Payments: Simplicity or Complexity? The answer is... Simplexity!

Thursday, 18 May 2017 14:04

Payments Advisory Group attended the EACHA Payments Forum in Amsterdam last week. Here are our key take-aways:

  1. Instant Payments – a Simple Concept but a Complex Challenge
  2. The Payment Services Directive 2 (PSD2) – Banks Opening their Doors
  3. Keeping Payments Safe and Secure

 

By Edith Rigler - Payments Advisory Group

Simplicity or Complexity? The answer is: Simplexity!

 

For many years, the payments business was considered a simple business, a basic utility which banks provided to their customers. Payments were seen as representing simplicity. After all, what could possibly have been complex about them? However, with increasing regulation, with new payment methods arriving, with digitalisation and innovation taking off and the increasing threat of cybercrime, payments have become more complex. Complexity is now simply a reality.

At the recent Annual Payment Forum of the European Automated Clearing House Association (EACHA)[1] in Amsterdam, banks and banking associations, corporates, clearing houses, regulators and consultants came together to discuss just that. Three main themes are currently keeping the payments industry on its toes:

  • the introduction and implementation of Instant Payments;
  • the Payment Services Directive 2; and
  • the security and safety of payments.

Each one of these themes sounds simple in concept. Yet behind the concepts are complex challenges, from use cases to product features, from infrastructure changes to fraud prevention. But customers typically do not want to hear about complex issues. Thus the advice from one of the forum speakers: “Embrace simplexity, i.e. make the complex simple!”

Let´s look at each one of these themes individually

 

1. Instant Payments – a Simple Concept but a Complex Challenge

Instant Payments (IPs) are euro payments which will be executed nearly instantly, i.e. in 10 seconds or less. Funds will thus be available in the beneficiary´s account nearly immediately. Users will be able to take advantage of IPs 24 hours a day, 7 days a week, 365 days a year. The new payment instrument will be implemented not only for domestic payments traffic within individual countries but also cross-border, and that for the whole pan-European SEPA area, i.e. 34 countries. For banks, the scheme is optional, not mandatory. The first countries will go live in November 2017, many will follow in 2018 or early 2019.

While practical challenges surround the functional and technical implementation of IPs there are many unknowns and uncertainties. First, there are the questions about adoption: will IPs be used primarily in the P2P (person-to-person) space, or rather P2M (payments to smaller or larger merchants)?  Which access channels will be used? Will mobile phone usage increase in tandem with IP adoption? When will IPs become “the new normal”?

Second, as IPs are not mandatory for banks, the question of reach becomes important: what percentage of the payments market will be reachable for IPs, both domestically as well as cross-border? As reach is key for new payment services, adoption will mainly manifest itself per country or per large banking community. Since adoption of IPs means large investments the speed of adoption is resulting in a handful of countries planning to go live within the next two years. Other countries are currently investigating and planning their IP strategies.

This in turn poses the question of user experience: if countries adopt IPs with different speed, how can a coherent user experience across Europe be guaranteed? Also, banks are currently considering different clearing and settlement options. Will these have an impact on the user experience?

Equally important is competition: should banks focus on competing with each other, or should they worry primarily about non-bank disruptors such as fintechs?

And finally: what opportunities for new services become available as a result of IP availability? Should banks regard IPs as a necessary development to be able to “stay in business”, or should they consider developing new use cases for the new payment method? As one speaker pointed out, IPs enable the payments industry to reduce the usage of cash and phase out cheques by offering an attractive payments alternative.  And banks should realise that IPs might keep the bank account at the heart of the payments business by offering an effective answer to competition from outside. Above all, it will be critical for banks to communicate their complex challenges to customers with simple messages – simplexity again!

 

2. The Payment Services Directive 2 (PSD2) – Banks Opening their Doors

The EU’s new directive on payment services (PSD2) updates and complements the original Payment Services Directive of 2007.  The main objectives of this “new” PSD2 – which must be complied with from January 2018 -  are to contribute to a more integrated and efficient European payments market, improve the level playing field for payment service providers (including new players), make payments safer and more secure, protect consumers, and encourage lower prices for payments.

