Sunday, November 12, 2017

Why some countries started using cheques and others chose giro

These days I am busy writing a book on the history of Dutch retail payments. The focus of the book is on the dynamics of the Netherlands, without the aim to compare with other countries or to explain country differences. Still, the process leads to some observations that I would like to share as they may be useful for other researchers in the field.

What explains the origins of giro and cheque countries?
One of the basic facts in retail payments is that there is a structural difference between so-called giro-countries (Austria, Switzerland, Japan, Germany, Netherlands, Belgium etc) and cheque-countries (France, US, Canada, Australia).

In his excellent dissertation on payments and network effects, Gottfried Leibbrandt sets out to answer this question. After a thorough investigation of literature, he concludes that network effects are an important factor that helps explain the typical development path per country. At the same time, he finds it hard to trace the origin of the difference between cheque- and giro-countries
1. There is no satisfying explanation for the country differences. Empirical studies find that country idiosyncrasies rather than variables like GDP and crime explain the differences in instrument usage.

In a similar vein, the first BIS working group on Retail Payments observes:
Use of different retail payment instruments in the so-called cheque countries and giro countries can be explained by the differences in: 
• concentration of market supply among traditional providers of retail payment services; 
• financial incentives for providers with respect to debit and credit transfers; 
• nature of the risks in the value transfer processes for the two types of payments; and 
• legal framework and regulatory environment.
Of course the above list is long enough to be right and the report also mentions numerous French regulations that influenced its use, in particular also the rule that payment with cheques should be free to the people. And indeed this legal factor must not be forgotten.

Where is the cheque in the Netherlands?
In the Netherlands, a well functioning system of so-called cashiers notes existed, alongside regular cash for quite some time. Then in 1814, the establishment of the central bank and the introduction of bank notes introduced competition for the cashiers. In the early 1830s one of the cashiers fought a heavy legal battle to preserve the use of its cashiers notes, but eventually gave in to the reality that the bank notes were becoming the standard.

Ever since, the central bank was careful not to obstruct the cashiers and bankers too much in their business operations. So as a practical measure, the central bank took care to set its fees for deposits and discounted bills of exchange at a less competitive rate than the market. But fact of the matter remains that a possible candidate for a privately issued Dutch payment cheque, was no longer available.

Some parliamentary proceedings suggest that the legal rules with respect to bills of exchange 'wissels' were insufficient to really create a sound basis for the use of cheques as a payment instrument. As a result the market used bank notes in combination with clearing arrangements.

This intrigued me so when looking for more information on the topic I encountered a college book (by Mr. W. Molengraaf) that suddenly shed more light on the situation in other countries.


What Molengraaff states is that cheques came into existence in the United Kingdom as 'sight-bills' on a banker. They were brought into circulation as an alternative payment instrument to circumvent the stamp duty that would apply to a regular bill of exchange. He continues to state that also in France the cheques owe their existence solely to tax considerations.

Up next I figured I would take a look at a US stamp duty register from 1866. And we can indeed see the difference there. A bank check would cost 2 cents, regardless of the sum involved, while a bill of exchange would cost 5 cents and possibly more when higher amounts were involved.



To me it's clear that stamp duty may well be an important part of the puzzle, explaining the difference between giro and cheque-countries. But we should add an analysis of market structure, competing instruments to complete the picture.

The particular Dutch situation.... 
In the Dutch situation we will see that the discussion on setting up postal giro services started around 1902, already with references to the situation in other countries. It took us more than 10 years to decide on the establishment of the postal giro services and indeed market structure and some regulatory capture may have influenced the discussion. Also it became pretty clear that the incumbent bankers and cashiers did not want to move forward with their own version of bankers giro. But that's stuff for a next blog.

In the mean time, if you enjoyed this blog, you may want to let me know that you're interested to be informed when my book on hundred years of Dutch giro payments will be published. This will help you understand more of the intertwined dynamics that are at work when retail payment systems and instruments are developed.

Just send an e-mail here and I will notify you when the book is coming up.

Thursday, September 21, 2017

Ceci n'est pas une 'payment instrument': a reflection on fuel cards and the PSD2

In september this year, the FCA published its policy statement and approach document on the PSD2. I've been eagerly watching this document to find out what their final take would be on the understanding of the limited network exemption in relation to the specific nature of fuel cards. Because there is more than meets the eye here.

In essence, some fuel cards effectively function as a purchase button on a website. They don't initiate payment orders at all. They would thus fall outside of the PSD2-scope, as any other shopping-button on websites. Due to a twist of faith however, the bank supervisors seem to be keen to ignore this reality for fuel cards and bring those under the PSD2.

In this post I will highlight the flaws in this approach and conclude that the result is that if all regulators start re-writing the definitions themselves, we better label the PSD2 the Purchase Service Directive (see also the full  and more elaborate analysis on the subject here).

Background
In the original payment services directive article 3k provided for a proportional application of the PSD1. Instruments with a limited geographical reach and scope, such as store cards and fuel cards were not subject to its provisions. The exemption 3k) was thus called the limited network exemption.
3 (k) services based on instruments that can be used to acquiregoods or services only in the premises used by the issuer orunder a commercial agreement with the issuer either withina limited network of service providers or for a limited rangeof goods or services;
In its proposal for the new version of the PSD, the Commission claimed the existence of payments systems, waivered as “limited networks” with massive volumes, which imply greater risk and no legal protection for payment users as “feedback from the market”. However, this feedback was not really a result of the external impact analysis onthe economic impact of the PSD1

What could be seen though is that the interpretations of local supervisors ranged from strict to very lenient, which distorted the playing field in Europe. In addition, some observers noted that there was a strong desire by supervisors to have stricter rules for in particular the fuel cards market (see the mystery of unregulated massive payment volumes, as discussed in the Paysysreport of March 2014).

