Payment experts and senior bank managers are facing fresh challenges with Payment Service Directive 2 (PSD2)coming into force in January 2018. Here, Bertrand Lavayssiere,Partner and Managing Director at zeb, takes a look at the background to this latest step in a long journey towards a harmonised payment system across Europe, and the impact this new regulation is set to have on the industry.
As far back as the turn of the century, payments have featured prominently in discussions amongst EU leaders. In the Lisbon Agenda in 2000, they outlined their vision of creating a level playing field for European citizens and corporates in the Eurozone. This initiative was called the Single Euro Payment Area(SEPA), and they sought to improve the efficiency of cross-border payments and turn the fragmented national markets for euro payments into a single domestic one. It was anticipated at the time that such an initiative would create a 2% GDP growth.
It took close to 14 years to see any noticeable change, however. Two tangible signs of movement were changes introduced in the PSD1 and the SEPA instruments rulebooks. The aim of PSD1 was to harmonise the generic terms and conditions of a payment for EU members. This had previously proved extremely difficult to do, owing to the fact that each market had its own commercial laws. A good example to illustrate such difficulties can be seen with the definition of what constitutes the transfer of ownership being complete in a transaction. In certain countries, this is when the bill is issued, whereas in others, it is when the payment is received.There are similar differences with payment terms, too. PSD1 provided a solution to these challenges and as such was rightly seen as a revolution for commercial law and payments terms. It also brought about significant change to the structure of the revenue stream for banks in the payment space.
The SEPA initiative harmonised two major payment instruments: credit transfer and direct debit. The initial rulebooks were the subject of heated debate. This resulted in compromise which, for many, was seen as a regression to the local market practices, although subsequent versions did improve the situation. The launch of the SEPA instruments has generally been seen to be a great success, evidenced by the fact that the other instruments were decommissioned by law.
Thesesignificantinitiatives and the subsequent IT investments did not, however, yield the expected results. The EU examined the 2% GDP growth projection and published a document that showed the actual growth figure to be no more than 0.3%. It is noticeable that a number of payment instruments in widespread use – in particular, cards and cash – were only marginally affected by SEPA.
From a micro-perspective, such as a bank’s viewpoint, this created a healthy review of the payments business model.It subsequently led to some major projects designed to reinvent their payment offerings and engineer recuperation of risk of revenue losses and investment costs.
PSD1 also invented a new player, the Payment Service Provider (PSP). The views of the law makers were that payments could be done by a dedicated unit which did not necessarily need to be a banking group, and this paved the way for further major transformations within the payments industry.
In light of this, there was a perception from regulators that there was still more to be done – the cake was, so to speak, only half-baked. PSD1 has not yet changed the equilibrium, nor the market shares, among market participants. Cross-border payments remain at a mere 2% of transactions at euro level. The main reason is that, although payments are at the core of the banking activities, they are linked to other banking activities such as current account management, credits, savings, securities dealings, which are generally fixed and unlikely to change.For many of us, the most astonishing result has been that for a payment instrument used for close to 50% of electronic transactions -i.e. debit or credit cards – the actual standards adhered to are the ones from international card schemes (Visa, MasterCard, and the like) – not exactly a very European approach, is it?
So,have the regulators created PSD2 in an effort to revolutionise card and cash payments? Not really,in my opinion -it is about refinement ofthe PSPs.
PSD2 will create new bodies replacing the PSPs: the account aggregators (AIPSP) and the payment initiators (PIPSP). Theaim is to facilitate new players in the payment field. One of the features of PSD2 is that account holders (banks mainly) should be able to provide the AIPSP and PIPSPwith access to their customers’ data. This will certainly be of interest to non-traditional players,suchas start-ups, who, for first time, will be able to access the payment data of a customer base easily. The jury is still out on how exactly this is will transform the payment market.
Along with PSD2, the European Central Bank and the EU have pushed a new SEPA instrument, SCTInstor Instant SEPA credit transfer, which will allow funds to be in the payee’s account in less than 10seconds. It will be launched in November 2017 and demonstrates how close we now are to real-time payments.
