Payments Review Summer 2024

Breaking the Open Banking Stalemate

Resolving the UK’s commercial quandary to unlock the full potential of open banking

Contents

Editor’s Word

P4 Navigating the evolution: Key trends reshaping merchant services

P5 NatWest pulls the plug on BNPL –will others follow suit?

P6 News in Brief

P7 Unlocking the digital euro: Europe’s currency revolution

P10 Instant payments: Are you ready?

P12 Customer protection: A regulatory ‘last stand’?

P17 Crafting security: Australia’s strategic approach to combatting fraud

P22 Establishing sustainable commercial models for open banking: Overcoming the quagmire

P28 Redefining fraud prevention: Insights from a former insider

P30 PAY360: The payments ecosystem under one roof

P32 ESG 101: Why isn’t the industry making an impact?

P35 Payments compliance faces runaway costs

P38 Leveraging ISO 20022 for enhanced cross-border payments and fraud prevention

P42 Payment Voices

Editor’s Word

Welcome to the Summer 2024 edition of Payments Review, in which we explore pivotal developments across the global payments landscape.

This issue starts with an in-depth analysis of the European Central Bank’s trials of the digital euro, highlighting the transformative potential of distributed ledger technology in reshaping financial systems.

Following this, we focus on Australia’s scam prevention blueprint, which provides a comprehensive strategy that has effectively reduced financial scams and offers important lessons for global economic crime prevention.

We also spotlight open banking, particularly the UK’s ongoing efforts to establish sustainable and viable commercial models amidst the divisions between banks and fintech companies.

We also feature a fascinating interview that provides unique insights into the mind and methods of a reformed financial criminal, shedding light on the necessary measures to thwart financial crimes effectively.

The edition includes highlights from the PAY360 conference, summarising the key discussions and innovative ideas currently leading the industry.

Lastly, we delve into how the industrywide adoption of ISO 20022 is enhancing cross-border payments and aiding in fraud prevention.

We hope you enjoy reading the second edition of 2024. If you wish to contribute or share your ideas, please do not hesitate to get in touch.

P44 How financial institutions can navigate the future of digital asset custody

P46 AI in financial crime prevention: A transformative approach

P50 Financial Crime 360: The payment leaders fighting crime on the ground

P52 Achieving financial growth through payments data analytics

P54 Scroll, click, sell: Navigating the risks and rewards of social commerce

P56 Physical or digital banking? Why not both?

P58 Introducing our newest members

P60 Coding cash: Unveiling the new frontier of programmable money

The team

Anjana Haines

Editorial director

Benjamin David

Editor

George Iddenden

Reporter

Tony Craddock

Director general

Ben Agnew

CEO

Emma Banymandhub

Events director

Maria Stavrou

Operations director

Tom McCormick

Sales director

Tom Brewin

Head of projects

Riccardo Tordera

Head of policy and government relations

Sophie Boissier

Membership director

Jay Bennett

Projects assistant

Michele Woodger

Projects and content coordinator

Suzanne Smith

Digital Sales Manager

Market Intelligence Board

Martyn Fagg

COO

Tillo

Joe Hurley

CCO

Crown Agents Bank

Kit Yarker

Director, Product and Propositions

EML Payments

Manish Garg

Founder & CEO

Banksly

Andrew Doukanaris

CEO Flotta Consulting

Mark O’Keefe

CEO

Optima-Consultancy

Mark McMurtrie

Director Payments Consultancy

Paul Adams

Head of Strategic Alliances

Trust Payments

Miranda Mclean

Chief Marketing Officer

LHV Bank

Sarah Jordan

Project Financial Crime Member

Anant Patel

President, Supply Chain Payments

Monavate

Jessica Cath

Head of Financial Crime

Thistle Initiatives

Lorraine Mouat

Head of Payment Services

Thistle Initiatives

Navigating the evolution: Key trends reshaping merchant services

Mark McMurtrie is an ambassador of The Payments Association and director of Payments Consultancy Ltd

In a rapidly changing industry, understanding trends in merchant services is crucial. Key developments in transaction processes are vital for competitiveness and meeting consumer needs.

Merchant services transformation

Merchant services have seen dramatic changes, driven by new payment methods, digitisation, emerging technologies, and various providers. Previously confined to retail and hospitality, now nearly all types of organisations require the ability to accept electronic payments.

Merchant needs

Essential merchant service requirements include quick transaction processing, reliability, compliance, and robust fraud protection. Increasing demands for seamless customer experiences, unified commerce processing, and enhanced management reporting are evident. The growth of e-commerce underlines the need for diverse payment methods, currencies, and language options. Economic conditions also highlight the importance of faster settlement times and accessible working capital.

Heightened consumer expectations

Consumers now dictate their payment methods and timing. Supporting a variety of payment methods and flexible payment terms is crucial; otherwise, consumers may look elsewhere. Hyper-personalisation has become key as preferences vary widely, and payment acceptance must be reliable around the clock.

New types of merchant service providers

Traditionally, acquirers dominated merchant services. Now, they are typically specialist businesses with advanced technology, serving internationally. The landscape includes payment facilitators and independent sales organisations that cater to SMEs, while marketplaces and platforms increasingly assert their market presence. Payment orchestration platforms (POPs) have emerged as the latest group of stakeholders.

Expanded range of services

Electronic funds transfer remains the core merchant service, now enhanced by value-added services such as fraud prevention, strong customer authentication, loyalty programs, and open banking. POPs provide e-commerce merchants with improved authorisation rates, broader payment methods, including account-toaccount and buy now pay later options, and consolidated back-office reporting.

New types of acceptance points

Merchants have access to various acceptance devices like Android-powered SmartPOS terminals, which enhance communication and flexibility. Micro-merchants benefit from SoftPOS technology, using smartphones as secure payment devices. Wider use of self-service devices extends trading hours, improves efficiency, and reduces costs.

Conclusion

Key developments in merchant services have been outlined, highlighting how the Covid-19 pandemic accelerated enhancements. Future innovations such as open banking and variable recurring payments are poised to offer viable alternatives to traditional card payments.

Payments Review is published by The Payments Association. Payments Review and The Payments Association does not necessarily agree with, nor guarantee the accuracy of the statements made by contributors or accept any responsibility for any statements, which are expressed in the publication. The content and materials featured or linked to are for your information and education only. They are not intended to address personal requirements and not does it constitute as financial or legal advice or recommendation. All rights reserved. Payments Review (and any part thereof) may not be reproduced, transmitted, or stored in print, electronic form (including, but not limited, to any online service, any database or any part of the internet), or in any other format without the prior written permission of The Payments Association. The Payments Association, its directors and employees have no contractual liability to any reader in respect of goods or services provided by a third-party supplier.

The Payments Association, St Clement’s House, 27-28 Clement’s Lane, London EC4N 7AE , Tel: 020 7378 9890

NatWest pulls the plug on its BNPL product - will others follow suit?

Last month, NatWest decided to discontinue its buy now pay later (BNPL) offering less than two years after its launch.

According to a report in The Sun, the high street banking giant is ditching the payment service due to lower-thanexpected user numbers.

Citizens Advice estimates that around 15.1 million consumers used BNPL products during the festive period last year to help make purchases more affordable through interest-free instalments.

BNPL solutions and their popularity have increased over recent years, significantly accelerated by the pandemic and the rise in e-commerce transactions. Sector incumbents like Klarna have taken the lion’s share of market gains.

NatWest first announced its BNPL offering in 2022, citing customers’ “clear demand” for spreading the cost of their purchases. The bank said at the time it was aiming to make its offering “safer and better” than the current options on the market.

The Sun cites the more widespread usage of its core lending products, such as credit cards, overdrafts, and loans, as the reason for terminating the BNPL offering. This includes the already existing instalment plans available to credit card users.

NatWest’s existing credit plans allow consumers to split the cost into five eligible transactions; its BNPL offering, on the other hand, automatically assigns all purchases to instalment plans.

The bank offers its credit card customers an instalment plan, enabling them to pay for specific purchases over a period of three, six, twelve, or twentyfour months. Additionally, customers can

transfer the balance of their expired 0% balance transfer cards to one of these instalment plans.

It comes as regulators continue to scrutinise the BNPL industry due to concerns about consumer debt and responsible lending practices. Under the proposed regulations, individuals seeking BNPL services must undergo credit checks before being granted access to such services.

Additionally, the use of these services would be reported to credit agencies. However, there have been concerns about the future of this regulatory framework. Reports suggest the Treasury is considering abandoning the policy due to fears of a potential market backlash

During his speech at Imperial College London Business School in January, Financial Conduct Authority CEO Nikhil Rathi reaffirmed that, while BNPL may benefit consumers, it also poses risks and requires regulation.

NatWest’s exit from the space begs the question: Will others follow suit? With incoming regulation, consumers may find it less attractive to access BNPL products.

In addition, a recent study by the Centre for Financial Capability shows that 22% of BNPL users missed one or more repayments in the last six months of 2023. More than a quarter of those surveyed were contacted by a debt collection agency or suffered a hit to their credit score.

As big players such as NatWest consider their position in the market and the potential risk to consumers’ financial health, which perhaps wasn’t as readily available in the early days of BNPL, becomes more apparent, it could prompt a hiatus from the space.

While NatWest has decided to pull out of the sector due to under-use, the

numbers don’t particularly paint a similar picture elsewhere. For instance, BNPL leader Klarna, which has a large market share in the UK, has increased the number of retailers it works with by 59% to 22,000 in the last year.

Similarly, tech giant Apple is poised to launch its BNPL product in the US, allowing Apple Pay users to spread their payments over four interest-free instalments.

According to VacuumLabs Service Design Lead, Carolina Soares, pureplay BNPL providers struggle due to insufficient credit assessments, leading to financial challenges and unprofitability. This weakness in the BNPL model presents a significant opportunity for banks and other payment platforms.

She tells Payments Review, “With established processes for assessing creditworthiness, banks are wellequipped to manage financial risks. They know precisely to whom they can lend money, a capability typical BNPL providers may struggle with. By adopting a more consumer-centric approach, banks can maintain their position in the credit market and address the potential risks associated with BNPL services.”

BNPL schemes remain popular with consumers, especially during turbulent economic periods, ultimately making purchases more affordable. As industry usage numbers continue to move upward, it will be interesting to see if the bank regrets its choice.

Klarna: 90% of employees using generative AI daily

Swedish fintech firm Klarna has reported that 90% of its employees use generative artificial intelligence (AI) daily.

Klarna’s 5,000-strong workforce is utilising technology such as OpenAI’s ChatGPT and its own AI assistant, Kiki.

It says the company’s biggest users of generative AI are in non-technical departments, such as communications (92.6%), marketing (87.9%), and legal (86.4%).

In 2022, the company slashed around 10% of its global workforce to reduce costs and prepare for economic turbulence following Russia’s invasion of Ukraine.

However, in February, it revealed that its AI chatbot was performing the equivalent work of 700 full-time customer service jobs, resulting in a US$40 million savings for the company.

American Express inks deal with Worldpay to offer greater payment choice and simplicity for small businesses

A new agreement has been signed between American Express and payment solutions company Worldpay, making it easier for small businesses to accept loyal, high-spending American Express cardmembers.

The agreement is part of American Express’s ongoing strategic approach to drive the company’s growth in the UK and increase the number of locations where cardmembers can purchase. The total number of locations accepting Amex in the UK has increased by 46% over the past three years.

Dan Edelman, vice president and UK general manager of merchant services at American Express, says: “As our cardmember base continues to grow in the UK, we’ve been making great strides in expanding our merchant coverage.

“This new strategic agreement will help power our progress, meaning thousands of additional small businesses across the country can benefit from welcoming Amex cardmembers who, on average, spend 3.9 times more annually and 3.2 times more frequently than non-cardmembers.”

Visa partners with Affirm for new tech offering to rival

Apple Pay

Card processor Visa has launched new technology to enhance its position in the e-commerce marketplace.

The technology, created in partnership with buy now pay later company Affirm, will share more detailed customer preference information with retailers based on their shopping history.

The payments giant is partnering with Affirm to streamline payment processes for US consumers by introducing a single credential for multiple payment methods, a strategy that has already proven successful in Asia.

This initiative will enable banks to introduce new products to a consumer’s account without requiring new account numbers or additional cards.

Visa is also introducing a facial recognition payment system similar to Apple Pay, which will function across all browsers and mobile devices to further reduce transaction friction.

Revolut launches a standalone crypto trading platform for UK retail customers

Global fintech company Revolut launched Revolut X on 7 May 2024, a standalone crypto trading platform available to UK retail customers.

The company began offering money transfers in the UK in 2015 and allowed users to buy, hold, and exchange cryptocurrencies in 2017. Since then, it has grown to become the UK’s largest fintech company, serving over 40 million customers worldwide.

Revolut stated that the new platform aims to compete with leading crypto exchanges by providing easy on/off-ramping and low fees. Although designed for professional traders, the platform is available on desktop for all UK users with a Revolut retail account.

Revolut’s head of crypto exchange product, Leonid Bashlykov, says: “We are excited by the introduction of our new crypto product, and believe this top-tier trading platform will change the game for experienced crypto traders, providing them with a safe and accessible place to trade.”

Unlocking the digital euro: Europe’s currency revolution

Exploring the need for a digital euro to maintain Europe’s financial autonomy and enhance transaction efficiency in an increasingly digital global economy.

“If you would have asked me 20 years ago if the central bank business model were destroyable or not, I would have said no. Now I’m not so sure.” These are the words spoken by Deutsche Bundesbank president, Joachim Nagel, at the Bank for International Settlements (BIS) Innovation Summit 2024.

Nagel’s concerns stem from the rapid growth of digital currencies and the implications for central banking business models if adoption lags. His comments come after the European Central Bank (ECB) moved to the next stage of its digital euro project with a view to issuing a digital currency in the next few years, with Nagel informing the conference it was a “necessity” that a digital euro was rolled out and that process must “speed up”.

Earlier this year, President of the ECB, Christine Lagarde, stated that a digital euro could offer Europeans more autonomy and resilience. She highlighted that many Europeans currently rely on non-European payment apps and cards.

The digital euro, proposed by the ECB, blends the familiarity of cash with digital flexibility, facilitating transactions in stores, online, and between peers.

Accepted universally across the euro area without additional fees, it promotes financial inclusivity and is accessible even offline, setting it apart from other digital payment methods.

Advocates of the digital euro say that it upholds privacy, offers transaction anonymity, and maintains the stable value of physical euros, ensuring secure and reliable exchanges. Managed by the ECB, it ostensibly provides a stable alternative to cryptocurrencies, seamlessly integrating into both physical and digital economies.

Why is a digital euro necessary?

According to the ECB, a digital euro could be necessary to adapt to the rapidly changing landscape of payments, particularly the increasing preference for electronic transactions over cash in the euro area.

The initiative aims to preserve the significance of public money and maintain trust in the currency by offering a safe and universally accepted digital payment option. While cash will remain accessible and relevant, introducing a digital euro aligns with the digitalisation trend in various aspects of life, ensuring inclusivity and privacy in the digital era.

A digital euro could offer Europeans more autonomy and resilience.

By providing a secure and free means of payment across the euro area, the digital euro seeks to simplify transactions and strengthen Europe’s monetary sovereignty, making the payments landscape supposedly more competitive and resilient.

According to Jens Hachmeister, head of issuer services & new digital markets at Clearstream, the ECB trials are a significant step towards transforming the “Euro system into a digital settlement system.”