In the end, the net result was a very strict version of article 3k in the PSD2, to ensure that its future application would be for truly limited networks only. In addition, any organisation that uses this specific exemption has to notify the supervisor. But let's take a good look at the pre-amble and the exemption text.

The definitions
The pre-amble states that payment instruments covered by the limited network exclusion could include store cards and fuel cards, but it isn't conclusive. They could, but they could also not.
(14) Payment instruments covered by the limited network exclusion could include store cards, fuel cards, membership cards, public transport cards, parking ticketing, meal vouchers or vouchers for specific services, which are sometimes subject to a specific tax or labour legal framework designed to promote the use of such instruments to meet the objectives laid down in social legislation.
Where such a specific-purpose instrument develops into a general purpose instrument, the exclusion from the scope of this Directive should no longer apply. Instruments which can be used for purchases in stores of listed merchants should not be excluded from the scope of this Directive as such instruments are typically designed for a network of service providers which is continuously growing. The limited network exclusion should apply in combination with the obligation of potential payment service providers to notify activities falling within its scope.
Article 3k is actually more clear, certainly in comparison to the previous version. It now refers explicitly to services based on specific payment instruments
(k) services based on specific payment instruments that can be used only in a limitedway, that meet one of the following conditions:

  • (i) instruments allowing the holder to acquire goods or services only in the premises of the issuer or within a limited network of service providers under direct commercial agreement with a professional issue;
  • (ii) instruments which can be used only to acquire a very limited range of goods or services;
  • (iii) instruments valid only in a single Member State provided at the request of an undertaking or a public sector entity and regulated by a national or regional public authority for specific social or tax purposes to acquire specific goods or services from suppliers having a commercial agreement with the issuer; 

The legal conclusion is thus: first you need to have something that is a payment instrument and then it may fall under a limited network exemption. 

The FCA's approach: let's not be clear about the payment adjective
The above may not be how the FCA are looking at it. Both in their consultation and further guidance they seem to that 3k is written as pertaining to all instruments, not just payment instruments. I pointed this out in a response to the consultation (see this separate blog) and asked for further clarification.

Yet, their feedback document, doesn't mention anything on this definition question at all, which is a bit disappointing given the timely and good job efforts that the FCA usually put in with all their consultation work. So the ambiquity stays: while the notification forms clearly outline that applications must clarify the nature of the involved payment services and payment instruments, all the guidance does is steer towards an understanding of the 3k article as pertaining to all instrument (as under PSD1). 

This still leaves us with the question: when would a fuel card qualify as a a payment instrument. Or is it just as exempt from the PSD as a purchase button in an Internet-webstore? 

Fuel card as a payment instrument or purchase device?
Let’s have a closer look at the workings of a fuel card and what it does in terms of business processes. Generally speaking, fuel cards are delivered by oil companies to corporate fleet owners, sometimes distributed via resellers or co-branding arrangements. They effectively are a tool that validates the legal competency of its holder, to take out goods/services from service delivery stations.

The company to which the cards are provided takes full responsibility for all services/goods delivered to the users of the cards and receives a monthly overview of all purchases done with the cards. It can set usage levels per card, ensuring that no more than a certain amount of goods and services are to be delivered to the cardholder. It can also set the range of goods to be delivered from narrow (fuel only) to wide (fuel and shop goods).

Every month, the fleet owning company receives an invoice with an overview of all purchases made and the rebate applied (mostly volume based). This specifies the purchases made in the network of the oil company itself as well as those in other networks and by other service providers. These other networks of service stations may also deliver goods/services to the card holder. What happens in practice is that prior to the actual delivery, the cardholders’ oil-company buys the whole service/goods package that the card-holder wishes to take out at the selected other networks with whom the oil-company has struck delivery and service agreements.

This results in a chain sale of goods/services from:
-              the service station dealer to its country organisation,
-              the service station country organisation to the oil company national organisation
-              the oil company in a country to the corporate client that distributed its cards to the employees.
While technically there may be many variations to this flow, it does serve to achieve an important effect in VAT-terms. It allows the involved oil companies and networks to reclaim the relevant VAT from local authorities and thus lower the end-fee to the corporate fleet-owners.

What's the difference between purchase and payment?
In the table below, I've summarized the functional difference between the use of a payment card or a purchase card at an oil station.

Using a purchase tool
Using a payment instrument
Used to instruct the retailer or service station to deliver goods/services
Used to instruct the bank to make a payment to a third party bank account
The amount to be paid is unknown. At the end of the month, rebates are applied and the reconstruction of what the actual equivalent price at this moment of sale would have been, is always a mathematic reconstruction.
The amount to be paid is clear.
Authentication of the card holder equals the right to receive goods/services up to a certain threshold
Authentication of the card holder equals the digital signature of the payment transfer
Positive response by oil company equals the formal sale of the services/goods from service station to oil company and the mandate to provide the services/goods to the card holder
Positive response equals the proper processing of the payment instruction
Holder of purchase instrument is not (by definition) authorised to give payment orders that relate to the billing account of the fleet owner
Holder of instrument is by design authorised to give payment orders from that account to the payees account
Holder only receives proof of purchase / delivery but not proof of payment
Holder receives proof of payment and possibly also proof of purchase
No cash-back possible
Cash back might be possible under the rules of the cards-account
Oil company may design its own purchase, control and billing procedures, use its own set of purchase tools and may set its own acceptance and risk parameters. Intercompany delivery agreements will apply.
Card is a payment instrument and payment transactions with it fall under legislation (PSD) and payment brand regulation, with bank specific acceptance and risk parameters
VAT-recovered and rebate applied to purchases by all cardholders of the fleet-owner
VAT-recovery not included
Aggregated invoice for goods and services delivered, sent to the corporate treasurer of the fleet owner, and paid for using the direct debit instrument
Periodic account statement for payments made or (as in the case of credit cards): aggregated invoice for total value of payments made, followed by direct debit.

