Payments Review - Spring 2023

Lightening fast payments with Bitcoin

How businesses can accept traditional and digital currencies

Data sharing

Is the law sufficient?

Embracing equity

Fixing the gender diversity problem in fintech

Become a member of The Payments Association

Scan

“The Payments Association brings together a broad range of industry participants to identify and address prevailing risks and issues. It plays a leading role in looking around corners for the sector and provides an important forum for interaction with regulators.”

FROM THE COVER

P20 Bitcoin Lightening as a payment rail

Word

Welcome to the second edition of Payments Review: our quarterly magazine offers you analysis and insight on payments trends from across the industry.

Key themes in this issue include the future of digital currencies and how the sector is adapting its focus on the coming year, the recession, biometrics, the dawn of digital identities and much more.

There is still no economic uncertainty, many are still dealing with the cost of living crisis, financial fraud has not plateaued and the debate over future payment methods continues, but what should you do about it all. Explore this magazine to see what The Payments Association’s members, working groups and interviewees suggest.

Discover a variety of features, which will allow you to tap into expert voices through written articles, podcasts and videos.

I hope you enjoy this edition of Payments Review. If you wish to contribute or share your ideas, please do not hesitate to get in touch.

P5 Firms must change their culture to comply with Consumer Duty rules

P10 Are CBDCs the solution to crossborder payments

P12 Interview: J.P. Morgan’s Dan Baker on the relationship between banks and fintechs

P15 How a recession could reshape the payments industry

P18 Financial columnist Matthew Lynn on how digital IDs could open up market competition

P26 How biometrics could create a seamless customer journey

P28 As regulation evolves, is innovation at risk in the fintech space?

P34 True story: Rowenna Fielding talks about how she nearly got scammed

P37 Policy: Digital currencies could be here in the near future

P39 Regulatory landscape: A look at what to expect in 2023

P42 How Gen Z’s payments habits will shape tomorrow’s industry

P46 Spotlight: Ripple’s Luke Cutajar speaks about his career in payments

P48 CBDC: Threat or opportunity and why government must address the narrative

P50 Webinars and podcasts: Listen to what experts say about the latest trends

P52 How proposed regulation could impact cryptocurrency businesses

The team

Anjana Haines, editorial director

Anjana.haines@thepaymentsassociation.org

Jyoti Rambhai, editor

Jyoti.rambhai@thepaymentsassociation.org

Tony Craddock, founder and director general

Ben Agnew, CEO

Mark Bethell, CFO

Emma Banymandhub, events director

Maria Stavrou, operations director

Tom McCormick, sales director

Tom Brewin, head of projects

Riccardo Tordera, head of policy

Sophie Bossier, head of membership engagement

Julia Hearn, head of marketing

Gavin Alexander, content marketer

Jay Bennett, projects assistant

Editorial board

Anant Patel, president of international markets, ConnexPay

David Monty, co-founder, Tell Money

Joe Hurley, chief commercial officer, Crown Agents Bank, Kai Zhang, special counsel, K&L Gates

Khalid Talukder, co-founder and CEO, DKK Partners

Kit Yarker, director of product and propositions, EML Payments

Miranda McLean, chief communications and sustainability officer, Banking Circle

Sarah Jordan, director, Deloitte

Payments is evolving sector

engagements and communications from the FCA, the Central Bank of Ireland and the New York State Department of Financial Services Consent Order to Coinbase. Key risks include:

• Compliance programmes that fail to match the growth of the company;

The impact on a business and its operations can be far reaching, from the ability to serve clients well, to internal frustrations and regulatory breaches; not to mention the broader impact on the economy and society, particularly vulnerable groups who are often the ones worst affected through associated crimes, such as human trafficking.

My experiences in industry, and now supporting payments clients within Deloitte’s anti-financial crime team, inspired me to join The Payments Association’s Market Intelligence Board as the content lead and coordinator for Project Financial Crime. Throughout the year we will shine a spotlight on the key challenges firms are experiencing and the steps they can take to navigate those challenges.

With increasing digitisation in many aspects of our lives, the payments sector continues to see exponential growth, bringing fresh competition and innovation to the industry, for example, by offering weekend settlement through crypto.

This evolution in the sector has resulted in an increasing focus from regulators around the globe on payment firms and anti-financial crime features at the top of the regulators strategic priority list, given the risk of exploitation by criminal networks.

We see several key risks, challenges and priorities emerging from our client

• Failure to either complete anti-money laundering risk assessments at all, or to provide a sufficiently comprehensive assessment; and

• Inadequate oversight of third parties (both intra-group and external parties to the firm).

With innovation and growth these risks become more prevalent. It is easy for firms to become overwhelmed with compliance related activities, which do not fundamentally reduce the financial crime risk they are exposed to, leading to potential backlogs in alert monitoring, delays to client payments and, in some cases, suspicious activity reporting.

There are several steps payment firms can take to prevent and remediate these challenging risks.

First off, a business-wide and customer risk assessment is foundational to developing an informed and scalable antifinancial crime programme.

This should be supported by the right infrastructure for the firm and its growth ambitions, defined within the firm’s (target) operating model.

Lastly, there is enormous value in quality control and quality assurance to ensure the programme is operating effectively.

It’s exciting to be part of such a dynamic industry and knowledge sharing forums such as this because it can only help us to make sure the future of payments is one where it is harder for criminals to find and exploit weaknesses in the payments ecosystem.

Tackling financial crime is an area that is close to my heart, having seen first-hand the impact that poor risk identification and management through the control environment can have.

Firms must change their culture and behaviour to comply with Consumer Duty rules

The UK’s financial watchdog has warned that e-money firms must undertake a “significant shift in culture and behaviour” if it is to comply with the new Consumer Duty rules, due to come into force in July.

The Financial Conduct Authority’s (FCA) Matthew Long, director of digital payment and digital assets, wrote a letter to the chief executives of payment institutions and e-money companies last month (February), criticising them for “poor” financial crime and fraud controls.

In the letter, seen by Payments Review, Long states: “For many firms, meeting the [Consumer] Duty will require a significant shift in culture and behaviour.”

“We recognise that the implementation of the Duty comes at a challenging time. However, we believe that embedding the Duty effectively will help payments firms continue to build trust amongst customers,” he adds.

He raises concerns about the con-

tinued “poor financial crime controls” in some firms and urges them to consider the impact of freezing individual customer accounts, which is usually when a financial crime is suspected.

“That is a reasonable principle,” Long writes. “But in practice, some firms freeze a disproportionate number of accounts, for too long, and without adequate explanation.”

Long emphasises the FCA’s expectations on business to make the new rules a “top priority” and has sent similar letters to chief executives of companies across all sectors.

The letter comes just one month since the watchdog warned that some businesses are falling behind and failing to allocate adequate technology resources to prepare for the new regulation.

Many organisations in the sector have allegedly complained about the administrative burden of preparing for the Consumer Duty rules.

As a result, Andrew Griffith, City of London minister, is claiming that this

could damage the sector and trigger a serious of lawsuits.

According to the Financial Times, Griffith is concerned the changes will “impose regulatory burdens on the financial services industry at the time the Treasury is trying to relax some of the City rules as part of a ‘Brexit opportunity’”.

Alison Donnelly, director at FSCom, also stresses that businesses are feeling the burden of becoming compliant.

“Some firms may have to do a material amount of work to be ready and to be able to evidence and what they’ve done. But I think there are some who might have missed how much there is to do,” she tells Payments Review.

For those firms at risk of falling behind, Donnelly advises they need to have a “high-level cultural understanding” of the rules and make it a priority.

“The key thing here is the significant uptake on the expectations for the payments sector, because it hasn’t had a bill like this before,” she adds.

Interviews

The must-watch interview series hosted

Tony Craddock, Director General at The Payments Association, features VIP guests from the world of payments. Insights interviews are a unique opportunity for you to hear first-hand from some of the most influential figures in the industry about their experiences, challenges and what drives them. Whether you’re a payments professional, a student or just curious about the industry, these interviews will give you a glimpse into the world of payments and what the future holds.

Join us for a front-row seat to the conversations that matter in the world of payments.

If you want to contribute to our policy work or learn more, please email

Big data sharing: Navigating the regulation minefield

Should payment firms be limited in how they reuse data or are the laws based on GDPR sufficient?

There are a multitude of benefits for payment firms that can successfully leverage big data analytics and open banking tools. Insights into transaction patterns, understanding customer needs and combating money laundering are just some of the advantages of big data payments sharing.

However, obtaining these benefits require payments firms to effectively navigate a minefield of regulatory obligations, not just within their home country, but also internationally when undertaking cross-border data transfers. “There are various benefits to banks in sharing payments data, from the ability to offer their clients more sophisticated products and services; to the cross and upsell of products enabled by better understanding of customer behaviours, habits and preferences,” says Amit Mallick, open finance ►

lead at Accenture.

“For consumers, they stand to benefit from personalised offerings, loyalty programmes, discounts and intuitive and interactive solutions for payments and budgeting,” adds Mallick. “For SMEs, the sharing of payments data can facilitate insight-led products and services.”

Currently, the majority of information that is flowing though the payments ecosystem still constitutes personal data. While not always obvious, as it could be information linked to a transaction ID or a card number without a name attached, there is still always an individual behind any transaction data.

“What we have seen coming up quite a lot in discussions between merchants and particularly payment service providers, is the concept of purpose limitation,” says Simon Elliott, head of data privacy and cybersecurity practice for the UK, Ireland and Middle East at Dentons.

“What this means is the rights or permissions for payment service providers to reuse data for their own purposes.”

For example, merchants can pull together large datasets from across their bases and supplement this with data from third parties to examine patterns of fraud or to look into developing new products or services based on trends.

Debates are currently ongoing as to what ‘limits’ should be placed on payment firms reusing data, with the issue of consent at the forefront.

“There are obviously issues surrounding consent and the ability to use and access data. This is where there’s is an important interplay between the revised Payment Services Directive and data privacy laws such as GDPR,” adds Elliott Implicit vs explicit consent

The European Commission’s revised Payment Services Directive (PSD2) was issued in March 2018. It aims to further level the playing field for payment service providers by including new players and enhancing protection for European consumers. It often intersects with the EU’s General Data Protection Regulation (GDPR) of which the UK’s own version is replicated from.

Within PSD2 there are certain obligations where payment services providers must obtain what is referred to as ‘implicit consent’ to gain data access. Implicit consent is when a consumer takes an action when they are inherently consenting to the use of their data. An example of this is when a customer makes an online purchase on Amazon, it can be argued that they are giving implicit consent to their address being used for the purchase delivery. In contrast, ‘explicit’ consent

“Merchants can pull together large datasets and supplement this with data from third parties to examine patterns of fraud or develop new products or services.”

takes it a step further where a consumer may grant consent for data access only after they are given an explanation of what data is being accessed, what it will be used for and who it is being shared with. “Within the GDPR context that tends to be more limited to special categories of data such as medical information, biometric information, sexual preferences, political views, etc,” says Elliott.

“This type of explicit consent is needed to access payments data or client information under PSD2, whereas under GDPR, financial information isn’t recognised as being sensitive, so there’s always been this gap,” he explains. “However, that is where PSD2 comes in and grants additional protections.”

The European Banking Federation has expressed concerns regarding the potential for ‘asymmetries’ between the Data Act and other frameworks, such as PSD2. “These kinds of conflicts could lead to complexities or disputes in compliance and enforcement,” says Debbie Evans, managing director at FTI Consulting’s information governance, privacy and security practice.

The European Data Protection Board has also issued guidance for the intersection between PSD2 and GDPR, specifically that “controllers acting in the field covered by the PSD2 must always ensure compliance with the requirements of the GDPR”.

“The key takeaway in all of this is that the requirements are complex, and uncertainty remains,” says Evans. “Organisations engaging in data sharing activities will need to proceed with caution and strong data protection controls to uphold defensible practices under GDPR and potential impending laws or revisions to existing legislation.”

Cross-border data sharing

Transferring payments data between the EU and the UK is relatively simple as the UK is viewed as “adequate” by the European Commission. This means that the UK is seen to provide the same level of data protection as its European neighbours, which allows personal data to flow freely between it and the bloc. However, transferring data internationally becomes a headache for payment firms when national regulators believe that there are differing levels of data protection between the origin and destination country.

“In this era of digital commerce, political and regulatory divergence poses real risks to the socio-economic benefits and opportunities of data use,” says a spokesperson at Visa.

