Ramesh Ramani, Head of Banking & Financial Services Europe, Cognizant
Since the introduction of the Secure Customer Authentication (SCA) legislation – part of the Second European Payment Services Directive (PSD2) – was announced nearly two years ago, affected businesses have been scrambling to get ready in time for the original deadline of 14th September 2019. But merchants and other organisations offering online payments services have now been granted extra time as the UK’s Financial Conduct Authority (FCA) has confirmed an 18-month extension to the deadline.
It is not suprising that this extension has been met with a temporary sigh of relief. The SCA requirement significantly changes the game for online businesses, stipulating stronger payment security standards for higher value cashless transactions based on multifactor authentication. The ultimate aim is to reduce the risk of online payment fraud, something that is desperately needed given that the FCA reported that cyber incidents at financial services firms increased by 1,000 per cent in 2018. A figure that is only set to rise as we make further headway towards becoming an entirely cashless society.
But preparing for the directive is no simple feat, and the delay to its implementation is expected to help prevent disruptions to online payment processes and facilitate a smooth transition to the new requirements. However, as is the nature of ‘extensions’, the new deadline remains just around the corner and will creep up on us sooner than we think. So how can the e-commerce industry and other affected businesses best use this extra time to prepare?
What does it mean to be PSD2 compliant?
PSD2 not only applies to the UK but the whole of the EU, including the European Economic Area (EEA). Its vision for all regions is to improve the protection and security of customer data when it comes to making payments over the internet and, once in place, only PSD2 compliant payment services will be able to accept online card payments.
Another important element of the directive is that businesses that accept payments online will have to demand a two-factor authentication, that is, customers will no longer be able to order with a simple click or by entering their credit card number. Instead, they will be required to confirm their purchase with two of three security features:
- Knowledge features – information held only by the customer, such as a password or PIN;
- Possession features – a physical entity that the customer has access to, such as a credit card, mobile phone or TAN generator (a device issued by banks for generating unique security codes);
- Inherence features – unique customer biometric features, such as voice, iris or fingerprint.
A future without the extension
As with any new legislation coming into force, businesses are at varying levels of readiness when it comes to being PSD2 compliant. A recent survey found that three quarters of businesses were still not ready for implementation – and that was only two months before the original deadline.
So whilst many banks and third-party providers like fintechs and challenger banks are already well prepared to become PSD2 compliant, merchants that are unprepared could face a significant number of abandoned transactions, resulting in lost revenue as well as disgruntled customers. In fact an EU-wide study by payment platform Stripe and 451 Research found that revenues would have fallen by €57 billion in the first year after the directive came into force. The extension will therefore provide regulators with more time to consult, engage and work with relevant market participants, industry representatives and financial institutions, as well as offer merchants the opportunity to prepare and educate customers on the new security measures.
Three tips for making the most of the PSD2 deadline extension
Despite the extension, there is no time for merchants to sit on their hands – they need to take advantage of the extra time starting now, and there are three key ways to do so:
1. Create a migration plan: all merchants will need to evaluate their current payment service provider and explore potential new ones, paying special attention to how the platforms accommodate for strong authentication features that will enable a smooth transition to PSD2. All businesses or their respective service providers should then also continue to – or begin working with – 3DSv2 technology, a new and improved approach to customer authtication for high risk transactions, as it will be eaistest to create a migration plan to PSD2 from here. Remaining dependent on standards such as one-time password (OTP) will make it harder to ensure a smooth customer experience and comply with the new directive.
2. Make appropriate exceptions: small transactions such as subscriptions could be exempt from a two-factor authentication. It is also possible to white list a trader as a ‘trusted trader’ with the company’s respective credit provider, and merchants should be making the most of these opportunities.
3. Find the opportunities within PSD2: as well as improving security, PSD2 is set to lower costs, increase flexibility and create a platform for more innovation. Businesses should be thinking about how they can best take advantage of these benefits and incorporate such considerations into any migration plan.