VE3 director, Manish Garg, adds that the ECB digital euro trials are “a testament to the transformative power of collaboration across different sectors, with each stakeholder group playing a pivotal role in shaping the digital euro, ensuring it is both robust and aligned with the diverse needs of the Eurozone’s economy.”

The trials and their aims

The digital euro’s development involves four stages, each with its own objectives and processes. The first stage is the design phase, where theoretical models are transformed into practical, userfriendly designs. During this phase, the ECB will work closely with various stakeholders, including banks, payment service providers, and other relevant organisations, to ensure that the digital euro is designed to meet the needs and expectations of end-users.

The second stage is the pilot projects phase, where the digital euro is tested under different scenarios and refined for broader use. The ECB will work on developing a secure and efficient infrastructure to support the digital euro and pilot the new system with a limited number of users. This phase will enable the ECB to identify and address potential security, usability, and scalability issues before the digital euro is rolled out to a wider audience.

The third stage is the assessment and iteration phase, where the impact of the digital euro is analysed and optimised for security, efficiency, and user satisfaction. During this phase, the ECB will improve the digital euro’s infrastructure, features, and functionalities based on user and stakeholder feedback. The ECB will also assess the impact of the digital euro on the economy and financial system, considering factors such as financial stability, monetary policy, and financial inclusion.

Finally, the fourth stage is the decision and possible roll-out phase, where the trial outcomes are reviewed to decide whether to proceed with a full-scale launch and plan for implementation. If the ECB decides to proceed with a full-scale launch, it will need to work on developing a

comprehensive implementation plan, including measures to ensure the security, privacy, and interoperability of the digital euro. The ECB will also need to engage with various stakeholders, including policymakers, regulators, and industry players, to ensure that the digital euro is integrated smoothly into the existing financial system.

The trials aim to test different use cases, such as bond issuances, secondary market trades, and repos, to see how payments work in more complex capital markets products.

A diverse range of stakeholders from different countries are participating, including large banks, local banks, and sovereign issuers. The trials are an important opportunity to test whether digital ledger technology (DLT)-based solutions can work at an institutional grade level and provide efficiency gains at scale.

Hachmeister adds: “By the end of wave two, we expect to be able to assess the difference between the three different payment rails offered and how they compare in terms of supporting the various settlement use cases being tested by our clients. The goal is to understand how each network handles transactions and how the ECB builds upon the learnings from the trials. The trials allow us to offer our clients a maximum range of use cases that they can leverage to experience digital wholesale central bank money.”

The promise of DLT technology DLT, a complex system for recording transactions, will enhance the ECB trials by enabling the real-time exchange of digital assets and payments, known as delivery versus payment (DVP).

In previous digital asset issuances, including those from EIB and Siemens,

DLT provides a robust framework that supports a large number of transactions simultaneously, which is vital for a digital currency aiming to serve millions across the Eurozone.

the digital asset was only issued, but the cash settlement still had to occur on traditional rails. In the ECB trials, both the digital asset and the cash settlement will happen on the DLT network for the first time, enabling real DVP directly on the network for transactions like bond issuances and secondary market trades. This is a significant step up from previous projects as it allows simultaneous testing of the settlement of both legs (asset and cash) on a DLT system.

This advancement has garnered praise from experts in the field. Garg, a prominent DLT advocate, highlights its potential, stating that DLT can fulfil the promise of efficiency in deploying a digital currency across the continent. While traditional payment systems often falter under heavy loads, he points out, “DLT addresses these issues by allowing transactions to be processed in parallel, significantly reducing bottlenecks and enhancing efficiency.”

The pain points

While there is promise that DLT technology could speed up the process, there are difficulties. For example, interoperability between different DLT networks/protocols used by payment systems could pose technical and regulatory challenges for cross-border transactions.

Meanwhile, DLT networks must scale to handle large volumes of transactions, as required to support institutional-grade

payments and settlements. The trials are not focused on performance or scalability testing specifically.

Garg believes this can be achieved with relative ease. “DLT provides a robust framework that supports a large number of transactions simultaneously, which is vital for a digital currency aiming to serve millions across the Eurozone,” he says.

However, given the need to comply with local CSD/SSS regulations, there is a degree of regulatory uncertainty about using DLT networks for securities settlement across jurisdictions.

Interoperability and standardisation are important aspects that need to be taken into consideration while developing the digital euro. It is essential for the digital euro to integrate with existing payment systems and financial infrastructures seamlessly. Developing standards that allow for interoperability without compromising security is crucial for widespread adoption.

Financial stability and integrity are critical factors that must be considered

while developing the digital euro. As a central bank-issued digital currency, it must not undermine the financial system. This involves regulating its issuance, distribution, and impact on traditional banking sectors to prevent disintermediation and ensure overall economic stability.

Garg adds that the stringent EU data protection regulations are a “critical regulatory challenge” for the project, requiring “innovative encryption and anonymisation techniques.”

Forging ahead: The future of the digital euro

The introduction of the digital euro, underpinned by DLT, marks a significant change in the finance industry, promising numerous benefits across various sectors. Its potential to transform cross-border payments is particularly noteworthy, as it offers a cheaper and faster pathway for transactions, thus revolutionising remittances and international trade. Additionally, the

digital euro promises to advance financial inclusion by offering accessible, low-cost banking services to the unbanked and underbanked populations.

Furthermore, its programmable nature opens avenues for automated subsidies and smart contracts, introducing efficiency and transparency into various sectors like welfare distribution and supply chain management. As the digital euro integrates into existing payment systems, it will reshape the landscape for businesses, consumers, and the broader financial ecosystem. Businesses stand to gain from streamlined operations, reduced fees, and enhanced transaction speed, while consumers will enjoy more convenient, secure, and cost-effective transactions.

The digital euro’s impact extends to the financial ecosystem, stimulating innovation, challenging traditional banking models, and fostering more competitive markets. Increased transparency and reduced risks set the stage for a more efficient and inclusive financial future.

Redefining Community Finance: Unlocking Pathways to Financial Inclusion

Instant payments: Are you ready?

Instant payments are reshaping the financial landscape, offering real-time transactions and promising increased inclusivity and efficiency across global economies.

As the saying goes, “Payments are eating the world”; well, then instant payments will eat the moon, too. Instant, faster, immediate, real-time— whatever name you know them by, this on-demand payment method continues its rise and is likely to ultimately dominate how we make payments.

In a world where everyone wants everything at the literal click of a button, the ability to make A2A (account-toaccount), A2B (account-tobusiness), or maybe even B2B (business-to-business) payments in ‘real-time’ is

crucial for many institutions to remain ever relevant with consumers. As far back as 2008, when they were launched as a faster payments service (FPS) in the UK, we have become accustomed to making payments 24/7/365 from any location with internet access.

The evolution and impact of instant payments

Between 2014 and 2020, the number of payment rails supporting instant payments increased fourfold, reflecting their growing popularity. In 2023, over 4.5 billion payments were processed over the UK

FPS rails, amounting to a value of over £3.7 trillion.

If we take into account those nations developing their own capabilities (such as the US, India, and Brazil), all of which are in their relative infancy, the market for the movement of money in this way is truly huge, along with the potential for developing new and innovative ways to harness and grow the technology and its use cases.

Challenges and opportunities in instant payments infrastructure

The increase in instant payments is expected to

Between 2014 and 2020, the number of payment rails supporting instant payments increased fourfold, reflecting their growing popularity.

continue, and by 2029, one-third of payments will be instant, increasing the load on legacy back-office infrastructures tasked with reconciliation and investigation.

Instant payments empower those distant from physical banks to use connected devices for financial transactions, enhancing their access to modern banking.

Regulatory responses and future directions

With the continued rise, popularity, and demand from the consumer, regulators are taking a keen interest in what is happening and, more importantly, how it happens.

Emerging technical innovations and the integration of value-added services continue to evolve, offering broader economic benefits and enhancing payment system efficiencies. This evolution opens opportunities for payment service providers to streamline operations and innovate in areas like product development and service enhancements.

Adopting and embracing instant payments is a key step into the future of payments, but to unlock the true value, one must look to the VAS (value-added services) (or overlays) that are enabled by this technology, such as instant cross-border payments, request-to-pay, liquidity management tools, and the ever-expanding fraud landscape.

Instant payments reduce the window for reconsidering transactions, heightening the risk of fraud compared to traditional bankers’ automated clearing services (BACS) transfers, which allow a three-day decision period. In the UK, the rise

in authorised push payment (APP) fraud, with significant losses, has led to new regulatory measures set to take effect in October 2024. To combat increasingly sophisticated fraud methods, banks must enhance their anti-fraud and antimoney laundering (AML) systems, possibly integrating advanced AI technologies like deep-fake detection and voice cloning analysis.

A key benefit of instant payments is financial inclusion, facilitating economic participation for the unbanked and underbanked. Instant payments empower those distant from physical banks to use connected devices for financial transactions, enhancing their access to modern banking. This innovation ensures immediate fund availability and secure transactions, offering a low-cost financial solution for the underserved.

The requirement for 24/7/365 puts demand on resilient infrastructure for institutions. Regulators are keen to protect this and our reliance that has developed. To this end, for example, DORA (the Digital Operational Resilience Act) will come into force over the next 12 months.

DORA compartmentalises digital operational resilience into five key areas—risk management, incident reporting, digital operational resilience testing, ICT thirdparty risk management, and information and intelligence sharing.

The European Parliament has introduced new regulations requiring instant payments to be mandatory by the end of 2024 for inbound transactions and by September 2025 for outbound. Banks operating out of the eurozone must be ready not only for single euro payments area (SEPA) instant payments but also to offer the same service for what is known as the ‘OLO’ (one-leg-out), whereby one of the accounts lies outside of the eurozone bringing cross-border payments into play.

be designed (amongst other things) to help promote both innovation and competition, will influence how current participants act and potentially encourage new entrants into the market. These regulations aim to create compliance for both banks and nonbank PSPs, with the goal of establishing, in their own words, “a level playing field”.

Building on the success of PSD2, the revised PSD3 initiative aims to modernise regulations to align with recent advancements and innovations in the payments space.

The proposals can broadly be categorised into key areas of focus, such as open banking services, emerging sophisticated fraud risks, safeguarding consumers, increasing competition from banks and non-bank PSPs, data access and standards, and the regulatory agenda. They will work to provide a platform for consumers to transact domestically and internationally, have greater control over data (its sharing and use for things like hyperpersonalised products), and provide a greater choice of providers who are offering a greater choice in innovative, instant-based products.

Which leads us to the question: Are you ready for instant payments?

4.5bn

Number of payments processed over the UK FPS rails in 2023

There is a continued battle between the drive for regulation and the drive for innovation (can both be complementary—this warrants a debate in its own right).

The release of the EU draft payment regulations by way of the third Payments Services Directive (PSD3) and Payment Services Regulation (PSR), which could be inferred to

Kevin Flood director, FIS payments ecosystem strategy, corporate and international banking FIS Global

Customer protection: A regulatory ‘last stand’?

The Consumer Rights Act 2015 aimed to consolidate consumer protections in the UK, but rapid digital advancements in banking and payments have left regulators struggling to keep pace, with a renewed focus on customer protection against fraud and other risks.

In the UK, The Consumer Rights Act, which came into force on 1 October 2015, was designed to consolidate consumer rights in one place, enhance consumer protections, and “modernise the law to allow for digital advances.” Digital banking advances and the payments revolution have developed beyond all recognition since the Act came into effect, often leaving policymakers and regulators running to stand still.

As a result, and quite sensibly, industry oversight is increasingly focused on ‘customer protection’ as the yardstick for progress and success. By contrast, the industry is increasingly fixated on ‘customer experience’. Ultimately, these differing approaches should converge toward a similar end, but, as ever, there will be several bumps in the road before this is realised, and much debate will remain.

The UK is leading the charge Regulation is a dry topic at the best of times, and the consequences of change—most notably the unintended consequences—can have a farreaching impact. “As a rule, regulation is acquired by the industry and is designed and operated primarily for its benefit.” Nobel laureate economist George Stigler’s quote neatly reflects the challenge of regulating virtually every industry.

It is also a useful place to start when considering a slew of new payments

regulation kicking in from 2024 onwards across Europe. As with the tech industry and artificial intelligence (AI), the digital world of payments continues to advance so rapidly that, in many cases, regulation is often rendered outdated or ineffectual before it has fully come into effect.

The quote also succinctly encapsulates the concept of ‘regulatory capture’—where regulatory agencies sometimes advance the interests of the industries they are supposed to regulate rather than protect the public interest. A dichotomy in how regulatory change can impact sub-sectors differently is a current key debate point in the UK and worth discussing.

thorny regulatory issue of the digital revolution. While still clearly a work in progress, customer protection is vital, and tackling fraud remains central to any new regulations and rules implemented.

Three stand out among the many important topics or ‘buckets’ regulators should consider when framing new initiatives to protect the consumer and regulate the industry:

• Fraud;

• Open banking/open finance/ embedded finance; and

• Digital revolution and new regulation.

Unintended consequences coming into view

Robert Courtneidge, board advisor and payments expert at The Payments Association, rightly concludes that the UK—spearheaded by several regulatory and policy changes—is leading the charge on consumer protection and tackling the

For the purposes of this article, the UK and fraud risk are the focus through new regulatory initiatives across the gamut of payments providers and products throughout Europe, presenting an intriguing mix of risk and opportunity into 2025. Using open banking as a viable

Hundreds of millions of pounds in costs attached to this burdensharing will imperil the solvency and viability of smaller financials and payments companies.

*Source: UK Finance, Annual Fraud Report for 2022

Fraud and its prevention are among the most moveable feasts facing the payments space, as new technology and AI beget new criminal initiatives and tactics.

alternative to card schemes is one such initiative that speaks to the power of technology and its ability to level the playing field and lower costs for consumers.

A £1.2 billion problem to solve Fraud and its prevention are among the most moveable feasts facing the payments space, as new technology and AI beget new criminal initiatives and tactics. In 2022, UK finance data revealed that the cost of payment fraud in the UK topped £1.2 billion, down 8% versus 2021 but still a painfully large number.

Within this, authorised push payment (APP) fraud represented just shy of £500 million, with unauthorised fraud (including, for example, card, payment, and remote banking fraud) making up the balance.

“A clear risk from the proposed shift in risk-bearing for APP fraud resolution is how many of the 1400+ payment service providers, affected by the rule change, could be disincentivised from driving innovation or, worst case, be wiped out by the hit on their bottom line by these potential liabilities. This, by definition, would reduce competition and undo much of the good work that is being delivered,” Courtneidge rightly observes.

Competition and innovation at risk?

Faster payments (FPS)—the payment system across which most of the APP fraud occurs—will see rules change from 7 October 2024, as will retail clearing house automated payment system (CHAPS) payments.

Banks and payment service providers (PSPs) will then be required to reimburse victims of APP fraud, with the sending and receiving firms splitting the cost 50:50, alleviating the burden solely from the banking sector. While the intention is clearly worthy—mandatory reimbursement to ensure that victims are compensated swiftly and banks and PSPs are incentivised to prevent such fraud— the unintended consequences are not.

Hundreds of millions of pounds in costs attached to this burden-sharing will imperil the solvency and viability of smaller financials and payments companies. Adding to this pressure for PSPs, the March 2024 Payment Services (Amendment) Regulations 2024 and policy notes—also in force

from 7 October—will require companies to revisit their terms and conditions and processes to ensure that any delays in reimbursement are deemed lawful.