“Attempting to fully harmonise privacy and consumer protection laws at the

global level is likely to be a lengthy and perhaps impossible endeavour,” they add. “For international or cross-border harmonisation, trade agreements can be a powerful way of creating interoperability.”

Aside from trade agreements which payment firms have little control over, there are legal solutions that can be implemented to ease international data transfers. Heavyweight countries such as the US and China are not viewed as adequate by the EU, so firms often use standard contractual clauses (SCCs) to circumnavigate data inadequacy.

“The UK also has alternative tools known as an international data transfer agreement (IDTA) or UK Addendum,” says Phil James, partner at Eversheds Sutherland’s global data privacy and cybersecurity practice. “The IDTA is something you can use instead of a UK Addendum, which works alongside the EU SCCs and its stands alone without reference to the standard contractual clauses.

“There was previously a type of entente or treaty between Europe, UK and the US which is intended to avoid the need for having the standard contractual clause in place. But it was voided as a result of the US’ Schrems II decision.

“Also, dependent on the territory in which you’re transferring personal data to and from, you may also need to do things like carry out an accompanying transfer impact assessment, especially in addition to SCCs.”

With the multitude of compliance issues payment firms face when transferring sensitive financial personal data between borders, James advises companies to view it first and foremost as a fact-finding exercise.

“You need to know what data is being transferred and the originating and destination countries. Will there be external parties or subcontractors involved? There’s quite a lot of fact finding involved,

but once you get a handle on that, you can then develop a proportionate and risk-based compliance solution.

“It can be helpful to develop a suite of contracts or some template agreements, which make it a lot easier to contract efficiency rather than trying to develop a bespoke contract all the time,” he advises. “But it does depend on the bargaining strength of your counterparty.”

Reaping the benefits of big data

With all the regulatory burdens and complications that come with big data sharing, why are payment firms set on open finance?

“Sharing payments data can help detect and prevent fraud, financial crime and money laundering,” says Luke Pearce, chief data officer, data and analytics centre of excellence at Santander UK. “It also has the potential to make it easier for people to manage their money through innovations such as open banking.”

If payment firms can avoid the regulatory pitfalls, cross-border data sharing can bring benefits to all stakeholders along the payments value chain. “Data is integral to commerce today. When data sharing is managed with privacy and data protection controls built in, it can drive significant value, by introducing commercial efficiencies and accelerating the speed of transaction,” says Evans.

Abhimanyu Julaniya, senior director at management consultant firm Simon-Kucher agrees with Evans on the benefits of open finance. “Some of our clients have also been able to smartly use first party data on their digital channels to offer a more relevant and targeted offering to their customers.”

However, businesses must stay on top of the everchanging regulatory landscape. In the EU alone, there are several regulatory frameworks underway. Most notably, the proposed data act drafted by the European Commission in February 2022, aims to plug the gaps in current data regulation.

“The UK government is also grappling with the extent to how closely it tracks EU law or whether it wants to try and do something a bit more innovative,” says James. “The extent of innovation needs to bear in mind the risk of whether the EU deems the UK inadequate for the purposes of ex-EU-UK transfers when it comes up for renewal in three years or so time”.

While it may take skilled regulatory navigation and resources to keep up with regulatory trends, the benefits open data can bring to payment firms are likely to payoff tenfold in years to come if data can be leveraged correctly.

“Organisations engaging in data sharing activities will need to proceed with caution.”

Are CBDCs the solution for cross-border payments?

Phil Mochan from Nomos Digital examines how cross-border payments are closely intertwined with cross-border liquidity and the challenges this poses for implementing CBDCs.

With over 100 central banks exploring the use of central bank digital currencies (CBDCs), there is considerable hope that this new form of money will resolve the issues of cross-border payments.

With the US dollar used in 42% of all

cross-border payments, and the euro in 38%, it is clear that a digital version of these currencies are essential to making CBDCs meaningful in this space.

While the design of any potential digital dollar or pound are very much undecided, the vision for the digital

euro, planned for 2026, is for a retail-only CBDC with a maximum balance of €3,000 and the account-user intended to be anonymous, just like when using physical cash.

However, details on how this might be implemented still needs to be worked

out, such as:

• The on-boarding of merchants; The provisioning of merchant accounts;

• The payment mechanism;

• The payment scheme rules;

• The merchant rulebook;

• Consumer rights;

• The interface to domestic payment systems; and Dealing with non-domestic participants (or policing their exclusion).

If we optimistically assume that the major currencies will roll out digital versions by 2030, we might examine their impact on cross-border payments (XBPs), although we can note that these initial versions are all retail being only 4% of the XBP market.

According to McKinsey, liquidity makes up 55-60% of the costs of XBPs because of the following:

• Fragmentation of capital across hundreds of thousands of Nostros accounts;

• Lack of competition in foreign exchange (FX) due to the fixed bilateral nature of correspondent banking networks; and

• The cost of managing settlement risks in commercial bank money.

Although CBDCs do resolve the settlement issue, it also increases the level of fragmentation. The FX liquidity issue will need a new competitive market infrastructure or somehow be interfaced into the existing fragmented and rather uncompetitive FX marketplace using correspondents. It will be interesting to see how this might be regulated and implemented given the entrenched interests of both national regulators and correspondent banks.

Connected with liquidity is the issue of bilateral settlement. The results of the current pilots suggest that bilateral settlement has operational, regulatory and legal challenges. From the CBDC teams trialling bilateral (or trilateral) settlement models the experience suggests that a multilateral settlement solution is required (which doesn’t exist).

The Bank for International Settlements (BIS) published a paper in January 2020 setting out the theoretical models for such a system – so we could see implementation in the early 2030s if there is agreement on who does it. Currently about 50% of XBPs are delivered within one hour, according to Swift. Speeding things up is driven by factors such as the opening hours of central bank real-time gross settlement (RTGS) systems.

Presumably CBDCs that are run by central banks will use the same opera-

tions teams as for the RTGS. If there is a shift in operations though to 24/7, 365 days a year, this will inevitably require change to the oversight model which works on the end of day reporting principle rather than continuous reporting.

Anti-money laundering and sanctions screening, constituting 20-25% of costs, is mandatory for all XBPs, but not for domestic payments. Given that CBDCs are created for domestic use (and the European Central Bank is even proposing anonymity for account holders) it is obvious that the data architectures are quite incompatible.

The Amplus paper from a team at Deutsche Bundesbank (DBB) sets out a potential solution, but it is likely to take at least a decade to be meaningfully implemented.

It is self-evident that the slow pace and limited scope of CBDC deployments in the major currencies, combined with the current absence of supporting global financial market infrastructures and the potential conflict with entrenched regulatory and correspondent bank interests, is likely to severely reduce the impact of CBDCs in resolving the issues of cross-border payments for at least a decade. Even when implemented, it will only partially resolve the challenges around liquidity.

A resolution of XBP issues is likely to happen much faster than the timescales foreseen for CBDCs. Stablecoins will compete with CBDCs, but the challenges for such digital private money, despite their early market entry, will remain similar to it – to make a meaningful impact it will require both adoption and new infrastructure.

True transformation of XBPs will likely come from using existing technology platforms with new workflows to minimise the transition costs and increase the adoption rate by banks. Solutions which conflict with the interests of the correspondent banks are highly unlikely to gain much traction.

The establishment of a cross-market liquidity platform with wholesale transaction capability that enhances the profitability of the incumbent correspondent banks is a more likely first step, and we might see the first live services from about 2024.

The future of cross-border payments and cross-border liquidity are closely intertwined so we should look to new private financial market infrastructures entering the market in the coming years that resolve these issues.

By the mid-2030s we might expect to see the emergence of a global ‘internet for banks’ that supports all forms of money including existing electronic money, the dominant private stablecoins and all forms of CBDCs.

Aside from improving XBPs, this will undoubtedly transform the nature of bank liquidity from the ‘internal, followthe-sun’ model to that of an ‘external 24/7 market’ model.

For the large banks this will be their opportunity to grow significantly in size (by more than 10 times potentially), adjusting their models to being macro-credit allocators, and thereby eliminating all but the most differentiated and focused niche banks.

In conclusion, CBDCs are too immature to have an impact on cross border payments for the foreseeable future.

Improvements in XBP’s and liquidity will arise from new financial market infrastructures that leverage existing technology and relationships. As in other sectors, digitalisation will lead to global supremacy of the few.

42% US dollar used in all cross-border payments

Changing the relationship between banks and fintechs with Dan Baker

Self-proclaimed payments geek, Dan Baker, head of payment rails product at J.P. Morgan, speaks to The Payments Association’s Kate McKenzie about evolving payments landscape

What trends are you seeing in the changing relationship between banks, fintechs and regtechs?

Collaboration and partnerships between banks and fintechs have never been as strong. Partnerships are the key to unlocking new business models and growth opportunities in the payments industry.

A bank’s value proposition lies within its ability to send reliable, scalable, safe payments and we already have a broad reach allowing us to service a wide range of customers and clients.

In comparison, fintechs offer agile and targeted solutions, which can offer unique value to niche audiences. When banks and fintechs work together, they create innovative solutions with global potential.

For example, J.P. Morgan has partnered up with Findroids, a Scandinavian fintech. Findroids transforms the user experience for treasury teams including building API connectivity between banks and ERP systems. Launching a proposition of this nature would have been challenging without the expertise of the Findroids team.

How would you like to see banks and fintechs work better together?

Banks and fintechs are working together well, but there is always room for improvement and we can learn from each other.

Fintechs have embraced agile very well because the operating model is technology, thus product and operations working together to solve client problems.

Banks often work in specific lines of business, with product sending requirements to tech versus getting tech directly connected to clients. This is something we are evolving on at J.P. Morgan and I think as an industry we can learn more from fintechs’ operating models.

Right now, we hear a lot about new opportunities related to payment ecosystems, platforms, marketplaces, apps and super apps. Treasurers are utilising APIs, AI, and other new technology to effectively and efficiently navigate increasingly complex payment flows associated with those opportunities. Especially as businesses are evolving to direct consumer offerings.

For treasurers, we are seeing the pendulum move from partnering with banks to partnering with a bank that has a network of fintechs. Given the various customer buying journeys which can take place this can become very complex.

Therefore, having a centralised approach via a banking partner helps treasury focus on connecting across lines of business on payments decisions; while also collaborating externally to know where to embed their offerings, which marketplaces to focus on, which platforms to engage with and much more.

By partnering together, banks and fintechs can offer global perspectives and tailored solutions that can help treasurers better understand audience perspectives.

Where are the opportunities for monetising open banking APIs?

With the rise of open banking, embedded banking, marketplac- ►

“By partnering together, banks and fintechs can offer tailored solutions.”

es and as a service model, there has been a greater emphasis on competitors forming partnerships, whether that is through data sharing or collaboration. Therefore, these are the monetising trends we’re likely to see:

• Open data will be the new normal as these capabilities will be deeply embedded into day-to-day customer journeys;

• Data will no longer be just about APIs. APIs and data management will be synonymous and integration with machine learning, artificial intelligence and linkages to the Internet of Things will create differentiation and adoption; and

• Marketplaces will take centre stage and will be built around trust. Businesses will look to leverage marketplace solutions that onboard merchants quickly, offer buyers multiple ways to pay, and offer real-time fraud and transaction monitoring.

What is J.P. Morgan’s stance?

J.P. Morgan’s open banking strategy [powered by APIs] is to promote innovation and competition in the payments ecosystem by identifying new solutions and delivering value-added services to our customers, with a relentless drive towards improved, seamless user experiences.

Our key focus is on connectivity, cybersecurity and endto-end support and we welcome the continued regulatory and industry momentum to evolve the open banking framework to one that fosters open finance opportunities.

2023 recession is set to look different

With decreased payment volumes and increased risks of market consolidation, The Payments Association examines how a recession could reshape the industry.

The British Chambers of Commerce predicts that the UK’s GDP will fall by 1.3% in 2023 with a recession lasting until 2024.

In a typical recession, payment providers expect lower volumes leading to less profitability as customers scramble to save more. However, there is a debate among industry experts on how much a recession would really affect

customer behaviour. “We are not expecting the recession in itself to have a major impact on consumer payment behaviour or the payments industry,” says Jon Causier, partner at global consultancy Simon-Kucher & Partners.

“The only time in the last 10 years there has been a decline in payments volume and value was during the pandemic lockdown,” he adds.