The UK’s deadline extension is a considerable one, but the gravity of the new legislation demands that businesses make the most of every second of extra time to become fully compliant. Creating seamless migration plans, and taking advantage of the opportunities offered by the new directive, is the best way to start. By embracing these, merchants can continue to offer a a great customer experience in the new era of payments security.
‘MOVE FAST BUT DON’T BREAK THINGS’ – WHY FINTECHS WILL COME TO LOVE REGULATION
Alex Johnson, Director of Portfolio Marketing, FICO
The guiding ethos of fintech is move fast and break things. It’s the fundamental advantage that disruptors have over the incumbents they’re disrupting — the ability to move quickly and make mistakes, learn from them and deliver innovative services to customers. Generally, this ethos is presented as a virtue. Banking is ‘broken’ so any investments in improving it are both notable and noble – even if there are bumps along the way.
Conversely, anything that stands in the way of this ‘march of progress’ is generally cast as a villain.
The most prominent villain for fintech companies is regulation. From their perspective, it’s a competitive moat, based on rules written for a different century, that protects banks’ ability to make money without needing to innovate and offer more or improved services to their customers.
So, it’s easy to see why a fintech company — believing fully in the virtue of its mission and faced with a litany of illogical and intractable regulations — might just say ‘we’re doing it anyway.’ That’s what Robinhood co-founder Baiju Bhatt reportedly did when his company tried to roll out a checking and savings product that it claimed was insured without confirming that with regulators first.
The problem is that while we may mythologise the ‘move fast and break things’ ethos in the abstract, consumers don’t love it when their stuff breaks in the real world.
And when fintechs and challenger banks aren’t constrained by regulation (as they mostly are in the U.S and Europe) the harm caused by this ‘move fast and break things’ approach can be much more severe than a service outage or a false claim of deposit insurance.
Stories from overseas
In China, online P2P lending exploded in popularity, with the number of P2P lenders growing from 50 in 2011 to 3,500 in 2015. Then the whole industry imploded when it was revealed that 40% of P2P lending platforms were Ponzi schemes.
In India, online lending companies raised a record $909 million in venture capital last year (the third-biggest market behind the U.S. and China). And those lenders are now using personal data from borrowers’ mobile phones to make lending decisions – which although illegal, is reportedly ignored by Indian regulators.
In the Philippines (another emerging market where venture capital dollars for online lending are pouring in), the National Privacy Commission is investigating hundreds of complaints from consumers about lending apps leveraging their personal data to shame them into making their payments.
A prediction for the decade to come
In the 2020s, I believe fintech companies will come to love – or at least quietly appreciate – regulation for two primary reasons:
Fintechs and challenger banks understand that brand recognition and affinity is key to their long-term success. Building their brands will be a challenge. A recent survey of 2,000 Brits found 40% don’t trust challenger banks at all and 67% said they are more likely to do business with banks that have branches on the high street. As Zach Bruhnke, co-founder and CEO of U.S. challenger bank HMBradley recently said, ‘We’re going to have to grow by word-of-mouth and doing the right things for our customers.’
Fintechs and challenger banks focused on the long-term task of building brand affinity and trust will, over the next decade, come to despise bad actors that skirt the rules and dress up get-rich-quick schemes in the same language they use to describe their own firms. Regulations that constrain and/or shut down these bad actors will be increasingly appreciated by legitimate market participants.
In the 2010s, we saw the beginning of a trend that will strengthen in the 2020s — regulations designed to foster competition between incumbents and new market entrants. To date, such regulatory action has run the gamut, from vague (innovation sandboxes and special-use charters) to hyper-specific (U.S. regulators’ cautiously approving the use of alternative data, or the Bank of England considering giving non-banks access to its 500-billion-pound balance sheet). Perhaps, most promising, has been the work done by the Competition and Markets Authority (CMA), which has been proactively driving the adoption of rules and standards around Open Banking for past couple of years. O
ver the next decade, through careful management of public perception and increased investment in lobbying, fintechs and challenger banks will further reshape the regulatory environment from a competitive moat to a more level playing field.
