Community

a precursor to the type of use we will see with CBDCs (central bank digital currencies) the world over

The contactless limit is in place to address fraud, so raising the limit must address the impact on fraud and prevent any increase.

UK Finance figures from 2019 show contactless card fraud to be around 2.6p per £100 spent. However, this includes mobile contactless payments which are more secure and used for higher value payments, so the (unpublished) figure for plastic contactless card fraud is likely to be higher.

Any increase to the limit to £100 needs to consider the potential rise in fraud that could occur - logically, once a criminal has a contactless card, if they can spend 3 1/3 times as much on the card as in 2019 (when the limit was £30), then fraud could increase to at least 8p - 9p per £100 spent, higher than average fraud across all cards (7.2p per £100 spent).

The contactless fraud figures for 2020 since the first limit increase to £45 should indicate if raising the limit increases fraud and by how much. Let's hope UK Finance publish the figures so we can see, including the split between plastic card and mobile phone contactless payments.

Strong Factor Authentication is another consideration where a PIN is supposed to be required every 5 taps or cumulative ~£135 spend. This is a recent requirement that will help keep a lid on fraud but the FCA says it is unlikely to enforce it (due to Covid) for now provided other fraud risk controls are in place.

However, banks should really be promoting contactless mobile payments using their cards virtually (Apple Pay, Samsung Pay, Google Pay etc). These are far more secure than plastic cards (and meet SCA requirements), can already be used for payments greater than £100 and are a much better experience to use for customers.

However, banks can pay a fee for these, perhaps much higher than the cost of fraud they bear on contactless cards.

Overall, a complicated picture, but given that mobile payments are Covid-safe (more so than contactless cards with SCA) and secure, banks should do more to promote mobile payments. 

1. "missing" is an odd word to use here - it makes it sound like the Bank of England has been negligent or lost £50bn which is clearly not the case. "Whereabouts unknown" is more accurate.

2. Even at 0.1% interest, the BoE is making £50m a year seignorage on this cash.

3. The cash belongs to private individuals and organisations, so how could it have "material implications for public policy and the public purse" unless MPs want to confiscate it?

4. The observation that £50bn in cash is "about three quarters of this precious and dwindling supply" fails to undertstand that the BoE is able to print as many notes as it likes to meet consumer demand; and with £895bn in QE the Bank of England's money issuance held electronically has far bigger implications for the public purse than cash.

5. The MPs concerns have overtones of surveillance and privacy - why should the BoE need to know the whereabouts of everyone's cash holdings and how would it give then a better handle on the currency it controls?

There are genuine reasons to be concerned that large cash hoardings may be used criminally - tax evasion, payments in illegal activities and so on, but if this is the case, then it is a law enforement issue rather than a monetary one.

Thanks Jamie - good article. I concur with the quotes in it from James Whittle - it's really the data that holds the key to innovation, and it is the data and interoperability that ISO20022 brings that are the essential ingredients to next generation payments.

Data richness and its use will power new business models, vastly expanding the nascent digital economy sometimes referred to as Industry 4.0.  Next generation payments are critical to enabling these business models, and by implication they need rich data at their core – for example in a) super-efficient innovative cross-border payments use cases - b) QR code acceptance, c) request-to-pay, d) just-in-time SME ordering/collections, e) streaming commerce & subscriptions, f) atomic liquidity bridges and so on.

However, standardisation ‘end to end’ is critical for next-generation payments to fuel these business models at scale. Standardisation is where ISO20022 has a role, enforced by rules adhered to by all network actors. Whilst ISO20022 is in widespread use for domestic payments, RTGS and securities systems, it has been limited to messaging, often bespoke - for example SEPA has multiple “flavours” of messages using ISO20022 which are proprietary to the SEPA schemes.

Standard network rules with data models are the enablers for providing payments required for Industry 4.0, and for allowing FIs (new and old) to build out the case for change and for participation in new networks.

ISO20022 is a great start and a great discussion.

This tracker is an excellent tool for Santander's customers, that is long overdue, but it highlights the deficiencies of the "fire-and-forget" SWIFT messaging system and that, despite all the spin, SWIFT GPI lacks real-time payments capability.

There is nothing to track for true real-time payments - they are either sent and received simultaneously, or the sender is unable to send (e.g. due to a validation error). Much more innovative solutions for real-time cross-border payments are out there with synchronous/atomic settlement.

