PSD2 will undoubtedly have a huge impact on banks, but how are fintechs preparing for its implementation? Should disruptive payments tech companies be waiting for PSD2 to come into force, or are the conditions already in place for fintechs to thrive?
Research suggests that banks do not feel sufficiently ready for PSD2 coming into force at the beginning of next year. Is that your impression?
PSD2 opens up a new world where the bank and payment services used by business and consumers can be easily integrated into, even embedded in, the offerings of other providers. It’s a change which provides an enormous opportunity whatever your size, and I think the larger banks have embraced that this is coming and are very engaged in what this means for them.
However, it is fair to say that it has really galvanised the fintech sector, because it opens up new possibilities and generally levels the playing field for competition. We’re lucky in the UK to have a particularly vibrant fintech sector, and our investors alone [Blenheim Chalcot] have several businesses that are looking to take advantage of the new opportunities.
It’s actually going to be critical that the banks are ready too, as forming good partnerships will be as important to the success of PSD2.
To your mind how does PSD2 change the playing field for fintechs?
Taken together with other regulatory changes underway, the huge investment in fintechs and the general movement to Open Banking, I think it’s fair to say that PSD2 is going to be the start of quite a watershed for competition in financial services in the UK. In ten to 15 years, we may well look back on it as being retail financial services’ equivalent of wholesale banking’s Big Bang.
The big change underway is how it gives more players access to account data and payment options that previously were only accessible via a bank. This opens up a whole range of possibilities for fintechs.
For example, the new AISP [Account Information Service Provider] model enables a much greater level of data aggregation, opening up opportunities for both companies that consolidate your data, but also new types of comparison businesses. And the PISP [Payment Initiation Service Provider] status allows companies to push payments, which could lead to new type of instant payment scheme.
There are probably more immediate and more obvious routes to value for an AISP, but the PISP route offers great potential too, not least to remove some of the friction of moving money between different banks and financial institutions.
An additional area of PSD2 that hasn’t had a great deal of attention is the aspects that support the PSR (Payment Services Regulator) in ensuring access and competition. This is potentially quite significant in levelling the playing field for new and emerging companies versus the incumbent banks.
It’s not as straightforward as simply granting lots of rights, of course, as in many cases these have to be matched with new processes and safeguards. However, I do welcome what PSD2 will do to ensure that where there isn’t access for innovative, new players, this has to be highlighted and either explained or resolved.
How did the decision to launch Modulr come about and did PSD2 play a significant factor?
It’s certainly true that what Modulr is aiming to do is very much in line with PSD2. We focus on businesses that make a lot of payments, often with a high degree of complexity or time criticality.
We started the company because today these businesses use payment services that, whilst they do the job, are not particularly flexible to their specific needs. As a result, businesses tend to use work arounds or just limit the service they can offer their customers.
Their only alternative to this ‘one-size-fits-all’ type payments processing was to take on the task of becoming a payments institution themselves, with all the cost and risk that entails. We didn’t think this made sense, so we created our easy-to-integrate, easy-to-use E-money Platform, to give a company unprecedented control over making payments, with features like instant accounts, access to Faster Payments and powerful automation, all from their own system via APIs.
We didn’t need PSD2 to get underway, but it will enable us to make our service even more seamless for customers.
Customers and businesses are purported to be the main beneficiaries of PSD2. Is this actually going to be the case?
For all the technical side of PSD2, what is most exciting about PSD2 is that it opens up opportunities to make things easier for customers.
The reality is business or personal customers invariably use more than one financial institution, but today those are totally siloed. For example, if you are online looking at your account for one company, you can’t see information from another, and you certainly can’t initiate a payment from it. You have to go and login somewhere else. PSD2 opens up a world of more integrated services, where information and activities can be embedded and used more broadly.
The legislation doesn’t just provide new services though, it also ensures that consumers for a broader range of companies are properly safeguarded. Take Marketplaces, for example. There was a Commercial Agent exception in PSD1 that allowed for companies who take payment from one person and pass it onto another to be outside the regulation. With the huge growth in Marketplaces-type companies – everyone from Amazon to Uber – it’s right that this is now being brought inside.
Personally, I remain concerned that there are still some businesses out there that handle money who won’t be covered. It seems to me that with the opportunities for seamless connection that PSD2 provides, there really is no need for this grey area that is covered only by professional bodies.
Payments are really complex these days, with changing technology, regulation, cybersecurity, and so on, and I really do therefore think companies handling money these days should either be properly regulated as financial firms, or should be outsourcing the activities to companies that are.
For consumers, do you think there will be trust issues with third parties pulling funds directly from their bank accounts?
