Call to Action – Submit Response to Fed

1 Dec 2013

As most of you know, the Federal Reserve published a paper entitled Payment System Improvement and opened it for comments http://fedpaymentsimprovement.org/. Responses are due 13 days from Today. My response can be viewed here.

After witnessing the mess that Regulators and Central Banks can create (FFIEC 2 Factor Auth, UK Faster Payments, SEPA, …), you should take time to submit something for your organizations.  We all need a flexible regulatory environment which provides a fertile field for Innovation and technology evolution (of payments and banking).  How should the US payment system evolve? What is Broken? What is working? Who should lead (Government or Industry)? This is the context behind the survey which covers: tokens, real time payments, fraud systems, mobile payments, and approach.

Summary View

  • The Payment System works today for 95% of needs. Let’s NOT force everything to be real time. Just as we have Rail and Ship transport today… some consumers still demand next day air delivery (a business need that consumers will pay extra for).
  • The problem with the payment system is NOT speed, it is control. The American Banker article How Big Banks Killed a Plan to Speed Up Money Transfers speaks to the uneven playing field faced by small banks, MSBs and other service providers.  Why are big banks blocking this real time effort? Because the top 4 are formulating plans to restrict use of bank owned settlement infrastructure and create new semi-open REAL TIME settlement networks (ie ClearxChange) which will only work for the largest institutions (see New ACH Payment System for background on this initiative). The second paragraph of the Fed’s paper

    Industry adoption of new payment services and technology in this country has been driven mostly by market forces rather than government direction

    is incorrect. Industry adoption of CORE payment services is driven COMPLETELY by the top 5 banks. Top 5 Banks created and hold veto power over: Visa, MA, TCH, NACHA, … and most industry infrastructure.

  • There are only 2 regulatory changes I would request: #1 mandate transparency in rule making for both government controlled (FedWire) and private Payment Entities. No more anonymous voting on common infrastructure, the NACHA and TCH voting procedures are a mess.  The WSJ article above demonstrates the obfuscation.. and the subsequent success of this blog. #2 Allow non banks to assume risk and decrease compliance requirements (for banks) surrounding this service. (more on that later)
  • Over 40% of US consumers are no longer well suited for traditional banks and are migrating to new products (pre-paid/GPR cards) that are offered by new intermediaries. Payments are not only critical to the top of the pyramid but to the bottom. Non banks and the unbanked must be able to participate in the payment system. Again the issue is NOT real time payments, but ACCESS (control).
  • The core technical challenges in Payments are #1 Consumer Authentication, and #2 Risk Management. Non banks are best positioned to Authenticate a Consumer, and may also be best suited to manage risk (as Paypal does in Card Not Present). Banks bear the weight of KYC/AML requirements today and therefore look to control the entire process. If we want consumer centered investment, Non Banks must be able to participate, and bear risk. If the central bank commits to technology of yesterday  we will not be able to leverage new capabilities and consumer experiences will be highly fragmented. (ex a new Apple device which would enable real time, irrefutable transaction signing).
  • The core business challenges in payments today are around value. Banks do not want to invest in networks that benefit merchants (ie Debit, DDA) and Merchants don’t want to invest in networks that benefit banks (ie Credit, Contactless). Payments are just the last (easiest) phase of a long Commerce process. No one should force banks to invest in merchant friendly mechanisms, but banks should not be in a position to BLOCK success here.
  • There will be NO INVESTMENT, if there is NO RISK. Payment profitability is driven by risk management (including fraud, authentication, credit risk, …).  We must allow entities that can bear risk to participate and invest.
  • Network efficiencies MUST IMPROVE (see Thomas Phillippon below). The GOAL of payments should be to provide LEAST COST ROUTING to support consumer preferences of where and how they want to pay and authenicate (ex Apple, Google, …). Expanding an existing utility (ie Fed Wire) may provide a faster path to new capability, and develop a higher quality of service, as competition develops among private networks (analogy is Darpanet ).

MCI Interconnect in Financial Services?

The metaphor for change in the payment system may be the 80s MCI interconnect battle (see Wikipedia), combined with a new regulatory regime which would allow non-bank participation in an OPEN settlement network (Connection + Settlement). See my blog How to Deregulate Payments like Telecom. To understand the current state of industry quantitatively,  NYU’s Thomas Philippon published jaw dropping research detailing how Payments and Banking are one of the few network businesses in the HISTORY OF MAN to grow less efficient (rail, telecom, energy, …). Obviously Regulatory Capture is an issue as regulators protect Bank margins and discourage rate competition. The fundemantal flaw to the Fed survey is an underlying assumption that change will be made to existing utilities and existing players. I’d rather take the MCI approach where the government provides for open interconnect and allows other parties to assume risk. This is why Telecom, Airlines, Stock Exchanges, and the Internet work today. There will be no change, or new investment, unless Regulatory Capture and Big bank control over common utilities is broken.