While the bank card ticks all the boxes, the fuel cards as outlined above, do not qualify as payment instruments under the current Payment Service Directive. There is no request being made to place, withdraw or transfer funds, hence there is no payment transaction, no payment order and no payment instrument. Hence, article 3k is nowhere close to being relevant. 

What will happen to the fuel cards niche?
As the editors of the Paysys report outlined earlier in March 2014, there may exist a hidden regulatory agenda in Europe to capture fuel cards under the 3k article of the PSD2.

This seems to be exactly the discussion right now for the relevant stakeholders around this subject in Europe. While technically the legal argument is straightforward, leading to fuel cards being out of scope, some lawyers point to the spirit of the article or the statements of regulators (in whichever respect being made) to claim that fuel cards do fall under article 3k and require notification.

As in many situations, it's not the final legal analysis that is relevant but the legal uncertainty. Arguing the above case with a regulator may take too much time and is not the preferred option for risk-averse large issuers of fuel cards. So we may well see some players in the oil industry ending up not arguing their legal case and abiding with a flawed regulator view that takes fuel cards into the exemption scope of PSD2.

The wider implications: Payment Service Directive becomes Purchase Services Directive
If the fuel card case is not being challenged in courts, it sets an interesting precedent. Because in essence, there is no analytical difference between the fuel card and PIN mentioned above and the user-id / password combination that is in use by retail customers that are shopping at websites, using purchase buttons. Both tools are and should be out of scope for a payment service regulator. Just arguing that the instrument looks to much like a payment instrument is just not enough. Ceci n'est pas une pipe 'payment instrument'.

Forgetting the adjective 'payments' in article 3k means that the second Payments Services Directive may well turn into a full swing Purchase Services Directive. And by the looks of it, this is what the FCA may be doing in the fuel cards niche right now. This leaves the rest of the market wondering if their niches may follow at some point in time. 

Supervisors should however not cross that Rubicon and avoid transforming the PSD2 into a Purchase Services Directive. They should stick to the legal definition and if they don't like the consequence should not take justice in their own hands by forgetting adjectives that stand in the way of their (hidden) agenda's.  

Let commerce be commerce and payments be payments. 

Tuesday, August 01, 2017

Dutch central bank can further encourage innovation for payment institutions with a quick win

Article 18.2 in PSD2 (Article 15 in PSD1) on the nature of funds
 in a payment account of a payment institution

It's a logical thing. As the bakery provides bread, banks provide loans and allow savings, e-money institutions offer e-money, payment institutions are allowed to provide payment accounts to their customers. These accounts would neither be redeemable deposits or repayable funds, nor e-money, as the article in the PSD(2) states.

Stricter interpretation by De Nederlandsche Bank 
De Nederlandsche Bank, our local supervisor, however does not appear to allow the above flavour in the Netherlands easily. Companies that have business models in which payment accounts (whether with or without IBAN) are offered, should not be surprised if they are told that the funds would qualify either as redeemable deposits or e-money, with little inbetween.

 As a result, one will not encounter a lot of payment-account issuing by payment institutions in the Netherlands. And this is in spite of the fact that even the Explanatory Memorandum of our Financial Supervision Act explicitly mentioned this possibility.

Other supervisors follow the EU-approach 
Thus we can see issuers from other countries, such as Pocopay from Estonia, offer payment services and payment accounts to students where these can't be offered by local players. On their website, we see this issuer outlining (USING CAPITALS) in the terms and conditions that the funds are not redeemable, to be used for payments and not covered by deposit insurance of any kind.

Other instances can be found in German or French markets, leading to the situation that Dutch payment institutions are restrained in product innovation and less able to compete with PIs from other countries, which may offer a broader solution range to their customers.

Quick win to facilitate innovation in payments in the Netherlands 
There is a clear quick win here in the Netherlands in terms of payment regulation. Instead of claiming that funds are either deposits or e-money, De Nederlandsche Bank should more easily allow payment institutions to also offer the third flavour: non-redeemable funds on payment accounts, used for payment purposes.

Of course, one could raise the question whether it is possible to make such a business model work, but it should be the market that decides rather than the supervisor.

This article is a translation of a contribution to the Financieel Dagblad of July 29, 2017.

Wednesday, June 21, 2017

Adyen: the new bank is not a bank any more

City giro Amsterdam: not a bank, but nice picture and looks like one
Source: City Archive Amsterdam
Dutch bank registers show that, since the end of April this year, Dutch payment institution Adyen has officially acquired a banking license. This is clearly part of a bigger picture that shows ICT-based companies moving in a similar direction. Many years ago we could already witness the e-money institution Paypal become a bank in Luxembourg. Most recently Klarna also turned from payments institution to a bank. Now what could be driving these companies towards the bank license?

A ‘payments bank’
A closer look at the register tells us that Adyen is licensed for: taking deposits, providing loans, payment services, issuance and management of other payment instruments, foreign currency and issuance of e-money. I would call this a ‘payments bank’ as it demonstrates a clear focus on facilitating payments rather than covering all financial services (which is the case for challenger bank Bunq).

The move towards a bank does of course mean that own capital needs to be increased and some further obligations kick in, such as registering for the deposit insurance scheme. Also, despite the focus on payments, Adyen will need to provide some loans, in order to fulfil the definition of a bank in the legal sense: taking deposits and providing loans.

