Community

The PSR's latest non-remedies in PS22/2, issued on 6th October, deserve this lawsuit as a rejoinder. In my experience of microenterprises the deductions-from-face-value are 3-8%, and well above that for small sales upon which a minimum of 30-50p is levied.

This strikes me as a considerable piece of disinformation, and a much less impressive result than the PSR would like us to believe.

The Decision Notice states neither the total monetary amount of the purchases from merchants made on these cards to which the over-deduction of Interchange Fees relates, nor the over-deduction, nor the original, total deduction.

Only the over-deduction will have been reimbursed to the merchants, leaving the larger, residual deduction unreimbursed. A complete view would furnish the relationship of the over-deduction with both the residual deduction and the total monetary amount.

As it was the intention of the Interchange Fee Regulation that the Interchange Fee be the only deduction experienced by merchants, we will then be able to appreciate the extent of the failure of the PSR and the other UK authorities to properly interpret and implement the Regulation, and allow the payment cards ecosystem to continue to trouser between 3-8% of face value on a fast-rising proportion of UK payments.

A fine of £1.8 million is peanuts compared to that, which points to the over-deduction being peanuts as well, and the total monetary amount being a drop-in-the-ocean of the amount paid by cards every day and subjected to fat deductions.

We would also like to see a statement of the PSR’s costs for this case, and see if their costs were higher than the fine and the reimbursed over-deduction.

Lol - "given an appropriate risk weighting-with conservative treatment applied to risky assets", as in the case of Archegos where the banks' VaR/RWA (Value-at-Risk/Risk-Weighted Assets) calculations were off by simply miles.

Credit Suisse’s loss on Archegos was US$4.7 billion, or CHF5 billion. Its 2020 Annual Report quantified its ‘net’ RWA exposure, after application of collateral, as CHF 25 billion. Given its stated CET1 capital ratio of 12.9%, it would have been putting CET1 capital of CHF 3.23 billion behind its entire derivatives book. Credit Suisse’ losses on Archegos represented 20% of the RWAs of its total derivatives book and 150% of the CET1 capital allocated to its entire derivatives business.

The reference assets of the Archegos trades were listed stocks as well, not unlisted computer code.

The PSR has bitten off on the same layered market model as SEPA, with all the separation of layers, ISO20022 XML and so on, without seeing through the impact of the annual upgrades of the SEPA schemes and the way in which the fields in ISO20022 XML are either reserved or susceptible to later filling wth mandatory contents.

The space for innovation is limited in both extent and time, because it means using fields in ISO20022 XML that are not already reserved, and running the risk that they become mandatorily reserved later on by an authority that has a reservation ticket for every field (like the EPC).

The idea that a private initiative could result in new fields altogether in ISO20022 is implausible, because the intent of the new fields would become public years before the new product was launched and the proposer loses their advantage: their innovative idea has become public property and they could easily see their idea being included in proposed upgrades to the SEPA rulebooks so that every bank has it.

The multilateral approval process at the ISO level and then the annual approval process for the SEPA schemes ensures no innovation both within the SEPA schemes and around them, if, by innovation, we mean services unique to one supplier with which the supplier competes to attract new customers.

This sits in opposition to the Euro Bankers Association "innovation" model where they have their members acts as a test bed for services that will soon become available to all in their 'Core&Basic' flavour, rather than being 'Value-Added'. This has been the fate of Request to Pay, ensuring that EBA members - the 70 biggest banks in Europe and all direct competitors of one another - all get a working but mediocre product to cram down on their customers.

This public/private development and 'innovation' model has been a failure, resulting in stagnation, but it has one thing in its favour as we found at IBOS (a collaboration aimed solely at delivering a value-added and pro-competitive service): it enables hundreds of people in organisations like SWIFT, Pay.UK, EBA, EPC etc. etc. to draw their pay and rations on the promise of their enabling Bank X to be able to transact Service Y with Banks 1-6,500, and not just with 27 partner banks in IBOS.

This El Dorado of reachability sits, however, in strict juxtaposition to time-to-market, service functionality, competition and innovation.

At some point it will be realised that this model (Co-opetition) beloved of regulators and legislators is a guaranteed failure unless it is genuinely pro-competitive in the sense a competition lawyer would understand it. But Co-opetition has been the name of the game since 2000 and its adherents are many and well-placed in the industry, and in regulatory and legislative bodies.

It would take quite a few banks to turn round and say to them that they are really not helping and they should sit in their allotted box and stop coming up with value propositions that fail to add value once they are delivered many years later.