“Relatively small swings in economic growth are less important than the strong underlying behavioural trends as consumers move away from cash to digital means of payments,” explains Otto Benz, director of payments at Nationwide Building Society. He also notes the stickiness of customer behaviour in the current inflationary environment.

Nationwide conducts a spending survey each month examining the spending patterns of its members on debit cards, credit cards and direct debit on non-essentials such as holidays, clothes and eating and drinking out; and on essentials such as utilities, fuel and supermarkets.

“We have been tracking spending habits for the last few months and seen that certain items in what you might call luxuries or non-essentials are holding up,” says Benz. “It is interesting that some spending patterns indicate that people still want to have some luxuries in life.”

Benz went on to add that while the increased cost of living hasn’t stopped the acceleration of cashless payments, the usage of physical cash “has not continued to drop through the floor”. He says: “We are seeing a bit more usage, because people find it easier to budget on physical cash.”

Real impact of recession hard to predict

While payment volumes may not fluctuate as dramatically as initially expected, experts predict that customers will be more cautious in their spending habits leading to less spontaneous payments.

“Typically, payments processing firms charge based on volumes, not values, and it is not clear whether payment volumes will decrease,” says a spokesperson at the Payments Systems Regulator (PSR).

“Where households have less disposable cash and where prices for essential items increase, we could see spontaneous payments decreasing. This would likely impact credit and debit cards that have the majority share of those types of payments,” adds the PSR’s spokesperson.

Consensus among most industry experts is that a 2023 recession will not see pandemic-like plummeting payments volumes; however, this prediction is based on patterns over recent months. The real impact on consumers and industry is hard to predict and will likely be felt only in 2024 or even 2025.

“Have we seen any big impact in terms of reduced consumer spending as a result of increased interest rates over the past couple of months?” asks Callum Godwin, chief economist at CMSPI, a payments optimisation consultancy. “Personally, I’ve not seen that. But one thing

we do know is that there’s generally a lag of as much as even 12 or 18 months on that when interest rates go up.”

He adds: “The effect on consumer spending in the numbers that you analyse doesn’t happen overnight. It takes a while so the extent to which it’s affecting payment volumes, we don’t quite know yet.

“If interest rates do hit customer spending, this could lead to a fall in average transaction values, meaning merchants paying per-item fees for payments acceptance may see their relative costs go up.”

Goodwin further explains that if the economy goes the other way and inflation

sure on fintech and paytech valuations and a reduction in the volume of deals during 2022.

He says: “This together with the ongoing headlines in the crypto sector, the second biggest fintech sector for deals, it is clear that investors are looking for strong fintechs and paytechs with revenue growth, reliable customer bases and underlying profitability.

“This mixed environment will create opportunities for consolidation as those in a strong position have the opportunity to take market share.”

Benz from Nationwide agrees with Harmston that a recession could create

takes hold, the percentage-based rates automatically increase, so it may be a lose-lose depending on what current agreements are in place.

Takeovers in tough times

While payment volumes are not expected to decrease, there are increasing pressures on the margins from competition and merchants seeking to reduce costs during a recession. This could lead to an environment ripe for mergers and acquisitions (M&A).

Experts believe that if M&A were to occur, it will be largely due to decreased profitability from wider macroeconomic pressures, rather than “significant decreases in [payment] volumes”, says Peter Harmston, partner and UK head of payments at KPMG UK.

“Any impact in profitability will be through pressures on interchange and payment fees either through the regulator or by the general business community,” adds Harmston. “It could also come through macroeconomic pressure on the fintech or paytech community such as the cost of debt and the rising cost of running a business.”

Harmston further explains that there has already been both downward pres-

an environment for takeovers. He says: “We will find that some of these organisations will have cashflow issues, and the ones that are good will get taken over because the product is good and the ones that are less good will not survive.

“That’s a typical feature of a recessionary environment. And that is not necessarily a bad thing because I think it means that there’ll be a better focus on payment capabilities that are genuinely helpful.”

Based on current economic predictions, the UK and other major Western economies will likely enter a recession in 2023. Nevertheless, fears of plummeting payment volumes, lower profitability and swathes of firms going under may not materialise. What experts have predicted in changing payment behaviour effecting more what consumers spend on and when, rather than how much is being spent.

Payment volumes are stickier than initially predicted. Rather than a recession causing significant changes in the payment volumes, the industry is likely to see a shift in what goods and services those volumes will be spent on.

These shifts in consumer behaviour will create profitability for some firms and losses for others, creating an environment ripe for mergers and acquisitions.

“With the ongoing headlines in the crypto sector, it is clear that investors are looking for strong fintechs and paytechs.”

Barclays to replace branches with pods

Barclays is looking to open semi-permanent banking pods in local areas where there is the high footfall.

The move comes as the number of customers using its branches declines.

The pods will provide a dedicated, private space in locations such as retail parks and shopping centres for customers.

Barclays plans to launch at least 10 pods in the UK by summer 2023, plus six electric vehicle banking vans will be added to its existing fleet of 10.

Jo Mayer, head of everyday banking at Barclays, said: “Our new banking pods and community pop-ups help us to tailor our in-person support for each location, including support with digital skills.

“In areas where we close a branch, we will maintain our presence in that community offering an alternative faceto-face solution.”

Brits using credit cards to feed families

Almost three in 10 people in the UK are using credit cards to buy groceries and essential food items, according to research by Forbes Advisor.

A quarter of Brits – around 13 million – are relying on credit to fund everyday costs such as commuting; while a fifth are borrowing money to pay their household bills.

The study comes as inflation reaches record levels and food prices rise at the fastest rate in 45 years.

Laura Howard, financial expert at Forbes Advisor, urges people to exhaust all other options before running a balance on an “interest-bearing credit card” such as contacting banks, energy suppliers and mortgage lenders.

Done right, digital IDs can open more markets to competition

Hunting around for your driving licence only to find you haven’t changed your address yet. Snapping a picture of your passport on your phone only to find there is too much glare for it to be accepted. Trying to find a utility bill that you haven’t already chucked away or waiting for the postal strikes to end so that a paper bank statement will finally arrive.

We have all experienced the full nightmare of trying to buy something online only to find it is virtually impossible to prove who we are, at least to the standards demanded. It is enough to make you nostalgic for the dim distant days when you could just walk into an office or bank branch with your passport, sign a form or two and finish everything on the spot.

But hold on. That may finally be about to change. The UK government has just launched a consultation on a standardised form of Digital ID that will massively simplify the process.

It is still in the early stages, and we will have to see what finally emerges. And yet, if that is done in the right way, it could

not just make life much simpler for companies and consumers, valuable though that would be in itself; it could open up lots of markets to fresh competition – and in the medium term that would be great for the economy as well.

No one would question that the internet has simplified our lives in many ways. From shopping, to streaming music and films, to sending money around the world, booking planes and hotels, and swapping messages instantly with everyone we know, it has transformed the economy, and mostly for the better.

It has one big flaw, however. It is wide open to fraud, with online crime running into billions every year. Understandably, most companies need to know who we are before they will do business with us, they need to check that our accounts have not been hacked, and they need to comply with a complex set of money laundering regulations.

What should be a simple transaction, completed with a few clicks of a button, can turn into a frustrating hour spent trying to prove who we are. It is expensive for companies, and annoying for

customers.

The solution is not hard to figure out. A single digital ID that is 100% secure, unique, and which will be accepted everywhere. There are plenty of issues around for which technology should be adopted, of course, and it remains to be seen whether it will be politically acceptable in a country that has no tradition of identity cards, and has always been reluctant to accept them.

Even so, the prize is a big one. A digital ID system could potentially boost growth, in two ways.

First, it lowers costs. It is expensive for companies to have to keep checking our identity, and the more chaotic it is, and the more documents that have to be rejected for not ticking the right boxes, or for being out of date, the more that adds up. If it could be standardised across the country and the economy, then companies could replace all the staff and IT systems devoted to checking who everyone is. The UK’s digital businesses – and almost every company has some form of online presence these days –could save huge amounts of money. That,

in turn, could be recycled into higher profits, or bigger salaries and dividends.

Next, and more importantly, it opens up lots of markets to more competition. Take banking for example. There are lots of challenger banks in the UK, as well as a host of sparky, innovative fintech startups, all of them challenging the traditional ‘Big Four’ high street giants.

Yet, even though they often have a better product, few of them have taken any significant share of the market. The reason? It is just too much hassle to switch an account. If a digital ID made it simpler, the market would be a lot more competitive, and a host of new companies would have the space to establish themselves. The same is true of insur-

ance, of estate agencies, law, or dozens of other products and services that have remained remarkably closed to fresh competition. It might well extend to dayto-day shopping as well. With the right kind of ID, the limits on contactless cards could be dramatically raised, making it easier for small chains to compete with the giants.

One of the enduring challenges for the UK economy had been that in many sectors inefficient, complacent semi monopolies lumber on for decades. While there are plenty of start-ups, very few of them ever manage to achieve the scale necessary to genuinely break through.

The result? Growth is slower, and fewer genuinely high-growth companies ever emerge. True, it will take a lot more than just a digital ID to break that pattern. Even so, it will be a start on finally making many markets more competitive – and even by itself that will give the economy.

“The prize is a big one. A digital ID system could potentially boost growth in two ways.”

Bitcoin Lightning as a payment rail Accept bitcoin without accepting bitcoin

The Bitcoin Lightning Network has broken down many of the barriers to using bitcoin for small payments. Accepting Lightning payments alongside traditional payment channels can offer advantages for merchants, and some businesses in the UK are getting on board.

The Bitcoin network (layer 1) is suited for moving larger sums of money securely, with no intermediaries and across borders – it is not suitable for buying a cup of coffee. The Lightning Network is a second layer technology designed to fix this.

The base layer: unsuitable for micro-payments

Until recently, the use case for crypto asset bitcoin has predominantly been

as a store of value: a ‘digital gold’. In fact, the Bitcoin protocol has several features that make the network completely unsuitable for micro-payments.

Firstly, the block size is limited to only four megabytes of data. A low amount of data helps with the objective of decentralisation, with anyone able to run the Bitcoin protocol on a laptop. However, it means the network cannot be scaled to take on all the world’s transactions.

Fees vary widely over time, depending on the congestion of the network. At the time of printing, the transaction fee is around $1.30 (US) per transaction, but has been far higher in the past and is likely to be so again. Therefore, if using the Bitcoin network to buy a cup of coffee, the transaction fee could easily cost more than the item itself.

The other major constraint is the

►

transaction time – it can take an hour or more for a Bitcoin network transaction to be confirmed.

The Lightning Network in action

The Lightning Network is a secondary layer on top of the Bitcoin network, designed to take on instant payments and remittances. Lightning is capable of processing a million transactions per second (TPS) versus the Bitcoin network’s seven TPS and Visa’s tens of thousands of TPS.

Lightning transactions work both online and with a customer physically coming into a store; the customer simply opens the Lightning-enabled app on their phone and scans the QR code on the merchant’s screen. The transactions settle instantly (within milliseconds to seconds) and are final, unlike Visa or Mastercard transactions that settle days later. The fees are incredibly small: a fraction of a penny compared to fees of around 1.5% to 3.5% for the traditional card payment networks.

“This is a superior payment network that humanity has really longed for,” says Jack Mallers, founder and CEO of Strike. “An ability to move value at the speed of light, digitally.”

Accept bitcoin without accepting bitcoin

With the use of some apps – like CoinCorner in the UK or Strike in the US – merchants can accept Bitcoin Lightning payments without actually taking ownership of any bitcoin.

For a 1% fee, in the case of CoinCorner, merchants can instantly have the bitcoin converted to local currency. They can invoice in sterling (GBP) and receive in sterling.

The merchant then doesn’t need to deal with the accounting and tax consequences – or the volatility – of having bitcoin on their balance sheet; Bitcoin Lightning is being used purely as a payment rail.

How does Lightning work?

The Lightning Network was first proposed in a draft whitepaper by developers Joseph Poon and Thaddeus Dryja in 2015, based on previous discussions of payment channels made by Satoshi Nakamoto – the

anonymous creator of Bitcoin.

In 2016, Poon and Dryja, together with other developers, founded Lightning Labs, a company which is dedicated to developing the Lightning Network. In 2018, Lightning Labs launched a beta version of the network, and some public figures, including Twitter co-founder and former CEO Jack Dorsey, got involved – Dorsey later building use of the network into Twitter.