Reaching fintech maturity
’As a licensed broker-dealer, we’re highly regulated and take clear communication very seriously. We plan to work closely with regulators as we prepare to launch our cash management program’.
This was the statement issued by the chastened co-founders of Robinhood shortly after they backed away from their plan to launch a checking and savings product without government insurance. And here’s the crazy part — that’s exactly what happened! Less than a year later the company announced a new deposit product, this time insured by the Federal Deposit Insurance Corporation (FDIC).
As fintech companies mature in the 2020s and the focus of their strategic objectives shifts from growth to profitability, regulation will play a vital role in transforming the ethos of those companies into something a bit more sustainable. Call it ‘Move fast, but don’t break things’.
HOW TO MERGE YOUR FINANCES AS A COUPLE?
By Nelisiwe Ndlovu, Certified Financial Planner at Alexander Forbes
There is never a good time to discuss finances with your partner, married or unmarried, and one key issue that needs to be discussed is whether you should merge your finances.
Joining all your money matters can seem overwhelming at first, so you don’t have to combine every bank account and credit card from the get-go.
Start by having an honest discussion with regards to your individual money management and financial commitments before deciding to merge or co-manage your household finances while deciding if you want to fully merge all your finances. Detail all individual income, expenses, and all your financial commitments. The best way to achieve this would be to first take your individual budgets and combine them. This will tell you what you can and cannot afford as a couple. If one partner does not usually budget, this is a chance to start doing so as this will ensure that your household finances are under control.
Before you think about merging your finances, be open and honest about:
- How much you earn – what is the income that you will bring home? What is the frequency of your income? Are you permanently employed or a contractor?
- What are your current individual expenses and financial commitments? List your assets and your current debt.
- Your individual financial goals and money management techniques – don’t worry if you might have not figured this out at the time of merging your finances – the important thing to do is to be open and honest so that you both build a stronger money foundation
- Disclose your financial obligations, this becomes very tricky if left until too late and may cause unnecessary tension in the relationship
- What are your goals as a couple – what is the purpose for merging your finances?
Married couples can formally or informally merge their finances as detailed above where household expenses are split between the couple (the split could be 50/50 or any fair split agreed upon by the couple, which could be based percentage-wise depending on one’s income). Some couples tackle finances by adopting the ‘pick a bill’ approach, where one couple pays the water and electricity while the other covers the food.
Being married does not mean necessarily that you need to have one joint account. You may also just want to open one joint account where you each deposit money to pay just your monthly household expenses.
The top five things to remember when merging finances as a couple:
- Have the ability to manage your own finances before expecting another person to merge their finances with you.
- Be mindful of your potential spouse/life partner’s money management behaviour and skills so that there are certain things you can address together before considering merging your finances
- Always keep an open line of communication – honesty is the best policy
- Set a money limit which you can each spend without having to consult each other
- Don’t forget to change your wills and beneficiaries on pension or provident funds as required.
WHY DIGITAL TRANSFORMATION IS CRUCIAL FOR BANKS
David Murphy, Managing Partner, Financial Services EMEA & APAC at digital consultancy Publicis Sapient Over the past five years,...
REACHING THE NOT-SO DIGITAL NATIVES
By Garry Hamilton, Group Business Development Director, Equator It’s 2020. There’s no denying that banks and financial institutions have...
THE ‘LEGO-IFICATION’ OF BANKING IT AND THE RISE OF DIGITAL FINANCE ECOSYSTEMS: FOUR PRIORITIES FOR BANKS IN 2020
Danny Healy, financial technology evangelist, MuleSoft The advent of the open banking era and continued emergence of fintech has...