In addition, FPS’s new reimbursement claim management system (RCMS) will have to be in place to receive the registrations of these PSPs and all their subsequent data submissions in time for the 6 October rule change despite not being available for testing yet. Implicitly, this means that the cost of using FPS will rise, hitting small firms with lower revenue pools relatively more. This cost will be passed on to the consumer.

Whose cost and whose benefit?

Annexe 5.14 of the PSR’s ‘The FPS APP scams reimbursement requirement: Compliance and monitoring’ April 2024 update tries to put some numbers around what this will actually cost:

“The mandatory use of the RCMS will result in a direct cost to PSPs. The cost per year of operating this system, that Pay.UK would be looking to recover

from industry starting from 2025, would be approximately 10% to 13% higher than the current cost of using Faster Payments. This would include onboarding, training and setting up costs, as well as ongoing costs for Pay.UK’s running and maintenance of the system. These costs will not be recovered by charging PSPs large fixed fees during registration or complex tariffs that may disadvantage smaller PSPs. Pay.UK is exploring options for a pricing model that is based on POND principles (proportionate, objective and non-discriminatory), and pricing is expected to be based on Faster Payments transaction volumes, APP scam case volumes, or a combination of both. Therefore, the cost of using the system is likely to be proportionate to the size and scale of scams and not be equally split across all the PSPs that are in scope of the direction. While this is might be a sizeable cost to some firms, is it likely to be only marginally higher than, if not similar to, the costs that many PSPs would face in the baseline scenario.”

Listen now to stay ahead in the rapidly evolving world of payments.

Summary of main costs and benefits

Smoother

Effective monitoring of compliance

* Source: PSR Consultation paper ‘The FPS APP scams reimbursement requirement: compliance and monitoring’ April 2024

It’s not a great look to simply pay lip-service to sharing the burden of costs, especially when smaller companies will feel the impact much more than larger ones, while banks get some relief from the expenses related to payments fraud.

Having spared the reader the burden of trawling through hundreds of pages of jargon-filled regulatory documents, it is worth pondering for a moment what the excerpt above actually says. What we do know is that there will be a direct cost to PSPs, and it will be double-digit. What don’t we know? A lot.

“Likely”, “may”, “approximately”, “expected to be”, and other nebulous terms sadly undermine any reassurance that smaller fintech and PSPs may have sought that this would improve the industry and drive competition and innovation.

Deep pockets always win—why the rush? It’s not a great look to simply pay lip-service to sharing the burden of costs, especially when smaller companies will feel the impact much more than larger ones, while banks get some relief from the expenses related to payments fraud. The big three domestic banks—Lloyds, NatWest, and Barclays—reported a combined net profit of around £15 billion in 2023. With interest rates remaining high for an extended period, many fintech companies and smaller players are struggling to survive and secure funding. They shouldn’t be pushed to the brink in this manner.

Rushing through systemic changes— rather than phasing in, for example, the

risk-cost sharing mechanism—seems a little unnecessary. Foisting a new reimbursement claim management system (RCMS) onto PSPs when it is not even available for testing less than six months before launch seems like an unnecessary risk, given all that is at stake.

Courtneidge’s balanced comment on addressing this is fair: “The PSR, Pay. UK, and the payments industry need to work together to create a proper rule system, similar to the chargeback system for cards, and build it into a fully functioning RCMS which will reduce fraud and properly manage compensation pay-outs to vulnerable consumers whilst providing the best education to them to stop fraud at source. This can only be done if Big Tech and telcos also join the battle as this is the source of most APP scams.”

Having led the article with an opposite quote from one American economist, the thoughts of another renowned American economist—also a social philosopher and political commentator, seem appropriate in this case: “It is hard to imagine a more stupid or more dangerous way of making decisions than by putting those decisions in the hands of people who pay no price for being wrong.” - Thomas Sowell

You’re closer than you know to getting caught out

The RegTech solution created to protect you from non-compliance.

Stay on the right side of the regulators. Start by finding out all you need to know about recent developments in Open Banking regulations in our new Outlook report. Scan to get your copy today

Crafting security: Australia’s strategic approach to combatting fraud

Exploring Australia’s comprehensive strategy to tackle payment fraud and enhance security across the national payments system.

Authorised push payment fraud (APP fraud) accounted for 40% of fraud losses in 2022, according to the Payment Systems Regulator (PSR). Since the release of the PSR data, a tricky discourse has emerged regarding the mandatory reimbursement scheme that has followed as a proposed solution for the customer.

On 7 June 2023, the PSR released a policy statement announcing that payment service providers (PSPs) will be required to reimburse victims of APP fraud made via the Faster Payments

Service starting in Q1/2024.

The mandatory reimbursement has caused discontent among PSPs, who believe responsibility should be shared among relevant parties involved in the transaction. This has prompted a standoff between the industry and the PSR on the matter.

In the meantime, His Majesty’s Treasury (HMT), alongside other relevant stakeholders, including The Payments Association (TPA), is discussing plans for a National Payments Vision and Strategy (NPVS) based on the recommendation of the

Future of Payments Review, led by Joe Garner, ex-CEO of Nationwide Building Society and HSBC UK.

The report’s primary recommendation is that the UK government create an NPVS to bring together the domestic payments sector around a common strategic goal and simplify the payment landscape over time. The government has embraced this key recommendation and plans to release the NPVS later this year.

While the UK grapples with these challenges, Australia’s approach to creating its own NPVS has drawn attention,

particularly for its readiness to focus on a fraud-prevention, setting a precedent with its strategic approach.

The Australian blueprint

On the other side of the globe, a similar review of the payments ecosystem in Australia commissioned by the government in 2021 prompted a strategic plan for the industry focusing on reducing fraud.

According to the report, there was a lack of leadership at a system-wide level needed to steer the payments ecosystem towards a shared vision and goals. This lack of

clear vision has resulted in confusion for the industry and affected investment decisions related to major payments infrastructure.

The lack of preparedness for future changes and conflicting policies significantly weaken the regulatory architecture’s ability to serve consumers and businesses and effectively support productivity-enhancing innovations. It is imperative policymakers take the necessary steps to address these issues to ensure a robust and efficient regulatory system.

During the consultation, key principles were discussed, including efficiency, innovation, access, and trust. Priorities were also identified, such as safety and resilience, regulation, alignment with the digital economy, and modernisation of payments. The consultation also proposed high-level initiatives. After feedback was received regarding any missing milestones and initiatives, the Strategic Plan for Payments was published in 2023.

According to TPA head of policy and government relations Riccardo Tordera, the breath of scope that the NPVS has in the UK is much wider than that of Australia, with an emphasis of creating a new North Star for payments rather than the detailed questions of how to combat fraud.

He adds: “That said, fraud will likely be part of our NPVS, and we can look at Australia’s progress in reducing financial fraud and learn from its successes. The main success is due to the National AntiScam Centre (or NASC), established to coordinate

The lack of preparedness for future changes and conflicting policies significantly weaken the regulatory architecture’s ability to serve consumers and businesses and effectively support productivity-enhancing innovations.

cross-sectoral action.”

The Australian payments landscape previously suffered from a lack of coherence and integration, with disparate objectives and unclear policy directives creating confusion and misalignment between stakeholders.

However, the introduction of the strategic plan has significantly addressed these issues by providing clear policy objectives and prioritised initiatives. This clarity extends to various aspects such as legacy payment systems, access to cash, cross-border payments, cybersecurity, and combatting scams.

In terms of governance, the Australian government has instituted a robust framework to ensure the strategic plan’s effectiveness and adaptability. The plan is reviewed regularly every 18 months to keep it aligned with evolving needs and challenges.

Moreover, the strategic plan recognises the importance of legislation, regulation, and industry technical standards in shaping the payments landscape. Regulatory changes, including the central bank’s enhanced authority to designate payment systems and the licensing requirements for all payment

system participants, reinforce the implementation of industry standards and ensure the integrity of the payment ecosystem.

With Australia’s strategic framework in place, it’s instructive to compare this with the current situation in the UK, where the approach to combatting scams shows distinct differences.

The UK landscape as it stands Australia’s approach to combatting scams diverges significantly from that of the UK, reflecting distinct regulatory philosophies and priorities. While the UK emphasises the ‘Contingent Reimbursement Model’, primarily focusing on reimbursing victims of unauthorised transactions, Australia adopts a broader strategy.

It establishes national anti-scam codes, mandating minimum obligations for all stakeholders involved in the scam lifecycle, including banks, digital communication platforms, and telcos.

In the UK, however, reimbursement policies predominantly compensate scam victims, potentially ensuring revenue for criminals. In contrast, Australia’s approach recognises the limitations of reimbursement

in curbing scams’ root causes, advocating for broader regulatory measures to prevent scams proactively.

The UK is perhaps getting it wrong because, despite the emphasis on reimbursing victims, there has been a minimal reduction in scam losses, with only a 1% decrease in the first half of 2023 and a 27% increase compared to 2020. In contrast, Australia’s multi-sectoral approach aims to disrupt scams at various touchpoints in the scam lifecycle, potentially yielding more effective outcomes.

Evidence from the UK Home Affairs inquiry into fraud suggests a significant proportion of scams originate from digital communication platforms, particularly Meta platforms.

Australia’s approach acknowledges this trend, seeking to regulate and hold accountable all entities facilitating scams, including digital communication platforms.

In summary, Australia’s strategy acknowledges the limitations of solely focusing on reimbursement and underscores the importance of addressing scams at their source.

By implementing broader regulatory measures and holding all stakeholders accountable, Australia aims to disrupt scams and prevent their occurrence proactively.

The issue of reimbursement is making waves within the UK’s payments space. According to the Australian model, it should be shared among all stakeholders involved, including consumers, businesses, digital platforms, internet service providers (ISPs), telcos, investment

firms, banks, the payment industry, and law enforcement agencies.

Recognising this, Australian stakeholders advocate for extending national anti-scam codes to encompass ISPs and non-bank payment service providers, ensuring a comprehensive approach.

Similarly to the UK Home Affairs’ findings, critical attention is directed towards digital platforms, notably Meta, where significant vulnerabilities exist. While traditional media adhere to strict advertising standards, digital platforms must also be held accountable.

The primary opportunity lies in halting scams at their source, focusing on where consumers are socially engineered, such as on digital communication platforms, via SMS or email. Notably, not all scams involve payments, highlighting the need for a broader regulatory framework beyond financial services.

To realise this opportunity, cross-sectoral responsibility must be reinforced by robust regulation. In Australia, the scams code consultation has identified the crucial role of the Australian Communications and Media Authority (ACMA) in regulating digital platforms. Leveraging existing frameworks, such as the SMS sender ID registry, suggests a logical extension to regulating ISPs, ensuring a holistic approach to combatting scams.

How Australia is planning to combat scams

Firstly, Australia recognises the immense financial and human impact of APP scams, which are predominantly perpetrated by transnational organised crime.

Understanding the complexity of addressing scams, it plans to adopt a cross-sectoral approach, establishing the NASC to coordinate action across various stakeholders, including banks, consumer advocates, law enforcement, and digital platforms.

The NASC employs timelimited taskforces, known as fusion cells, to target specific types of scams, such as investment scams, which account for significant losses. Additionally, the government has initiated consultations for national anti-scam codes to impose minimum obligations on all players in the scam lifecycle, starting with digital communication platforms, telcos, and banks. Tordera praises the role of the NASC, citing it as a huge success.

The approach is crucial as scams intersect with various economic crimes and involve multiple touchpoints across the lifecycle. Collaboration among stakeholders, from consumers to digital platforms to banks, is incentivised to prevent and address scams effectively. The scam codes establish a whole-of-ecosystem regulatory framework to ensure appropriate measures are taken to prevent, detect, disrupt, and respond to scams.

Recognising the importance of criminal justice in combatting scams, Australia emphasises treating scams as crimes and leveraging international relationships, such as Five-Eyes and Interpol, to overcome jurisdictional challenges and disrupt economic crime syndicates.

According to Australian Payments Network chief executive Andy White, there are similarities between both the UK and Australian initiatives. “There are two areas worth highlighting: modernising payments infrastructure and reducing the prevalence of scams”.

On modernising the payments infrastructure, White discusses the phasing out of cheques, upgrading systems and maintaining access to cash. He adds: “The last of these is analogous to the UK government’s protection of access to cash services.

“Meanwhile, the modernisation of payments infrastructure—including the Australian government’s intention to wind down the cheques system and support of an industry-led, phased transition away from

BECS (the equivalent of BACS in the UK)—will have learnings for the UK’s New Payments Architecture (NPA) programme.”

On fighting the growth of scams, White explains that Australia’s approach differs from the UK’s contingent reimbursement model, and instead focuses on its NASC—established on 1 July 2023—and the forthcoming mandatory antiscam codes, both of which involve multiple industries, thereby including digital communication platforms and telecommunications providers, as well as banks. That approach has seen some early success, with a 29% year-on-year decrease in scam losses over the last six months.

Having seen the significant reductions in scam activities due to Australia’s rigorous policies, it’s worth considering how similar initiatives could reshape the UK’s approach to payment fraud.

The results of the plan – is it working?

The effectiveness of Australia’s efforts is evident with a nearly 30% reduction in scam losses over the past six months. This success can be attributed to various factors, including bankimposed risk-based friction on payments, particularly concerning crypto transactions. For instance, an initiative from leading Australian bank Westpac involves asking customers key questions to assess transaction risks.

The Commonwealth Bank of Australia (CBA) has imposed restrictions on crypto payments, resulting in a 37% reduction in scams. Positively, similar measures in the UK have led to a staggering 97% reduction in AI fake celebrity crypto investment scams, proving coherent strategies can have a massive impact.

Furthermore, Australia’s focus on combatting investment scams is underscored by the introduction of Australian Securities & Investments Commission

(ASIC)’s investment scam website takedown service, which removed 3500 such websites in the latter half of 2023, averaging 20 takedowns daily. Additionally, law enforcement agencies have ramped up actions against various forms of economic crime, both domestically and internationally, further contributing to the decline in scam-related activities.

Tordera attributes this to the fact that there is a greater shared responsibility among the payments community in Australia. He says this should be the same in the UK: “One of the key issues between this approach and the PSR new rules for FSP is that rather than just banks compensating victims, the wider community of telcos, big techs and social media platforms are brought

into the mix of those who should share data and at the same the burden of responsibilities for financial crime.”

Strategic outlook

By targeting scams at their origins, the UK can substantially reduce the success rate of fraudulent attempts, shielding consumers and businesses from potential harm.

Implementing measures such as confirmation of payee

and risk-based friction in payments offers additional layers of security, instilling confidence and reassurance among stakeholders.

Enhanced trust in payment systems should extend beyond financial transactions to encompass digital communication platforms, phone communications, and messaging services. Ultimately, bolstering consumer and business confidence serves as

a catalyst for broader economic benefits, mitigating the drain on resources caused by scam proceeds and fostering increased productivity through a more secure and resilient payments ecosystem.

Given the successes observed in Australia, the UK must now consider adopting a more unified and proactive strategy to not only catch up but potentially lead in the fight against payment fraud.

Having seen the significant reductions in scam activities due to Australia’s rigorous policies, it’s worth considering how similar initiatives could reshape the UK’s approach to payment fraud.

Get ahead in the payments industry with The Payments Association Payments 101, a virtual training course by Neira Jones. Perfect for newcomers and seasoned professionals, this course provides a solid foundation in payments education, covering all aspects of the ecosystem.

Join us for the next Payments 101 on 15-16 October. Register now at https://thepaymentsassociation. org/event/the-paymentsassociation-payments-101-onlinetraining-course-october-2024/

The Payments Association Regulations 101 is the perfect course to take your payment knowledge to the next level. This live virtual event, delivered by Neira Jones, covers payment regulations and frameworks, as well as privacy and security standards and their potential overlap.