Lightning works by using payment channels between two parties where only the first and last transaction are recorded on the blockchain. Once a payment channel is established, the participants can transact an unlimited number of times off-chain, much faster and for virtually no cost, using smart contracts that are enforceable on-chain.

When a party wishes to close the channel, a final transaction is recorded on the blockchain with the updated balances of the two parties.

What is the Bitcoin network?

The Bitcoin network (layer 1) is a decentralised, peer-to-peer network of computers (or nodes).

This network of computers runs the software that records all Bitcoin network transactions on a publicly available ledger (the blockchain).

For transactions to be valid, the full network has to agree by verifying a ‘block’ of transactions. Blocks are generated roughly every 10 minutes by an operation called mining.

Miners are computers that compete to solve cryptographic tasks in order to package the transactions into blocks. They receive a pre-determined amount of bitcoin as a reward.

In the case that two participants don’t have a direct channel to each another, payments can still be sent; the Lightning Network leverages both participants’ connections to route the transaction through a web of open channels. The intermediaries can take a fee for routing the transaction.

For example, if John wants to send Mary $10, and John is connected to David, who is connected to Mary, the transaction can be routed through David – and it scales up through an unlimited number of intermediary channels. This all happens in the background in order to make a transaction near-instant.

The Lightning Network is a separate protocol from the Bitcoin network, and a different type of wallet is required for use, including the creation of off-chain payment channels. There are many types of Lightning-compatible wallets for users to choose from.

Doors opening for UK businesses

Danny Scott, CEO and co-founder of CoinCorner, says he knows of between 500 and 1,000 UK businesses using bitcoin and some businesses are already accepting Bitcoin Lightning payments.

James Dewar and Christopher Gordon are founders of Bridge 2 Bitcoin, an organisation that helps to onboard UK merchants to accept Lightning payments. They say that,

according to their map, around 120 retail businesses in the UK are so far accepting the payment network – and that the majority of these have come online just in the past few months.

“Businesses come to us to accept bitcoin payments,” says Gordon, “The starting point is: ‘Would you like additional revenue?’ This is what we say to business owners. We’re not trying to convert them into bitcoiners. We say: ‘We can open your business up to a new customer base, a base you’re not touching at the moment’.

“Who are those customers? As we know, they are bitcoiners. Bitcoiners are extremely loyal customers,” he adds.

“Bitcoiners will go out of their way to use a bitcoin-accepting business. They will travel a ridiculous distance to get to a coffee shop or a pub just to buy a pint and a sandwich – they will travel across county borders – so the catchment area is much larger for bitcoin customers.”

Not only that, but they tend to post pictures on social media of their bitcoin transaction at the premises, giving some free publicity.

Dewar and Gordon report that merchants typically start out by receiving bitcoin payments in sterling. Once they have reached this stage, however, apparently some businesses have seen such potential in the use of the network that they have opted to keep the bitcoin rather than exchanging it for local currency.

CoinCorner

Founded in 2014, CoinCorner is a bitcoin exchange based in the Isle of Man. It currently offers the only UK service that lets retailers receive local currency instantly for Lightning trans-

►

“This is a superior payment network that humanity has really longed for.”

actions, although more companies are expected to offer the solution in the near future.

The company’s products include an e-commerce app, a point-of-sale app and the Bolt Card, which works as a contactless debit card. CoinCorner charges the merchant a 1% fee for all transactions.

The Bolt Card was designed to support customers who are used to contactless payments, but for whom scanning a QR code might be unfamiliar. The card uses near-field communications (NFC) technology to connect to a wallet on the customer’s smartphone.

When tapped on the merchant’s contactless terminal, it initiates a Lightning transaction from the customer’s wallet to the merchant’s. The Bolt Card is also available to be used with other customer Lightning wallets besides CoinCorner’s offering.

Lightning vulnerabilities

By its nature, the Lightning Network is designed to be fast and low cost, at the expense of the level of security that is inherent in the Bitcoin network. It therefore has several security vulner-

Benefits for merchants

Benefits for merchants of accepting Lightning payments alongside traditional payment channels include:

• Lower fees, typically of around 1 Satoshi – the smallest unit of bitcoin, or £0.0002 per transaction for the Lightning Network, or 1% for CoinCorner’s services

• Near-instant final settlement

• No chargebacks

• Generate extra revenue from attracting bitcoiners

abilities, and developers continue to work on fixes.

For example, when nodes in the network are offline, their channels can be left open to transaction scams. Protection services called ‘watchtowers’, made up of various specialised nodes, have been introduced to help protect the network from such malicious activity.

“We don’t want to pretend there are no problems,” says Scott, of CoinCorner. “The best way to fix them are to acknowledge and accept there are problems to fix.”

Scott explains that regulation could be a potential risk for scaling merchant adoption, while the flaws in the Lightning Network itself are often to do with routing and liquidity.

“As transactions are routed through peers, if wallet A can’t find a route to wallet D, or if the necessary liquidity isn’t in the route, the payment can fail,” he says.

However, the success rate is over 99% at the moment, and this is anticipated to rise over time as the size of the network and its liquidity improve.

For these reasons, and due to the relatively small number of people who want to pay with bitcoin, Scott likes to temper the most bullish expectations about the speed of Lightning

merchant adoption. “I do believe it is the future of payments,” he adds, “but it will take a long time.” He suggests it could take the best part of a decade to really catch on.

Cross-border payments

Cross-border payments is an area where Bitcoin Lightning could potentially make strides much faster.

Strike CEO Jack Mallers’ presentation to the IMF, titled ‘Bitcoin: Disrupting Cross-Border Payments’, shows a demonstration of a Lightning transaction being sent over Twitter from the US to El Salvador.

In less than 60 seconds, $10 has been sent from the US to El Salvador – a final settlement that costs almost nothing – and the recipient has bought a drink at Starbucks with the money.

The Lightning Network has a particular advantage in this situation on speed and cost, compared to services like international bank transfers, Western Union and PayPal.

Bitcoin for financial inclusion

In developing countries in particular, many smartphone users are still unbanked – meaning they do not have a bank account. Bitcoin can open up possibilities for these people: all you need is a smartphone and a connection to the internet to use it.

In order to fund a wallet, it’s possible for an unbanked individual to either pay someone in physical cash, or to be paid for work directly in bitcoin.

Next steps for Lightning

Adoption is on the rise, with the Lightning Network’s payment capacity having grown by over 60% from January 2022 to February 2023, according to data from The Block Research. However, usage remains relatively low.

While there are many use cases for the network, the protocol is still young and faces several vulnerabilities and challenges.

As the network scales up, developers will continue to work on solutions to the flaws; time will tell how successful these efforts will be, and how mainstream Bitcoin Lightning will become as a global payment network.

Are you curious about the impact of digital assets on the payments industry?

Download our new report from The Payment’s Association’s Project Digital Currencies team: “Demystifying digital assets: The history, status, and future of programmable digital assets.”

This comprehensive and educational report covers everything you need to know about programmable digital assets. Download it to find:

• An overview of 4 categories of digital assets

• An overview of the regulatory developments in the EU and UK

• Seven interviews with experts on their thoughts on their potential to disrupt

• Seven recommendations for the realisation of digital assets in the payments industry

Scan the QR code to download our report now and stay ahead of the curve in the ever-evolving world of payments.

Digital Assets

Demystified:

The history, status, and future of programmable digital assets

‘Young children are not ashamed of asking how does this work and what is going on? But in our industry, we are rarely that honest, despite not understanding or worse, misunderstanding the whys and what’s of new domains. This report sets out to demystify things for honest grown-ups in the payments industry.’

How biometrics could create a seamless customer journey

With Apple and Google already laying the foundations for biometric acceptance, the driving force behind its adoption now comes from consumer demand for fast, secure and accurate ways to pay.

The implementation of the Strong Customer Authentication (SCA) requirements under PSD2, which needs two-factor authentication for online transactions, has brought biometrics to the forefront.

Payment solutions that use physical characteristics to authorise transactions are growing. Examples include fingerprint scanning with touch ID and facial recognition technology, often used by banks and tech giants. Once used by law enforcement and security, biometrics enables customers to quickly verify their identity to make payments.

The global market for biometric technology expects to reach over $55 billion by 2027, according to Statista. And a 2021 Juniper Research study predicts that facial recognition for payment authentication will be used by more than 1.4 billion people by 2025.

Biometric payment adoption

Apple and Google have laid the groundwork for biometric acceptance by consumers. Their products have primed consumers to use biometrics to unlock

devices, access apps and even make payments.

Consumers around the globe have beta-tested biometric cards, with customer satisfaction rates of up to 95%, according to a 2021 global market survey by Dentsu Data Lab and Idemia. Of those polled, 81% are ready to use their fingerprints to authenticate payment instead of a PIN code. While in the UK, 70% of consumers said they would use a biometric payment card, which uses fingerprint recognition as an alternative to a PIN number (or signature) to authenticate a cardholder during a transaction.

The drive behind the adoption of biometric authentication is consumer demand for fast, secure, and accurate ways of verifying their identities and making payments. Adding biometrics to mobile payments enhances security without adding any friction to the process.

“We know that when it comes to making a payment, consumers value ease of use and security at the point of checkout,” explains Siamac Rezaiezadeh, VP of product marketing and insights at GoCardless.

Recent research from YouGov and GoCardless found that 69% of consumers would abandon a checkout process if it was too complex, and 81% would if the security of their payment appeared lax.

Rezaiezadeh adds: “As a result, businesses have to think carefully about where they fall between making things super easy and making things really secure. Too easy and they risk turning away customers who fear the security of their payment information. Too hard, and their customers won’t bother. It has to be in the Goldilocks zone – secure, but easy.”

The benefits of biometrics for the payments industry

Rezaiezadeh believes biometrics plays an important role because, by adding this ability for “consumers to authorise or authenticate a payment” which is already in place on the “one device they carry with them all the time – their phone – businesses can enter this Goldilocks zone”.

“The consumer gets both security and a high degree of seamlessness, which ultimately benefits the business too,” he adds.

Other benefits include:

• Convenience: it is easier for customers to check out using fingerprint or facial scanning, whereas entering PIN codes and passwords takes time.

• Cost: compared to card transaction fees, biometric payments are low in cost.

• Customer choice: enabling biometric authentication for payments enables businesses to diversify their payment methods.

• Accessibility: biometrics alleviates the stress of remembering complex credentials. For many, including older customers, this is a challenge.

• Unlimited contactless limits: with biometric payment technology, only the card owner can use it. This means there would no longer be a need to limit on contactless payments.

According to analysis by Javelin Strategy & Research and SAS, digital fraud attempts increased by over a third (35%) during the first half of 2020.

Biometric payment methods offer greater security to both customers and banks. Current authentication methods are complex and prone to errors. For example, customers can often mistype or forget their PINs and some may use weak passwords for multiple online

accounts, meaning a password breach could give criminals access to all their accounts.

Leading the way

In February 2022, Swedish challenger bank Rocker launched Rocker Touch. The first in Sweden and one of the first in the world to scale the deployment of biometric cards to consumers. Certified by Visa and Mastercard, the biometric card works with any payment terminal. Users no longer need to enter a PIN code and keep their finger on the card while using the payment terminal.

In November 2022, biometric Visa credit cards became available in Morocco for Société Générale’s business customers. The cards are activated with user verification through a one-time passcode.

IDEX Biometrics ASA is initiating a biometric payment card with a UK issuer and processor of EMV-compliant (Eurocard, Mastercard, and Visa) payment cards. It is expected that these biometric payment cards will be available to consumers in Q1 2023.

Leading the way

Despite the benefits, there are concerns from civil rights groups over the ethics of the technology. Amnesty International and partners including Access Now, Internet Freedom Foundation, and Human Rights Watch have spoken out about the uses of facial recognition and biometric recognition technologies.

Biometric devices like facial recognition systems can limit user privacy. Some worry that biometric data could become a permanent digital tag used to track someone, both with and without their knowledge.

There are other industry challenges too such as, the cost, a significant investment is needed in security; biometric databases can still be hacked; and accuracy, false rejects and false accepts can still occur.

Biometrics – the future of payments?

The focus in 2023 will be on optimising payment options and biometrics will have a big role.

As customers become accustomed to using biometric data, the industry can expect that fingerprints, iris scans, facial recognition, and other methods will become the norm for in-person and online payments.

Customer experience is the new competitive advantage. Those that offer biometric options to customers will stand out as innovators and enjoy reduced costs and enhanced security.

“Businesses have to think carefully about where they fall between making things super easy and really secure.”