Now, let’s also look at the further practical consequences:
a- scope discussions for payments solutioning,
b- connections to clearing and settlement,
c- counterparty risk for corporate customers.

a-scope discussions for payments solutioning
Payment institutions that operate under the Payment Services Directive always need to be aware of the nature of the services that they provider. Does it qualify as money remittance, executing payments, executing payments with a credit line or placing money on an account? For each customer that seeks a bespoke solution to a business problem, the service offering needs to be qualified and business rules need to be applied accordingly. Banks on the other hand can more easily engage in the solution domain, given that any setup that involves holding funds and transferring those, will be possible under that license.

Now, payments institutions may of course be well accustomed to the scope and qualification work, so at the end of the day, this part of new business development may not be the source of a lot of head-ache. Still, it might be helpful to bring an end to discussions with local supervisors in Europe that might have their own opinions on the exact content of the payments institution license.

b-connections to clearing and settlement
One big difference between banks and payment institutions is that payment institutions are barred access from the RTGS-system of the ECB. The reasons is that the Settlement Finality Directive does not allow for PIs to become a direct member of designated systems. Even though already 5 years ago, the Dutch Ministry of Finance has made it clear that from a policy perspective the Settlement Finality Directive should change in this respect, no further action can be seen on the EU-level.

This is remarkable, as it is clear that we have a deep market for payment institutions, in which values of funds flow (or future funds flow) that may be quite significant. For example, the € 80 billion value of transactions that flow annually via Adyen (2016) comes close to the total value of transactions at the Dutch point of sale which is somewhere near the € 100 billion mark. There seems to be little logic to exclude these flows via payment institutions, from the scope of the Settlement Finality Directive.

In addition, we should not forget that the prohibition to have an account in TARGET2 has an impact on the future instant payment schemes as well. The settlement leg of most instant payment schemes will be organised in such a manner that only participants with access to TARGET2 can be direct members. The implicit competitive advantage of direct access to clearing and settlement is thus carried over into the new world of instant payments as well. Unless of course, the payment institution should choose to become a bank (or the settlement finality directive changes).

c-counterparty risk to corporate customers
In the classic design of a payment institution, the PI holds the customer funds in a separated account at a financial institution. Yet, if the bank where those monies are held goes broke, there is no recourse to the funds whatsoever. So the PI-business model means that all corporate customers have an inherent counterparty risk against the bank(s) that the PI has chosen to use to channel the separated payment flows.

It is well known that in particular larger companies dislike such intermediate counterparty risks. We’ve witnessed this before when Kasbank in the Netherlands was the only settlement bank for the transactions at the stock exchange. That model was eventually phased out. 

In a similar vein I could imagine that the possibility to eliminate this counterparty risk for its customers, may have also been one of the considerations for Adyen to move towards a bank license. In addition, the increased capital base that comes with the bank status could also help in comforting corporate customers. For a company that processes so many transaction annually, the obliged minimum capital base of € 125.000 appears to be somewhat thin.

The new bank is not a bank any more
As the digitalisation of our economy allows for further modularisation of all kinds of services, we see the same thing happening in the financial sector. We can also witness banking and payments regulation adapt to this reality. The first wave of ‘bank-light’ regulation in 2002 allowed for e-money institutions and the second one in 2009 for payment institutions. In both categories the larger players have gradually chosen to obtain a banking license, while some players have started a digital bank from scratch.

With the renewal of the Payment Service Directive and its obligatory open access, it is clear that for payments services the modularisation of services has become the norm. And it may be only a matter of time before we see the other bank business lines open up all the same. With that, the mental image of the bank as a full service provider will gradually disappear. We will undoubtedly see many more new focused banks, such as Adyen, who each excel at their own game within the bank sector.

The new bank is not a bank anymore. 

Thursday, June 08, 2017

Response to FCA consultation: please clarify what will happen to the payment in 'payment instrument' in article 3k?

This April, the FCA launched its consultation on the Implementation of the revisedPayment Services Directive(PSD2): draft Approach Documentand draft Handbook changes. When reading this I was in particular paying close attention to the discussion of the limited network exemption in article 3k.

Background: limited network exemption
The limited network exemption has its background in the fact that many retailer-based shopping or payment solutions exist, that have a function similar to that of a payment, albeit on a local scale or for a limited range of goods. In order not to be burdened with a huge supervisory obligation, the regulator has taken this class of activities out of the scope of the Payment Service Directive and rightly so.

There is a relevant difference between providing EU wide, reachable payment instruments and solutions that solve a specific niche retailer problem. But getting this right in all detail is tough and therefore the wording of article 3k is somewhat vague.
(k) services based on instruments that can be used to acquire
goods or services only in the premises used by the issuer or
under a commercial agreement with the issuer either within
a limited network of service providers or for a limited range
of goods or services;
This allows supervisors to apply the article in a sensible way, in line with the spirit of the regulation.

Changes in PSD2: from instruments to payment instruments
The Paysys report of March 2014, describes the following on the evolution of the article:

In its final report on the PSD II (11 March 201412) the ECON Committee accepted the Recital 12 with the statement of the Commission of the existence of “massive payment volumes and values” offering “hundreds or thousands of different products and services” which are wrongfully operating under the exception of the limited networks of the Payment Services Directive (2007/64/EC). In order to improve consumer protection, these huge payment schemes should no longer be waivered.

Therefore, the Commission proposed a narrowed definition of “limited network/limited range” (Article 3 k) and a very restrictive implementation. In general, the ECON Committee followed the proposal of the Commission by taking over uncritically its assumption of the existence of non-regulated “massive payment volumes” in the market.

In phrasing the new article however, something did happen that may have been legally quite relevant. The wording instruments changed into payment instruments. This means that instruments which do not qualify as payment instruments and are not used to deliver payment services under the PSD2, will not qualify.