Join us for the next Regulations 101 on 11-12 June. Register now at https://thepaymentsassociation. org/event/the-paymentsassociation-regulations-101-onlinetraining-course-june-2024/

Get a comprehensive overview of virtual, crypto, and decentralised payments with The Payments Association Payments 201. Drawing on real-life examples, the course covers underpinning principles, key stakeholders and regulations, and practical applications for all three.

Join us for the next Payments 201 on 17-18 September. Register now at https://thepaymentsassociation. org/event/the-paymentsassociation-payments-201-onlinetraining-course-september-2024/

Establishing sustainable commercial models for open banking: Overcoming the quagmire

Open banking in the UK has yet to fulfil its potential, with apparent division between banks and fintechs regarding how best to proceed and establish viable commercial models.

Chris Menon

Open banking in the UK has long promised to promote competition, innovation, and transparency in the financial sector, allowing consumers and businesses to better manage their money and make payments. However, according to some, it’s currently stuck in a ‘quagmire’, with participants divided as to how best to build sustainable commercial models.

As the Joint Regulatory Oversight Committee (JROC) noted in its report ‘Proposals for the design of the future entity for UK Open Banking’, published on 19 April 2024: “Open banking has come a long way since the CMA’s retail banking market investigation in 2016, the introduction of the CMA Order, and the implementation of the PSRs 2017.”

It cited data collected and published by Open Banking

Ltd (OBL) in March 2024, showing that 13% of digitally active consumers and 18% of small businesses in the UK actively use innovative open banking-enabled products and services to manage their money and make payments. On open banking payments specifically, volumes more than doubled in the first six months of 2023 compared to the same period in 2022, with a total monthly value estimated at £4.5 billion.

Nevertheless, the progress of open banking has been slower than many hoped. Indeed, Joe Garner, the industry executive who authored the ‘Future of Payments Review Report’ stated at The Payments Association’s PAY360 event in March 2024: “We need sustainable commercials around open banking, and it feels to me like it has been caught in something of a quagmire.”

It’s true that the UK has been a frontrunner in open banking, with the launch of the Open Banking Standard back in 2016. At that time, the UK Competition and Markets Authority (CMA) mandated the nine largest banks to open their data through application programming interfaces (APIs) to promote competition and innovation in the retail banking sector.

However, as Garner points out: “We started building this thing in 2016, we really ought to know what we should be charging for it by now.”

Ellie Hewitt, a director in KPMG’s UK payment consulting practice, agrees with Garner that open banking commercial use cases have been stuck in a quagmire.

As to how we’ve ended up in this situation, she explains: “There have been several challenges: there are challenges around what commercial VRP should

look like, more broadly there are challenges around the commercial model and the fact that at the moment big issuing banks aren’t incentivised to engage in, or innovate within the ecosystem of open banking. Another of the other big challenges is around the customer protections model.”

She appears almost philosophical about the difficulties of trying to escape this quagmire. “One of the challenges with open banking is that there are a number of different views on every topic that you consider, and trying to reconcile the different views between, say, merchants and fintechs and banks is never going to be easy.”

For example, there has been some progress in sweeping variable recurring payments (VRPs), or meto-me payments. In 2021, the CMA obliged banks to make VRP APIs publicly

On open banking payments specifically, volumes more than doubled in the first six months of 2023 compared to the same period in 2022, with a total monthly value estimated at £4.5 billion.

available for free. Despite a short delay—the compliance deadline was pushed back from January to June 2022—the technology is now available and increasingly commonplace.

However, non-sweeping VRPs, sometimes known as ‘me-to-business’ or commercial VRPs, don’t yet exist. Although these VRPs could potentially replace direct debit cards and cards on file for various payments from consumers to third parties, they’ve been stuck in the so-called ‘quagmire’. The main issue that has hitherto held up their introduction appears to be establishing a ‘commercial model’ acceptable to both banks and fintechs.

Fintech view

According to Fliss Berridge, co-founder of fintech payments firm Ordo, whilst banks, of course, must be able to cover incremental costs, (given their

gateway position in the market) the banks don’t seem to have a problem being commercially sustainable, as the Big Four, NatWest, Lloyds, Barclays and recently posted profits of £44 billion, according to CityAM

Rather, she argues that commercial sustainability should focus on those providing open banking services and their merchant clients. “It’s not the banks that are providing open banking services. For businesses and consumers to continue to receive open banking services, it is the open banking service providers, the fintechs like Ordo and others, that need to be commercially sustainable. For FCA-authorised and regulated fintechs to be commercially sustainable, they need access to bank APIs. This is either available due to market competition or, in the absence of market competition, appropriate and targeted regulatory intervention

to enable them to compete with cards,” she explains.

Berridge argues that the banks’ conflict of interest (they make money from card payments) and monopoly position in providing the APIs to access consumer bank accounts have made a competitive market impossible.

Talking to fintechs generally, it’s clear banks are very reluctant to come forward with commercial offers. Indeed, during the course of writing this article the author only heard mention of one that’s put forward any pricing.

Berridge goes on to explain the solution: “As a result of the bank conflict and monopoly market reality, the Payments Systems Regulator (PSR) is proposing to intervene and set the price between bank and payment initiation service providers (PISPs) centrally for the first sectors which expanded VRP is to be rolled out to, namely financial services,

utilities, and central and local government. The PSR’s view is that banks should be able to recover any relevant incremental costs efficiently incurred for providing VRP APIs. As VRP has already been built, and there are no material incremental costs for the Phase 1 sectors, the PSR is proposing to set the central price at zero pounds at this single point in the supply chain.

Berridge’s proposal was published by the PSR in December last year. According to her, the above three sectors “have either got consumer protection frameworks in place and/ or regulators,” so they are easier, less risky, and quicker market sectors to enter.

In an exclusive interview with Payments Review, Andrew Self, senior manager at the PSR, agreed that the lack of a commercial model for open banking was a broader issue than just VRP.

“To fully unlock its potential—payment options and data services that better meet the needs of consumers and businesses— open banking needs to be underpinned by sustainable commercial models that drive investment in innovation.”

Nevertheless, regarding VRP, Self acknowledges: “We haven’t seen a shared consensus on two crucial areas—how a commercial model allows competition with other payment methods and encourages adoption by businesses and consumers.”

On behalf of the PSE, he did confirm: “The proposal we consulted on is set at zero; the price sending firms can charge PISPs for access to customer accounts and payment initiation.

We provisionally identified the faster payments charge as the only relevant incremental cost for sending firms for the initial rollout and therefore proposed removing this charge from sending firms.”

Self was also at pains to stress that the JROC, which the PSR co-chairs, hasn’t yet made any formal decisions but has proposed how to expand the use of VRP. “We’re continuing our assessment of responses to our proposals

and engaging across the ecosystem ahead of publishing our response this summer.”

While some in the fintech community have warmly welcomed the PRS proposals, the banks are far from satisfied.

The banks

What measures do banks deem essential for developing sustainable commercial models for open banking? Securing an official statement from a bank proved challenging. However, based on informal insights, it appears that banks do not see the need for stringent price regulation. Instead, a preference for ‘free market’ experimentation could be at play to create a sustainable commercial model that aligns with their interests.

Given the impasse between banks and fintechs, Hewitt is surely correct when she states,

“I think there will need to be a regulatory mandate to get this off the ground.”

However, she adds: “I also think a commercial model that incentivises bank participation is necessary.” However, it’s not clear what this model could be, given the underlying market structure and the fact that banks (as card issuers) will be competing against VRP.

Certainly, if further investment in open banking is forthcoming, all parties need to see the value of doing so for consumers and their businesses. For the fintechs, many of whom are funded by venture capital, commercial sustainability in the form of a return on open banking is absolutely critical, and Berridge believes “targeted but minimal regulatory intervention” is required to unlock the full potential of open banking, just as has been necessary for the highly competitive telecoms industry with the regulation of call termination rates, for more than 20 years.

“This must happen sooner rather than later if the UK is going to maintain its position at the forefront of open banking across the globe,” she says. It will also be important in attracting investment to target markets.

Asked for the PSR’s response, Self was clear: “For VRP to be sustainable, the long-term model needs to allow current account

providers to recover relevant costs in providing these services to their customers. It’s also important that prices for customer accounts, whether for payment or data services, are transparent and don’t create unfair barriers to new entrants.”

Other jurisdictions

In terms of other jurisdictions that the UK can learn from when it comes to progressing open banking, Hewitt explains: “There are lessons to be learned by the UK from all of these different markets, but they are specific and individual lessons, not about the success of open banking overall.”

She cites the fact that if one examines all the different markets, such as Brazil, Singapore, India, Europe, or MENA compared to the UK, there are some aspects where the UK is better and there are some aspects where the UK is lagging other countries.

“I think it is very difficult or nearly impossible to put a blanket order on it, because you are not comparing apples with apples in any country. For instance, a lot of people talk about learning from Brazil or India, which had huge success. However, they are markets that aren’t heavily carded today, so they have moved from a very cash-based economy to an open banking-based economy. Again, you can’t compare that because that’s not relevant to the UK context because we

Given the impasse between banks and fintechs, Hewitt is surely correct when she states, ‘I think there will need to be a regulatory mandate to get this off the ground.’

are not a cash-heavy economy. We are moving from a very much carded economy already today. So, it’s very difficult to make any definitive statement that says: the UK should be learning from X.”

Australian viewpoint Take Australia for example. Nick Kavass, is head of policy at FinTech Australia, the main advocacy group for Australian fintechs. He outlines how its open banking market is

involving. “In Australia, we are seeing open banking reach a crucial point as the ecosystem transitions from a long ‘build phase’ to a period of adoption and uptake, with the emergence of new products and services products and services powered by open banking data sharing. The success of open banking hinges on the development and commercialisation of these new and innovative use cases, as well as the

switching of existing data sharing from legacy methods to open banking APIs.”

Nevertheless, it appears to lag the UK when it comes to enabling payments, as Kavass explains: “A key limitation for open banking in Australia, and a clear point of difference from the UK, is that it currently only provides for the sharing of information. Expanding the framework to performing actions, like payments, is currently being

considered by the Australian Parliament. However, Australia recently rolled out a fast payments platform (new payment platform) and a payment initiation solution (PayTo), which has raised some doubts about the need for open banking payment initiation and how this would be commercialised.”

Frollo is one innovative Sydney-based fintech that has successfully monetised open banking data. It connects accounts, aggregates data, categorises it, creates personal features on top of that, and then sells those features and that technology to banks, to lenders and brokers.

Tony Thrassis, Frollo’s head of open banking markets and regulation, sees the role of open banking as empowering consumers to make better decisions. Though proud of the breadth of Australia’s open banking data offering, he is critical of the government, which he believes should be doing more: “They don’t even advertise what open banking is. They haven’t educated the consumers, we’re doing all the education of consumers. Nobody is doing anything to educate people that this exists and explain what this is. If I go out onto the street and talk to people about open banking, they’ll go: ‘What are you talking about?’”

Thrassis would also like to see some financial help from the government because of the expense of building the infrastructure. “With all the rules here and with all the compliance it’s not cheap. The banks can’t charge you for getting their APIs, but the banks are in the same spot. When the legislation came in for open banking for the banks to give out their data via APIs they spent a fortune, hundreds of millions of dollars on a solution.”

Overcoming obstacles

In addition, he wishes that Australia had an equivalent to JROC to help implementation of open banking. “We created all these rules, we didn’t market it properly and we’ve left it to the intermediaries and participants to roll it out. But the government hasn’t helped with that roll out. We have different regulators and they say that between them they can do it but they all have different jobs, so between them they can’t do it. There is no single entity looking at the implementation and ensuring that whatever hurdles people are coming up against, they can go and change the rules so that they can get over that

hurdle or are totally compliant, so that it’s a fair field.”

Certainly, it’s encouraging to hear praise for UK governance of open banking. However, is Hewitt confident that the UK will emerge a leader in open banking from its current quagmire? “I think yes, because it is clearly an objective of the regulator and an objective of the government but a lot needs to be done before achieving that,” she says.

Jacob Rider is the UK payments practice lead at Projective Group, a consultancy in financial services. He, too, is optimistic that the open banking ecosystem in the UK is set to improve as UK regulatory bodies and the EU seek to level up the playing field for account servicing payment service providers (ASPSPs), payment institutions (PIs), and third party providers (TPPs).

“With the UK Confirmation of Payee (CoP) and New Payments Architecture kicking in, all involved parties should look to increase the size of the pie and long-term growth,” he says.

Furthermore, he argues that larger ASPSPs should

The open banking ecosystem in the UK is set to improve as UK regulatory bodies and the EU seek to level up the playing field for account servicing payment service providers payment institutions, and third party providers.

improve system design, technical interfaces, and data access models to manage the risk around ethical use of data. “We believe that this will be very crucial in standardisation of customer data and building consumer trust”. He adds that ASPSPs could recover the costs through take-up of premium APIs, tiered pricing, volume discounts, and economies of scale.

Certainly, there are competing priorities and passionately different views on the answers to the same questions from those working

in the open banking arena. For industry executives wondering how best to navigate them, it’s probably worth taking this comment from Joe Garner, made in a speech on 1 January 2024, at face value and trying to live up to it: “I am utterly convinced that everyone in this room shares a deep commitment to achieving the best possible outcomes for consumers, businesses, and the wider society.”

Following that North Star should enable the payments industry to eventually escape the quagmire.

6,000

SPOTLIGHT

Redefining fraud prevention: Insights from a former insider

Tony Sales, a former fraudster turned fraud prevention specialist and co-founder of WeFightFraud, shares his perspective on effective strategies and technologies businesses can use to protect against evolving threats.

What are the most effective strategies and technologies businesses should adopt to combat fraud today?

Tony Sales advocates a layered approach to fraud prevention, cautioning businesses against relying on a single solution. He points out that businesses often do not fully understand the technologies they adopt, which are generally sold to them based on salespeople’s perspective. He remarks, “We often accept tech solutions without truly understanding what they do or how they operate. Usually, we get an introduction from a salesperson whose main aim is to sell us their product from their own point of view.”

He stresses the importance of using multiple solutions together, likening it to the necessity of having various tools in construction. “I don’t know any companies on the planet using tech that will tell you they have just one solution that solves everything. When solutions work together, they can significantly reduce fraud.” Furthermore, Sales underscores the need to tailor fraud prevention strategies to each business’s specific threats. This customisation should always include a human element to complement the technological measures. He explains, “Each business faces different threat levels, so it’s essential to understand these differences and always incorporate a human factor. We can’t ignore the human element; it’s very important.”

Everyone’s talking about AI and how dangerous it is and all the threat factors that come with it... But, you know, the reality is that’s just one threat out there.

How have fraud tactics evolved with the advent of new technologies and digital platforms? Can you provide examples of recent trends you’ve observed?

Tony Sales highlights the influential role of new technologies like artificial intelligence (AI), which, although not as significant a threat currently as some might suggest,

holds the potential for more complex fraud schemes in the future. He remarks, “Everyone’s talking about AI and how dangerous it is and all the threat factors that come with it... But, you know, the reality is that’s just one threat out there that’s probably not that big at the moment. It could be massive in the future, but at present, it’s definitely not as bad as what everyone’s making out.”

Sales also highlights the increasing issue of mobile fraud, noting the frequent thefts of mobile devices, which can lead to greater vulnerabilities. “Apparently, there’s a phone stolen in London every 10 minutes... How many of those phones are unlocked and instantly losing loads of different ways through all different types of payment gateways?” he explains, stressing the urgency of addressing these security vulnerabilities.

