By Thibault Gobert, Head of Liquidity Pool, Spectrum Markets
At the turn of the millennium, payments were among the less appealing departments aspiring young bankers could stive for: standard procedures, steady income and comparatively low risks are attributes in demand today but were considered boring back then. Two financial crises and a gigantic technology leap later, and payments has become a hotly contested market where brands like PayPal, Apple, Google, Amazon etc. have become the big players.
Big tech leads the payment industry
At first glance, one might be tempted to suggest that customers have turned away from banks as a result of the financial crisis. This is not just disproved by the fact that most banks, though long suffering from low-interest rates, haven’t lost much more than their proprietary business during this time, it also fails to consider another phenomenon which started with the population born between the eighties and nineties: Generation Y.
Older generations have of course become accustomed to using new technology, but Generation Y is considered the first to have grown up in a truly digital environment. While the internet brought untold services to all our fingertips, this group of young consumers never felt the need, for example, to enter a bank branch to open an account, withdraw money or make a bank transfer.
One consequence of this is that when no human interaction involved, we tend to see much lower levels of commitment to the provider of a given service. When the consumer recognises a better service, or more attractive conditions, he or she will change more quickly than someone who feels a personal bond.
Obviously, the internet makes such change even easier as it doesn’t require leaving the house, or even picking up the phone, to enter into a new contractual agreement for whatever service. It should therefore be no surprise that the companies most experienced in catering to, and shaping, this new consumer behaviour, are the ones that are today conquering the payments business.
Banks struggle to catch up
For decades, banks were used to being the one-stop-shop for their clients across all financial services. So long as a financial institution was able to provide all these services competitively, the client remained within the institution’s ecosystem. When this era ended quite suddenly, this did not just turn out to be a problem for their attitude towards competition.
While this challenge has been overcome, a much more burdensome problem persists. Banks’ IT and process landscapes struggle with modern payment procedures and, in a mutually-dependent manner, this is aggravated by regulatory obligations.
Firstly, the minimum reserves requirement for banks puts providers that also hold the payment initiator account in a weaker position to those that just process payments. In addition, it is a big difference whether the initiator and recipient of a payment are registered with the same payment platform, as is the case for payments via PayPal, Amazon etc., or whether the transaction participants are within systems of different banks.
Let’s take SEPA Instant Payments as an example, i.e., real-time money transfers. In the case of a real-time transfer, the bank of the payment initiator must perform various legal checks before forwarding the payment message to a clearing house. If the initiator account check is successful, it will be debited and a connection to a clearing institution is established via a communication system such as SWIFT or EBICS. The payment message will then be transferred, and the connection will be terminated.
Similar granular control and administration steps are carried out by the clearing entity and by the receiving bank before crediting the account of the payment recipient. A confirmation whether the transaction was successful or not has to go all the way back.
In order to establish such a clearing and settlement process in a compatible way, banks must participate in the same clearing system. If this is EBA clearing, then clearing and settlement are separate processes, increasing the number of messages and thus complexity and cost. Plus, clearing cannot be processed directly against central bank money, which means that the minimum reserve for the customer deposits of the recipient bank, which has increased as a result of the payment, must be balanced.
If the European Central Bank’s (ECB) TARGET Instant Payment Settlement system (TIPS) is employed, clearing and settlement are not separate. The minimum reserve balancing is done automatically via an account held with the central bank. This process is still complex, and the technical platform and process design is the property of the ECB.
In any case, banks must fall back on infrastructure which lags behind modern payment infrastructures that are being used in trade commerce. And the PSD2 hasn’t solved this.
PSD2 falling short
PSD, in its first version, was adopted in 2007 in order to make cross-border payments easier and safer; before that bank transfers between member states were very long and costly. The next iteration of this directive, the PSD2, mainly aimed to more effectively regulate new types of payment services, like payment initiation services and their providers.
Those new providers are categorised as Third Party Payment Service Providers (TPPs) offering specific payment solutions. These are divided into Payment Initiation Service Providers (PISPs) and Account Information Service Providers (AISPs).
PISPs are intermediaries between the consumer’s (payer) bank account and a seller’s bank account. Once they are given authorisation by the payer, the PISP can access the payer’s bank account automatically. Obviously, there is a confirmation step every time the payer buys something online.
AISPs let consumers see all their payment account information from different bank accounts in one place, online or via a mobile app, including spending analysis tools. The most important changes introduced by the PSD2 are Third party Access to Accounts (XS2A), prohibited surcharging and enforced two factor authentication.
Through XS2A, banks have been forced to give TTPs access to customer accounts, subject to the customer’s prior consent. The problem is that neither PSD2 nor the guidelines of the ECB specify these APIs. The lack of harmonisation of technical standards is a risk to integration and competition and, not least, consumer protection.
A review underway
The European Commission launched a public consultation in May on the PSD2 and open finance, seeking to assess the effectiveness, efficiency, costs and benefits, coherence and added value for the European Union of the current regulation. The review process will measure the impact of strong customer authentication on the extent of payment fraud in the EU and will infer the extent to which additional measures should be considered to fight new types of fraud, especially regarding instant payments.
It will also look at existing legal limits for contactless payments to strike the right balance between customer convenience and preventing fraud risks. It will assess risks arising from unregulated services such as technical services provided on top of regulated payment or e-money services.
Furthermore, it will align the PSD2 and the Electronic Money Directive (EMD2) by including the issuance of e-money as a payment service in the PSD2, and assess whether the transparency of cross-border transactions needs to be improved.
Accompanying the public consultation is a call for evidence on an evaluation and an impact assessment relating to its review of the PSD2, alongside a call for evidence on an impact assessment regarding the policy options relating to an “Open finance framework – enabling data sharing and third party access in the financial sector” initiative planned by the Commission by early 2023.
Game changer?
The PSD2 has been a game-changer in the European financial industry and the ongoing review process will certainly address important shortcomings of the directive in its current form. The challenge is to ensure that further regulation does not create the fragmentation it was aiming to prevent in the first place.
This challenge is increased by the pace of technological progress, in that current processes governed by as yet undrafted legislation will have become obsolete by the time the legislation applies. In order to cope with the pace of technological change and ever-developing regulatory frameworks, the successful players will be those that consider themselves technology companies.