(k) services based on specific payment instruments that can be used only in a limited
way, that meet one of the following conditions:

  • (i) instruments allowing the holder to acquire goods or services only in the premises of the issuer or within a limited network of service providers under direct commercial agreement with a professional issue;
  • (ii) instruments which can be used only to acquire a very limited range of goods or services;
  • (iii) instruments valid only in a single Member State provided at the request of an undertaking or a public sector entity and regulated by a national or regional public authority for specific social or tax purposes to acquire specific goods or services from suppliers having a commercial agreement with the issuer; 

Effectively this takes out a lot of retailer instruments, which sometimes can be card-based, as they are not truly payment instruments but tools to add purchases into a shopping basket (which can be paid monthly via direct debit payment for example). It also means that petrol cards or fuel cards that are based on a similar mechanism - and may include a chain sale - will not fall under the exemption but can be considered out of scope.

Now, my personal guess is that while this legal consequence is clear, supervisors may want to ignore the relevant adjective 'payments' in order to keep their hold on near-payment mechanisms, even when they are not in scope of the PSD2 and do not fit under this definition. For that reason I was very interested to see what the FCA did with the difference between instruments and payment instruments.

What does the FCA propose to do with this?
It' turns out that in the consultation document the FCA sometimes pays lip service to the original definition, but mostly conveniently forgets the 'payment' part of 'payment instrument' in the definition of 3k. See for example their summary phrasing on page 19:
Limited network exclusion
2.18 Under the PSRs 2009, a business that offers a payment service may be excluded from regulation if its service is based on instruments that can be used only in a limited way to acquire goods or services in certain limited circumstances (often called the “limited network exclusion”) e.g. some gift or store cards.   
2.19 PSD2 aims to standardise the application of the limited network exclusion across the EU, and makes changes to the exclusion which mean it now applies less widely. One limb of the exclusion’s application is narrowed so that it relates to instruments used to acquire a “very” limited range of goods and services (rather than “limited range” set out previously in PSD). A new limb excludes certain instruments provided for social or tax purposes from regulation under the PSRs 2017. Our proposed amendments to Q40 and Q41 in PERG 15 give guidance on the scope of the amended exclusion. 
Then again, the formal notification form does state that the respondent should clarify if the notification tix all the boxes of the law:
Please explain how the product or service falls within the limited network exclusion specified, including details of the following where relevant:
  • the payment instrument; 
  • where and how the payment instrument can be used; 
  • where the customers or users are based; 
  • etc.....
Well, this proposed approach is pretty confusing, so therefore I sent in a reply to the consultation asking to clarify the FCA interpretation of article 3k. In doing so I also referred to the fuel card situation and the set up with chain sales.

Clarify the confusion: are you reading payment instruments as 'instruments' in 3k or not?
We are wondering why the FCA is properly using the delineation payment instruments in a lot of the texts on limited network exclusions, but when it comes down to the actual formulation of excluded activities in Perimeter Guidance, it chooses to forget the word "payments" and sticks to: payment services based on instruments used within a limited network of service providers or for a very limited range of goods or services (“limited network exclusion”). This would create an inconsistency in which the old understanding of limited network is moved towards the new PSD2-interpretations although the legal wording is substantially different.
Should we understand the changed wording to be merely an omission or a situation of intended regulatory scope creep, to include all kind of non payment instruments under the scope of the payments directive? 

When the final document comes in, we'll have a look at the response of the FCA, to see if things have become more clear.

Tuesday, November 15, 2016

Facebook obtained its e-money license : is it the gamechanger for the bigtech disruption of finance ?

About three weeks ago, Facebook has obtained it's e-money license in Ireland. This was in the making since early 2014 and it begs the question whether or not this will mark a big shift in the banking landscape.

Bigtech going for finance?
One could argue that the move by Facebook is another of many steps of big tech players moving into the financial arena and disrupting the financial sector. Where Google has lead the pact from London (with a license in 2007), Amazon chose Luxembourg (license in 2010, passport-out in 2012). With Facebook going down the same path, could we expect Apple or Microsoft to also set up their e-money institution?

My guess is that the bigtech will indeed all move towards some form of e-money license in Europe. It will allow them a direct billing and payment relationship with their customers as well as a role in terms of payment provider for their platforms and services. This is not to say that they will move there fast. If I'm correct, my Google account payments still do not flow via their e-money institution but via a normal bank.

Now, if this happens indeed, will the bigtech further move into financial services or just stick with digital cash and consumer credit?

Bigtech won't dive deep into finance
I don't expect the bigtech to move into full finance for many reasons. We've seen some of the current players moving still quite slowly and sticking to the straightforward business of e-money.

Moving towards other business lines leads to increased complexity and regulatory burden. Bear in mind that the future revenue opportunities for financial institutions as a whole are quite limited and not so attractive. Finally, financial institutions are often held to a higher standard with respect to maintaining their customers privacy, whereas customer data are the lifeblood for Bigtech.

Further move towards less-cash society
The main impact of bigtech going e-money will therefore be the acceleration of our move to wards a less-cash society in which strong brands, platforms and retailers issue their own payment instruments and digital cash. From the outset, Facebook cash could become a big hit as it has the user base, a regular usage pattern for its users and the possibility to best integrate it's e-money functions within their own platform

Only time will tell whether Facebook is also viewed by the public - reputationwise - as a partner to be trusted with your money. But we can rest assured that their offerings will certainly contribute to a less-cash society.

Thursday, June 23, 2016

The DAO - Ethereum incident: if you can't stand the heat, stay out of the kitchen !

Ok, I admit: I may be a payments or banking dinosaur and an old school kind of guy. I have personally witnessed the emergence of new payment methods (POS, I-pay, VbV, purse, online-purse, Paypal, EMV, etc) as well as the failure of banks (Icesave, DSB). And I have a keen interest in the history of banking and finance.

