of enabling or assisting those persons to discharge specified public functions;
(c)by the Payment Systems Regulator to the Treasury for any purpose;
(d)by any recipient if the disclosure is with a view to or in connection with specified proceedings.
(4)Regulations under this section may also include provision—
(a)making any permission to disclose confidential information subject to conditions (which may relate to the obtaining of consents or any other matter);
(b)restricting the uses to which confidential information disclosed under the regulations may be put.
(5)In relation to confidential information, each of the following is a “recipient”—
(a)a primary recipient;
(b)a person obtaining the information directly or indirectly from a primary recipient.
(6)In this section—
“confidential information” and “primary recipient” have the same meaning as in section 91;
“specified” means specified in regulations.
(1)A person who discloses information in contravention of section 91 is guilty of an offence.
(2)A person guilty of an offence under subsection (1) is liable—
(a)on summary conviction—
(i)in England and Wales, to imprisonment for a term not exceeding 3 months or a fine, or both;
(ii)in Scotland, to imprisonment for a term not exceeding 12 months or a fine not exceeding the statutory maximum, or both;
(iii)in Northern Ireland, to imprisonment for a term not exceeding 3 months or a fine not exceeding the statutory maximum, or both;
(b)on conviction on indictment, to imprisonment for a term not exceeding 2 years or a fine, or both.
(3)A person is guilty of an offence if—
(a)information has been disclosed to the person in accordance with regulations made under section 92, and
(b)the person uses the information in contravention of any provision of those regulations.
(4)A person guilty of an offence under subsection (3) is liable on summary conviction—
(a)in England and Wales, to imprisonment for a term not exceeding 51 weeks (or 3 months, if the offence was committed before the commencement of section 280(2) of the Criminal Justice Act 2003) or a fine, or both;
(b)in Scotland, to imprisonment for a term not exceeding 3 months or a fine not exceeding level 5 on the standard scale, or both;
(c)in Northern Ireland, to imprisonment for a term not exceeding 3 months or a fine not exceeding level 5 on the standard scale, or both.
(5)In proceedings against a person (“P”) for an offence under this section it is a defence for P to prove—
(a)that P did not know and had no reason to suspect that the information was confidential information;
(b)that P took all reasonable precautions and exercised all due diligence to avoid committing the offence.
(6)In this section “confidential information” has the same meaning as in section 91.
(1)The following are regulators for the purposes of this section—
(a)the Payment Systems Regulator;
(b)the FCA.
(2)A regulator must not disclose to any person specially protected information.
(3)“Specially protected information” is information in relation to which the first and second conditions are met.
(4)The first condition is that the regulator received the information from—
(a)the Bank of England (“the Bank”), or
(b)the other regulator where that regulator had received the information from the Bank.
(5)The second condition is that the Bank notified the regulator to which it disclosed the information that the Bank held the information for the purpose of its functions with respect to any of the following—
(a)monetary policy;
(b)financial operations intended to support financial institutions for the purposes of maintaining stability;
(c)the provision of private banking services and related services.
(6)The notification referred to in subsection (5) must be—
(a)in writing, and
(b)given before, or at the same time as, the Bank discloses the information.
(7)The prohibition in subsection (2) does not apply—
(a)to disclosure by one regulator to the other regulator where the regulator making the disclosure informs the other regulator that the information is specially protected information by virtue of this section;
(b)where the Bank has consented to disclosure of the information;
(c)to information which has been made available to the public by virtue of being disclosed in any circumstances in which, or for any purposes for which, disclosure is not precluded by this section;
(d)to information which the regulator is required to disclose in pursuance of any EU obligation.
(8)In this section references to disclosure by or to a regulator or by the Bank include references to disclosure by or to any of the following—
(a)persons who are, or are acting as, officers of, or members of the staff of, the regulator;
(b)persons who are, or are acting as, officers, employees or agents of the Bank;
(c)auditors, experts, contractors or investigators appointed by the regulator or the Bank under powers conferred by this Part or otherwise.
(9)References to disclosure by a regulator do not include references to disclosure between persons who fall within subsection (8)(a) or (b) in relation to that regulator.
(10)Each regulator must take such steps as are reasonable in the circumstances to prevent the disclosure of specially protected information, in cases not excluded by subsection (7), by those who are or have been—
(a)its officers or members of staff (including persons acting as its officers or members of staff);
(b)auditors, experts, contractors or investigators appointed by the regulator under powers conferred by this Part or otherwise;
(c)persons to whom the regulator has delegated any of its functions.
In section 246 of the Banking Act 2009 (information), in subsection (2), after paragraph (c) insert—
“(ca)the Payment Systems Regulator (established under section 40 of the Financial Services (Banking Reform) Act 2013);”.