Hi Jeremy, I think it requires all sides of the problem to be addressed simultaneoulsy (i) the CDD failures that lead to the scammers obtaining accounts (ii) the exculpation of the payee's bank from checking the name in the payment with the name on the addressed account for every payment (iii) a legal change to back that up, so that the payee name is part of the payment contract in addition to the sort code and account number.

With all those changes made, the liability would sit completely with the payee bank, and the payer would enjoy cover under the PSRs for incorrect execution i.e. if the banks contrived to pay a different payee from the one named in the payment contract.

This new situation should be a Day 1 deliverable of NPA: it is a nonsense that NPA has so far been scoped so as to allow this problem to continue.

I am baffled by the issuance of this report. It’s like Rishi Sunak endorsing a document to lobby for UK corporation tax to be reduced, just after he himself increased it. Clearbank set itself up with the self-awarded mandate to bank second-tier financial institutions (which includes all types of Fintech that handle customer monies) and offer them a one-stop UK agency banking service. If there is still a problem in the UK, it is within Clearbank’s gift to solve it. Instead it implemented a straightforward deterrent to smaller actors in the shape of a £7,000-per-month fee for so-called AML Due Diligence (I know this from several Payment Institutions who approached Clearbank when BFC pulled the plug in Q2 2020, during the time when I was chair of the sector trade body). The total cost of using Clearbank is prohibitive for smaller and medium-sized market actors: that’s fine, hope it works for you, but don’t come out bemoaning a market problem that you could have solved but of which you have instead elected to become part.

Just to share my delvings into what the disaster recovery for the TARGET2 SSP involves.

The TARGET2 SSP has three “regions”. Regions 1 and 2 (payments and accounting) are run in data centres of the Bundesbank and Banca d’Italia; Region 3 (Customer related service system) is run in data centres of the Banque de France.

The Regions are 1,000 km apart, rather than 20 km, although the "sites" within the "Regions" may well be closer together.

The Regions are connected normally through the 4CB network, or through CoreNet if 4CB goes down (User Book 1 for v14.0 p366). “4CB” presumably refers to the above three central banks plus the ECB.

Region 1 is the live system; Region 2 is the disaster recovery and the testing system. They are replicas of one another, kept in synch via 4CB.

The role of being Region 1 is rotated between the Bundesbank and Banca d’Italia: when the Bundesbank has Region 1, Banca d’Italia has Region 2 and vice versa.

Each Region contains two sites (User Book 1 for v14.0 p367): a primary site and a recovery site. These are presumably in the separate data centres of each central bank that they use as disaster recovery for their own, non-TARGET2 systems (e.g. for the Bundesbank they might be somewhere like Eschborn and Kassel). It is implied that the two sites run by the same central bank are also connected through 4CB.

So the first fallover for live operation is the recovery site within Region 1; the second fallover is the primary site in Region 2; the third fallover is the recovery site in Region 2. If all of this fails, as it seems to have done on 20th October, there is a “Restart after disaster” as per User Book 1 p380.

The inference of all of above and what the ECB has said is that 4CB went down, CoreNet could not be brought online, and none of the intra-Region or inter-Region communications could take place.

That in turn points to the failure of a switching component in Region 1, and one that could not be bypassed.

Aside from the possibly actionable statements in the above about "criminals" who are as yet unconvicted and about executives in jail (there aren't any at present, I believe), it is a little early to say that wrongdoing was confined to a very few at the top, because there is frequently a spectrum from the hard-core initiators, through the helpers and whistle-stuffers, to the truly innocent.

I expect the Bundeskriminalamt (Federal Criminal Police), through their Nuremberg office, to require the completion of an online questionnaire (Meldebogen per Affenumfrage) by all former or current employees of Wirecard Group to enable them to be assigned to one of five categories:

1. Exonerated (Entlastete) – no further action
2. Followers (Mitläufer) - fines and possible restrictions on employment
3. Lesser Offenders (Minderbelastete) - placed on probation for 2–3 years with a list of restrictions
4. Offenders (Belastete) - imprisonment up to ten years, restitution work, plus other restrictions
5. Major Offenders (Hauptschuldige) – long-term imprisonment

I find the statement "It is unforgivable that as an industry we are allowing this to happen" quite insulting. You cast an aspersion on my professional reputation and my ethics. What is your proof that industry members such as myself have launched on a course of action that has resulted in the detriments you state? If you have none, then you need to issue a withdrawal of this statement.

They have shifted the start date but not, so far, the end date. Such an announcement is never promising, and there are knock-on impacts into the related programmes for TARGET2, EBA EURO1, UK RTGS Renewal, UK NPA (which cannot go live before RTGS Renewal has been proven to be in stable production)...