With this background I have been intrigued by the Ethereum-DAO incident and its further follow up. What now seems to happen is that an undemocratic, interest driven community that hasn't secured or enforced proper governance and safeguards, is taking the right in their own hands when some digital assets of theirs appear to move in different places than envisaged.

Lay-out of options to solve the issue
Pondering the issues at hand was stimulated by this very good presentation by Gavin Wood last Monday at the Dutch Blockchain Conference. See below



In the presentation Gavin Wood presents 3 options:
- do nothing
- soft fork by community
- hard fork by community.

How logical the 'community' approach appears to be, I couldn't escape at noticing that the concept of community is limited to those directly involved as owners/investors in ether. All of those people were aware that they're investing in a very speculative, new technology and digital asset.

Gavin introduces the concept of moral consensus by the people, rather than the machine, to solve the issue. This consensus is not really the people, he explains, but the miners. In my view this means that the bottom line is that the interested actors take the right into their own hands to cheat the attacked back out of his possessions.

What's missing: the legal consensus
What's truly missing in the discussion is a fundamental fourth 'community' option:
- owners of 'stolen' ether  call the police (in whichever jurisdiction) so that a judge may determine whether or not this is a theft or otherwise.

Any system existing on earth, is always under some jurisdiction which allows formal legal arbitrage on differences of opinions as to whether this is theft. And lacking the proper arbitrage rules in this obviously not so smart contract, this is the domain where the Ether and DAO community should revert to.

Any other road than turning to the formal/legal mechanisms to solve this issue, constitutes a power batlle between interested parties. One party claimed to offer autonomous smart contracts without human intervention (but slides back as soon as they lose money on it) and another party took them up on the offer and fights back to keep the first party to their offer.

If you can't stand the heat, stay out of the kitchen
From a macro point of view, I don't see a reason why a response in forking by the ethereum community is justified. We're just witnessing a private, risky enterprise doing not-so-smart-things with not-so-smart contracts. This will mean that a limited remit of private investors (that know that they are risk investors) lose their assets to someone else.

As tough as it may be to see someone mess up your assets/system in front of your own eyes, it is hoewever the ultimate consequence of a philosophy in which one proclaims that is exclusively the machine that drives the asset moves.

So as this all happens, you just better buckle-up, take the hit and make sure there are no more accidents waiting around the corner. And if you're not up for it, it's time to leave the play under the motto: If you can't stand the heat, better stay out of the kitchen. When seen from a financial history perspective this whole incident is just one silly drip in the ocean of follies that has ever occured.

Up next: proof it or put in arbitrage
In a practical sense, the lesson is easy. Either have full formal proof of smart contracts, allowing you to  check all possible states of the implementation, or include an arbitration and third party mediation into the smart contract.

It's not a new concept: I've been speaking with Ian Grigg numerous times on the relevance of arbitration for smart contracts (see also his blog on this). So with this incident, the lesson will surely sink in somewhat faster.


Friday, January 08, 2016

A new FAQ for PSD2 would be very useful to harmonise interpretations across Europe

Summary
The second Payment Services Directive, published end of December last year, is an important and welcome next in the further integration of payment services in Europe. In order to achieve a true European level playing field ‘on the ground’, a clarifying FAQ for those who prepare its implementation today would be very welcome.

A FAQ that explains how the PSD2 definitions will apply in all Member states to the variety of business models and transaction mechanisms observed, will enhance the purported level playing field. This harmonised guidance is just as important as the FAQ/guidance provided for the first PSD. Both regulators and the market have further developed since PSD1 and it is essential to recognise some of the underlying dynamics and developments of the payments market.  

1. Out of scope, limited network or regulated?
At present, member states use the harmonised PSD-rules to determine whether or not a certain business model defines as a payment activity or can be categorised as an exemption. Both in terms of content and process, the approaches vary considerably between supervisors. The feedback of supervisors varies from an elaborate argumentation to merely the brief outcome of an internal review process. 

Also in terms of content, the approaches vary. Business models that are out of scope in one member state may be exempt or require a license in others. The lack of a central register of supervisory statements on those matters makes this hard to identify, but the PSD2 will change this. All business activity exempted under article 3k and 3l, must be notified and the exemption decision will be published in a central register.

The practical consequence is that market participants can more easily determine which business models are exempted in which countries. This means that the supervisors must ensure that their qualifications are well-grounded and harmonised. One of the major challenges in this respect is to take into account the technological and market developments.

2. Technological developments: open and device-agnostic
Just one look at a user’s technical environment demonstrates that the major trend in payment technology development is the move from closed, bespoke systems and standards to more open structures. Whereas previously payment providers would control (sometimes own) all technological instruments to be used in a payment transaction, this is no longer the case.

The future infrastructure setting is one in which consumers and merchants will use their own technical device, and providers need to ensure that it can be used safely. We can now see card-based payments, where no plastic is used anymore, as the payment is made via a virtual card application in the mobile phone or PC. At the same time, in the back-office, the systems are opening up to the outside world via Application Programming Interface’s (APIs). Rather than having one instrument that operates as a shopping and a payments tool simultaneously, we can see that the value chain of search, shop and pay can be arranged via modularized interfacing of channels and technologies.

Therefore, when assessing the qualification of the technologies in todays payments, an open and functional approach is required. The classical approach, in which one tries to find the main device (such as a card) that services as the payment instrument and then builds the further classification of a system around that instrument, will no longer work. There will be all kinds of devices and technical tools and while some may classify as payment instruments, others may not.