Developing regulation poses problems for smaller payments players

As the regulatory landscape continues to evolve, is innovation at risk in the fintech space?

The economic environment has put a strain on many businesses, but for smaller market participants, some of these challenges are being compounded by what seems to be an ever-deepening regulatory landscape.

The Financial Conduct Authority (FCA) is broadly expected by market

participants to expand the regulatory environment for payments firms, leading to questions over how effective such regulation is.

“For me the question is: is the current regulatory framework fit for purpose?” asks Konstantinos Adamos, senior legal counsel at Revolut. “Does it help foster innovation? Are the rules proportionate ►

and agile to foster new technologies?

I’m inclined to say yes – although clearly there are pain points.

“The EU and the UK have a progressive set of rules for payments. Take open banking as an example, this is something we have had for several years in Europe, but in the US, this is only just starting.”

Other market participants pointed to the difficulties for regulators in tackling a space that is constantly changing due to the rate of innovation, such as open banking.

“Payments are subject to a variety of risks, including operational, liquidity, reputational, business and fraud,” explains Tara Rice, head of secretariat of the BIS Committee on Payments and Market Infrastructures (CPMI), which helps influence the agenda for payments policymakers around the world.

“Innovation may introduce new dimensions to these risks and new challenges in terms of detecting, managing and mitigating them. At the same time, it can offer end users more choices for making payments – and more efficiently.”

Open banking headaches

Perhaps the area of regulation posing most problems for innovation is open banking. Open banking came into the UK’s regulation through the EU’s PSD2 and was transposed into law pre-Brexit. However, this regulation is now set to be reviewed.

“The government needs to ensure open banking is set up for success,” says Luke Kosky, fintech policy lead at the Coalition for a Digital Economy (Coadec). “Right now, we are at a bit of a crossroads where the regulatory regime is going to be transitioning into a new chapter.”

Another key element of the open banking regime set to be reviewed is the competition angle. While these changes will set the market on a “long term sustainable footing”, according to Mercer, the uncertainty in the regulatory regime could be difficult for firms to manage.

The use of open banking is only going to become more important as merchants move away from card-based payments due to the high levels of fees that come with it for retailers.

Tier-based approach

Payments are regulated in a very similar way to banks, with compliance teams

“Innovation may introduction new dimension to risks and new challenges.”

working on prudential requirements, Know Your Customer (KYC) and more. However, these requirements are tiered in payments, such that firms with larger risks have to disclose and comply with more detailed regulation, whereas smaller players that carry smaller risk don’t.

For Bradley Rice, partner at Ashurst, this difference is key to a healthy regula-

tory landscape.

“Payments and e-money firms come in many different guises and are of many different sizes,” he says. “Trying to regulate them all in the same way that you would a bank is not necessarily the right way to regulate the industry.

“That said, there are some payment firms, particularly those with e-mon-

ey licences, that can do pretty much everything a bank can, but isn’t regulated like a bank.”

An example of this would be in prudential requirements where e-money firms do not have to hold nearly so much capital as banks.

However, for Rice, as the payments ecosystem continues to develop and the regulatory landscape does with it, the gap between the larger players with the heavier regulatory burdens and the smaller players with the lighter touch compliance could grow to such an extent that more tiers in the middle should be added to this approach.

“The gap at the moment is such that the fully regulated tier has become so big and diverse that they almost need to create another tier within that,” he goes on to add.

For Rice, this could look like a threetiered approach with smaller firms at their current level of regulation, systemically important firms facing the full set of requirements and a tier in the middle for bigger firms, which are not as systemically important.

Crypto concerns

Where regulation could be posing the most problems for fintech innovation may be in crypto, particularly in the face of the UK’s financial promotions regime.

The proposed update to this regulation categorised crypto as a high-risk investment, meaning that any adverts put out by crypto-asset services providers (CASPs) to audiences in the UK would need to be authorised first. The consultation faced high levels of criticism when it was released due to the very low number of organisations that would be allowed to approve firms’ advertising campaigns.

However, according to the consultation report, published at the beginning of February, firms who are already registered with the FCA under the anti-money laundering regime are exempt from this; and therefore do not have to seek third-party approval to run ads.

But, as only 34 CASPs are registered under the UK’s anti-money laundering regime, a large number of companies in the space will still need to find third parties to pre-approve any advertising campaign – whether they’re based in or

outside the UK.

This could be challenging, says Revolut’s Adamos: “Current evidence suggests a lack of suitably authorised firms in the market who would be willing to approve crypto promotions, meaning that overseas providers will find it difficult to market their services in the UK without obtaining an FCA registration.”

Regulators will continue to prepare crypto guardrails in the wake of the FTX collapse at the end of last year. But exactly how they implement this remains to be seen.

As the payments sector continues to innovate and change, the dynamic between the industry and regulators will need to remain balanced to promote an innovative and trustworthy payments landscape.

“We should avoid approaching issues regarding the relationship between regulation and innovation with an ‘either or’ attitude,” says BIS CPMI’s Rice. “They can and should co-exist. Healthy regulation is an essential foundation upon which innovative solutions can be developed and thrive in a sustainable way.”

Let’s fix the gender diversity problem in the fintech sector

The fintech industry is celebrating International Women’s Day in March. This year’s theme is ‘embracing equity’ and Anjulie Patel from Nucleus365, discusses how the sector should address its diversity problem.

According to Findexable, just 2% of fintechs globally are founded by women, while nine out of 10 firms have no women at the top. More widely, a McKinsey study shows that female representation on executive teams only rose from 15% in 2014 to 20% in 2019. This indicates that we are a long way off from achieving the ideal standard.

Fintech, and the whole tech sector, needs to pay closer attention to inclusion – be that gender, ethnicity, or religion – not just diversity. There’s both a moral and a business case to doing so.

I have seen first-hand in the finance and technology industry how making women part of the decision-making process (for example, by putting them in C-suite positions) can positively impact a business from building better customer relationships to inspiring other women, as well as boosting employee engagement.

What’s more, prioritising inclusivity and making it part of your company culture has a huge impact on your product offering. So, what can the fintech sector do to achieve gender parity?

Start at the top

In every business, the culture and standards you set must start from the top. That does not mean every fintech must be founded by a female, but there should at least be female representation on the board or in leadership positions. In doing so, we are encouraging greater diversity of thought and a company’s culture

is created with the needs of all employees in mind.

Nucleus365 was co-founded by a woman – Sophie Flynn, who is also our CFO. Her role has set a precedent in our business and created a working environment where everyone can thrive. In fact, 53% of staff at Nucleus365 and Transact365 (Nucleus365’s parent company) are female; a statistic we are incredibly proud of.

Embrace mentorship

The lack of female representation can make the fintech sector a lonely place for many women and it makes finding a mentor challenging. Most of us will look for a mentor with whom we share similar experiences and challenges. Most women look for other females.

Early in my career, I was lucky enough to have been led by an inspirational leader who mentored me and encouraged me to embrace being a woman in a male-dominated sector. She taught me the skills I needed to navigate the challenges that a lack of female representation brings and gave me the confidence to break down stereotypical gender barriers.

Having access to mentors in the early stages of a woman’s career can be hugely beneficial.

Whether those mentors are employees of the company or brought in from external consultancies or organisations, the fintech industry should encourage mentorships for all of its employees.

Our customers are female

The moral case for improving the gender balance of women in fintech is clear. However, there is also a significant business case. Most of us in the sector are creating products and services used by women. Whether you are a payments company like us providing systems for female-led merchant businesses, or a neobank offering banking solutions to women, understanding the needs of your customer is key in any successful company.

Fintech companies must have diverse leadership teams to create products and services that suit the needs of their diverse customers. Otherwise, we risk alienating significant groups in society from benefiting from the businesses we have spent years building and hindering our own growth.

Final thought

This International Women’s Day will no doubt dominate the fintech news agenda – and rightly so. But let’s continue the conversation beyond March and turn our words into action. There is both a moral and business case to doing so.

“The lack of female representation can make the fintech sector a lonely place for many women and it makes finding a mentor challenging.”

UK Finance reported that in the first half of 2022, criminals stole £609.8 million through authorised and unauthorised fraud and scams; and the advanced security systems used by banks prevented nearly £584 million from being stolen.

Scammers continue to focus activity on socially engineering their victims, usually with the intention of tricking them into authorising a payment to an account within their control (known as authorised push payment (APP) fraud). Tactics including scam phone calls, text messages and emails as well as fake websites and social media posts, which all aim to trick people into handing over personal details and passwords.

Rowenna Fielding is just one of many who has (nearly) fallen victim to these scams. Here she tells her story, detailing the steps the fraudster took.

Rowenna’s story

I’m sharing this in the hope that it might help others, and to assuage my total embarrassment by doing something positive.

Last month, my banking app notified me that a large amount of my money had just been spent on Facebook. Now, I don’t even have an active Facebook account, so I

knew that wasn’t legit.

I reported the transaction as fraudulent to my bank, and received a message from the support team that their fraud investigation people would be in touch.

Two days later, I received a text message from a sender ID that matched my bank’s name, saying someone from their fraud team would contact me about a direct debt. I was already waiting for the fraud team call… so when a call came through from someone who said they were from my bank’s fraud team and wanted to discuss ‘recently reported fraudulent transactions’ – I believed they were kosher.

I confirmed my mobile number, name, date of birth, address and how much was in my account.

Mr Scumbag, which is what I’m calling the chap who called me, then started talking me through the process of ’protecting my account’. What he was actually doing was setting me up for the next stage of his scam.

He said my card had been cancelled (and when I looked in the app, it was – but the real fraud team could have locked it at any point following my disputed transaction report) and that a new one would be sent out.

Mr Scumbag sounded exactly like a professional, rattling off a script they’ve run through ten thousand times before.

Rowenna’s story: How I nearly got scammed

Lots of assurances like “don’t worry, we’ll make sure you’re protected. We take our customer security very seriously”, and “this call is being recorded for training and quality purposes”. He was accurately describing some of the processes involved in investigating and preventing this kind of fraud. This was one Oscar-worthy scammer.

I asked if he could call back the next day as I wasn’t able to start doing bank account admin things right then. He gave me his name and told me it was important I only spoke to him, as he was assigned to this case.

So, the next day, Mr Scumbag called back, but I missed it. The following day, I got another text message from a sender ID that matched my bank’s name, saying that my account was being placed under a higher level of protection.

Then another text with my new bank account details and confirming the “senior manager’s name” as the name Mr Scumbag gave me.

He called again and told me several direct debit setups had been attempted, but that the bank’s fraud detection systems had blocked them and wanted to confirm that they were in fact fraudulent.

“I can see from our fraud monitoring systems that there are two devices logged in to online banking with your creden-

tials,” he said. “One of them is an iOS device – that would be your phone, right? The other a Samsung tablet. Do you know what that device might be?” Since my account had evidently been completely compromised, Mr Scumbag said they’d set me up with a new account, and my new card was on its way – he just needed to activate the new account details – but not to worry, my direct debits and standing orders would all be transferred to the new account.

I had no idea whether or not that’s a) even possible, or b) a thing that banks do, but it would have saved me a ton of excruciatingly dull admin, so I was pleased to hear it. Then he asked me to download the Anydesk app claiming it was “approved for secure account verification” processes like this – it was a remote access tool. That’s the first red flag I recognised in real-time. I said no, and why did he need remote access to my phone? He said that another device was logged into the banking app with my credentials, which meant that my device was compromised so he needed to check it for malware before activating my account. Warning bells began to tinkle faintly at the back of my mind. I was adamant. No remote access.

Not to worry, he said, it was possible to activate the new account details manually, but it would take a lot longer. The ‘account activation’ process involved setting up a new payee.►

I queried the fact that the new account details seemed to be with a different bank. “Oh, that’s a security measure,” he said. “Because there’s another device logged into the banking app –which you say isn’t yours, so this is to disguise the new account details and stop them from being compromised too.” I mean, that sort of made sense to my exhausted brain. I was primed to believe I was talking to a legit representative of my bank, and I really didn’t enjoy the thought of going through all this palaver again if my ‘new’ account info was compromised.

The next step, he said, was to make a transfer to the new account to activate it, and to signal to the fraud systems that it was the right account. It was very important to enter the correct amount, as the fraud systems would only respond to a specific combination of numbers. “Okay,” I said, expecting it to be 76p or something trivial like that. He said: “Right; enter this number in.

