With new technology entering the mainstream, regulatory upheavals, and a hefty slice of political uncertainty to add to the shocks of 2016, the new year promises to be anything but tranquil. Eight leading industry figures gave EPI their views
Francesco Burelli, MD, Payments Strategy, Accenture
The implementation of regulation in Europe next year will prompt a shift. The introduction of Payment Initiation and Account Information Service Provider roles by non-banks (PISP and AISP respectively) will see the market open.
The implementation of APIs will introduce efficiency in payments infrastructure and connectivity, and will shake the competitive landscape. Payments will evolve, but incumbent products will not disappear. Instead they will coexist with an array of new value propositions.
New entrants will compete for customers and user preference, hoping to change consumer behaviour. Remember, real time payment systems are not a new thing: They have been around since the seventies. But never before today have they acquired such prominence and potential for new payment solutions.
Some may argue that payment certainty can be provided without immediate settlement or clearing, nonetheless, the roll out of real-time payment solutions will provide a base for convergence between account-based and plastic payment types. It is likely that new blockchain solutions will keep being tested as an alternative to incumbent correspondent banking business models.
Globally, we will also see continued growth in mobile payments, particularly in developing countries where mobile provides an alternative to retail banks and a cost-effective channel for basic financial services solutions.
As activity increases, central banks and the Bank of International Settlement will turn their attention to the provision of regulation. Donor funding will also play a part to drive a relationship between financial services and telecommunications-owned infrastructure.
Finally, identity management and payments will keep overlapping. Authentication and security remain critical, particularly as payments become more digital and frictionless.
It is likely that fraud will keep being a growing threat to the industry. As financial firms digitalise to meet customer demands for mobile and multi-channel access, they must work to protect themselves from new cyberthreats from an ever-expanding and sophisticated set of cybercriminals.
Rich Bialek, CEO, Global Technology Partners
When thinking about the direction of the payments industry in 2017, here are my five key questions:
1. How successful will Visa Inc. be in integrating Visa Europe?
Now that the deal has been signed, the hard work of integration must be completed. Layoffs have started at Visa Inc. as the organisation looks to realise operational leverage from the combined businesses. In addition, the sudden departure of Charles Scharf as Visa CEO adds a new variable to the equation.
Will Visa Inc. be able to increase prices and margins in parallel with the organisational rationalization? Yes, but not in the near term. Will MasterCard be able to take advantage of the dislocation and disruption in Visa and gain marker share? Yes in the short term, but not sure if the gains will be sustained.
2. How will PayPal, Visa and MasterCard get along?
The agreements PayPal signed with Visa and MasterCard define a potential new path of cooperation between those parties. Will the expected benefits be realised? Will PayPal be able to offset higher Visa/MasterCard transaction costs will incremental transaction volume?
Will Visa Checkout and MasterPass realise a boost in adoption rates? Will this agreement serve as a template for future deals between the established networks and other industry disruptors?
In 2017 we will begin to get answers to those questions. In addition, given the rate of new industry entrants, product innovation and disruptive technology, Visa and MasterCard need to be ready to make more PayPal like deals in 2017 and beyond.
3. How will the Consumer Financial Protection Bureau (CFPB) change in a Trump administration?
The 2016 US Presidential and Congressional elections produced a Republican sweep of the House, Senate and President races. The CFPB will find a less friendly environment to pursue an activist agenda, and may find some of its prior regulatory and legal initiatives reversed, including a change of oversight and budget control.
4. Is it safe?
A famous line from the 1970s-era movie The Marathon Man is now a daily question for the payments industry. Under increasing attacks from hackers of all types, the industry stakeholders must redouble efforts to provide an end-to-end more-secure payment system.
It means much more than competing the long-overdue implementation of EMV chip cards in the US. More intrusive and effective monitoring of transactions, databases and networks is required, as is a more thorough and ongoing due diligence of business partners.
5. Will blockchain go mainstream?
Related to the question of security is the evolution and acceptance of blockchain technology. It offers a promise of enhanced security, lower transaction costs and faster transactions. Expect blockchain to become part of most stakeholders’ strategic plans, but not a have an impact on 2017 operations or performance.
I can’t wait to see how it all unfolds over the next 12 months.
Stuart Lacey, CEO and founder, Trunomi
In 2016, personal data has become an asset class in its own right. If used correctly, it can offer value to both sides of a transaction – more immediate, personalised experiences for the customer, and less risk, less cost, higher conversion and better brand loyalty to the company.
Although we have seen a growing respect for the use of personal data, many companies are still learning the hard way through data breaches, mismanagement and the loss of reputation. In 2017, the rise of the personal data economy will truly take hold in the payments sector.
This means that customers will demand that personal data that is linked to their payments is only used within the bounds of their informed consent. Payment firms must grapple with the desire to build on new revenue streams from valuable customer data versus the need to meet customer calls for more transparency and less abuse of personal information. 2017 will thus be a critical year to build trust by fundamentally upgrading systems and processes to capture, store and use customers’ personal data.
This is not only for the above noted benefits but, in particular for firms doing business with EU citizens, they must prepare for the imminent arrival of the new data privacy law, the General Data Protection Regulation (GDPR), which bring massive fines into play in early 2018.