Fortunately, the definition of payment instrument in the payment services directive enables this functional approach. The definition mentions both ‘a personalized device’ and/or a ‘set of procedures’ to be viewed and defined as the payment instrument:
"payment instrument" means a personalised device(s) and/or set of procedures agreed
between the payment service user and the payment service provider and used in order
to initiate a payment order;

3. Where is the commerce and where is the payment transaction?
As technology slices up the commercial value chain, we should note the relevance of the last element of the definition of payment instrument: ‘to initiate a payment order’. There is a clear difference between the commercial use of devices for purchases (apps, shopping carts on the web, nfc-identification devices) and the later moment in which aggregated purchases are actually being paid. This can be compared to the difference between the shopping cart/button on a website and the payment button.

The main question to ponder is therefore: does the technology service allow the user to make a payment to any other payee in Europe (under the SEPA-rules) and is the transaction actually a payment order, or is it merely a shopping transaction, with payments being arranged later on.

I wouldn’t be surprised if in the next years, we will witness a shift away from devices as the actual payment instrument. It may be more suitable to put the (user) accounts centre stage as the actual payment instrument. When applied by retailer organisations, such a choice will enable them to build a multi-channel sales-channel in which the device used is irrelevant. The sales channel aggregates purchase transactions towards the user account at the retailer. In cases where the retailer merely aggregates these purchases and initiates a direct debit for the total sum to be paid, this remains an administrative account as the actual payment account in the process is that of the bank. Only in cases where actual payments orders are initiated from such an account, it would become the payment account as well as the payment instrument for the commercial transactions.

It is crucial to distinguish the commercial from the payment process domain when evaluating apps and identification tools on the market. The actual payments can be expected to become the afterthought of commerce, rather than a primary service. These can flow via a payment account in the background, which is provided by retailer, bank or payment service provider. It is that account that will then function as the payment instrument in the commercial transaction and not the purchase device/application used. Supervisors should thus not immediately label ‘the card’ or any specific technical tool in a commercial business model as the payment instrument.

4. Areas and definitions of interest for the application of the PSD2
We’ve seen that the democratisation of technology allowed non-bank payment service providers to enter the payment space. Among those will also be retailers that can leverage the technology to provide a better customer experience. If those retailers are to use a services and customer contract with a monthly SEPA-direct debit agreement in the background, the payment services directive will not be relevant for them.

Similarly there is the question whether the payments services directive would have to apply to intermediary web-based platform companies that help users transact among themselves. Such business models could be in or out of scope based on the interpretation whether:
- the payments are seen as a regular occupation or business activity (art 1,2b),
- the agency model applies,
- the new definition of acquiring applies,
- the limited network exemption applies.

I hope that the collective of regulatory players involved in the transposition and application of the PSD2 will succeed in addressing those scoping and definitions issues early-on. In this respect the publication of a FAQ on those issues, may be a very effective tool to clarify and ensure the level playing field.


Thursday, December 10, 2015

Satoshi rumours reminds me of being John Malkovich

These days, there's a rumour going around that an Australian guy would actually be Satoshi, the inventor of bitcoin. Next morning, this guys house was raided by the police, in search of all kinds of evidence.

To me, it seems sufficient evidence to assume that the true Satoshi will choose never to reveal his or her identity. If all kinds of law enforcers incorrectly wish to blame the inventor instead of the users of his invention, you better steer clear of such hassle.In addition I could well imagine Sathoshi to be a bit of a hermit.

In that sense, even getting a Nobel price or the Turing Award would make no difference. We won't know who Satoshi is, which means we may get stuck with all kinds of impersonisations of him. Which reminds me of the movie: Being John Malkovich (see trailer here) .

In the movie, people may enter the brain and become John Malkovich for some time, until being spit out and landing at the side of a road. My best guess is that we will witness similar events for those who wish to be Satoshi.



Thursday, October 08, 2015

Now that the voting on the PSD is done, the real work starts...

The second Payments Services Directive, also known as PSD2, will be officially established today. In the plenary session discussion yesterday all political groups backed the achieved consensus and highlighted the benefits to consumers, the increased security of payments, further innovation in the payments area and lower cost overall.

Some work ahead...
We should realize however, that with the promulgation the real work will start for a whole range of involved players. First and foremost, there is a lot more work ahead for regulators and supervisors in the transposition process, but in particular also for the European Banking Authority. The PSD2 that seeks to open up access to banks and customer bank accounts for new players, leaves quite a bit of work to be done by EBA.

EBA should:
- develop rules on level of guarantee/professional indemnity insurance for payment initiation service providers and account information service providers,
- set up standards for cooperation and data exchange between local supervisor and resolve disputes on different applications of the PSD2,
- set up a central register of payment institutions and agents licensed under the directive,
- develop regulatory standards that define when the appointment of a central local contact point can be demanded by local supervisors and what its functions should be,
- be informed immediately in the case of emergency situations (such as large scale fraud),
- coordinate requirements as to the security frameworks applied,
- specify the requirements of common and open standards of communication to be implemented by all account servicing payment service providers that allow for the provision of online payment services,
- develop guidelines on a harmonised set of information to be provided during the application for a payment institution license,
- publish local exemptions under article 3k and 3l in the public register,

Clarity for industry on EU-application of definitions and scope
When the first PSD was delivered, it turned out that quite some players in the market required timely insights as to the future scope of the directive and how it would impact them. The European Commission then published an FAQ that further outlined how definitions should be understood.

It seems to me that it would be worthwhile to perform a similar exercise right now as there are quite some areas that can give rise to questions. As an example: the recital on the agency exemption leaves open the existence of agents for both buyer and supplier as long as the agent does not enter into posession of the funds. Yet, the definition of acquiring appears to be purposefully wide, meaning that such commercial agents might after all be viewed as acquirers.