9-3-5…” “Er, hang on,” I asked, “you want me to transfer nine hun-

Checklist:

dred-odd quid to this new account?” “Yes,” he said and started telling me all about the ‘fraud systems’ again.

Hell no – and I told him I’d be hanging up and calling the official fraud number because this didn’t sound legit at all. At which point Mr Scumbag hung up and I kicked myself hard for an hour, because in retrospect; there had been several warning signs that I’d just breezed right past without noticing.

He didn’t get any more of my money – but he did end up with my name, address, date of birth, bank account number, sort code, and he may already have had the card details which were fraudulently used on Facebook in the first place. Then ten minutes later, my actual bank got in touch via the app and confirmed that they’d come to the conclusion the Facebook transaction was indeed a fraud that had now been refunded. Lesson learnt: when my bank says someone will be in touch, they mean that I’ll get an in-app message three days later. They will not call me within 24 hours.

• Always check a customer support caller’s bona fides by phoning back to the official support number, even (especially) if you’ve been expecting their call.

• If you are expecting a call off the back of a fraud report you’ve made, ask the caller for the fraud reference number before disclosing anything.

• If what the caller is saying to you about security sounds a bit… weird – then it’s likely to be a scammer’s flimflam because either you’re not understanding the topic, or that company is doing security stupidly

• Caller ID can be spoofed for text messages, meaning that the sender name might not be accurate or legitimate.

This story was published in Unpack the payments landscape with Payments: Unpacked from Mike Chambers. Subscribe at: payments-unpacked. com. A special thanks to Rowenna Fielding for sharing her story. Rowenna writes about data protection, ePrivacy and data ethics – her blog is available at buymeacoffee.com/MissIGGeek.

podcast

A Journey into ESG with Charles Radclyffe, CEO of EthicsGrade & Charlie Bronks, Head of ESG at Crown Agents Bank.

Stay ahead of the game in the payments industry with the latest episodes of the Insights Podcast. Hear Charles and Charlie share their insights into their journey to ESG and Project ESG plans for 2023. Don’t miss out - scan to listen now.

Digital currencies could be in the near future

HM Treasury (HMT) and the Bank of England launched two consultations in February: one on future regulation for cryptoassets, and the second on the possible introduction of a digital pound.

The Treasury has confirmed it will continue to be guided by a set of core design principles that could inform legislation. These include:

1) Same risk, same regulatory outcome;

2) Proportionate and focussed; and

3) Agile and flexible

At The Payments Association, we welcome the Treasury’s approach because through these core design principles, the UK can quickly achieve its ambition of becoming a global hub for cryptoassets technology, especially after being behind the curve in getting regulation in place for this new sector, like the EU did with MiCA. This is crucial if the UK is to remain competitive in this jurisdiction at a global level, and as it had been in the first fintech wave (2008 to 2014).

As Andrew Griffith MP, economic secretary, said during an evidence session to the Treasury Select Committee in January: “Proportionality is a great word when it comes to financial services regulation, because there is a very good understand-

ing of the risk.

“In each case, we should be collectively seeking to find the right balance that is proportional to the risk being taken. We do not like ‘one size fits all’, because that will often not be a suitable response to the risk at the riskiest endeavours.

“Equally, we do not try to eliminate risk from the system by crucifying some of those smaller, more nimble actors that do not pose the same systemic risk.”

As stated in the consultation, HMT is proposing a phased approach for regulating cryptoassets in the UK.

In phase one, the government will look at amending the Financial Services and Markets Bill 2022 (FS&M) in order to allow regulation of fiat-backed stablecoins, which are used for payments, to be introduced. The regime will address issuance and custody activities relating to fiat-backed stablecoins as well as payment-related activities.

In phase two, the government’s intention is to introduce a regime to regulate broader cryptoasset activities, such as the trading of and investment in cryptoassets. Phase two will focus on targeting the activity areas associated with a higher degree of risk from a consumer and overall market perspective as well as ►

Future phases cryptoassets (medium priority)

AMI/CTF regime in place since Jan 2020

Key ► Focus of this consultation paper

► Complete or in place already

► In progress, or not yet started

AMI/CTF regime in place since Jan 2020

Timelines dependent on Financial Services and Markets Bill and outcomes of consultation process; timeless subject to changes and further phases of work as the industry evolves and international standards are developed

greater opportunities to support the UK’s growth agenda.

Jointly with the Bank of England, the Treasury is also consulting on the creation of a digital pound, as “a potential new form of digital money for use by households and businesses for their everyday payments needs”.

The Payments Association is glad that policy makers seem to be listening to our views, which we have been advocating for in various ways from attending the APPG Crypto & Digital Assets to informal conversations with government bodies and regulators. It means we are now moving away from the concerns expressed by the House of Lords Economic Affairs Committee Report (January 2022) that claimed looking at CBDCs was “a solution in search of a problem”.

And that’s because, both the Bank of England and the Treasury are now looking at the having a digital pound as an opportunity to provide a “platform for private sector innovation” that promotes more choice and competition. This, as chancellor Jeremy Hunt and Andrew Bailey, Bank of England governor, wrote in the forward to the consultation, will be a vital step to “positioning the UK to act decisively by introducing a digital pound, shall we decide to do so”.

Issuance

Security tokens and other specified investments

Already regulated1 (e.g. prospectus rules apply to security tokens)

Fiat-backed stablecoins

All other cryptoassets

Payment

Stablecoin Legislation (phase 1)

Cryptoasset legislation (phase 2) (specifically addressing admission of cryptoasset trading venue or a public offer of cryptoassets)

Exchange / trading

Custody

Already regulated1 (e.g. Payment services Regulations apply to E-Money)

Already regulated1 (e.g. MTF/OTF rules apply to security tokens)

Already regulated1 (e.g. CASS rules currently apply to security tokens)

Stablecoin Legislation (phase 1) (+regulated as systemic DSA if meets criteria)2

Not applicable (could theoretically be regulated as systemic DSA if meets criteria)2

Cryptoasset legislation (phase 2)

Stablecoin Legislation (phase 1)

1. Unless specific exceptions / exemptions apply

Cryptoasset legislation (phase 2)

2. Any systemic digital settlement asset payment system or service provider would be subject to regulation by the Bank of England and Payment Services Regulator (PSR) Source; HM Treasury

The Payments Association is inviting all members to give us their views on these two consultations and actively engage with Project Digital Currencies. To get involved, email Riccardo.tordera@thepaymentsassociation.org

The evolving regulatory landscape

The regulatory landscape for payments is evolving, across all areas of the industry.

This is why it’s important that businesses are aware of what’s on the government agenda; what consultations are happening and which they should respond to, the impact this could have on them as well as any regulations are coming into force.

A key one on the agenda for 2023 is the Payment Services and Regulations Review. HM Treasury is calling for evidence and looking into how the UK’s payments regulatory regime should evolve to be better prepared for future innovations and challenges.

This could have a far-reaching impact on the industry; regulated payment service providers, as well as all stakeholders will want to make sure the regime is fit for purpose so that it builds confidence

and allows competitive and innovative solutions to thrive. Most businesses in the industry would agree that there needs to be a balance between the two.

This consultation closes on 7 April.

Another is the consultation on introducing a regulatory regime for cryptoassets. Also run by the Treasury, the consultation sets out proposals for what a future regulatory regime may look like in the next phase of the government’s approach.

Crypto enthusiasts and detractors alike will be actively debating and commenting on these and future proposals as they determine the future for this sector.

Finally, regarding material change on the regulatory horizon, the Consumer Duty rules come into force in July 2023 for products open to sale or renewal and July 2024 for closed products and service.

Regulated financial services firms

should be at an advanced stage of implementation by now, though it appears, from the FCA’s review, that too many are not sufficiently advanced.

The Consumer Duty represents a cultural shift for firms, and we know that cultural shifts take time. It’s vital that the leaders of payment service providers throw sufficient weight behind their firm’s efforts to implement, because the FCA is already asking selected firms for evidence of templates, policies, and reports.

For those starting now, it may not be possible to implement fully by the deadline; the next best thing is to show that the importance of Consumer Duty is now, understand it, tasks should be appropriately prioritised, and resource be made available to the various first line teams across the business to progress on the roadmap.

What The Payments Association has or will be responding to

Consultation

FCA

The potential competition impact of big tech entry and expansion in retail financial services

PSR Authorised Push Payment scams

Description

The purpose of this paper is to stimulate a discussion on the potential competition impact raised by big tech firms. This includes the benefits to consumers as well as any significant risk if competition were to develop in a particular way.

The PSR consulted on guidance for PSPs who will have to publish data on their performance on authorised push payment (APP) scams. This will be a requirement of the specific direction that it plans to publish in March 2023.

Cabinet Office / DCMS Consultation on draft legislation to support identity verification

This Government wants to improve the way data and information is shared and used across the public sector to deliver better, joined up services, while also maintaining privacy, trust and building confidence. The Digital Economy Act 2017 was designed to give flexibility to introduce new data sharing gateways to support the delivery of key services, as the need arises, by secondary legislation. This consultation sets out proposed data sharing legislation that would make it easier for people to prove who they are online when accessing government services. The proposed legislation will also unlock the full benefits of a new government identity verification system, known as GOV.UK One Login.

HM Treasury Payment Services Regulations Review and call for evidence

HM Treasury Regulation of buy-now pay-later: consultation on draft legislation

The review and call for evidence will look at how UK payments regulation should evolve to continue to meet the government’s aims and address the specific challenges highlighted in the review.

On 2 February 2021, the government announced it would regulate interest-free buy-now pay-later (BNPL) products. It consulted on policy options in October 2021, followed by a consultation response in June 2022.

The government is now consulting on the proposed draft legislation that will bring BNPL into FCA regulation. The consultation asks for stakeholders’ views on whether the draft legislation effectively delivers the policy positions set out in the government’s consultation response.

HM Treasury Future financial services regulatory regime for cryptoassets

In April 2022, the government pledged to introduce a regulatory regime for cryptoassets, reflecting the risks and opportunities they present.

This consultation paper sets out proposals for this future regime and marks the next phase of the government’s approach to regulating cryptoassets. It builds on previous HM Treasury proposals, which focused on stablecoins and the financial promotion of cryptoassets.

Bank of England and HM Treasury Digital pound: a new form of money for households and business?

The way people use money is changing. This consultation paper sets out the BoE and HMT’s assessment of the case for a retail central bank digital currency (CBDC) – a so-called ‘digital pound’.

Confirmed regulation

FCA Consumer Duty rules

The rules will come into force in July 2023. It includes a new consumer principle that requires businesses to act to deliver good outcomes for retail customers.

Who it affects

Big tech firms; established regulated financial services firms; and smaller challenger firms.

Dates

Consultation closed on 15 January 2023

Links

https://www.fca.org.uk/publications/discussion-papers/dp22-5-potential-competition-impacts-big-tech-entry-and-expansion-retail-financial-services

Payments industry, consumer groups and PSPs – particularly those already involved in the work on APP scams. This guidance will be particularly relevant to both sending and receiving PSPs.

This consultation is aimed at the general public, UK public authorities and other government departments, arm’s length bodies, non-departmental public bodies or other organisations who may consider they could be affected by the draft regulations. It may also be relevant to other bodies that have an interest in identity verification services.

Electronic money institutions

Consultation closed on 23 February 2023

Guidance due to be published in March 2023

Consultation closed 1 March 2023

https://www.psr.org.uk/publications/consultations/cp23-1-app-scams-data-publishing-guidance/?utm_medium=email&utm_name=&utm_ source=govdelivery

https://www.gov.uk/government/consultations/ draft-legislation-to-help-more-people-provetheir-identity-online/consultation-on-draft-legislation-to-support-identity-verification

Merchants and credit brokers would be exempt from FCA regulation where they offer newly regulated agreements as a payment option.

Consultation closes 7 April 2023

Consultation closes 11 April 2023

https://www.gov.uk/government/consultations/payment-services-regulations-review-and-call-for-evidence

https://www.gov.uk/government/consultations/ regulation-of-buy-now-pay-later-consultation-on-draft-legislation

Responses are welcome from all stakeholders, including cryptoasset firms, technology companies, financial institutions, other businesses impacted by cryptoasset regulation, trade associations, representative bodies, academics, legal firms, and consumer groups.

Responses to this consultation are invited from all interested members of the public, experts, and organisations.