In another example, from my blog Tokens – Merchant Options obviously there is a need to tokenize a direct draft ACH/DDA to hide the consumer’s account number. This is what the TCH upick system (bespoke TCH token system) was developed around. However banks have NO incentive to deliver innovation around DDA tokens as it would decrease risk and increase consumer adoption in a model where they can not charge ANY interchange. Thus innovation is directed toward revenue (a logical imperative), and conversely merchant avoidance is based upon cost/value (hence no adoption of card POS tokens).

The EU’s ELMI model is perhaps the best developed regulatory standard. Perhaps the US pursues something similar which would serve as a federally chartered MSB. Or provide for existing MSBs to operate (and assume risk) on a settlement network (like Fed wire).  This is my core recommendation, rather than taking a 5 year approach, the Fed should create an open settlement service, in which private utilities (ACH, Visa, …) must compete with. Australia (EFTPOS) and Canada (Interac) have both successfully consolidated debit infrastructure as a result of regulatory mandates (and these remain bank owned networks). Today Fedwire competes with TCH in settling payments, but garners much less than 1% of settment (see FedWire Volumes).

The Fed should consider consumer requirements and preferences, after all it is the consumer’s money. Similar to the MCI telecom case, regulators should consider the minimum consumer servicing requirements. If a consumer wants to pay through an intermediary (like PayPal, Amazon, Google, MCX, … ), or have money stored with an intermediary, or want to remain anonymous to the merchant in a transaction, they should be able to do so. As the Visa model evolves, Consumers should be able to INITIATE the payment request with the Bank (as opposed to the Visa/MA model of merchant requesting payment based upon consumer credentials).

Today, ODFIs are responsible for all risk (in ACH and Card Present). The Regulatory burden they face is substantial (Fed, OCC, CPFB, …etc.).  There are very big plans by the banks to gain tighter control over the payment network (see Tokens and Consumer Authentication).  Fundamentally, if we want change, we must improve transparency and allow risk to be assumed by non banks (and consumers).  Consumers should have the choice to take the slow railroad (with guaranteed delivery) or an instant transfer that cannot be reversed.

The FED should be very mindful that their direction does not just impact Innovation at the top end of the consumer pyramid: over 40% of US consumers are unprofitable to US Banks (see Prepaid – Future of Banking?). The Amex/WMT Bluebird product is proving to be an attractive alternative “banking lite” product with ability to direct deposit. The story of MPESA in Kenya may be useful here, as a non-bank was granted an exception which enabled the service to grow from 0 to 10% of the GDP in 3 yrs. Regulators and the Central bank do NOT look favorably on this development, as 10% of the GDP flows out of M1 into a single non-interest bearing settlement account which cannot be leveraged by banks to offset loans (ie liquidity ratio). But consumers love the service…

Key Topics which I believe need to be addressed:

#1 Bank Ownership and Control of the Payment Rails

  • Cost Transparency/Reporting
  • Speed Transparency/Reporting
  • Transparency of Rule Making and Voting in Infrastructure
  • Non Bank Ability to Connect
  • Non Bank Ability to Take Risk
  • Non Bank Participation in Settlement (ex Federally chartered MSB, or non-bank access to FedWire)
  • Consumer Authentication Standards, and Ability for non-banks to assume role (see KYC)
  • Common Reporting/Alert Interface in Transaction Origination and Settlement

#2 Issuance and Value Storage (from How to Deregulate Payments like Telecom)

We need to look no further than BitCoin to see the need for new regulations surrounding issuance. Transfer of funds between entities is covered above, and my view is that non-bank participants should be licensed and agree to abide by current money transfer  regs (ie. Fincen/AML, ..). Issuance of “credentials” and storage of funds is another matter. Long term storage of funds is a banking function, and should be regulated, settlement funds face state escheatment issues (but largely unregulated unless interest is paid), while storage of “Value” is completely unregulated (ie Coupons – a form of legal tender, Pre paid offers, bitcoins)?

From above, if we allow non-banks to participate in real time funds transfer, third parties (ie Sofort) would act as agents (on behalf of consumer, merchant or bank) to direct the funds and assume risk on behalf of consumer. If a good/service is purchased immediately (commerce) then there is no regulation, however if the value is “held” for future use it is generally regulated (hence MSB, eGold, bitcoin issues). Thus the rules under which third party senders operate (as agents), are different from the entities at the end of the transactions (banks, merchants, consumers). See ACH Origination Risk.

As in the MPESA example above, there is an obvious CONSUMER need for issuance to more closely resemble cash in its ease of exchange, verification, anonymity and storage.

Our current need is for simplified laws surrounding account under a given value amount (say $2000). Providers of service should be lightly regulated through self reporting, “transparency”, and the need to keep settlement funds with the Fed. In this proposed model, a bitcoin exchange must ensure that no single individual has processed more than the threshold in a given time period. Hence the need for KYC of exchange participants (when converting to cash).