Further, he discusses the risks posed by the spoofing of biometric data, where fraudsters mimic biometric identifiers to bypass security measures. The complexity of fraud tactics is also amplified by social engineering, which Sales describes as a significant and ongoing threat. “It becomes harder for social engineers firstly to be able to socially engineer the victims that they do en masse,” he explains, indicating the adaptive nature of fraudsters as they exploit both new technology and human psychology.

How important is public education on fraud awareness, and what role should industry leaders play in educating consumers about fraud?

Tony Sales stresses the importance of public education in the fight against fraud, highlighting how it equips people to identify and avoid scams. He underscores the importance of such awareness, explaining, “I think it’s absolutely a massive part of being able to prevent it because you need to be able to make people aware of the pitfalls and the things that can happen. They’re much less likely to get caught in a scam.”

Sales also stresses the strategic position of industry leaders who have access to extensive data about emerging threats and can effectively guide the public and smaller businesses. He notes the benefits of educating people on common fraud tactics, saying, “Once they realise that this is similar to familiar behaviour, stuff that they know, stuff that they’ve seen, it becomes harder for social engineers to manipulate victims.”

He also stresses the importance of keeping educational materials up to date, especially in response to new technologies like AI and biometric spoofing, which continuously reshape the threat landscape.

I don’t know any companies on the planet using tech that will tell you they have just one solution that solves everything. When solutions work together, they can significantly reduce fraud.

Sales also stresses the critical nature of raising fraud awareness to prevent significant financial losses: “If people are unaware, they might just write off major fraud as a minor scam, not realising that a single incident can involve significant sums, sometimes as much as half a million quid, as we’ve seen.”

What emerging threats should businesses and consumers be most aware of in the next five years?

Tony Sales highlights a critical shift in the fraud landscape as technological advancements continue to shape criminal tactics. He particularly notes the increasing sophistication of attacks that are tailored to exploit our growing reliance on digital devices. He discusses the evolution of these tactics, stating, “People sending links and stuff. I guess as delivery mechanisms get better and as we become more reliant upon devices, more device-specific stuff will happen.”

This observation underscores the urgent need for businesses to continually refine their security protocols and for consumers to remain vigilant about the links they click and the apps they download.

Expanding on this point, Sales mentions that as technology progresses, so does fraudsters’ ingenuity in crafting attacks that are harder to detect and more damaging. The increasing use of mobile devices not only for personal communication but also for business transactions presents a lucrative target for criminals, who are quick to exploit any security lapses.

Furthermore, Sales touches on the broader impact of these developments. As digital platforms become more integral to our everyday lives, the potential for

significant disruptions caused by fraud increases. This necessitates a robust and adaptive response from both the private sector and regulatory bodies to mitigate risks and protect consumers.

Reflecting on your journey from committing fraud to preventing it, what are the key lessons you wish to pass on to others in the industry or the general public?

Tony Sales delves deeply into his past as a fraudster and his current role as a fraud prevention expert, highlighting the profound lessons learned along the way. He explains the crucial importance of genuinely understanding fraudsters to combat fraud effectively. “You have to understand the adversaries that you’re after. People often say that they try to think like fraudsters, and I’ve forevermore said that it’s not something I believe is possible unless you’ve actually lived it.”

He adds, “Go up against people who don’t care. They have no moral compass. They’re probably like that because of things that have happened to them. They’re locked in whatever they’re doing, and they’ll continue to do it forevermore.”

This deep insight into fraudsters’ psychology is critical for anticipating their moves and preparing robust defences. Moreover, Sales underlines the pivotal role of awareness and education in fraud prevention. “Understanding them and how they may attack a business or a consumer again comes back to awareness... and I believe that is the strongest form of defence we’ve all got.” He advocates for equipping the public and professionals with as much information as possible to defend against any attack, be it digital, physical, or via social engineering.

PAY360: The payments ecosystem under one roof

A

glimpse into payments crystal

ball

At ExCel London, PAY360 gathered over 4,000 payment professionals to discuss the future of payments, innovation, and regulatory challenges with industry leaders.

A number of speakers discussing the future of payments said disintermediation, partnerships, and a longer time horizon are expected to shape it. Fintechs are rising, and traditional banks must adapt. Interoperability, standards, and personalisation are crucial for creating better customer experiences.

Across two days in March at ExCel London, over 4,000 payment professionals walked through the doors of the UK’s largest annual gathering of industry insiders. Hosted by The Payments Association (TPA), PAY360 brought together some of the brightest minds and most influential names in the payments ecosystem.

An opening keynote address from MP John Penrose set the tone for the payments industry’s landmark event for 2024. Penrose advocated for the UK government to publish timelines and designate standards bodies to expand open banking into new sectors to maintain the country’s fintech leadership and create new commercial opportunities.

Forging payments North Star Day one kicked off with Lloyds Banking Group director for payments industry and development, Samantha Emery, and TPA director general, Tony Craddock, emphasising a unified approach is needed to drive innovation and support the UK payments market while ensuring safety, security, and resilience.

Emery says: “We need to simplify the payment landscape, which will reduce the cost of ownership to existing participants and new entrants, creating space for the payments industry to innovate organically.”

The discussion moved to the requirement that achieving a seamless, fair, and accessible payment system requires completing the capable core, embracing new international data standards, and creating the right operating models for new products and services.

A key takeaway from the conversation was the need to promote high-quality competition within the industry and a pledge to support the UK’s industry in innovating the “marketplaces of the future.”

Emery stressed the need for a “laser focus” on the economic viability of the UK payments estate, from ecosystem-based costbenefit analysis to more efficient and equitable funding models to decommissioning strategies.

Panel speakers from Swift and First Direct emphasised the importance of striking a balance between technology and human interaction in banking. They also highlighted the need for tailored payment methods and personalised experiences to upsell and create loyal customers. Open banking and central bank digital currencies are expected to reach a tipping point towards mass market adoption, benefitting customers.

Overall, the speakers agreed that a balanced approach to tech development and human interaction is key to success in the future of payments.

In conversation with the FCA

During a deep-dive session, Laura Dawes, director of authorisations, and Nicholas Webb, market interventions manager, discussed the Financial Conduct Authority’s (FCA) role in regulating the payments and e-money sector.

Insights on the FCA’s supervisory response to crypto assets were shared, along with discussions on the regulatory sandbox, early hybrid oversight function in Canada, and the future of regulation in the payments industry.

The speakers addressed the challenges and opportunities in financial services regulation and discussed the need for proper governance arrangements. They discussed the FCA’s consultation on enhancing transparency, and the audience engaged in a debate with the speakers regarding the lack of clarity on expectations. Dawes and Webb emphasised the importance of independent challenge and oversight.

Payments’ next giant leap

Bank of England executive director of payments, Victoria Cleland, was joined by Open Banking CEO Henk Van Hulle and Marcel Haag, director for horizontal policies at the European Commission to discuss payments industry’s challenges and opportunities, with all parties emphasising the need for a balanced approach between innovation and risk management.

Van Hulle stressed the importance of responding to surveys and investing in change. He also explored the potential benefits of open banking and open finance in improving financial inclusion and consumer empowerment.

The session gave attendees an overview of the EU’s legislative framework regarding digital currencies, stressing the importance of collaboration and harmonisation across the industry.

In conversation with Joe Garner

A focal point on the agenda was a discussion about the future of payments in the UK, focusing on innovation, resilience, and competition. Craddock emphasised the necessity of a national payments vision while also stressing the importance of interoperability and invisibility in the payment space.

Both Garner and Craddock stressed that resilience should be the top priority and discussed the potential of tokenisation in the future of payments. They also discussed the growing impact of big tech in financial services, highlighting the importance of regulatory engagement and collaboration to address potential risks and opportunities.

Delivering the best outcomes for customers

At the plenary, Visa’s Managing Director, Mandy Lamb, emphasised the importance of drawing from the UK’s payments industry’s past successes to shape an open future while also underscoring the need for trust within the industry – a contentious issue.

Lamb paid tribute to the potential of embedded finance in unlocking more financial products and services for the public and underlined the importance of balanced regulatory environments enabling the industry to innovate and adopt more open finance solutions for their customers.

Open banking, a popular topic throughout the conference halls over the two days, was praised throughout the session. Lamb discussed how the technology can help increase flexibility, control, and improvement in choices in payment methods, ultimately benefitting the customer.

ESG 101: Why isn’t the industry making an impact?

Discover how The Payments Association’s ESG Working Group is addressing the challenges and solutions for effective environmental, social, and governance initiatives within the payments industry.

Natasha Healy

The Payments Association’s annual PAY360 conference featured several talks and panels highlighting the importance of ESG initiatives. Experts across the payments industry spoke passionately at these events, championing their organisation’s ESG strategies and wider industry and governmental ESG policies. So, despite this goodwill, why is the industry falling short? One panel, ‘ESG 101 - why isn’t the industry making an impact?’, moderated by Angela Yore from SkyParlour, tackled this question.

Challenging complacency

One reason for this lack of interest could be that the industry overestimates the progress it has already made. For instance, the UK’s departure from a cash-based payment system gives the impression of forward momentum. Cash, being extremely resource-heavy, energyconsumptive and having a very short shelf-life, is not a green option. However, panellist Richard Theodossiades, co-founder and CEO of Zero, noted that digital payment options are not necessarily better regarding carbon emissions.

Card payments may seem like a low-carbon option, but the British Retail Consortium found that, on average, 25 billion card payments are made annually in the UK, which uses 1 million tonnes of carbon. The Payments Association estimates that this amount of carbon generates enough energy to charge your smartphone 6 trillion times. In fact, UK Finance’s ‘UK Payments Markets Summary 2023’ found that 45.7 billion card payments were made in the UK in 2022, far higher than average.

According to figures taken from Mike Berners-Lee’s book ‘How Bad Are Bananas: The Carbon Footprint of Everything’ and the British Retail Consortium, the incredible amount of carbon that this number of card payments requires in one year would allow you to use your phone for 10 hours a day for over 2 million years.

It seems that entirely digital payment methods—contactless, virtual wallets, virtual coins—would be the natural next step in reducing carbon usage. Still, the amount of energy required to fuel the data centres for some digital currencies and artificial intelligence (AI) applications

is astronomical. Perhaps one of the most famous offenders is Bitcoin, which, according to Forbes Advisor, uses more energy annually in its processing centres than in Norway.

Similarly, the payments industry may believe that if it refrains from investing in companies that produce outputs with evidently high carbon emissions, its carbon footprint remains low. For instance, investors may feel they prioritise the environment by investing in fintechs creating systems for digital currencies rather than a fossil fuel company. However, how the industry is currently building these systems is extremely carbon inefficient. Many of the data centres fintechs rely on to inform their software consume an enormous amount of electricity and carbon.

Strategic insights: Moving beyond short-term gains

The industry’s complacency may also stem from organisations not seeing how ESG initiatives will benefit them directly. On this point, Yore notes, “The fintech industry has always been forwardthinking, but when it comes to ESG, it’s clear that we are behind.” Indeed, many firms may shy away from investing in specifically ESG-related propositions due to the perception that they will not produce significant returns.

Panellist Philippa Martinelli, advisor and investor at Phronesis, argues that investment firms are simply not doing

The fintech industry has always been forwardthinking, but when it comes to ESG, it’s clear that we are behind.

We can’t allow either the geopolitical landscape or inertia to keep us from securing a better present and future for all.

enough to live up to their environmental promises. In its ‘Global Investor Survey 2022’, PwC finds that whilst a lack of action on ESG issues would deter most investors, they also do not want a company’s action on ESG to impact investment returns at all. 81% said they would accept no more than one percentage point less in investment returns for the pursuit of ESG goals.

In its ‘2021 Global Investor ESG Survey’, PwC found that (49%) were unwilling to accept any reduction in returns. Yet in an article titled ‘Five Ways That ESG Creates Value’, McKinsey contests this industry-wide belief, arguing that firms are short-sightedly focusing on immediate impacts rather than long-term rewards. All firms need to work in tandem to achieve environmental goals.

Martinelli contends that it is important that governing boards turn their attention to environmental issues as the ‘S’ and the ‘G’ cannot happen without the ‘E’. The environment’s health is the base of

everything, and if we do not tend to the pervasive problem of climate change, social inclusion and governance policies will cease to matter. In its 2021 ‘The Cost for the Financial Sector if Firms Delay Climate Action’ report, the Oxford Sustainable Finance Group found that the delay in climate transition plan implementation from the early 2020s to 2026 will cost US$2.2 trillion to the financial services industry. Why is that not driving people to action?

The story is similar on the social side of ESG. Francesca Brown is global director of policy at Women’s World Banking, a global NGO and impact investor advocating for women’s economic empowerment globally, which aims to reach 100 million women by 2027. Brown says that whilst the ‘World Bank’s Global Findex Report of 2021’ finds that financial inclusion and inequality based on gender are improving, there are still nearly a billion underbanked women. In response to this report, she adds that “nearly 750 million women worldwide still don’t have access to financial services , and a further 250 million women have inactive bank accounts.” Alongside missing investment propositions from environmentally minded organisations, she says companies are similarly passing up on huge sections of the market by not having gender and social equality in mind when designing their products. Inherent biases and a lack of diversity in the top tiers of the business often cause this, explains Brown, adding that companies will only

begin to attract these forgotten customers if they purposefully take a women-centred approach to product design, including women in the right teams and senior positions in the company.

Inclusion and governance: Keys to effective ESG policies

Joanne Dewar, project lead of Project Nemo, a grassroots pro bono initiative to accelerate disability inclusion in fintech, suggests ESG policies lag as real change requires bold and determined governance. When asked to rate the current engagement of the payments industry in ESG policies, she awarded it 1/10. The ‘G’ in ESG is getting lost, and if companies don’t get governance right at the board level, none of the other initiatives can work. She observes that companies like to position ESG policies as being at the core of their business, but they are rarely at the top of the board’s agenda.

Joel Blake OBE, founder of GFA Exchange, poses that to reflect our diverse economy, “companies need to invite the people they’re supporting into their decision-making circles. This way, they can get valuable advice on how to create inclusive strategies and solutions that truly meet their needs, as well as the strategic objectives of the company.”

Boardrooms in the payments industry show clear complacency and reticence regarding ESG initiatives, stresses Yore. She adds that there is a desperate need for this to change: “We can’t allow either the geopolitical landscape or inertia to keep us from securing a better present and future for all”. Yet, Blake argues that more effective board governance will not happen until environmental or social issues hit companies in their pockets, adding that “the cultural mindset always has to lead back to a commercial conversation”. Moreover, there needs to be a change in the approach and prioritisation of investors so that short-minded profit growth is not the only long-term goal.

Dewar ended the session by reassuring the industry that no company is too small and it is never too early to start implementing ESG policies. The passion for creating change and pressure must come from all angles, not the boardroom alone. Dewar remarks, “All colleagues can be curious,” and suggestions to improve a company’s environmental or social workings don’t have to come from the designated ESG advocate.

In response, The Payments Association’s ESG Working Group developed a Toolkit to help all companies start their ESG journey. All employees can use this Toolkit to drive ESG initiatives. It contains articles, reports, and blog posts to help inspire the industry to delve deep and commit to meaningful and impactful ESG resolutions.

Summer Party

Date: Tuesday 2nd July

Time: 18:00 – 21:00 BST

Venue: London venue TBC

Payments compliance faces runaway costs

Compliance costs are soaring as firms, especially in high-risk sectors, invest heavily in technology and processes to manage evolving risks, but the price of non-compliance remains even higher.

