Community

Good post. I like the expression "Transaction Laundering". The other day, I read an article on KrebsOnSecurity that suspects Money Laundering Via Author Impersonation on Amazon?

On a side note, AirBnB was founded by exploiting "regulatory gaps", as I'd highlighted in Fintechs Need Marketers And Lobbyists, Not Lawyers. It's not surprising that somebody else would use it to outright break the law!

On second thoughts, I needn't worry too much - Fincumbents will kill fintechs' aspirations of collaboration.

(For the uninitiated, “Fincumbents” refers to B2B technology companies that have been supplying IT products and services to financial institutions for ages; “Fintechs” are direct-to-consumer financial technology startups that began life with the mission to kill traditional banks.)

I hope banks go easy with this fintech partnership bit. Just because that's perhaps the only way for fintechs to survive doesn't mean banks should get into it blindly. From recent personal experience with a leading fintech, incumbents are perfectly right in perceiving that fintech partnerships will have "negative impacts on customer trust".

tl;dr. 

Total BS. In my three decades of observing technology adoption at BFSI, I've heard people make the same statement w.r.t. Unix minicomputers, OOPS, CORBA, SOA, Web, Web 2.0, RIA, Mobile, Social Media, etc. During this period, banks have not only continued with their mainframe CBS but have launched innovative products, introduced cutting edge technologies, outperformed wannabe TELCO and fintech disruptors and, above all, remained the most profitable sector in Fortune 500.

IMO, people with vested interest in replacing mainframes should do a better job of shilling their alternative offerings. 

@BobLyddon: LOL:) I've noticed that. At the height of cash crunch caused by de/remonetization in India in Nov-Dec 2016, the retail payments industry regulator cum bank consortium NPCI launched BHIM, a mobile payment app that supports A2A fund transfer without entering cumbersome account, sort code details. Functionally the equivalent of EU's PayM / Zapp, which took several months / years to launch, BHIM happened in 45 days. 

What're those services? If TPPs could flourish without PSD2 / Open Banking, why're they clamoring for regulation? Why don't they continue with the past situation?

"This is indeed a novel approach - we are not aware of any other case when new competitors in an industry have been obliged to rely on a specific API controlled by the incumbents," says a statement. 

Seriously? Can the European Fintech Alliance name a single industry - apart from finserv, that is - in which the incumbents are mandated by regulators to share their customer info with their competitors? Yes, Amazon with Overstock.com, anyone? Facebook with Twitter? There was so much hue and cry when WhatsApp wanted to share its user info with its own owner Facebook.

IMO, the European Fintech Alliance shouldn't look the gift horse in the mouth. 

Nice post. Is there really "anything in it" for banks in Open Banking? I keep hearing about the potential for banks to build ecosystems etc. but I haven't heard of many concrete benefits to banks from Open Banking. OTOH, there are many disadvantages of being forced to give away customer data to third parties. I wonder what'd happen if regulators forced the Amazons, Googles and the LinkedIns of the world to share their customer data with third parties, however "licensed" or empaneled they are.

Great post. Has helped greatly in my understanding of the anatomy of PNB fraud. 

Would be great if you could share your thoughts on what's the most common combination of systems and workflow used by other banks to prevent even a single instance of this fraud from happening, let alone multiple instances over several years?

AFAIK, human users initiate payment transactions on core or other payment processing systems, after which the message is untouched by human hands as it is submitted automatically by those systems to the SWIFT Gateway system, which then sends it out to the SWIFT network. But, even in that workflow, I'm guessing sysadmins can still input a payment directly on the SWIFT Gateway. Sounds easy. But if it were really so easy in actual practice, the sky would've fallen long ago. Any idea how banks have prevented that from happening over their 30+ years of usage of SWIFT?

@HiteshThakkar: Thanks a lot.