In a world where the customer relationship is no longer owned by the company, but increasingly by the customer itself, trust and transparency have never been so critical.
David Hamilton, CEO, eWise
In the UK the Access-2-Accounts provision within PSD2, along with parallel initiatives including OpenBank and recently published remedies from the CMA, will introduce a new wave of technology and competitive openness.
This new world of ‘openness’ will likely present opportunity and challenge to both sides of the value chain: banks and third-party processors.
PSD2, OpenBank and the CMA remedies introduce ‘front doors’ to data to which banks will need to provide third parties with keys. These freshly mandated open APIs will be a milestone in banking technology and regulation, creating tremendous industry buzz.
However, considering the scope of each initiative and their projected implementation timetables along with their specification principles, it is apparent that PSD2, OpenBank and the CMA remedies offer access to the same thing, namely the end user’s basic current account, albeit with different technical standards and implementations.
Essentially three different ‘front doors’; worse still, these doors lead into the same room.
While all three initiatives address the scope of the basic current account, each initiative varies in its inclusion of credit card, overdrafts and savings accounts. Furthermore, only the CMA remedies address loan products, and these are in the context of business accounts only.
With the average consumer and small business customer possessing a broad range of financial services products including current accounts, credit cards, personal loans, leases, insurance, ISAs and various other investment and credit accounts, the scope of these open API initiatives might leave some of us feeling underwhelmed when it comes to providing end users with innovative, convenient and value-added services driven by a truly comprehensive picture of their financial relationships.
One might even ask how, without a platform able to aggregate data from a comprehensive range of target institutions and a broad list of product types, a third-party processor could build a sustainable business model given how limited and crowded the front room will be.
PSD2, Open Banking and the CMA remedies simultaneously introduce complexity and a narrow scope. We enter 2017 with more questions than answers.
Joe Bloemendaal, head of EMEA, Mitek
In 2017, over £4bn ($5bn) in AML-related fines will be levied at financial institutions worldwide
For financial institutions, knowing who your customers are is more important than ever. AMLD 4.1 comes into force by June of next year, and increasingly stringent AML laws and regulations are also being adopted worldwide.
Governing bodies and regulatory agencies are becoming more aggressive in their enforcement.
The UK’s FCA has not been shy in imposing substantial fines on those who break the rules, and with more firms set to be brought under the regulator’s watch, the level of fines will increase. We’ll also see bigger fines being imposed on firms from outside the financial sector as AMLD 4.1 will cover eWallets and virtual currencies.
In recent times the FCA has imposed ever increasing fines on both UK and non-UK banks – Barclays and Sonali Bank being the most high-profile.
The US Department of Justice warned banks that it would begin aggressive enforcement of AML laws and indeed, over the past five years the US government has brought a series of high-profile cases against financial institutions for violating applicable AML laws by failing to conduct sufficient due diligence on high-risk customers.
These trends will continue and we predict that it will result in over £4bn in fines levied on financial institutions in 2017 for failure to adequately meet AML laws, especially as it comes into force on June 24, and as the contagion around increasing regulation spreads from the EU to the rest of the world.
2017 will be the year that banks, yet again, fail to address digital onboarding solutions fully
Despite consumer feedback and increasing numbers of transactions via mobile, banks have still not moved their processes out of the branch. According to the Wall Street Journal Europe, nearly 80% of readers responding identified online and mobile functionality as being among the most important features a bank can offer.
Indeed, the UK Card Association found that spending online hit £145bn in 2015 or almost a quarter or all card spending. Increasing numbers of challenger banks are coming to market threatening to take transaction volumes away from traditional banks as consumers are attracted by mobile-first offerings.
However, with the arrival of PSD2 and AMLD 4.1, it looks like the regulator will force their hands if banks refuse to make this transition themselves.
An end to regulatory leniency for fintechs as the bell rings on play time
Fintech companies, it would seem, have somewhat of an unfair advantage over banks. They have an almost protected status in the eyes of the regulator, they are unburdened by legacy issues and infrastructure and they can test their business models in specially created sandboxes, free to make mistakes.
These sandboxes enable firms to test innovative products, services, business models and delivery mechanisms in a live environment without immediately incurring all the normal regulatory consequences of engaging in the activity in question. Will this sheltering of startups leave them unable to compete when let out into the real world? Does it create an unfair system where some firms are too small to fail?
In 2017, banks will begin a fightback, and by the end of the year regulators will have levelled the fintech playing field.
Is an identity crisis for the sharing economy looming in 2017?
The sharing economy has disrupted traditional service models by allowing buyers and sellers to do business with each other online.
Poster children include businesses like Uber, Airbnb and ZipCar, but when you can buy anything from anyone, who do you trust? How do you know who you’re renting an apartment from? How do you know it’s the same as the pictures? Are you confident that the driver you hire is the same one that picks you up? What about the car you rent? Or the restaurant you order from?
Some 43% of UK millennials say they are very nervous about the potential for identity fraud, and would only transact with a brand online if it had trusted credentials. In 2017, we will see major investment from these players as they seek to create more trusted, verifiable customer experiences.
Car-sharing, sofa-surfing and food-delivery services should authenticate users at a moment’s notice – but shouldn’t trust be built in from the start for users of these services?