Summary – new HUB vs evolving existing networks

The current ACH system will never go away (related blog). There were $33.91 TRILLION moved over the network in 2011, compared to total debit and credit volume of around $4.5 Trillion. What path should regulators take?

#1 Improve ACH (primarily speed and fraud management). The highest priority will be around third party senders (TPS), the lowest priority will be regular customer directed debits and payments to billers.

Third party senders (TPS) are a subclass of Third Party Service Providers (TPSP) which originate ACH transactions based on a direct consumer relationship.  Alternatively TPSP are also known as “processors” whose customers are banks (primarily) and have no direct consumer relationship. Banks are not happy with the “free riders” on their network (see  blog). Most bankers view companies like PayPal and Xoom as riding on their rails for free. One of their biggest issues is that they do not have visibility into the actual beneficiary as the settlement account hides where the payment is going to. This impacts their ability to perform risk management and authorization. Take these issues together with the increased regulatory focus on AML and we have a fertile environment for change (HSBC’s See Deferred Prosecution Agreement, and business overview of HSBC’s issues from Reuters). Note that AML concerns are much more relevant to International ACH Transactions (IAT). This blog is not focused on IAT.Token

Banks must therefore architect a solution to evolve ACH while the ship is moving. This is a much better approach than that taken by the UK of mandating faster payments… (one bank was losing 30M GBP a WEEK from fraud when launched). The consensus approach seems to be one surrounding tokens and directory (my blog from last year Directory Battle Phase 1).

#2 Build a new competing network (around Fedwire) which would allow for non-banks to assume risk

 

Sorry for abrupt end.. I’m sounding repetitive.. .so I’m stopping

Payment Start ups – MSB or Bank?

7Sept Update

Late last year the state of Georgia created a new bank type. See link below

http://www.paulhastings.com/assets/publications/2197.pdf

 

16 Aug

I had 6 calls in last week on the same topic, covering different companies…(Strange how things go in waves… )…. General theme is what regulatory structure should I take on if I’m a payments business. My answer is: go talk to your attorney, as this is not legal advice… just a few random thoughts for INVESTORS.

This blog is a follow on to my note 2 months back Payments: What is a Start-Up to Do?  Perhaps the best way to start this off is from the quote I gave in US Regulations, which demonstrates the regulatory evolution that has taken place over last 10 yrs.

From PayPal’s 2002 prospectus.

We believe the licensing requirements of the Office of the Comptroller of the Currency, the Federal Reserve Board or other federal or state agencies that regulate or monitor banks or other types of providers of electronic commerce services do not apply to us. One or more states may conclude that, under its or their statutes, we are engaged in an unauthorized banking business. In that event, we might be subject to monetary penalties and adverse publicity and might be required to cease doing business with residents of those states. A number of states have enacted legislation regulating check sellers, money transmitters or service providers to banks, and we have applied for, or are in the process of applying for, licenses under this legislation in particular jurisdictions. To date, we have obtained licenses in two states.

Data points from this week:

  • New payments focused bank led by Bob Willumstad (former AIG CEO) – Independence Bancshares (public company IEBS: OTCQB).
  • Carol Realini bought Obopay US (the MSB licenses)
  • Wirecard’s international MNO wallet success (see 2013 earnings presentation, and Bank Licenses.
  • Greendot 2x run up.. now a bank and “model” GPR card and BANK IN A BOX.
  • Analyst question… would Visa ever seek to be an MSB or a Bank?
  • US regulatory clamp down … KYC enforcement is the theme here. Banks must know their customers.. and also KYC every single one of their corporate customers beneficiaries.

Thoughts for the day

If there is one thing you do today.. get familiar with Wirecard. I love this model….  I’ve gotten myopic in my old age (48), at Citibank I was 100% focused outside of US.. in last 2 yrs I’ve switched to 90% US focus.. now paying the price. I can’t believe Wirecard slipped my radar. 2,400MM EU transaction volume.. almost 500MM EU in Rev.. 2,700MM EUR Market Cap. Think of them as a white label banking platform with bank licenses. For those that read my blog.. Wirecard is a new cluster at scale in Europe and Asia.

