Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Top Stories

Mobile Payments: Managing Commercial, Regulatory and Compliance Risk
IMG 5970 2333

Published : , on

By Mike Rebeiro, Global Head, Technology and Innovation, Peter Snowdon, Partner, and Jamie Gray, Associate, Norton Rose Fulbright LLP

A number of banks and financial institutions have announced mobile payment collaborations with well-known mobile handset manufacturers, using the mobile handset’s global branding as part of the sales proposition.  Others are choosing to develop their own solutions, to be launched using their own branding. In either case, banks and financial institutions have been quick to recognise the potential for mobile payment solutions, and for good reasons.

Mobile payment solutions provide opportunities to improve customer ‘on-boarding’ and retention, to obtain insights about customer behaviours and to enable new distribution channels for delivery of value-added financial services and products.

With opportunities such as these, however, come risks. This article explains how mobile payment solutions typically work and considers some of the commercial, regulatory and compliance risk areas for banks, financial institutions and their suppliers.

1          What is a mobile payment?

Mobile payment solutions typically involve a cardholder (a shopper), a card issuer (for example, the cardholder’s bank), a merchant (for example, a shop) and a merchant acquirer (the shop’s bank). They can also involve a mobile network operator (MNO) and a ‘trusted service manager’. The trusted service manager acts as an intermediary between banks/merchants and the MNO, and manages the security aspects of the transaction necessary for a mobile payment to occur, in association with the MNO-provided SIM.

Into this mix, however, mobile handset manufacturers have recently launched a disruptive technology. They have embedded technology in the handset that would do away with the need to rely on a MNO-provided SIM or a trusted service manager for authentication of a mobile payment transaction.

This would greatly reduce the role of the MNO to that of a channel of data carriage, and looks set to significantly recast the existing profile of the mobile payments industry. It also leaves open for negotiation what the revenue-sharing split for the various stakeholders should be in relation to revenue generated from each mobile payment transaction.

Additional Authentication for Mobile Payments

The diagram below maps the authorisation processes for a typical credit card transaction, including the additional authentication processes involved when a mobile payment transaction is made using a:

  • wallet payment method (using host card emulation);
  • tokenisation method for a real credit card number.

Some data that feed into the authorisation processes differ from those data processed in a traditional credit card transaction, but many aspects of the authorisation processes remain unchanged. The key difference is the additional layer of authentication procedures for a mobile payment.

Key:     n  Wallet payment (host card emulation)
n  Tokenisation (for a real credit card number)

2          What are the key contracting risks?

Parties who wish to work together to launch a mobile payments solution will typically use a collaboration agreement or a more sophisticated joint venture model.

The collaboration agreement (or other contractual vehicle) will need to address the following types of risks and commercial considerations:

  • the parties’ respective financial and other contributions;
  • revenue sharing arrangements for generated revenue. For example, will the supplier of a handset-enabled payment solution be charging a bank or financial institution any transactional or interchange fees?  Who will bear the additional costs charged by credit card networks to provide additional data to, say, ‘tokenise’ card data for mobile payments?
  • allocation of responsibility in relation to the discharge of regulatory obligations;
  • licensing and ownership of intellectual property rights;
  • control over use of trademarks in promotional activities;
  • compliance with anti-money laundering (AML) regulations;
  • customer ‘ownership’. Banks and financial institutions will look to include contractual provisions that help prevent ‘disintermediation’ between them and their customers by the other contracting party;
  • exploitation of transaction data generated by the service offering (for example, through big data analytics). This may depend on what can be done with customer data under the applicable data protection legislation;
  • security obligations to prevent cyber intrusion;
  • exclusivity (if any), subject to competition / antitrust law controls;
  • continuity of service on termination; and
  • the parties’ respective tax positions.

3          What are the key regulatory issues?

Regulatory initiatives in this area generally focus on consumer protection, promoting effective competition and implementing AML and financial crime measures.

Different regulatory regimes apply to mobile payments broadly according to the type of payment service or product on offer and the jurisdiction at issue. In Europe, for example, the main EU frameworks that currently regulate mobile payments are:

  • the Payment Services Directive (for firms carrying out money remittance, executing payment transactions and other payment services);
  • the E-Money Directive (for issuers of electronically stored value or ‘e-money’); and
  • EU anti-money laundering legislation (requiring firms to establish policies and procedures to prevent and detect money laundering and terrorist financing activities).

Compliance in relation to data storage, information security, and risk management are also relevant considerations for both financial institutions and MNOs in many jurisdictions.

Due to concerns about the burden of becoming regulated as financial institutions, an MNO that is involved in the provision of a mobile payment service will typically seek to form a collaboration  with a financial institution which is already regulated (such as a merchant acquirer, or an ‘e-money’ or ‘stored value’ issuer) who will be responsible for:

  • the regulated aspects of the business; and
  • compliance with any relevant payment scheme rules (such as card scheme rules).

The task of performing AML screening typically falls on the financial institution (but there are certain mobile payment solutions and certain jurisdictions where the AML requirements dictate that screening must be performed by the MNO).

4          What can we expect in the future?

Change is likely to remain the operative word for the mobile payments industry for some time to come.  As more and more valuable financial data migrates to mobile, we can expect increased regulatory oversight in most jurisdictions.  Trust is hard won and very easily lost.  Inevitably, therefore, there will be an increased emphasis (both commercially and from a regulatory perspective) on security, steps to prevent cyber intrusion and data protection.

Uma Rajagopal has been managing the posting of content for multiple platforms since 2021, including Global Banking & Finance Review, Asset Digest, Biz Dispatch, Blockchain Tribune, Business Express, Brands Journal, Companies Digest, Economy Standard, Entrepreneur Tribune, Finance Digest, Fintech Herald, Global Islamic Finance Magazine, International Releases, Online World News, Luxury Adviser, Palmbay Herald, Startup Observer, Technology Dispatch, Trading Herald, and Wealth Tribune. Her role ensures that content is published accurately and efficiently across these diverse publications.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: . You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post