WHAT TO DO WITH YOUR LIFE SAVINGS, RETIREMENT AND INSURANCE POLICIES WHEN EMIGRATING
By Renier Hugo, Alexander Forbes Certified Financial Planner With South Africans increasingly opting to live abroad, a hot topic...
MOBEY FORUM: BANKS’ BIG OPPORTUNITY IN DIGITAL ID WON’T LAST FOREVER
New report offers strategic insights for banks following in-depth review of seven prominent digital ID schemes across Europe and North...
THE END OF YEAR TAX CHECKS THAT COULD SAVE YOU THOUSANDS
Charlie Reading, Founder and MD of Efficient Portfolio After HMRC’s tax return deadline at the end of January, it can be...
RISK VS REWARD: IS AI TAKING OVER?
Xavier Fernandes, Analytics Director at Metapraxis A study by Oxford University academics into “The Future of Employment” in 2013 prompted...
HALO TRUST USES ADAPTIVE INSIGHTS FOR STRATEGIC BUSINESS PLANNING
Cloud-based financial planning helps HALO Trust deliver greater benefit to communities affected by war Adaptive Insights, a Workday company,...
IS DATA PROTECTION AND PRIVACY RELEVANT ACROSS ALL STRATA IN INDIAN SOCIETY?
A Study by Pensaar Design With CGAP Pensaar Design has been working on a research study with CGAP to better...
THE RISE OF CHALLENGER BANKS AND HOW LEGACY BANKS ARE TRYING TO KEEP UP
Jean Van Vuuren, Regional VP for UK, Middle East and South Africa at Alfresco The finance world has been...
NEW STUDY: AI HELPS ORGANISATIONS GROW PROFITS 80 PERCENT FASTER
Global research highlights how organisations are capitalising on emerging technologies to enhance finance and operations for competitive advantage Organisations...
UK START-UPS MUST MAKE THE MOST OF A SMALL WINDOW TO CAPITALISE ON INVESTMENT OPPORTUNITIES, FOX WILLIAMS WARNS
Despite rising investment, Brexit and growing interest from tech giants could cut off start-ups’ opportunities in 2020 While a...
XPEDITION UPGRADES MORE THAN ONE MILLION OPENWORK CLIENTS TO THE DIGITAL AGE
Xpedition, leader in the implementation of cloud-based business applications, has deployed a new system which has digitally transformed the customer...
ORACLE AND MICROSOFT BRING ENTERPRISE CLOUD INTEROPERABILITY TO EUROPEAN CUSTOMERS
Today, Oracle is announcing the continued expansion of its cloud interoperability partnership with Microsoft with a new cloud interconnect location in Amsterdam....
THE EMOTIONAL AND FINANCIAL COST OF WORKING WITH OUTDATED TECHNOLOGY
Slow Tech Could Waste 24 Hours of Worktime a Year In this digital age, businesses are hugely reliant on technology...
HOW TECHNOLOGY IS FUTUREPROOFING STOCK MARKET TRADING
Tony Shaw, Executive Director, London Office and Head Sales UK & Ireland at the Swiss Stock Exchange Markets are shifting,...
REVEALED: THE TOP 10 COUNTRIES THAT ARE REDUCING THEIR RELIANCE ON OIL
Ben Lobel, Copywriter at DailyFX New tool charts global commodity trading over the last decade The UK has reduced its...
‘MOVE FAST BUT DON’T BREAK THINGS’ – WHY FINTECHS WILL COME TO LOVE REGULATION
Alex Johnson, Director of Portfolio Marketing, FICO The guiding ethos of fintech is move fast and break things. It’s...
OFFSHORE COMPANY FORMATION TACTICS FOR SMEs
James Turner, Director at company formation specialists, Turner Little Starting a business brings with it its own set of challenges,...
EMV® 3DS – PAVING THE WAY FOR SEAMLESS AUTHENTICATION
Jean Fang, Product Manager, FIME The growth of e-commerce, m-commerce and remote commerce transactions is showing no signs of...