Payment compliance and risk management are expensive and timeconsuming due to their multifaceted and idiosyncratic nature. There is no onesize-fits-all solution. Risk and compliance are ever-changing, and firms continue to adapt to new threats. As history has shown, try non-compliance if you think compliance is expensive.

Risk profile: No ‘one-size-fits-all’

A company’s risk profile largely determines the cost of compliance. Businesses operating in high-risk sectors such as gambling, cryptocurrencies or money transfer services will find their risk profile significantly higher. Likewise, those operating in or serving clients in high-risk countries have an elevated risk profile. Such organisations require robust compliance and risk management functions to assess their supply chains and customers for money laundering, corruption, and sanctions, but what are the costs?

Economic costs

The pure financial cost of remaining onside is increasing, and more investment is required to keep up. Firms are spending heavily on new processes and technology. According to a recent publication from Deloitte, 2023 will see corporate legal functions and their legal service providers adopt technology to streamline their process, improve legal risk management, and enable technology-based self-service, allowing lawyers to focus on bespoke complex legal issues.

Forbes reports that the average cost of maintaining compliance in large firms can total up to US$10,000 per employee, an increase of 60% from pre-financial crisis levels. Layer on top of that, government programmes such as the economic crime levy, where up to £250,000 will be collected by His Majesty’s Revenue and Customs (HMRC) on all anti-money laundering (AML) regulated businesses beginning in 2023.

A closer look at the costs reveals that customer due diligence (CDD) processes remain by far the largest single operational cost. Two-thirds (67%) of total financial crime compliance costs in 2022 were attributed to CDD, an increase from 53% in 2020, as reported by LexisNexis and these numbers are increasing.

*Source: LexisNexis Percentage

The financial loss due to fraud or financial crime can be significant depending on factors such as the size and frequency of payments.

The largest share of the CDD cost is represented by know-your-customer (KYC) onboarding checks, accounting for a third of overall CDD costs. Anti-fraud checks at onboarding—necessary for the increased fraud risk posed by remote identity management and document verification—contributed to a further 9% of CDD costs as firms move to strengthen their defences.

Opportunity costs

Are compliance costs worth it? The financial loss due to fraud or financial crime can be significant dependent on factors such as the size and frequency of payments.

Unfortunately, it doesn’t stop there. According to a study by McKinsey, the amount lost due to financial crime is merely the tip of the iceberg. Even when combined with the costs of compliance technology, it represents less than

one-third of the total cost faced by an organisation hit by financial crime. The client impact, company reputation, and loss of revenue begin to stack up. Layer on top of the remediation costs and fines from the regulator, and the true size of the iceberg comes into view.

As previously mentioned, while the cost of compliance is high, the cost of non-compliance is even higher. In January 2022, the Solicitors Regulation Authority ordered London-based law firm Mishcon de Reya to pay £232,500 for failing to perform adequate due diligence to comply with AML regulations. Later that year, Santander (UK) plc was fined over £107 million for failing to have an effective risk-based AML control framework and became the latest high-profile company to be fined for insufficient AML and compliance controls.

Solutions

While regulators are taking an increasingly tougher stance on noncompliance, what options exist? Given the scale of the problem, there is no perfect solution that automates everything, and a manual approach to compliance is no longer viable. To help

keep up, firms are opting for cloudhosted digital solutions to leverage wider AML data sets and get better contextual analysis to provide insights on the macro and micro simultaneously. Higher-quality data leads to better-informed decisions.

The bottom line

Payment compliance and risk management are expensive, but the cost of non-compliance can be much worse. No one-size-fits-all compliance solution exists to meet all firms’ varying risk profiles. Still, progressive organisations can access cloud computing solutions to improve compliance and risk controls and adapt to the ever-changing AML landscape.

Unlock key insights into the payments industry with Payments Intelligence, designed exclusively for members of The Payments Association

• Gain an edge with in-depth analysis, trends, and forecasts that matter to C-Suite executives, available exclusively to our members.

• Stay ahead of the curve with authoritative content tailored for the top echelons of the payments industry.

Join The Payments Association today and gain exclusive access to Payments Intelligence

Leveraging ISO 20022 for enhanced cross-border payments and fraud prevention

Adopting ISO 20022 is essential for modernising cross-border payments, enhancing fraud prevention, and ensuring seamless interoperability and efficiency in international financial transactions.

George Iddenden

Hailed as a transformative standard in the realm of financial messaging, ISO 20022 offers a robust framework for addressing the complexities and inefficiencies inherent in cross-border payments.

Based on a whitepaper from tispayments, it is projected that 80% of domestic high-value clearing (RTGS) volumes will be ISO 20022-based by 2025, with all reserve currencies either live or having declared a live date, as estimated by Swift.

Its adoption offers numerous benefits for financial institutions, businesses, and consumers involved in international transactions. By providing a standardised format for data interchange, ISO 20022 facilitates seamless interoperability, streamlines processing, and enriches transactional data with comprehensive metadata.

This standardised approach not only enhances transparency and traceability but also enables more efficient straightthrough processing, reducing manual

intervention and associated costs.

Embracing ISO 20022 without variations stands poised to revolutionise cross-border payments, fostering greater efficiency, transparency, and reliability in global financial transactions.

Why payments leaders should leverage ISO 20022 to enhance their cross-border offering

ISO 20022 is an essential standard for modernising cross-border payments and enhancing fraud prevention efforts.

According to Thistle Initiatives head of payment services, Lorraine Mouat, its widespread adoption has significantly streamlined cross-border payment processes and strengthened fraud prevention measures, providing greater peace of mind for businesses and consumers alike.

More detailed transaction information has enabled better detection and prevention of fraudulent activities, according to Mouat. She adds: “Additionally, its adoption facilitates

Embracing ISO 20022 without variations stands poised to revolutionise cross-border payments, fostering greater efficiency, transparency, and reliability in global financial transactions.

smoother cross-border transactions by providing a common language for communication between financial institutions, reducing errors and enhancing efficiency.”

The comprehensive data fields and structured metadata in ISO 20022 messages enable richer information exchange, enhancing transparency, reconciliation processes, and visibility into payment flows. Additionally, ISO 20022 facilitates straight-through processing (STP), leading to faster processing times, lower operational costs, and improved efficiency while supporting regulatory compliance and reducing compliance-related risks. By offering faster, more transparent, and more reliable payment services,customer satisfaction can be enhanced, trust can be built, and firms can differentiate themselves in the competitive payments landscape.

How ISO 20022 can contribute to smoother cross-border transactions Without a standardised approach, identifying and responding to suspicious transactions becomes more difficult, heightening the risks of fraud and financial crime.

Not only this, but the lack of a uniform standard complicates regulatory compliance efforts, increasing operational burdens and compliance costs across jurisdictions.

As a result, the absence of standardisation undermines the efficiency and security of cross-border payments, posing significant risks to the integrity and stability of the global financial system.

Mouat believes that adopting the standardised messaging format offers a solution to these challenges by enabling seamless interoperability, enhancing transparency, and strengthening fraud detection capabilities in cross-border payments.

Mouat tells Payments Review: “ISO 20022 helps mitigate the challenges associated with cross-border payments by providing a common messaging format that supports richer data sets and standardised transaction information.”

This, she explains, can help to enable more efficient processing, reduces errors, and enhances transparency, ultimately

ISO 20022 enhances transparency and audibility, enabling financial institutions to demonstrate compliance with regulatory obligations and respond to regulatory inquiries or investigations more effectively.

improving the overall integrity of the payment system.

Not only can the standardisation help mitigate challenges, but ISO 20022 messaging can enhance fraud prevention measures by allowing for more detailed transaction information, such as beneficiary details and transaction purposes, which can be used to perform advanced analytics and anomaly detection.

Harmonised adoption of ISO 20022

The widespread adoption of ISO 20022 marks a significant milestone in modernising and streamlining global financial transactions. By standardising messaging protocols across different stakeholders, such as financial institutions, payment systems, and regulatory bodies, this adoption ensures smooth interoperability and efficient data exchange.

This collaborative effort is paramount in promoting greater transparency, reliability, and security in financial transactions, leading to improved innovation, competitiveness, and customer experience in the everchanging global financial industry.

Mouat believes that harmonised adoption of ISO 20022 across the financial industry is essential for maximising the benefits of the standard. She says: “A consistent approach to adoption reduces fragmentation and complexity, streamlines communication between financial institutions, and promotes innovation in cross-border payments and fraud prevention technologies.”

Harmonised adoption of ISO 20022 has demonstrated there are plenty of tangible benefits, Mouat claims. “For example, standardised messaging formats have enabled faster transaction processing, reduced operational costs, and improved compliance with regulatory requirements.”

She adds that by adopting a common language for communication, financial institutions can provide more reliable and secure cross-border payment services, ultimately benefitting their customers and the broader financial ecosystem.

The issue of variation

One of the pain points of ISO 20022 is when different entities adopt different variations, such as using customised message formats or protocols. This can lead to increased implementation costs and hinder effective fraud prevention efforts.

The use of inconsistent data formats and messaging protocols may result in errors, delays, and vulnerabilities in the payment system, compromising its reliability and security. Ultimately, these variations could erode trust and confidence in cross-border transactions, as stakeholders may perceive them as less secure or reliable due to the lack of standardisation.

On the potential difficulties of differing variations Mouat says: “Variations in ISO 20022 adoption could increase implementation costs and hinder the effectiveness of fraud prevention efforts. Inconsistent data formats and messaging protocols may lead to errors, delays, and vulnerabilities in the payment system, ultimately undermining trust and confidence in cross-border transactions.”

Enhancing fraud detection and prevention with ISO 20022

ISO 20022 includes provisions for the inclusion of regulatory reporting data within payment messages. This facilitates compliance with anti-money laundering (AML) regulations and other regulatory requirements related to fraud prevention. By standardising reporting formats and data elements, ISO 20022 enhances transparency and audibility, enabling financial institutions to demonstrate compliance with regulatory obligations and respond to regulatory inquiries or investigations more effectively.

Additionally, ISO 20022 enables financial institutions to implement transaction monitoring and reporting capabilities to detect suspicious activities, report suspicious transactions to regulatory authorities, and contribute to broader efforts to combat financial crime and terrorism financing.

In summary, ISO 20022 provides financial institutions a robust framework and advanced capabilities to enhance fraud detection and prevention in

The widespread adoption of ISO 20022 marks a significant milestone in modernising and streamlining global financial transactions.

cross-border payments. By leveraging detailed transaction information, advanced analytics techniques, real-time monitoring, and regulatory compliance features, financial institutions can strengthen their defences against fraud and safeguard the integrity of the global financial system.

Europe’s banking revival won’t last

For over a decade, ever since the euro-zone crisis of 2011 and 2012, Europe’s major banks, including those in the UK, have been by far the weakest part of the economy.

They could collapse at any moment. They had insufficient capital to finance businesses, and their profits were so weak they were a drag on all the major indices. For over a decade, ever since the euro-zone crisis of 2011 and 2012, Europe’s major banks, including those in the UK, have been by far the weakest part of the economy. However, there has been a clear recovery over the last year, with banking stocks among the best performers and a genuine profit improvement. There is just one catch: It will not last—there are still too many risks out there.

It has certainly been the best year for a while for anyone with money invested in European banks. MSCI Europe Banks Index is up by 35% compared to 14% for the market as a whole. It has hit its highest level in six years. In London, Barclays is up by 18% and HSBC by 13%. There are a few standout performers within that. UBS is up by 46%, Deutsche Bank is up by 48%, while the two major Italian banks, UniCredit and Intesa Sanpaolo, have reached 13year and nine-year highs, respectively. Re-wind a little more than a year, and the London branch of Silicon Valley Bank had to be bailed out, Credit Suisse had to be hustled into a shot-gun merger with UBS, and there were constant rumours that one of the major German lenders—

perhaps even the once mighty Deutsche Bank—might have to be bailed out. It is quite a turnaround.

It is not hard to work out what is behind the recovery. Higher interest rates have boosted margins, allowing the major banks to put their balance sheets back in order. Economies across Europe are not exactly on fire, but they are at least stable. Meanwhile, in countries such as Italy, which had been in recession for years, there are signs of a genuine recovery. Put all that together, and the banks can make some money for the first time in a decade or more.

The outlook is improving constantly, and that matters. Finance is one of the economy’s largest sectors, and, more importantly, just about every other type of business depends on a vibrant banking industry to provide credit and invest in new plants, machinery, and products. Without a healthy banking industry, economic growth is very hard to achieve.

The trouble is the revival can’t last. In reality, there are still too many challenges out there. To start with, there is still the potential for significant losses. The banking industry has survived the rapid rise in interest rates over the last two years with very little damage so far. That is a measure of how conservatively it has been managed in recent years, with minimal risky lending. However, there are two potential problems. As always, there has been a lot of lending to property developers, especially in commercial real estate. Office prices are plummeting due

True, Europe’s banking industry looks more stable than it has done for years…but no one should kid themselves that the recovery can last.

to the declining numbers of individuals working in offices five days a week, while retail space faces similar vulnerability as chains close and the internet takes a bigger chunk of the market. Just as seriously, the private equity houses look to have badly over-extended themselves when interest rates were close to zero and will now be left with lots of failing businesses. In either sector, there is still the potential for huge losses for the banks, especially if rates stay higher for longer than expected.

Next, Europe is drowning in government debt. In Italy, the state is still borrowing 7% of GDP this year, France more than 5%, and the UK more than 4%. Debt to GDP ratios are still soaring, and there is very little sign the books will ever be balanced. If there is a collapse in confidence in government debt, as there was in the UK during the shortlived Truss government, the banks will face huge losses. Finally, the tech-based challenger banks are still expanding all the time. Artificial intelligence (AI) applications may soon begin to take real market share away from established banks, and once that happens, their lock on the market will be under real threat. Once an industry goes into decline, it is very hard to reverse that.

True, Europe’s banking industry looks more stable than it has done for years. Balance sheets are in far better shape than they have been for more than a decade and are in a position to support businesses and the economy again. But no one should kid themselves that the recovery can last. Big challenges are still ahead—and another banking crisis could start anytime.

How financial institutions can navigate the future of digital asset custody

Financial institutions must navigate the evolving digital asset landscape by adopting innovative custodial solutions to address security, regulatory compliance, and operational challenges.

Traditional finance is at a crossroads with the new digital frontier, and the rapidly evolving landscape of digital assets demands innovative custodial solutions. For banks, payment service providers, financial institutions, and others either considering or already piloting digital asset projects, it’s imperative to understand the importance of an underlying custody infrastructure.

The custodial landscape: Challenges and opportunities

Custody plays a foundational role in the digital asset ecosystem, enabling a proactive and collaborative environment for the likes of HSBC and DZ Bank to engage in the tokenisation space. Partnerships and initiatives like these indicate the growing appetite among traditional banks to adapt to the emerging reality of digital assets, demonstrating a keen awareness of the evolving financial landscape and the need to integrate innovative custodial solutions.

Custody of digital assets is inherently a technological and cybersecurity challenge, as these assets are backed by cryptography.

Custody of digital assets is inherently a technological and cybersecurity challenge, as these assets are backed by cryptography. This requires infrastructure and security measures and integration into existing processes and governance structures.

• Security at the forefront: The technological and cybersecurity intricacies of digital asset custody require careful consideration. Cryptography plays a critical role in asset security. There are integration challenges with traditional banking infrastructures, and offline cold storage is indispensable in mitigating cyber and reputational risks.

