Mifsud commented that usually when he asks a banking industry audience if they are working on a mobile payments project, a sea of hands is raised. By contrast, when he asks who is doing an open application programming interface (API) project there is usually no response. However, in the past year one or two hands have started going up on this second question. This observation set up the panel discussion nicely in terms of the progress, or lack thereof that banks are making with the open payments ecosystem.
Panellists for this session were:
- Adrian Field, digital strategy senior manager at Visa.
- Daniel Spier, managing director (MD) of IDT Finance.
- Nektarios Liolios, MD with Startupbootcamp FinTech.
- Robert Courtneidge, director, global head of cards and payments at law firm Locke Lord.
The discussion kicked off with debate over what ‘open payments’ meant to the panellists. For Field, it is about opening up the Visa payments ecosystem and working with payment services providers (PSPs) who are not necessarily already members. He added that Visa itself could make strides in the developer space as a result of open payments.
Liolios commented that open payments should be about enabling entrepreneurs to build from inside the payments community – rather than on the outside, as is often the case today. Spier said that it currently takes much effort to launch new payment solutions, and that open payments should be about easing this process, while Courtneidge suggested that open payments should, through legislation, create a level playing field for everyone to operate and develop in.
A Wide Spectrum of Open Payments
While the concept of open payments differed a little from panellist to panellist, depending on their perspective, they all looked at it in a positive light. So why aren’t all industry participants committed to open payments today? It was argued that banks have an inability to react to the changes happening in the payments market, with some choosing to remain hidden under the banner of regulation than face innovation head-on. While Field agreed that it could be hard to innovate under regulatory constraints, Spier suggested that innovation approached in a smart and structured way should be no problem for financial institutions (FIs).
The perennial topic of Bitcoin naturally came up as part of the discussion. Mifsud suggested that Bitcoin and cryptocurrencies are at the other end of the spectrum to the banking world – they might share some characteristics with the old Wild West, but have great freedom for innovation. On the other side sits the banking community, which has remained a fairly closed shop until recently. With permissionless innovation on the one side, and the absolute control that banks require due to regulation on the other, how open should the open payments landscape be? Moreover, what and who should it be open for?
Courtneidge said that regulators must ensure that the infrastructure exists behind the landscape for businesses in this space to be able to work. He noted that the new Payment Services Directive (PSD2) from the European Commission (EC) contains positive steps in this regard, and that equally the UK’s new Payment Systems Regulator (PSR) appears keen to move forward and improve competition. With this momentum, it was important for FIs and schemes to join in and maintain it.
Liolios suggested that banks need an external input of innovation to help progress and evolve in a managed environment. He pointed out that this is not necessarily Bitcoin – it can be but the FIs then need to find their own mechanisms. Ultimately, Bitcoin is no bad thing, and it is important to consider the infrastructure that underlines it, the blockchain. Liolios called on banks to embrace the technology that provides this infrastructure and use it to their own advantage.
Risks for Banks
There are risks for banks wishing to open up their infrastructure to entrepreneurs and developers. Courtneidge outlined how the risk of data breach is a major concern worldwide. Banks are not being complacent about their security systems that they have built up to protect themselves. He noted that the US has far stronger laws in relation to data breaches – and the reporting required around the issue – than is currently the case in Europe.
With the cybersecurity directive that the EU seeks to introduce, Courtneidge said that there appears to be a push to address this risk. In addition to this, anti-money laundering (AML) issues exist. The EU’s 4th Money Laundering Directive recently came into being and banks are very cautious about AML breaches. Bringing in new and innovative programmes naturally encourages new and innovative fraudsters, who try to take advantage of them.
For open payments to succeed, Spier said that much effort is required to correctly implement the kind of controls identified by Courtneidge – but without hampering innovation and development of the system itself. Field added that FIs have to be aware that innovative open payment solutions may have a different risk profile to the normal products and services. It’s something that banks need to learn to accept.
The UK’s Prompt Payment Code will have a significant impact on the relationship between large businesses and their suppliers. What does the Code mean for your business? And how can you navigate this change effectively?
When it comes to the relationship between Europe and Britain – uniformity isn’t a word that currently springs to mind. And that’s not just a reference to Brexit. Whilst the Europe and Britain do find themselves in the midst of a political break-up – their monetary policies are also showing signs of divergence.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.