My understanding of SARs reporting is that it is a one way process, there is no feedback on each report to the reporting institution from the regulator. The institution does not even know if the SARs report has been read, let alone acted on. Institutions are therefore unable to learn from situations they are obliged to report.

Generally, the lack of information sharing - between market participants, and from regulators to market participants, is a key weakness in global AML controls. 

I concur with Barrie's view, but the metaphor is fundamentally incorrect as well.

There is no such thing as a bitcoin or an ethereum etc, there is no digital item you can find or identify, for example a unique character string to represent individual bitcoins or ethereum.

Instead, on these blockchains, there are transactions associated (digitally signed) with private keys, and each private key has a net balance, a number, of the buy and sell transactions for that private key, which is typically calculated by a wallet but not stored as a balance (however, there are blockchains such as the XRP ledger which do use the concept of an account and maintain a balance for each private key on a ledger account, which has processing advantages, but there is still no concept of a uniquely identifiable XRP). 

This balance is just a number, which is given a unit name such as bitcoin, depending on the blockchain. For example, there are 18,038,238 bitcoins as of 9 Nov 2019, which means the sum of the balance on all the private keys used on the bitcoin blockchain sums to 18,038,238. It is incorrect to believe there are 18,038,238 uniquely identifiable bitcoins.

Many journalists fail to understand this concept, especially when talking about tokenisation. Digital assets such as bitcoin and ethereum are often described as tokens, but the token is the name of the units of the balances associated with each private key, there are no uniquely identifiable BTC or ETH tokens. 

I am curious how banks can use TIPS for global cross-border payments unless they break their SCT adherence agreements with the EPC.

TIPS uses the SCT Inst scheme, and SCT/SCT Inst rules only allow payments which originate from a payment account in the EU.

There was a request last year to the EPC to allow payments originating outside the EU to be forwarded as SCTs within the EU, but this was rejected in their change request consultation.

Typically, a payment sent to a EU beneficiary from outside the EU is sent to a correspondent bank in the EU which then routes it to its final destination through Target2 or perhaps through a bilateral with the beneficiary bank if ones exists. The Target2 RTGS is expensive compared to TIPS and other clearers of SCT Inst (e.g. EBA's RT1) and is not 24/7 or guaranteed real-time.

However, the big issue is that banks typically do not screen intra-EU ("domestic") SCT payments - if the beneficiary bank is unaware a SCT Inst/SCT originated outside the EU, the payment will not be screened as it should be as an international payment creating a financial crime risk.

It requires a rule in the SCT Inst/SCT scheme to identify a SCT as originating outside the EU and mandating the originator data that needs to be included at the right detail in the SCT for beneficiary banks to screen. Beneficiary banks would also need to modify their processing to screen SCT Inst/SCTs that originate outside the EU.

One for the EPC to reconsider?

"Sleepwalking towards a cashless society"? - I remember coining that phrase two years ago in a Finextra blog https://www.finextra.com/blogposting/13654/sleepwalking-towards-a-cashless-society?ref=fintastico.com

However, portraying the UK cash system as on the verge of collapse is a little over-dramatic. Although declining, the level of cash withdrawals is similar now to that in 2003/4 when usage was rising (peaking in 2012), but there are still 33% more ATMs now than in 2003. In the same way the number of ATMs lagged the demand for cash on the way up (they peaked in 2015), the decline of ATMs will lag demand on the way down. See the stats on the Link website.

The availbility and acceptance of physical cash is important, and does need to be managed, but the real issue is the fundamental need to replace cash with a digital equivalent that exhibits similar characteristics to the physical form, as outlined in my blog, such as no requirement to register to use it (or for anything, including a bank account).

This requires true innovation, and, two years on, there is scant evidence any is underway, or even comprehension by the industry, including Fintechs, that it is needed.

This looks like a missed opportunity to create a competitive environment.

When Faster Payments in the UK opened access to its central infrastructure it purposefully created an open environment for service providers to provide access, and decided against selecting its own access provider - it wanted the market to decide.

This was a wise and successful decision - the result is eight firms are accredited to provide access to Faster Payments, and direct participation in the scheme has increased 4 fold in three years.

In contrast, the Eurosytem's approach to limit the choice for the ESMIG to just three access providers risks limiting innovation and competition in European payments.