• Self-custody complexities: The complexity of self-custody for banks—which involves managing keys, governance, compliance, and potentially insuring assets—suggests that self-custody may not be suitable for all financial institutions.

• Key management approaches: Different approaches to key management exist, including centralised key storage with low attack surfaces and decentralised access using technologies like multi-party computation. A combination of these methods could enhance security.

The regulatory puzzle

Global custody regulations are fragmented and inconsistent. However, a trend towards more regulated and segregated custody models is emerging, emphasising the necessity for legal entity separation and client segregation. The progressive regulatory requirements for key material in various parts of the world, such as the UAE, Brazil, Hong Kong, and Africa, further highlight this trend and provide a promising outlook for digital asset and custody regulations across the globe.

• Key material and on-premise requirements: In certain jurisdictions like the UAE, Thailand, and Turkey, a notable requirement is the mandate for key material associated with digital assets to be stored locally, on-premise. This need to have the critical data used to secure and access digital assets physically present within the country’s borders aligns with a broader global trend towards data sovereignty and heightened security protocols in the financial sector.

• Flexible implementation and hybrid models: Implementing these regulations is flexible, which could mean greater potential for hybrid models in digital asset custody. This approach might involve scenarios where a portion of the private keys—crucial for accessing the digital assets—are managed by external vendors while still adhering to the local regulatory framework. Such models indicate a growing recognition of the need to balance regulatory compliance with practical operational efficiencies in the realm of digital custody.

• Implications for global custody practices: These specific regulatory requirements in the UAE, Thailand, and Turkey provide valuable insight into the evolving global landscape of digital asset custody. As different countries establish their frameworks, entities operating in the digital asset space must navigate a complex tapestry of local and international regulations. This scenario calls for adaptable and secure custody solutions that can comply with diverse regulatory demands while ensuring the safe management of digital assets.

• Looking towards the future: While the United States has been slow on the uptake as it relates to digital asset regulations, the Securities and Exchange Commission (SEC) might eventually adopt similar regulatory frameworks, indicating a possible trend towards more stringent and localised control over digital asset key material. Such developments could significantly impact how digital asset custody is structured globally, emphasising the need for robust, compliant, and flexible custody solutions.

Interoperability and the future of tokenisation

Connecting to multiple private permissioned blockchains is a challenge, to say the least, which begets the need for interoperability to normalise access and adoption for institutional investors. Custody is crucial in enabling value-added services and tokenising financial and real-world assets (RWAs).

Custodians and communication: The ecosystem approach

Custodians must communicate effectively to maintain regulatory exemptions in digital asset transfers. Managing assets across multiple chains is inherently complex, so an ecosystem-based approach is necessary for the success of global digital asset custodians.

The future of digital asset custody will be shaped by a blend of technological innovation, regulatory clarity, and industry collaboration. As digital assets continue to carve their niche in the financial world, these insights provide valuable guidance on navigating this complex and dynamic landscape.

Kelly Browning content strategy, Ripple

AI in financial crime prevention: A transformative approach

Harnessing AI to combat the rising tide of digital financial crimes, transforming detection and prevention strategies.

As the financial services sector confronts the escalating complexity of financial crimes, the advent of artificial intelligence (AI) is proving indispensable.

Fraud, money laundering, and embezzlement have adapted to the digital age, necessitating equally sophisticated countermeasures. In anticipation of the launch of a comprehensive AI glossary, The Payments Association’s AI and Technology sub-group is at the forefront of clarifying and standardising AI-related terminology.

This article, prepared in the context of this impending launch, showcases the potential of AI-driven strategies to revolutionise financial crime prevention, illustrating the critical initiatives the subgroup aims to promote.

The growing problem of fraud

With the proliferation of digital payment methods, the last decade has seen a dramatic increase in fraud, particularly in the realm of card-not-present (CNP) transactions. These transactions, which do not require the physical presence of a card, accounted for 27% of all debit transactions in 2019 and have been increasing at a rate ten times faster than card-present transactions.

The pressure to deliver quick and secure services to consumers who expect a seamless experience has inadvertently expanded the opportunities for fraudsters. AI plays a pivotal role in combatting this rise by analysing the vast amounts of data generated with each transaction. These data points include the identity of the payer (e.g., phone number, KYC

AI’s ability to sift through extensive transactional data and recognise anomalies is akin to finding a needle in a haystack.

information, card number), transaction timing, geographical details, type of expenditure, and the specific methods used for the transaction (e.g., device used, behavioural tracking). AI systems leverage this information to identify deviations from established patterns that may indicate fraudulent activity.

Dr Mark Goldspink, associate partner at The Fintech & Payments Advisory Network and member of the AI subgroup, emphasises that while current AI technologies are robust, the quality of data and a holistic approach within enterprises are critical. He states, “I believe the issues are the quality of data and a more holistic approach within the enterprise.” Goldspink adds that corporate data resilience is paramount for the future to ensure data quality,

“coupled with the need to remove silos, is imperative for the future.”

Matt Clare, VP of fraud and 3D secure operations at Thredd, echoes the importance of AI, stating, “AI tools are the way forward for laser-like targeting of fraud while minimising friction to customers.” Clare highlights the necessity of utilising the significant data available to build the most effective models, including data from payment messages, card authorisations, and other events like cardholder detail changes and fraud rates on specific merchants.

Leveraging AI for detection

AI’s ability to sift through extensive transactional data and recognise anomalies is akin to finding a needle in a haystack. This capability is especially

critical in environments with high volumes of transactions where manually spotting fraud would be unfeasible. AI systems are trained to detect irregularities in transaction patterns— such as unexpected changes in IP addresses or sudden alterations in IBANs associated with regular payments—that could suggest illicit activity. One of the substantial benefits of using AI in this context is its capacity to reduce false positives, which have traditionally been a significant source of financial loss for merchants, reported at approximately 10–15%. By applying additional layers of analysis to transactions flagged as suspicious, AI not only enhances the accuracy of fraud detection but also optimises the efficiency and costeffectiveness of the operations involved.

According to Goldspink, a corporate data-resilient strategy needs to be identified early in the business development process. He suggests that synthetic data enrichment techniques could be adopted in the short term as data sets are fully established.

Clare adds, “Robust monitoring of how the data is evolving as the population grows and changes is essential, as well as tracking key metrics at as granular a level as possible, e.g., confirmed fraud vs. false positives at a product level, geographical level, transaction type, or merchant type level. This will help pinpoint where a model is becoming less effective. Refinements such as adding new data elements or events can then be assessed.”

Challenges and limitations

Despite its advantages, the deployment of AI in fraud prevention is not without challenges. The efficacy of AI systems largely depends on the availability of large, cleansed datasets. Smaller organisations, in particular, may find it difficult to access or maintain such extensive data pools, which are crucial for the effective training and operation of AI algorithms. Furthermore, major fraud detection companies often rely on aggregating anonymised data to

AI tools are the way forward for laser-like targeting of fraud while minimising friction to customers.

create substantial datasets that can support deep analytical capabilities, a process that can be intricate and resource-intensive.

Additionally, as AI technology advances, so too do the techniques employed by cyber-criminals. These criminals increasingly use AI to detect vulnerabilities within systems that they can exploit. Consequently, financial institutions must continually update and refine their AI systems to stay ahead of sophisticated cyber-criminal strategies, ensuring these tools can effectively identify and react to emerging threats. For Goldspink, AI technology must be flexible enough to adopt strong continuous improvement (re-tuning) methodologies “to help fulfil the corporate data resilient strategy adopted by the organisation.”

According to Clare, “Being part of a consortium model, benefitting from the data/insights of other similar organisations, could be a solution. Care needs to be taken that the smaller organisation doesn’t experience outcomes that aren’t aligned with their customer/ transaction profile if they are only a small part of a consortium model. Additionally, there needs to be a strong data strategy from day one of the business, particularly in terms of cleanliness, validation and breadth of data captured.”

Future

directions

The ongoing development of AI in financial crime prevention is expected to focus on enhancing predictive capabilities and integrating more dynamic, realtime decision-making processes. As AI algorithms become more refined, they can anticipate potential fraudulent activities before they occur, thereby not just reacting to but actively preventing financial crime. Moreover, as consumer expectations continue to evolve towards faster and more userfriendly transaction processes, the role of AI will become increasingly central in balancing these demands with the need for security. Collaborations across sectors and industries, as well as partnerships between technology providers and financial institutions, will be vital in fostering an environment where AI tools can thrive and effectively counteract the sophisticated strategies employed by fraudsters. While AI presents a promising avenue for preventing financial crime, it necessitates a balanced approach that considers both the technological advancements and the potential for misuse. With careful implementation and ongoing adaptation, AI can significantly bolster our defences against the financial crimes that have burgeoned in the digital age.

20

60+ speakers

8+

600+ attendees

Financial Crime 360: The payment leaders fighting crime on the ground

With Financial Crime 360 around the corner, Payments Review spoke to some of the leading figures working tirelessly to combat the growing issue of financial crime within the payments ecosystem.

Financial services organisations in the UK spend approximately £22,000 per hour fighting financial crime and fraud, according to the latest True Cost of Compliance report from LexisNexis Risk Solutions. Without action, this figure is likely to rise.

Hosted by The Payments Association, Financial Crime 360 (FC360) is the essential gathering of financial crime experts that demands vital collaboration among all stakeholders in addressing financial crime.

In November, it’s set to host 600 industry experts, policymakers, and thought leaders to devise strategies and solutions to protect the industry from the growing threat of financial crime. For this quarter’s issue, the editorial department wanted to spotlight some of the figures making a difference in the world of financial crime.

Natalie relocated to Europe in August 2022 to take on the role of chief risk officer for Visa Europe Limited. Natalie has 25 years of payment industry

experience, from innovation, digital and emerging payments to leading global goto-market and risk teams.

Before joining Visa, Natalie was a senior officer at SouthTrust Bank (now Wells Fargo), where she developed and executed the overall issuing and acquiring bank card strategy.

How important are events such as FC360 in helping address financial crime issues in the payments sector?

Financial Crime 360 plays a key role in helping to address financial crime within the payments sector. By fostering collaboration, sharing knowledge, and emphasising technological adaptation, the event helps bring the industry together to more broadly tackle the very real and emerging threats in fraud, money laundering, and cybercrime.

With the ever-evolving payments industry landscape, it’s our collective responsibility to participate in such events to safeguard consumers and businesses from financial crime and promote a resilient and secure payments ecosystem.

What are the key emerging risks to the payments industry that Visa is monitoring, and how is the company adapting

its risk management strategies to address these evolving threats?

Just as payments technology and authentication have become more secure, fraudsters are also becoming increasingly sophisticated. That’s why it’s so important — now more than ever—to provide a secure payments environment in a digital-first world.

We take a multi-layered approach to counter the rising threat of malware, social engineering, and brute force attacks by organised, well-funded, global criminal enterprises. By innovating, partnering, investing, and harnessing our network and scale, we can ensure our clients are protected by the most advanced security products and services.

Having invested over $10 billion in technology worldwide to reduce fraud and enhance network security, our commitment to security has kept fraud at historic lows: less than 0.1% of transactions—among the lowest of all payment forms.

We also have over 1,000 cybersecurity specialists worldwide and cybersecurity fusion centres on three continents, delivering 24x7x365 risk and cybersecurity monitoring, incident response and investigations and threat intelligence capabilities.

What are your main concerns for firms entering the second half of the year and beyond regarding the threat of financial crime, and how can

There are many concerns for firms currently, especially in a challenging economic environment; however, my three main concerns are: 1) firms must prepare for the mandatory reimbursement of authorised push payment (APP) fraud by October 7 and the failure to prevent fraud offence; 2) they must also address rapidly changing financial crime typologies, including increasing criminal AI use; 3) additionally, regulatory enforcement and sanctions are expected to become more complex.

industry, and how can we address them moving forward?

Many firms have mixed views on how the new rules will impact fraudulent activity in the industry. While there’s a need for banks to protect customers, there’s concern that customers may become less vigilant in checking transactions. Finding a balance between customer education and banks’ responsibilities is crucial. The operational impact and cost of implementing the new rules are also significant concerns. Better data sharing is essential, and creative innovation is needed to address these challenges.

at Thistle Initiatives, working with various firms to mitigate financial crime risk effectively and efficiently. She has broad experience designing controls, implementing systems, overhauling processes, changing embedded cultures, and s166 reviews and remediation both in the UK and abroad.

Jess was previously the head of financial crime project delivery at FINTRAIL, working with fintechs to solve financial crime challenges, having previously managed large transformations for private banks at Capco.

What are you expecting from this year’s FC360, and how will industry events such as this one help fight against new financial crime methods?

I expect practical conversations around fraud, sanctions, AI, and how firms can mitigate new threats using new technologies. I am also hoping for engagement with regulators following a helpful forum with the regulator at FC360 last year. There are a lot of challenges facing firms at the moment, and all need to be ready if the regulator comes knocking.

Achieving financial growth through payments data analytics

Utilising payments data analytics can drive financial growth by enhancing services, reducing costs, and improving security, though it requires overcoming challenges in data management, integration, and fraud prevention.

The critical role of data analytics as a cornerstone in the evolving payments landscape cannot be overstated.

The volume of electronic transactions is not just growing; it’s tripling the growth rate of overall payments revenue over five years, as shown in the 2023 McKinsey Global Payments Report. Thanks to ongoing technological advancements, this significant shift means less reliance on cash and a stronger focus on immediate payment methods. Over the last year, we’ve seen an increase in payment activities both within countries and internationally.

Accumulating data from these transactions becomes a crucial strategic asset, giving businesses a competitive edge. Leaders in the field, like Stripe and Adyen, are proving the value of utilising data analytics by offering enhanced services beyond processing payments. Open banking is also transforming the financial landscape by enabling partnerships between banks and fintech companies, using payment

The critical role of data analytics as a cornerstone in the evolving payments landscape cannot be overstated.

data to improve tools for budgeting, investing, and financial products like loans and insurance.

Yet, modernisation is key for businesses to benefit from these advancements truly. It has the potential to cut operational costs by about 30%, reduce the time it takes to bring new products to market, and open doors to new opportunities. Innovation, which includes embracing

artificial intelligence (AI), leveraging big data, introducing new services, and moving to cloud-based systems, may require managing strategic commitments and forming smart partnerships to stay ahead.

Addressing data analytics challenges in payments

For businesses awash in data, establishing a strategic plan is vital to leveraging this wealth of information. An effective data strategy aligns with an organisation’s broader business objectives, streamlining data handling to enhance decision-making processes and secure a market edge.

Despite understanding the value of data analytics, the payments industry encounters significant obstacles. Data is often scattered across different locations and systems, complicating creating a cohesive strategy. The challenge is to improve the quality of this data and overcome issues related to its distribution and centralised management. Some organisations are making

headway with approaches like modern data management, which help them organise and manage data more effectively.

Predictive analytics, which uses machine learning and statistics to forecast trends, faces integration issues. Financial companies must carefully blend vast amounts of payment and marketing data to enhance risk management and informed decision-making. Techniques such as predictive modelling are critical in anticipating financial and operational risks, but their implementation can be complex and challenging for many.

Reporting, essential for transparency, also poses its set of challenges. Financial institutions need clear reports on key metrics, such as revenue from fees, the number of chargebacks, and overall transaction volumes. They require analytics solutions that can provide both compliance support and strategic insights. AI advancements have led to the development of tools that can generate reports more intuitively, yet adopting these

technologies is challenging. They demand investment, training, and adjustment to existing systems.