Consultation closes 30 April 2023

https://www.gov.uk/government/consultations/future-financial-services-regulatory-regime-for-cryptoassets

Consultation closes 7 June 2023

https://www.bankofengland.co.uk/paper/2023/ the-digital-pound-consultation-paper

Regulated firms, including those in the e-money; payments sector

30 April 2023

Manufacturers to have completed necessary reviews for their existing open products and services.

31 July 2023

New and existing products or services that are open to sale or renewal come into scope.

31 July 2024

Closed products or services come into scope.

https://www.fca.org.uk/publications/policy-statements/ps22-9-new-consumer-duty

How Gen Z’s payment habits will shape tomorrow’s industry

Gen Z values convenience, speed, and security in their payment methods. As they gain financial independence and spending power, Irene Skrynova from Unlimint, explores how their choices will influence the next few decades of payments innovation.

Gen Z, also known as the iGeneration, is the demographic group following the Millennials. Born between 1997 and 2012, this generation is the first to have grown up entirely in the 21st century and has had access to technology and the internet from a very young age. As a result, they have a unique relationship with technology and are often considered to be the most tech-savvy generation yet.

When it comes to payment trends, Gen Z has a strong preference for digital and mobile payments. This is largely due to their comfort with technology and their desire for convenience and speed. They are also more likely to be sceptical of traditional financial institutions and therefore inclined to trust technology companies and digital platforms more.

More than a half of Gen Zers do not have a personal or parent-opened bank account. In the past, this would have limited their involvement in trade and commerce. However, the use of mobile wallets, which are often provided by non-financial institutions such as telecom companies, has now introduced an alternative solution for this demographic group. The FIS Pace survey showed that 57% of Gen Z owned mobile wallets in the first quarter of 2021 compared to 50% during the same period in 2020.

Gen Zers are drawn to the decentralised nature and anonymity of cryptocurrencies, which is important to them as they are a generation that values privacy.

While cryptocurrencies are still much more popular among millennials, we can see the Gen Zs are actively catching up to them: in 2021 13% of Gen Z owned cryptocurrency and this number grew to 17.40% in 2022.

Gen Z is also more likely to use subscription-based payment models, not only for digital goods like Netflix or Spotify, but also

►

for food. Gen Zers are comfortable with the idea of paying for access to a service or product on a recurring basis. In particular, they spent nearly twice as much on subscriptions compared to all the other generations, while at least 80% of them had subscriptions in four of the five essential subscription categories (video streaming, music, miscellaneous, for example, VPN, food, beauty and wellness).

In conclusion, Gen Z is a generation that values convenience, speed, and security in their payment methods. They are comfortable with technology and have a strong preference for digital and mobile payments.

Their tendency to choose subscription models and get rid of cash is showing that Gen Zers want to make payments seamless and almost ‘invisible’ in their daily lives.

A study by PPRO showed that 48% of Gen Zers will abandon a purchase if their favourite payment method isn’t available. This is why payment sector professionals and businesses need to offer the most relevant forms of payments.

As this generation enters the workforce and becomes more financially independent, their spending power and influence will only continue to grow and their preferences will continue to shape the future of payments.

How to combat financial crime through data sharing and collaboration

Online Training Courses

Get ahead in the payments industry with The Payments Association Payments 101, a virtual training course by Neira Jones, ambassador of The Payments Association. Perfect for newcomers and seasoned professionals, this course provides a solid foundation in payments education, covering all aspects of the ecosystem.

Join us for the next Payments 101 online training course and gain the knowledge you need to succeed in the payments industry. Register now to secure your spot!

For those who have completed The Payments Association Payments 101 (or have similar experience), The Payments Association Regulations 101 is the perfect course to take your payment knowledge to the next level. This live virtual event, delivered by Neira Jones, covers payment regulations and frameworks, as well as privacy and security standards and their potential overlap. Take your chance to gain an in-depth understanding of payment regulations.

Register for the next Regulations 101 online training course to gain an in-depth understanding of payment regulations.

Get a comprehensive overview of virtual, crypto, and decentralised payments with The Payments Association Crypto 101. This course, which combines presenter-led sessions, thought-provoking videos, and quizzes, provides a deep dive into this aspect of the payments industry.

Drawing on real-life examples, the course covers underpinning principles, key stakeholders and regulations, and practical applications for all three.

Register for the next Crypto 101 online training course and gain valuable knowledge to apply in your career.

Are you up to date with payment compliance regulations? The Payments Association is proud to offer a comprehensive Payments Compliance training programme, free of charge, thanks to support from members Visa and fscom. Watch the 6, two-hour Advanced Payments Compliance Training webinars on demand now, and stay updated with payments compliance standards.

Don’t miss out on this opportunity to enhance your knowledge in the industry.

‘One of the sexy things about payments is a lot of it is in the principle’

Luke Cutajar from Ripple

London-born Luke Cutajar, director of customer success at Ripple, fell into the payments sector 17 years ago after landing a role at American Express when he left university in Brighton. Specialising in foreign exchange services initially, Luke speaks to The Payment Association’s editor Jyoti Rambhai about building his payments career at American Express, then WorldPay in e-commerce and now Ripple.

Tell us about your career path after American Express?

I’ve been in the payments industry now 16 to 17 years. I started off my career at American Express, and then I went over to a company called WorldPay, also as an account manager.

I worked at WorldPay, also for about five to six years, and managed their e-commerce book of payment institutions. This was when small companies like Wise, Azimo and Zoom Finance had started to be born. I was fortunate enough to manage them from their inception all the way up to the unicorn status that they are today.

To have been on that journey with those firms, to see how they matured, and really have changed the face of the payments landscape, in my opinion for the better, was one of my most enjoyable and probably one of the biggest achievements in my career to date.

At Ripple, I manage a team of account managers and we manage the relationships with customers that utilise our products and services. This is mainly regarding on-demand liquidity (ODL), [Ripple’s cross-border payments system, which uses digital XRP to enable customers to send money across borders instantly at a low settlement cost].

One of the reasons why I joined

Ripple from a more traditional payments company was that I believe that the technology our products and services are underpinned by – blockchain and digital assets – is really the future of payments.

Digital assets and blockchain technology provide an ideal solution to many of the pain points associated with cross-border payments today, whether they are individual remittance payments or treasury liquidity payments.

We’re seeing this in a very tangible way at Ripple where our crypto-enabled payments technology is bringing numerous benefits to our clients including speed of payment execution, increasing payment certainty and transparency, and overall cost reduction.

What challenges have you faced?

When you’re in a customer facing role, it’s understanding the needs and requirements from the client and building up those relationships to really create a win-win situation. That’s something I really enjoy about my role and that’s why I’ve stayed within the commercial facing role as an account manager.

Covid actually helped us strengthen some of those relationships and create a more personal connection with customers. While we could no

longer do those face-to-face meetings, everyone became accustomed to working from home and doing those meetings over zoom.

So, you started to learn a bit more about individuals like their work-homelife balance, as well as be introduced to their children or their dog. That helped create a more interpersonal relationship that we didn’t have before, especially if you saw them may be three or four times a year in an office.

What challenges do you think the payments industry is facing?

I think we’re in an interesting macro-economic environment. There is a lot of caution with companies slimming down their workforces and looking at the bottom line, as opposed to maybe two or three years ago when it was all about growth. The conversations have certainly changed.

The other thing that I see is a lot of companies want to embrace technology and new products or services, but are faced with regulatory compliance challenges.

There’s a race between, ‘hey, we want to adopt new technology’ and being limited by the regulation or all the compliance procedures that we have internally. We’re at a crossroads at that

Spotlight features successful CEOs, rising stars and other notable excellence across the payments industry. It is a platform for the best individuals across the sector, sharing their insights and what they think about the latest trends. Know someone that deserves to be featured in Spotlight?

Get in touch with the editor, Jyoti Rambhai.

moment in the payment space.

What trends are you seeing emerging in payments?

I think we are all becoming very used to this instant gratification. That’s no different in the payment space, whether you’re an individual sending a remittance payment, or a corporate trying to make treasury payments to another one of your entities, you want to do that as quickly as possible, as cheaply as possible and securely.

I still have the same conversation today as I had with CFOs four or five years ago, and that is, how can we get this payment from A to B as quickly as possible? How can we make use of other forms of liquidity to be able to facilitate that? Those are the conversations that I definitely see happening, whether you’re working in a company like Ripple, or you’re working at a large firm like WorldPay or American Express.

What would you like the payments industry to achieve?

I would love to see this adoption of just better technologies that help facilitate faster payments – whether it’s on a personal level, or at a work level; whether it’s buying a house or trying to move funds from here to another part of the world; whether it’s transferring physical assets like cars or homes digitally.

We are so used to sending a WhatsApp or an email and it gets to the recipient instantly, but you still can’t do that with money or an asset very easily. So, it’s about utilising those technologies to be able to facilitate that.

What would be your advice to someone coming into the industry?

It would be to get into the detail about what goes on behind a payment itself. You know, one of the sexy things about payments is a lot of it is in the principle. Many people don’t know that.

An individual doesn’t necessarily know what happens when they present their debit card at a terminal in their favourite shop. Many people don’t know if you go to your favourite website, how a payment is processed.

I think understanding that detail, the flow of funds between all of the different intermediaries is really important. It will then allow you to understand what the benefits of new technologies are.

CBDC: Threat or opportunity

With myths on digital currencies being a threat to financial freedom dominating social media, Dominika Duziak, of OneStep Financial, explains why government must address this narrative and discuss its advantages.

Numerous announcements made at the beginning of 2023 suggest that the era of Central Bank Digital Currencies (CBDC) has fully begun. We’re all keeping a watch on the Chinese and Indian pilots. This topic is investigated by the Bank of England, Bank for International Settlements (BIS), European Central Bank (ECB) and practically every other central bank in the globe. CBDCs are the talk of the town, and with all this attention, one may wonder – is CBDC a threat or an opportunity?

While industry experts and central bankers publish reports on CBDC designs, social media is filled with tweets and videos claiming that it is the greatest threat to our financial freedom, intended to control and manipulate society and ultimately “gridlock us in a digital prison of surveillance and tyranny”, says Russell Brand.

Given the influence of social media on public opinion (remember, Gen Z is primarily absorbing knowledge through TikTok and YouTube, and will likely be the first adopters of new forms of digital money), policymakers should make addressing this fearmongering, myth-filled narrative their top priority.

I have seen videos and articles claiming that CBDCs will disintermediate banks, that consumers will have to hold their deposits in the central bank accounts, that fintech and big tech will take over the retail banking space, and that traditional banks will cease to exist.

Critics are even saying that CBDC empowers totalitarian governments, which are going to utilise digital currency mechanisms to track their citizens’ spending, block their accounts, and essentially deprive them of their basic civil rights.

There is so much to unpack here. The belief that central banks will store money and open accounts for individuals is a significant misunderstanding.

Central Bank Currency, similar to cash, is only going to be “minted” by the central bank. Central banks, however, are not designed to serve individuals and it’s very unlikely that they want to turn into retail banks.

The CBDC will be distributed through the financial sector.

Banks and non-bank providers will be able to integrate with the digital currency ledger of the central bank and offer digital services to end users, such as account opening.

Yes, the transactions will be recorded in that ledger, but so are today’s electronic payments. Money is never fully anonymous (and nor it should be in my view) and even the biggest cryptocurrency supporters can’t deny the fact that Bitcoins can be traced and seized.

Today, a bank or card provider may be forced to disclose transaction details in response to a valid warrant if a crime is committed. Similarly, traditional accounts can be blocked by law enforcement authorities.

In the CBDC world, the account holders’ names and details will only be available to the providers that they select. Some even argue that our sensitive financial data will be better protected by regulated institutions.

While this is unlikely to convince conspiracy theorists, the majority of CBDC designs do emphasise the anonymity of

transactions recorded on the core ledger, the use of cryptography, privacy and data protection as the most important guiding principles.

Contrary to some opinions, the CBDC initiatives are not the result of power-obsessed regimes that seek to control our lives. Central banks do not wish to regulate how you spend your money. CBDC offers programmability, but programmable money and programmable payments should not be confused.

Both the ECB and the Bank of England have recently confirmed that programmable money – defined as money with specific rules or restrictions attached (for example, you can only spend it on particular goods or in particular stores, similar to food stamps) – is not within the scope of their research. This, however, does not exclude programmable payments, which offer organisations and individuals a world of new potential.

Programmability in this sense allows to predefine conditions and times of payment execution and once these

conditions are met by the receiver, the funds are immediately available for them to collect and use at their discretion.