To conclude, the efforts of the regulators are geared at streamlining and accelerating the pace of the payment market, building on past successes in some areas. From a customer perspective -namely individuals, professionals and SMEs – every market survey reveals the same findings: “we are happy with our current payment instruments sowhy adopt a new one?” The message to the industry and policy makers is clear – customers will only adopt new payment instruments if they create sufficient value.Effectively disrupting the market share of instruments means fighting against the well-entrenched payment habits of satisfied customers.
One hypothesis with PSD2 is that facilitating new players with integrated services, including payments, will change the rules of the game – a bit like PayPal did when it created an easy payment solutionfor the eBay market place. Google, similarly, has created several successive concepts of payment wallets, yet none of these have yet delivered the anticipated success.
True growth and development of payment instruments will only come with value-added service. So,whilst PSD2 is onestep closer to achieving the goalsfirst set out in theLisbon Agenda, there’s still a long road aheadin order to reach the end goal of a truly harmonised payment system.
Seven lessons from 2020
Rebeca Ehrnrooth, Equilibrium Capital and CEMS Alumni Association President
Attending a New Year’s luncheon on 31 December 2019, we played a game that involved predicting the world in 2020. Some of the questions included: would Uber become profitable? Would the three-decade bond rally finally come to an end? Would the US hit a recession?
Unlike any of our predictions based on a traditional approach to business and predicting, we now know that 2020 became the year where business, professional and personal plans were turned upside down, reshaped and put-on hold. The proverbial black swan had arrived.
As revealed in a new CEMS Guide to Leadership in a Post-COVID-19 World, to which I contributed, the COVID-19 pandemic has exposed deficiencies in the 20th Century vision of leadership, giving a rare opportunity to question the status quo.
So, what are the main lessons from 2020?
- Humans are enormously adaptive. This is not an extinction scenario. The world is getting used to dealing with global human disaster which may become a recurring event. Life continues guided by new parameters.
- No sector or country is immune to rapid change. Just as the leveraged finance and equity markets ground to a halt during the Global Financial Crisis, we have seen a disruption in the financial markets (including M&A) in 2020, including a significant redistribution of wealth between sectors; think tech vs airlines and the hospitality industry. When a market is disrupted it has secondary and tertiary effects such as less work for accountants, lawyers, financiers etc.
- Location is not as important anymore. The belief that finance staff need to be based in one of the financial capitals to be effective has been forever altered. Pursuing a career in finance from anywhere is becoming possible. However, it’s likely that over time, financial controls and human interaction will move the work model back towards the traditional office approach, as work is a critical sanctuary for people. While working from home may allow more time for family, chores and sports, it is mainly effective for people who already have their internal and external networks. For junior employees it presents a notable challenge as they may be forced to spend their formative years without a chance to really build their networks.
- Change is likely to be lasting. The opportunity for alternative finance and tech focused providers is enormous and 2020 will accelerate this shift. For example, many retail banks are providing rather poor customer service, blaming the pandemic. Even the most loyal customers will be heading elsewhere. For recent graduates and current students this is a major shift; future winners and key employers may not be names we are used to seeing in the headlines.
- There will be a spotlight on leaders with visionary strategy and understanding of the operations. 2020 showed many politicians and business leaders behaving like they were playing a game of snakes and ladders, rather than executing a thought-out strategy. The next wave of thoughtful leadership is urgently required.
- Collaboration leads to success. The definition of a pandemic is an infectious disease prevalent worldwide. A global problem requires a collaborative solution rather than each country and industry on their own. Quoting Steven Riley, professor of infectious disease dynamics at Imperial College London: “Once you have the knowledge and you share the knowledge, then you are able to take measures to push transmission much lower”. This principle is transferable to management education. In a world more complex than ever, investing in a degree is hard currency. Combined with the full global alumni network, corporate partners and schools, CEMS is capital that doesn’t depreciate.
- Resilience has become a watch word. Saint-Exupéry’s quote resonates with me: “If you want to build a ship, don’t drum up people to collect wood and don’t assign them tasks and work, but rather teach them to long for the endless immensity of the sea.” We are in a new paradigm – so prepare for the next change. For COVID-19, while we hope that the vaccine will soon upon us, the broader long-term positive challenge remains.
Data after Brexit: How does the end of the transition affect GDPR?