Finally, AI and machine learning are transforming labour-intensive compliance tasks, aiming for high accuracy and cost savings. However, setting up these systems for tasks such as monitoring communications and analysing contracts for legal and fraud risks is a complex challenge that the industry continually strives to address. Despite these hurdles, the sector recognises the significant advantages of embracing these technologies.

Navigating security and fraud prevention issues

A strong security strategy is crucial to protect against fraud and keep operations running smoothly. However, it’s concerning that, according to OWASP Top 10 2021, a staggering 94% of global

applications have issues with access control. This is just the beginning; there are widespread problems with encryption, code injections, insecure software designs, and incorrect system setups. Staying ahead of these issues requires improved DevOps workflows, better use of cloud technology, and updated security practices. These are particularly vital for those handling financial transactions and payment data.

Thanks to technological advancements, we’ve moved from spotting fraud after it happens to trying to stop it before it occurs. A deeper understanding of how users behave and their backgrounds and activity is needed to spot and stop threats quickly. AI and machine learning are making it easier to identify fraud patterns, monitor account activity, and intervene accurately and rapidly, reducing risks without getting in the way of genuine users.

Handling fraud well means constantly comparing your practices to the industry norm. Looking closely at fraud cases—when they happened, what kind, how they were carried out, and which accounts were involved— gives businesses valuable information to prevent and manage fraud more proactively.

Even though regulations are constantly changing and the community is there to help, processing payments is complex and requires detailed knowledge of various areas, including compliance with laws, data sovereignty, disaster recovery, business continuity, security, networking, and how data is structured. The scattered nature of data can lead to quality and integrity problems. Separate data sets make it hard for systems to work together, and inflexible systems can make adding new features or data sources slow.

Conclusion

For financial companies, analysing data is more than just helpful—it’s a crucial

Accumulating data from these transactions becomes a crucial strategic asset, giving businesses a competitive edge.

part of staying ahead in the market because of the valuable insights it provides for creating extra services. There are a lot of opportunities out there, with AI and machine learning leading to a better grasp of customer behaviours, spotting trends, and improving how we report information. As fraud attempts become more complex, solving these issues faster is essential to protect money, keep profits safe, and reduce overall risks. The challenges are significant, but the benefits of updating our technology are even bigger. These new developments can become strategic advantages with the right skills and tools.

Scroll, click, sell: Navigating the risks and rewards of social commerce

Exploring the transformative impact of social commerce on consumer behaviour and the lurking risks of online scams.

There are a million conflicting stats about social media. Still, the one that has been playing on my mind this quarter is the one cited by DataReportal in their Digital 2024: Global Overview Report. In it, they surveyed American citizens about their social media usage, specifically how much time they spend scrolling.

To help contextualise the data, they expressed the numbers as a proportion of the day people spend scrolling, clicking, or posting. Startlingly, according to their figures, the average American spends 15% of all their waking hours on

social media sites. Given that this skews heavily by age, there must be a fair cohort who barely, if ever, look up.

The rise of social commerce

So, it is no surprise that there has been a social commerce gold rush with companies finding ever smarter ways to convert their pitch—selling access to a self-selecting cohort of eyeballs— into actual transactions. In late 2022, McKinsey forecasted that, by the end of this year, 5% of all US e-commerce would operate through social media channels. Their figure for China, home of

The average American spends 15% of all their waking hours on social media sites.

the super-app, was 14%.

For the platform players, it makes perfect sense. Offering measurable, bankable transactions is more valuable than mere advertising. And given that Meta alone generates annual revenues of over $130 billion from their social media apps, you can sense the scale of the opportunity.

For larger retailers, especially in fashion and cosmetics, social commerce is a surefire way to turn show-and-tell into show-and-sell. A YouTube video of an influencer showing how to apply eyeshadow or an Instagram shot of her looking cool in must-have shades will be way more valuable if those images come with a tag that allows the viewer to buy what they see with a single click. Social commerce is also an exciting way to turn a simple live-streamed fashion show into a place of commerce with all the urgency of a live auction.

The appeal is equally compelling for the smaller players, who rely on Instagram, Facebook, etc., to engage their customers. Owners of these businesses, who must often be marketing directors, CIOs, heads of operations, and CEOs… all at the same time, can transact without special website-building skills as long as they are comfortable posting on social media.

Everyone is a winner here. For consumers, social commerce is fast, easy, and convenient. For retailers, it’s a new channel of immediacy and helps bridge the space between general marketing and actual selling. For social media players, it’s a chance to generate huge revenues and, at the same time, further extend their level of engagement with their user base.

Navigating the pitfalls

Everyone? Well, almost. A report commissioned by Lloyds Bank in May 2023 found that 80% of all UK payment scams by volume start “in the tech sector”. Specifically, they cite that 68% of all such payment fraud comes from sites hosted by Meta: Facebook, Instagram, and WhatsApp. With an average consumer loss of £570 per incident, these numbers get very big, very quickly. The banks are not winners.

While sympathy for large banks is unlikely to lead to an outpouring of public grief, this does feel like another instance where the incumbent players are

Social commerce is also an exciting way to turn a simple live-streamed fashion show into a place of commerce with all the urgency of a live auction.

burdened with compliance and accountability that the newer entrants can dodge.

Retailers can certainly play their part, too, and, by and large, are doing so. After all, a consumer ripped off by a fake website will usually blame the brand before they blame themselves. It is still too easy to set up a social media account with little in the way of ID verification, and once there, it is even easier to start trading. Social media is more anonymous than any other form of communication—ask your local neighbourhood troll. Good controls will help sellers mitigate consumer-driven fraud, but combatting brand impersonation is far harder. So far, the options seem limited to vigilant monitoring, aggressive responses, and fast communication to consumers. As long as there is no pressure on

the social players to step up, it seems unlikely that they will choose to increase their development cost to solve this or introduce friction into their slick and speedy consumer experience.

Where does this all end? In the UK, we have some very active consumer champions (from Martin Lewis and the BBC to good old Which? magazine). These groups are already beginning to warn about the problem, but without a convincing response, how long will it be before they advise consumers never to buy through social commerce?

Whether a plugged-in Gen Alpha will listen to the fusty old Consumer Association remains to be seen, but these messages tend to filter out in the end. My guess is that the platforms will have to do something sooner or later to protect their transaction revenue streams.

The questions are whether it will be soon and whether it will be enough.

A year ago, the Australian regulator brought the social players into the fold, and they have already seen a positive impact. Here, as long as the Payments Systems Regulator puts all the responsibility for prevention and reimbursement on our industry alone, social commerce companies have no incentive to improve.

Maybe it’s time for our regulator to widen the net?

Physical or digital banking? Why not both?

Combining digital innovations with traditional in-person services allows banks to provide a seamless experience that leverages the convenience of digital services and the personal touch of physical interactions.

Never have consumers been given so much of a choice regarding how they pay for goods and services. A similar level of personalisation also applies when it comes to customers’ interaction with their banks. The shift to an ecosystem combining physical and digital touchpoints has introduced new banking and financial services dynamics. That concept combines the “best of both worlds” with digital services that are instant, convenient, and ubiquitous, as well as inperson interactions that many consumers still highly value. This applies to customers across different generations, from “Boomers” to Gen Z. Therefore, financial institutions are advised to embrace the concept of digital banking to create a truly customer-centric experience. There are some practical ways that banks can incorporate a digital strategy, and emerging technologies such as artificial intelligence (AI) and large language models (LLM) applications can also play an integral role.

Streamlining the card issuance journey

While digital and mobile wallets are becoming mainstream payment

channels, the physical payment card will remain a consumer wallet staple over the coming years. However, digital improvements can be made to the card issuance journey. With people often on the move and living fast-paced lifestyles at home and work, a card and corresponding PIN being sent via two different postal letters for security purposes may be a challenge.

Waiting for each to arrive in the mail, which can be delayed or lost, is inconvenient for people who travel often for work or are about to embark on a holiday. Instead, consider the ease of activating your PIN, which is transmitted digitally via a mobile banking app. A kiosk close to them enables customers to take control of getting personalised their bank cards from nearby self-service kiosk.

Banks can also take consumer control to the next level by empowering consumers to create their individualised card design using an AI-based tool. This tool basically captures the user input (text or voice) as a description of their imaginative design and finally turns it into their physical/ digital card image. Along with that, copyright infringements that the industry worries about are solved in a nice way.

Simplified access to premium services

Previously, the familiarity of a physical bank branch on every high street reassured customers that they could walk in to discuss new products and services with experts. With physical bank branches on the decline, the onus is on banks to integrate and leverage digital offerings to replicate that feeling of the human touch.

For example, streaming a fully personalised AI-generated

video triggered by tapping the physical card to the phone can assist cardholders in navigating through, at times, complex features of their banking service. AI chatbots can offer more specific product information as needed, and bank staff can jump in to help the customer with a consultation. These are just a few examples of a perfect convergence of hyperpersonalised physical and digital banking services.

McKinsey

& Company found that despite bank branches in developed markets declining by 9%, the activities were actually up by 20% back in 2021.

While many people may find the notion of physical branches and digital services competing with one another, the complete opposite is true. In fact, McKinsey & Company found that despite bank branches in developed markets declining by 9%, the activities were actually up by 20% back in 2021.

In an ever-evolving digital world, phygital banking is crucial to meet varied customer needs and improve experience. Everyone from those more digitally adept to people who either struggle with online banking or may need tailored approaches due to a specific disability must be catered for. Both physical cards and branches, alongside digital innovations, must blend seamlessly to enable the best possible user experience.

Encouraging sustainable action

Brand values like ESG commitments have become a key differentiator for many customers. In fact, according to Deloitte figures, one in ten consumers will make a purchasing decision based on the availability of carbon footprint data.

Phygital applications can be deployed in a way that aligns with and supports a customer’s sustainability values. Customers are provided with information about the environmental impact of their transactions by linking bank card spending to an app that calculates the carbon footprint generated by purchases, orders, and bookings. It can even go one step further and offer actionable insights and

options to help encourage carbon offsetting and empower individuals to make a difference to the planet through spending. Another example could be providing a digitally delivered emergency card in case of loss without making carbon-intense courier shipments to, e.g. vacation destinations in case of card losses.

A rich landscape of digital options

As the evolution of payment methods brings a rich landscape of digital and physical options, phygital banking strategies are essential to meet consumers’ varied needs and preferences. Emerging technologies like AI

According to Deloitte figures, one in ten consumers will make a purchasing decision based on the availability of carbon footprint data.

can enable banks to streamline services such as card issuance processes and enhance customer engagement through personalised and interactive experiences. Banks can also align with consumer values by incorporating sustainable practices into their offerings. The future will not be dominated by either physical or digital payments but a nuanced combination of the two.

Joe Burgess Sales manager, financial platforms Giesecke+Devrient (G+D)

Introducing our newest members

Meet the latest additions to The Payments Association, driving innovation and excellence in payments.

Arf is a global transaction services platform that provides short-term, revolving, and stablecoin-based liquidity to financial institutions. Committed to transparency, Arf aims to enhance access to liquidity for cross-border financial institutions across the globe. Headquartered in Switzerland, Arf is a member of the VQF Financial Services Standards Association.

Amadeus makes the experience of travel better for everyone, everywhere, by inspiring innovation, partnerships, and responsibility for people, places, and the planet. As a wholly-owned company, Outpayce from Amadeus is the next step in scaling the Amadeus payments business with fresh investment in talent, and an open API platform and has been granted an e-money license from the Bank of Spain to offer new regulated payment services in Spain, and in the EU in the future.

Outpayce delivers smoother end-to-end travel experiences, making travel payments simple. Our open platform that connects fintech and banking service providers to the entire travel ecosystem allows customers and travellers to easily benefit from new advances in payments.

Outpayce Xchange Payment Platform (XPP) solves the challenges in areas like authentication, acceptance, and foreign exchange (FX) for travel merchants and gives access to partners that resolve areas like chargebacks, fraud management and buy now pay later to offer a smoother overall experience for the traveller.

In the B2B payments space, Outpayce orchestrates payments with a range of virtual cards, currencies and payment methods to optimise cost, acceptance and agility wherever a travel seller needs to pay a supplier. Outpayce delivers an end-to-end experience by continuing to work with all of Amadeus’ teams and embedding its capabilities in all of Amadeus’ applications. The future is travel simply paid.

Bank of America is one of the world’s leading financial institutions, serving individual consumers, small and middle-market businesses and large corporations with a full range of banking, investing, asset management, and other financial and risk management products and services.

The company provides unmatched convenience, serving approximately 69 million US consumer and small business clients with approximately 3,800 retail financial centres, approximately 15,000 ATMs, and award-winning digital banking with approximately 57 million verified digital users.

Bank of America is a global leader in wealth management, corporate and investment banking and trading across various asset classes, serving corporations, governments, institutions, and individuals worldwide. Bank of America offers industry-leading support to approximately 4 million small business households through a suite of innovative, easy-to-use online products and services. The company serves clients through operations across the US, its territories and more than 35 countries, including the UK. Bank of America Corporation (BAC) stock is listed on the New York Stock Exchange.

Coding cash: Unveiling the new frontier of programmable money

Riccardo Tordera Ricchi, head of policy and government relations, The Payments Association, explores the transformative potential of programmable money and smart contracts.

The payments landscape is poised for a significant transformation with the rise of programmable money and smart contracts explored in The Payments Association’s (TPA) latest white paper, Coding Cash: Exploring the Horizon of Programmable Money and Payments. This publication serves as a pivotal resource for the payments industry, aiming to clarify the distinctions between programmable money and payments, showcasing how these technologies can revolutionise financial transactions.

TPA’s efforts over the past few years have significantly advanced understanding within the industry, beginning with the introduction of central bank digital currency (CBDC) concepts to policymakers. This initiative, starting with Project New Era, has produced a green paper and involved various

seminars and education sessions in the UK Parliament for MPs and Peers. It has been conducted in close collaboration with the Crypto and Digital Currencies APPG, chaired by Dr Lisa Cameron MP.

The strategic launch of TPA’s latest white paper in the UK Parliament was designed to ensure policymakers fully grasp the implications of programmable money. This is vital as the differences between programmable money and programmable payments are still not widely understood.

The white paper refrains from discussing the more controversial uses of programmable CBDCs to maintain a neutral and focused dialogue on the benefits and cautious approach required in their implementation.

Nevertheless, the flexibility of programmable payments can be

harnessed for beneficial purposes, including automated tax calculations, streamlined welfare payments, enhanced compliance monitoring, and more efficient settlement processes for trades and transactions, all without compromising individual liberties.

Findings from TPA stress the importance of clearly distinguishing these technologies and their applications to prevent misconceptions and potential misuse. As we navigate this complex landscape, aligning our strategies with future compliance and policy developments becomes increasingly crucial.

Looking forward, the move towards a fully programmable financial ecosystem presents both challenges and opportunities. It is essential to proceed with a balanced approach, leveraging the benefits of these technologies while protecting against potential abuses.

The insights provided in Coding Cash mark the beginning of what promises to be a transformative journey in digital finance. As the potential of programmable money unfolds, it’s clear that the conversation about digital finance extends beyond technological innovation to shaping a future that aligns with democratic values and enhances financial inclusion. The ongoing work ensures that our financial infrastructure is robust, inclusive, and adaptable, ready to embrace the future of money in an increasingly digital global economy.

Become a member of The Payments Association

“The Payments Association brings together a broad range of industry participants to identify and address prevailing risks and issues. It plays a leading role in looking around corners for the sector and provides an important forum for interaction with regulators.”