The sooner this clarity is provided, the better it is, as the lead time for setting up and getting a license as a payment institution is similar to the lead time that now exists for transposing the PSD2.

I therefore hope that, for the sake of a proper EU level playing field, the collective of regulatory players involved in the transposition and application of the PSD2, will seek to address those scoping and definitions issues early-on.

Wednesday, March 04, 2015

ECBs renewed virtual currencies report: implications for the Third Payment Services Directive

This week the European Central Bank (ECB) revisits the subject of virtual currencies (VCS) in a renewed virtual currencies report with a further analysis. I have read the publication with interest to discover that the previous position on the subject essentially remains the same:
- virtual currencies don't come near money or legal tender concepts,
- the uptake of virtual currencies is still very limited
- the wait and see approach of the ECB will be continued.

The typical paragraph that summarises this approach is:
The usage of VCS for payments remains limited for now, which implies that there is not yet a material risk for any central bank tasks, including promoting the smooth operation of payment systems. However, a major incident with VCS and a subsequent loss of trust in VCS could also undermine users’ confidence in electronic payment instruments, in e-money and/or in specific payment solutions. 

Whereas at first sight the report doesn't lead to a lot of new insights, the broader scope of its definition of virtual currencies does beg a number of fundamental questions with respect to the future regulation of payments. These questions lead me straight into a renewed regulatory approach, to be used in the Third Payment Services Directive.

An improved definition
The major improvement of this Eurosystem-report over the previous one lies in its correction of the definition used for virtual currencies. In an earlier blog I commented that the definition was too vague:
“A virtual currency is a type of unregulated, digital money, which is issued and usually controlled by its developers, and used and accepted among the members of a specific virtual community”.
With this report, the definition of virtual currencies has formally changed into:
"a digital representation of value, not issued by a central bank, credit institution or e-money institution, which, in some circumstances, can be used as an alternative to money."

I am quite pleased with this change as it allows for a better understanding and classification of the subject of virtual currencies. Interestingly, the elimination of the element of decentralized issuance leads to a far broader range of virtual currencies than previously discussed. And this leads to an interesting follow up question.

Virtual currencies are suddenly everywhere... 
The table below lists the major payment options in the Netherlands, with the virtual currencies listed at the far right. When looking at the turnover figures, one can understand why the Eurosystem will be primarily monitoring the virtual currency scene. The most interesting observation is however that all the blue coloured segments of the table are now also considered to be virtual currencies.

We can see that in particular the giftcard and transport payments (which are out of scope of the payment regulations for a number of reasons) do amount to quite a substantial payments volume. Literally these payments are now also considered to be payments with virtual currencies. And from an analytical perspective, this is a logical consequence.

Regular (e-) payments
OV-Chipcard
Mobile telephone
Retailer Giftcards
Bitcoin / alt-coins
16 million per day
5 million per day (includes loads)
Premium services
500.000 - 1.000.000 per day
Less than 1000 trx per day in NL
€ 903
€ 2 - € 20
€ 2- € 5
€ 12
€ .?
Payment Services Directive (PSD)
Exemption under PSD2
Explicit exemption of PSD1
Out of scope when issued as a single retailer
Out of scope of PSD

Effectively we can now better appreciate today's payments world, seen from the eyes of the consumer. Because the consumer is not bothered by the details of Payment Services Directives and obscure exemptions of mobile payments. The consumer will use the mobile or ticketing payment means as a matter of convenience (or: obligation) and will have to undergo the payment experience as a fact of life.

Particularly in the Netherlands this leads to the interesting situation where a sloppy and easily hackable implementation of NFC is being widely used for public transport payments, alongside a safer NFC implementation of banks that is still working on its nationwide roll-out. Users use them both.

Similarly interesting was the occurrence, last month, of a virtual currencies bank run. As retailer V&D threatened to go out of business, one could witness the sale of its pre-paid gift cards on Marketplace (the Dutch ebay) for considerable discounts. At the same time everyone in the Netherlands dug up and spent their old gift cards, before it was too late.

What the third Payment Services Directive will have to look like 
If we take the wider definition of virtual currencies that the ECB uses, it becomes clear that the user experiences with virtual currencies (and losses: for example the sudden vaporisation of retailer gift card value after a period of 18 months) happen alongside the heavily PSD-regulated instruments and mechanisms.

Based on some prudential rules we now burden some forms of payments with a whole lot of rules, while we neglect all schemes that are out of scope (but may still have relevant consumer effects). This difference is - in my view - too big and requires a changed approach to be used for the Third Payment Service Directive (PSD3).

Under the Third Payment Service Directive, we should recognise that payments can and will be made and offered by everyone to everyone. The PSD3 should thus define a light-weight conduct supervisory framework for all payment mechanisms, regardless of the institutional status of the issuer. Alongside this wide conduct framework, we keep the current prudential framework intact, which outlines the prudential rules applicable to the different institutional payment setups (e-money, payment institution, bank).

The new conduct based framework would apply to payment mechanisms and e-money alike and have as a goal that the user is always properly informed on the basic terms and conditions, redeemability etcetera. The control-mechanisms should not be supervision based, but could be reputation-based for example, allowing the market to monitor and redress, rather than costly supervisors. Only in exceptional circumstances would a European conduct supervisor step in.

In sum: more analysis ahead
The broader scope of the Eurosystems definition of virtual currencies begs a number of fundamental questions with respect to the future regulation of payments. In particular the area of non-regulated payment schemes at the fringes of the PSD might deserve more attention than they do receive right now.

Not only could the question be whether or not a separate regulatory conduct-framework should apply, the European Retail Payments Board might also decide to expend its analysis towards these mechanisms, particularly when they reach a volume/scale which is equivalent to that of the regular payments.