By John Flynn, Principal Security Consultant at Conosco
The UK has officially left the European Union now that the transition period has ended on January 1st 2021. But this could raise issues with one of the biggest bugbears for many companies – the international transfer of personal data.
Businesses can relax, somewhat – GDPR, which took businesses months to get their heads around, is not being replaced. It will continue as the UK GDPR 2018, and will still be based on the criteria of the Data Protection Act of 2018. However, the UK will retain the right to change the UK GDPR as it sees fit in the future.
The main changes apply to those who receive data coming into the UK from Europe. Transfers from the UK to other countries can continue under existing arrangements.
We know it can be difficult to cut through the legal jargon, so we have simplified what you need to know to protect yourself and your data:
1 – Update your privacy notice
Most businesses do not have the correct clauses in place ahead of January 1st, potentially exposing their liability, should something happen to their data. All company privacy notices online will need to be updated to specifically state ‘UK GDPR’, as opposed to ‘EU GDPR’. You will also need standard contractual clauses in place, which cover both parties – those transferring and those receiving the data.
The Information Commissioner’s Office (ICO) has a list of what needs to be included in the standard contractual clause here. The ICO will remain the UK regulator for data protection, regularly liaising with each EU member state.
This also applies to Multi Corporate Groups who operate in multiple countries, who need to update their documentation and privacy notice to expressly cover the data transfers. The UK has applied for an adequacy assessment, which would negate the need for contractual clauses, however this has not yet been approved by the EU.
2 – Data privacy assessments
Any company which runs applications and software should always perform a Data Privacy Impact Assessment. This was also in the guidelines before, but these assessments are now more important for those who outsource their IT operations internationally.
For example, when using a service such as a cloud-based system, the company must be sure that its service provider adheres to UK GDPR and stores the data within the European Economic Area (EEA), or has a binding corporate agreement with the company, where data is stored outside of the EEA. You should also, as mentioned above, make sure that a contractual clause is in place.
3 – Review local legislation
Contracts should now have contractual clauses that specify the responsibilities of the data controller and the data processor. If you are receiving personal data from a country territory or sector covered by a European Commission adequacy decision, the sender of the data will need to consider how to comply with its local laws on international transfers. You should check local legislation and guidance in this case.
4 – Cyber Security health check
The ICO is increasing its capacity and efforts to crack down on data breaches, post-Brexit. Now is a great time for all companies to have a health check to understand their Information Security posture and GDPR compliance. Nobody wants to be caught handling data improperly and fined when it could have been prevented with education and training.
A gap analysis performed by an expert is money well-spent. It’s also a fact that companies that have cybersecurity and Information Security controls are not only able to better defend against attacks but are also far better placed to recover from an attack.
It’s important that all businesses – large and small – are properly preparing their data storage and transferring for the 1st January. ICO has been busy setting examples by fining large, high-profile companies for failing to keep millions of customers’ personal data safe.
It will continue to come down hard on the data breaches of personal identifiable information and special categories of data. The saying ‘prevention is better than a cure’ rings truer than ever this year, and you will thank yourself if you make the efforts to properly store your data now, and not when it’s too late.
2020 reflections and 2021 outlook
By John Hunter, Head of Banking and Fiduciaries, Finance Isle of Man
Reflections on the most surreal year
The Covid-19 pandemic has completely changed the world as we knew it, resulting in catastrophic loss of life and fears of a downturn hang over global economies like a sword of Damocles. In the UK, the new strain has further exacerbated the situation. As I am sure many have already said we are living in what could be called the most surreal times. People have been trying to cope with this “new normal”, by changing their lifestyles and evolving behaviours.
The Isle of Man responded swiftly to the pandemic by closing its borders and enforcing social restrictions which everyone respected and adhered to. Socially and culturally the Island demonstrated all the good things that come from living on a relatively small Island where community still means so much.
The Isle of Man’s financial services sector adapted quickly, seamlessly transitioning to working from home. The banks too adopted flexible remote working practices and continued to support clients around the world helping them navigate the challenging situation and making the most of any opportunities that arose.
Although there is no substitute for face-to-face interactions, we all embraced web-conferencing platforms like Microsoft Teams and Zoom to stay connected with contacts around the world and build and nurture business relationships, whether it was with financial services firms or high net worth individuals looking to relocate to the Island.