Don’t have time to make this a 5 page blog.. so I will resort to bullet points

  • MSBs are limited, and costly, licenses. If the core of your business is leveraging another primary account (bank), and leveraging existing “rails” then this is probably the right structure. In the US, you must work to obtain 47 separate licenses with each state individually.
  • Bank licenses are certainly more flexible, and provide for managing the customer relationship but there are 3 big downsides. #1) your financial reports and balance sheet must include a separate bank division #2) Acquiring customers is really hard #3) Regulatory burdens can be insane and consume your time and capital (Ex, CRA and Bloomberg article)
  • Most Start ups “rent” a license through an existing  player. Square/Chase, Google/Bancorp, …
  • Leveraging existing banks is proving very, very problematic as they own the customer, “rails” and the “rules”
  • Today, Top issuers, Networks, Retailers and Platforms are at War here… See CEO View – Battle of the Cloud 5. There are billion dollar bets being made..
  • In Europe, an ELMI Structure is the global reference model for a start up.. unfortunately there are no other regulatory equivalents (see E-Money regulation in the EU)
  • Mobile payments (physical/POS) success today centers around transit.. and is either transit led or MNO led.
  • NFC is failing completely.. technology is fine, but the supply chain and distributed control are unworkable
  • Every major entity today is competing for the “TSM” role. My belief is that Apple, Google, Amazon are in the Driver’s seat.
  • I am 80% confident that Visa, MA will follow Amex’s/Discover and obtain bank licenses in a limited number of markets. Neither wants to be first.

Take Away

If MNOs look to retain a leadership role in payments, then Wirecard is the reference model. I’m not the only one to see this… Today we see banks working to squeeze in their existing product (Credit Cards) in to the mobile phone. As MPESA’s success showed, mobile payments are much more likely to succeed when you have one leader capable of driving a focused value proposition.  Why squeeze and existing product into the phone if you can create an entirely new one? What if the future of banking “profitability” is driven less by Net Interest Margin, Treasury, and Transfer Pricing and on more on Consumer Data…?

Buy Wirecard (I just did). I also think they will be acquired within 18 months… Buyers: Visa, MA, Platforms, … Biggest Hurdle: Who can handle having a bank balance sheet.

wirecard

Related Blogs

Paypal – Lending

Investors Guide to Mobile Money

Emerging markets – MNO Led

India – the craziest market on the planet

ACH Origination Risk

US banks are getting out of the business of supporting MSBs as the regulatory burdens increase. The most recent (and significant) are CFPB’s final section 1073 rules.

I’ve been thinking about several active projects going on in Start ups, bank networks as well as the Xoom IPO. Who owns origination risk for ACH?

Here is a good Story… back in 2002 banks did not allow for online fund transfer. If you wanted to move money from one bank to another you had to write a check and deposit it at the ATM.. and wait 5-7 days. Online brokerage services (etrade, schwabb, … ) did provide the service. BAC broke the mold in 2003, and my team at Wachovia followed. Both Wachovia and BAC used Cashedge (now part of FISV and still good friends of mine).

The general transaction flow (after registration and account ownership verification)

– Debit sender’s account, credit settlement account (good funds)

– Credit beneficiary account, debit settlement account (good funds)

Rather simple stuff.. but there was one big problem. Cashedge was using a very small California bank Calnet for settlement. Can you imagine.. everyone of their big banking customers (including BAC) were putting settlement funds into this tiny little bank which was originating transactions DAILY at a value close to its asset size. We caught this in project due diligence and subsequently set up a separate WACHOVIA settlement account in our business banking facilities. In this model Cashedge became a third party sender for us operating as ODFI.

This Fed whitepaper outlines a few of the risks in ACH origination. Today the large banks have taken a regulatory view that they own the risk on EVERYTHING  that debits their customer’s accounts. Furthermore they are responsible for every originating transaction (even for MSBs that maintain an aggregate settlement account), particularly KYC.

OCC Bulletin 2006-39 clearly addressed the need for ODFIs to know details about all  participants in third party relationships by indicating that financial institutions “should  know, at a minimum, for which Originators they are initiating entries into the ACH Network

This KYC issue is one of the things the lead to the death of HSBC retail in the US (See Deferred Prosecution Agreement, and business overview of issues from Reuters). Demonstrating there are big risks for third party senders that don’t know their business clients. This NACHA whitepaper provides results from a third party sender survey with NACHA banks.

US banks are getting out of the business of supporting MSBs as the regulatory burdens increase. The most recent (and significant) are CFPB’s final section 1073 rules.

Section 1073 of the Dodd-Frank Act amended the Electronic Fund Transfer Act to require remittance transfer providers to provide disclosures to senders of remittance transfers  pursuant to rules issued by the CFPB. Specifically, remittance transfer providers must give  senders a written pre-payment disclosure of specific information applicable to the sender’s remittance transfer. A remittance transfer provider must provide a written receipt that includes both the information on the pre-payment disclosure and additional specified information.

There are a number of “specialist” banks operating in this environment. But a key takeaway for investors is that the costs to “ride the rails” of ACH are increasing. Top 5 banks are taking the position that every bank must KYC the originating customer. Banks are not keen on supporting start ups on their infrastructure, bearing all the risk and cost of running the rails.. while others reap the benefit. This was my point behind Xoom’s $800M market cap.. a company completely built on bank infrastructure.