Think about government benefits or energy credits that are delivered to you immediately after you submit a request and relevant evidence of entitlement online. Or imagine you’re a temporary worker or a freelancer. You want to get paid immediately after the job is done.

With programmable CBDC, you can trigger the payment based on the proof of task execution and receive your payment much faster. Your employer doesn’t have to spend days on internal validations and other steps that are needed to execute this transaction, that in today’s world is very complex.

These solutions will significantly increase efficiency and cut payment processing costs. Ultimately, the programmability of payments enabled by CBDC rails will result in more financial inclusion and security for recipients, particularly those in the gig economy.

Another common misperception is that CBDCs will disrupt the financial system, naturally in a bad way. Disruptive innovation is a change that has a significant influence on the market or business models. It has been used in the past to characterise a variety of new breakthroughs, including blockchain.

Blockchain appears to be a suitable point of reference here. Despite its many advantages and huge potential, blockchain (outside of the crypto space) has not yet taken the world by storm. In contrast, as it matures and develops, blockchain proves to be a foundational technology that will have an immense impact and enable further breakthroughs, such as new types of digital currencies, utility non-fungible tokens (NFT) and programmable payments.

Similarly, CBDCs on their own will not significantly alter the status quo. The way in which we use money certainly will continue to evolve – as it has for generations. The financial services industry is ever-changing.

In the past decade, for example, we’ve seen a number of game-changing innovations, including the move from batch processing to real-time payments. The number of mobile and electronic wallet users is growing faster than accounts at traditional financial institutions. The financial services industry is moving towards Banking-as-a-Service and embedded finance, in which fintech technologies complement bank offerings and enable the generation of greater value at a lower cost.

These trends will influence the entire ecosystem, and CBDCs will play an important role in this change, facilitating innovation but on a foundational rather than disruptive level.

It is understandable that the subject of CBDCs raises a few concerns. Currently, there are certainly more questions than answers and speculations are inevitable at this stage. Clarifying them will require tremendous effort from regulators and the broader financial sector.

Industry organisations such as The Payment Association and the Digital Pound Foundation will play a crucial role in not only advising policymakers on the design of central bank currencies, but also in explaining to the public why digital currencies are being proposed and what benefits they will bring. And in doing so, they should probably turn to TikTok.

“CBDC initiatives are not the result of power-obsessed regimes that seek to control our lives.”

Listen to what experts say about the latest trends in payments

Combating financial crime through data sharing and collaboration

The battle between GDPR/ data minimisation and fraud prevention is a tough one to navigate, but there is widespread agreement that further collaboration on data is necessary to tackle financial crime.

The Economic Crime and Corporate Transparency Bill will only go so far towards enabling information sharing between certain businesses for the purposes of preventing, detecting, and investigating economic and financial crime.

So, what can the private sector do to expedite progress and how can you protect your business from poor data quality?

This webinar, in partnership with Form3, Benefactor of Project Financial Crime, explores data sharing initiatives and solutions that allow for public-private data sharing, as well as the risks of low collaboration and siloed data.

The blurred lines of liability

The ubiquitous adoption of digital technologies and a huge uplift in e-commerce has resulted in unprecedented levels of online financial fraud. The UK alone saw a 71% increase from 2020 to 2021 with £583 million in APP fraud losses, while the US experienced a 70% increase in fraud losses within a year, totalling $5.8 billion.

The pressure to safeguard consumers and develop robust cross-sector fraud prevention strategies is mounting. So, how can banks and big tech work together to tackle this issue and take liability for the part they play in online fraud?

Could the ‘polluter pays’ principle balance the liability scales? What other models would acknowledge the complexity of the digital landscape and offer fraud protection strategy fit for the digital future?

Watch this webinar to hear the panel of experts discuss how banks and big tech can work together to tackle the fraud problem.

A journey into ESG with Charles Radclyffe

Charles Radclyffe, CEO at EthicsGrade and Charlie Bronks, head of ESG at Crown Agents Bank, discuss the importance of ESG (environmental, social, and governance) measures in the payments industry and how more progressive policies and business-models can and must be implemented in 2023 in this podcast.

“ESG credentials are demanded in today’s market by your stakeholders and by your talent pool. Therefore, it can’t be a tick box activity […] its not optional, it’s not political. It makes business sense and is the right thing to do,” says Charles.

Listen to the podcast to learn about the challenges of measuring ESG, how Charlie and Crown Agents Bank have gone on an ‘ESG journey’ and what the launch of The Payments Association’s Project ESG working group means for our members.

Know your criminal: Where are the blind spots in your organisation?

Fraud is a multi-faceted threat. From deliberate error to organised crime there is no one methodology that can be used to tackle all fraud typologies.

If this is an accepted reality, then how can organisations, specifically compliance officers and analysts, be more empowered to finding and combating fraud and remaining 10 steps ahead.

Listen to this webinar to hear experts from across the financial ecosystem discuss how the regulatory environment changed post Brexit; whether there is likely to be a surge in fraud crime because of the cost-of-living crisis; and how the regulatory environment changed post Brexit; whether there is likely to be a surge in fraud crime because of the cost-of-living crisis; and how the industry can drive reg-tech standard.

How proposed UK regulation could impact cryptocurrency businesses

With the UK government launching a second phase consultation on the future of cryptoassets, Max Savoie and Martin Dowdall of Sidley Austin examine what this means for payment firms.

HM Treasury (HMT) published its consultation on the future financial services regulatory regime for cryptoassets on 1 February. This follows the April 2022 consultation on the regulation of fiat-linked stablecoins, referred to as phase one. The latest consultation proposes rules to regulate other categories of cryptoassets, referred to as phase two. This includes:

• Extending the existing authorisation regime for financial services under the Financial Services and Markets Act 2000 (FSMA) to cover a range of cryptoasset services;

• Using the designated activity regime (DAR), a new regime under the Financial Services and Markets Bill (FSM Bill), to impose

requirements on cryptoasset firms without requiring full authorisation;

• Imposing prospectus and disclosure requirements on cryptoasset issuers and trading venue operators; and

• Extending the UK’s market abuse framework to exchange-traded cryptoassets.

The UK is taking an iterative approach to the regulation of cryptoassets. This contrasts with the EU’s regulatory regime for cryptoassets under the Markets in Cryptoassets Regulation (MiCA), expected to be adopted during 2023. Although the UK proposals and MiCA overlap significantly, there are important differences.

Apart from authorisation requirements, in-scope firms would be subject to regulatory requirements on, among others, own funds, liquidity management, governance, operational resilience, data reporting, consumer protection, and conduct of business.

Firms already authorised under FSMA (such as banks and investment firms) intending to undertake cryptoasset activities would need to apply for a variation of permission, which will not be granted automatically. MiCA allows certain authorised firms, like banks, to conduct cryptoasset activities under their existing authorisations – albeit subject to other requirements.

Firms will need to carefully consider the impact of these proposals on their businesses. Those that provide services in the UK and the EU will need to consider how they will structure their organisation to comply with both the UK regime and MiCA.

Scope of phase 2 proposal

The Treasury’s consultation document notes that there is no universal definition of a cryptoasset, digital asset or virtual asset. However, to avoid future ambiguity, the Treasury has proposed its own definition of a cryptoasset.

As such, the consultation defines a cryptoasset as: “Any cryptographically secured digital representation of value or contractual rights that – (a) can be transferred, stored or traded electronically, and (b) that uses technology supporting the recording or storage of data (which may include distributed ledger technology).”

This is a broad definition and means that a large range of cryptoassets that are currently unregulated will be brought within the scope of regulation for the first time.

The consultation provides the following non-exhaustive list of cryptoassets that could fall within regulation under phase two:

• Exchange tokens;

• Utility tokens;

• Non-fungible tokens (NFTs);

• Asset-referenced tokens;

• Commodity-linked tokens;

• Crypto-backed tokens;

• Algorithmic tokens;

• Governance tokens; and

• Fan tokens.

The scope of MiCA and the proposed UK regime differ.

MiCA imposes unique requirements on asset-referenced tokens (such as, in relation to establishing and managing reserves), whereas the UK proposal does not.

NFTs in principle fall within phase two, whereas they generally fall outside of MiCA.

Firms providing services in both the UK and EU will need to carefully consider whether they are in scope of both or just one of these regimes; and some may need to obtain UK and EU licences going forward.

In-scope cryptoasset activities

The consultation proposes imposing authorisation requirements under phase two on, among others, the following types of activities relating to cryptoassets:

• Operating a cryptoasset trading venue;

• Dealing in cryptoassets as principal or agent;

• Arranging (bringing about) deals in cryptoassets;

• Making arrangements with a view to transactions in cryptoassets;

• Safeguarding, or arranging the safeguarding, and/or administering, of cryptoassets other than fiat-backed stablecoins and/or means of access to the cryptoassets; and

• Operating a cryptoasset lending platform –another difference from MiCA, which does not address lending activities.

This will likely bring a broad range of currently unregulated businesses within the scope of regulation meaning such firms will need to be authorised to continue to provide these services.

The UK does not currently propose to regulate portfolio management or investment advice in relation to cryptoassets under phase one or two. This differs from the approach under MiCA which will regulate these services. Firms providing services in the UK and the EU will need to carefully consider which requirements apply to them in each jurisdiction.

Territorial scope will capture offshore firms providing UK services

The UK proposes to regulate cryptoasset activities provided “in or to” the UK. On this basis, non-UK providers would generally be subject to the new requirements where they provide services to UK customers from outside the UK.

HMT proposes an exemption for non-UK firms providing services to UK customers from outside the country on a reverse solicitation basis. However, it notes that any such exemption would be defined to prevent misuse and regulatory arbitrage, which suggests the exemption will be narrow.

The Treasury intends to pursue equivalence arrangements whereby firms authorised in other jurisdictions could provide services in the UK if the other jurisdictions have equivalent standards and cooperation mechanisms with the country.

DAR could catch firms outside the scope of cryptoasset proposals

HMT is also proposing to include other cryptoasset activities under the DAR. As such, and despite falling outside the authorisation regime, direct requirements, or even bans, could be imposed on firms conducting activities such as requiring that certain public offers of cryptoassets be conducted via a regulated trading platform.

Response to consultation on cryptoasset promotions

On the same day as the consultation opened, HMT proposed to introduce an exemption to the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005, which would allow some cryptoasset businesses to promote their own services. This would only apply to firms registered with the FCA under the UK Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (but not authorised under FSMA).

This exemption will apply until the UK’s broader cryptoasset regulatory regime is introduced.

The consultation on cryptoassets closes on 30 April. The Payment Association will be submitting a response and member firms can get involved by sharing their views with the head of policy, Riccardo Tordera.

Max Savoie is a partner and Martin Dowdall is a senior managing associate at Sidley Austin.

The UK proposes to regulate cryptoasset activities provided in or to the UK.

Save

21 November 2023 | Royal Lancaster Hotel

Bringing together the most influential players and experts in financial crime

Financial Crime 360 tackles head-on the increasingly complex and rapid rise in money laundering & fraud through a series of obstacle-solution scenarios & high-level discussions between banks, payment providers, regulators, government, solution providers and fraud experts.

Become a sponsor to:

• Position yourself as a specialist in the sector.

• Increase awareness and build brand trust.

• Build your sales pipeline and generate MQLs.

• Launch new solutions or showcase and promote current products to an audience of potential new clients.

To learn more about registration, speaking and sponsorship, email Richard Jones at richard.jones@thepaymentsassociation.org

Interested in speaking?

• Get your organisations work in front of the leaders in the sector.

• Discuss and overcome issues in the field.

• Network with the key players in the sector and expand your contact’s book.

• Learn from other speakers.

Members of The Payments Association SAVE 10% off tables

“A thoroughly enjoyable and well-organised event. I was not only inspired and motivated by the achievements of people and products showcased during the Awards but also felt a strong sense of pride to be associated with the payment industry.” Stan

“This event is the highlight of my work social calendar. Whilst being remote was very different, it still brought the community together.”

Please book early to avoid disappointment. Attendance is strictly limited, and applications are typically oversubscribed, so it is essential to book

early. To discuss sponsorship options and how we might help you to achieve your goals, contact keri.farrell@thepaymentsassociation.org today

Rubin, Novatti Limited

“The Awards is just hugely valuable for us. It’s amazing recognition from the industry as a whole – it would help our business, it’ll help give recognition amongst the wider population.”

James Lynn, Co-Founder of Currensea