Furthermore, a priority for the Isle of Man has been to reinvigorate the business and cultural ties with South Africa. In a normal world, we would have travelled to the country, held in-person meetings with businesses and industry representatives and talked about building on our wonderful historic ties. However, because of the scale and breadth of disruption we had to change all our plans! We hosted a virtual roadshow which comprised a series of webinars exploring why it has never been more important for South African businesses and individuals to choose the right jurisdiction for long term financial planning.
Looking ahead to the future
We are all hoping that the global rollout of vaccines will provide the pathway to some form of return to normality and all the things people are missing will be back. Like amidst all periods of immense turmoil, interesting, new possibilities have emerged such as the revolution in work culture and a renewed importance of being close to nature and green spaces is. And these possibilities can help reshape society for the better.
The global economic recovery and rebuild might seem further away in the current environment especially amidst the new lockdowns. But we are confident in the resilience of economies and are hopeful that different industrial sectors and governments working together would result in green shoots.
The financial services industry has an important role to play in getting the world economy back on its feet. It is a core component of the solution to continue facilitating the financing of corporates, as well as to develop sustainable finance and nurture digital technologies which have proven to be vital during the pandemic. The sector should continue its cooperation and collaboration with governments and regulators to ensure efficient capital flows and financial stability for businesses and individuals.
Banks too have a crucial role to play as they are instrumental to the effective transmission of monetary policies and stimulus packages. As mentioned in a report by EY: “Financial insecurity in the wake of COVID-19 will require banks to boost consumer confidence and help build a more resilient working world.”
We expect the Isle of Man’s financial services sector and banks to continue navigating the situation with resilience as they have been doing thus far and contributing to the global recovery process. Also, we truly hope this will be our busiest year ever (subject to our ability to travel), with an extensive global schedule of planned activity to promote the Island as an international financial centre of excellence and innovation. Personally, I had planned to be in South Africa for the British & Irish Lions tour, but regrettably, it might not take place and as such we will look forward to catching up with friends there as and when we can.
No doubt, there are significant challenges for the world ahead but as Albert Einstein said: “in the midst of every crisis lies great opportunity”. And it is this opportunity that we all need to work together to identify and make the most of. We are confident that in 2021 the Isle of Man will continue to support financial services businesses help their clients, employees, and the wider society through these surreal times. We are all in this together.
FSS and India Post Payments Bank AePS Partnership Advances Financial Inclusion in India
New Delhi, January 12th,2020: FSS (Financial Software and Systems), a leading global payment processor and provider of integrated payment products,...
Seven lessons from 2020
Rebeca Ehrnrooth, Equilibrium Capital and CEMS Alumni Association President Attending a New Year’s luncheon on 31 December 2019, we...
Over a quarter of Brits now have an account with a digital-only bank
The number of Brits with a digital-only bank account has gone up by a percentage increase of 16% Almost 1...
How fintech companies can facilitate continued growth
By Jackson Lee, VP Corporate Development from Colt Data Centre Services The fintech industry is rapidly growing and, in the...
BNP Paribas joins forces with Orange Business Services to deploy SD-WAN for 1,800 retail sites in France
Co-construction approach ensures business continuity during deployment BNP Paribas has chosen Orange Business Services to deploy an SD-WAN solution in...
2021 Predictions: Operational Resilience Takes Center Stage
Breaking down barriers between Risk and Business Continuity By Brian Molk, Fusion Risk Management What a year! Simply put, the global...
Five Workplace Culture Trends of 2021
5 January 2021 – 2020 – a year like no other – is responsible for driving organisational change, especially workplace...
The Impact of the Digital Economy on the Banking and Payments Sector
By Gerhard Oosthuizen, CTO Entersekt. New banking regulations, digital consumers, the eradication of passwords, contactless technology – these are just...
Be Future-Ready: The Case for Payments as a Service (Paas)
By Barry Tarrant, Director, Product Solutions, Fiserv Over the years, financial institutions have faced a myriad of changes in regulations,...
Mark Wright – No Longer an Apprentice
Just for context, you won The Apprentice and became Lord Sugar’s business partner in 2014 – you set up your...