The European Union has the most stringent data protection laws in the world and the security element of PSD2 reflects this. Even so, experience shows that it takes time for consumers to build confidence in any new option, especially at the start. We’ve seen this with Chip and PIN, for example, and more recently Contactless. At the end of the day, they are entrusting a business with their money, and so they need to be sure it’s credible.
At Modulr, we’ve taken the step of becoming authorised and regulated by the FCA as an Electronic Money Institution (EMI). This not only extends what we can do as a business, it also gives customers the confidence that we comply with their stringent requirements around capital, safeguarding and reporting.
However, even then, customer trust still has to be earned. We have a highly experienced team, and have bank grade security environment and practices, such as multi-factor authentication, session management, activity observation and penetration testing. We recognise that whilst customers may be attracted by a clever solution to their problem, they still absolutely won’t use it unless they can be 100% confident it is secure.
Do you see any issues with PSD2 that concern you? Is there a danger of too much regulation?
Whilst I very much welcome PSD2, there’s no doubt it also throws up some potential challenges for fintechs.
One aspect is around the safeguarding regulation. The risks here go both ways. On the one hand, if the bar is set too high – and there are some who might argue for this – then the level of bureaucracy, capital, and so on becomes a real problem for smaller businesses.
For example, if we’re not careful, then businesses who don’t want to be payment institutions can end up getting pulled into the net and labelled as PISPs. We think this can actually be counterproductive.
Payments these days is a complicated business, and it’s far safer to ensure that innovative companies who do use payments can instead just outsource the activity to experts like us, and in doing so, stay firmly outside the regime.
An interesting one is the use of the word ‘Banking’ and ‘Bank’ where there is talk of further legislation. Again, this makes lots of sense insofar as it avoids consumer confusion. But in the same way that it’s fine for a company to talk about partnerships with other firms without legally being an LLP, we have to be careful that we don’t end up ruling out the use of the word ‘banking’ in its entirety. I’d rather the rules were tight on saying what kind of institution you are, but leave room for plain English when it comes to describing your service.
Another challenging area is where various regulatory initiatives meet, where I think it’s fair to say there is room for both overlaps and gaps. Take for example the CMA (Competition and Markets Authority) which overlaps in some – but not all – aspects with PSD2.
The danger here is that the banks focus on the higher pressure they have from the CMA, and that aspects of PSD2 that sit outside of this get neglected. Plus, of course, not all banks are covered by CMA, which means that the momentum created on those aspects by the nine large banks might in fact act to prevent influence from the small ones, which is not the effect we were looking for at all.
How is Modulr taking a unique position in the marketplace?
At Modulr, we have chosen to focus on businesses that routinely make a lot of payments, and have a lot of complexity or time criticality. That’s fairly unique in itself, and in addition, we believe both our platform and the company itself have some special aspects.
Our E-money platform is unlike any other in that it is purpose-built to make it easy for businesses to manage making payments. It’s easily integrated into existing systems and processes, and richly functional, including automation, notifications, access to Faster Payments, and so on. We don’t believe clients should need to be a payments expert though, so we pride ourselves in making our functions simple to use, with clear graphics, real-time information, and familiar controls.
What are your objectives for Modulr in the next 12 months?
One of the aspects of running Modulr I really enjoy is seeing how companies from different sectors use our E-money Platform in different ways. We have a wide range of clients from payroll providers to lenders all using different modules to give them better control over their payments.
Over the next 12 months, we’re extending the Platform in all sorts of ways, with new elements to the Portal, access to additional payment schemes, and new types of notifications, to name just a few. So one objective is to see these new capabilities take Modulr into more sectors, and extend even further the range of uses that clients are putting our Platform to.
Ultimately, I’d like Modulr to be recognised for creating a new product category, perhaps to hear someone refer to their company as “like a Modulr”! But most of all, I want all businesses who make a lot of payments to know they do have a choice, and don’t need to become a payment institution themselves these days to make their payments work how they want.
Africa presents the ideal environment for new cash and payments services architecture by linking rapidly changing customer expectations with new technologies. This puts banks at the centre of the creative clash of trends and technology as Africa’s financial institutions harness disruption for innovation and growth.
The only way PSD2 will function effectively and securely, will be through the mobile banking application itself. However, the directive does not specify how secure this access will be, nor, what risks will arise, and for who.
PSD2 heralds a new dawn for mobile payments, as the regulatory technical standards around the upcoming European open banking regulations are expected to put mobile devices at the heart of new payment techniques. But despite the regulatory environment nudging markets towards certain payment types, it is not easy to predict exactly how consumers will adopt the technology.
These are interesting – and uncertain – times for global retail banking, from Trump's desire to remove Dodd Frank to Brexit and new British banking regulations.