However, the most hotly debated topic around the PSD2 concerns Access to the Account:  from January 2018, banks will have to provide data and functionality through mandated Application Programming Interfaces (APIs). In other words, APIs will be a gateway allowing a secure and simple access to the information stored in banks. Third party providers (TPPs) will be able access customer data to provide new products and services (with consent of the customer). Strict security requirements (such as Strong Customer Authentication) should ensure that services are safe and secure.

The implementation of the PSD2 requires banks to make technical adjustments to their systems and platforms. TPPs will need to be authorised and registered, and regulatory authorities will need to supervise them. Yet this complex directive is currently also fraught with uncertainties and lack of clarity. Not all implementation requirements are available yet: while the text of the PSD2 has been available since 2016 and the PSD2 must be transposed into national law in EU Member States by January 2018, the European Banking Authority´s (EBA) Regulatory Technical Standards (RTS) on strong customer authentication and secure communication will enter into force only in late 2018 or even 2019. This time gap between PSD2 and RTS requirements represents a complex challenge for banks.

Yet not all aspects around the PSD2 are negative. Rather, the PSD2 provides the potential for new opportunities for banks: proponents of the PSD2 cite many benefits, including improved customer experience through seamless integration with non-banks, the potential for strategic partnerships with TPPs, the opportunity to develop new channels, improved security, and value-added services to financial innovators and technology-led companies. In sum, many see the PSD2 as a catalyst for positive change. One of the challenges for banks will be to avoid confusion and communicate with customers in a clearly understandable way – simplexity will be necessary!

 

3. Keeping Payments Safe and Secure

A whole afternoon of the EACHA Payment Forum focused on fraud reduction and prevention and cybercrime. The Dutch Payments Association presented measures adopted in the Netherlands which led to a significant decline of fraud. These include (a) technical measures, (b) collaboration between all stakeholders and (c) last but not least, the education of consumers and businesses. One important message was that banks should not compete on security; rather, they should collaborate broadly, from the board level down to those stakeholders who write the rules. Another message for banks was that fraud prevention does not eliminate innovation. Rather, fraud prevention and innovation can be combined, by involving security experts at an early stage, conducting thorough and timely risk analyses (including analyses of operational, fraud, product and technical risks), and defining and implementing appropriate mitigating measures.

In terms of preventing and reacting to cybercrime, an international expert in the field of cybersecurity and cybercrime took the audience through a simulated cybercrime scenario. If confronted with a cybercrime threat, how should a company board react? What measures should be taken, by whom within the company, and when? Should ransom be paid? Which authorities should be notified? Should customers and the public at large be informed, and when? The scenario was interactive, i.e. the audience was asked to pretend being members of the company board and to suggest responses and actions to the cybercrime scenario. This led to quite an interesting discussion with many diverging views. In the end the discussion made clear that simple ready-made, out-of-the-book answers and actions are just not possible. Each scenario, each company´s situation will have to be handled individually.

Conclusion

In sum, the three topics of the EACHA Payment Forum – Instant Payments, the PSD2, and measures to increase security and prevent cybercrime in the payments space – warrant thorough understanding and careful analyses. The payments industry can look forward to interesting and stimulating months to come, but a clear strategic response and drive will be required to turn the complex challenges into a competitive advantage.

 

[1] The European Automated Clearing House Association (EACHA) is the technical cooperation forum of European ACHs. Its membership, currently comprising 27 institutions, gathers twice a year to discuss European developments in retail payments.

 

Ask your question

name
Ongeldige invoer

email
Ongeldige invoer

question
Ongeldige invoer

Enter the code from the image(*)
Enter the code from the image
Ongeldige invoer

send

Business Consultancy

Providing advisory services and business consultancy is the core of our business. Our advisors are senior experts with a thorough understanding of the payments domain. Read more

Interim Management

Are you looking for an interim manager? Payments Advisory Group also provides interim management services to our clients. Read more

Market Research

Payments Advisory Group feels it is essential to perform market research regularly to stay on top of the many developments in the payments domain and provide our clients with these latest insights. Read more

We use cookies to improve our website and your experience when using it. Cookies used for the essential operation of this site have already been set. To find out more about the cookies we use and how to delete them, see our privacy policy.

  I accept cookies from this site.
EU Cookie Directive Module Information