We’ve reached out to the experts to compile answers to the most asked questions across the topic of ISO 20022, in an attempt to help firms and the industry-at-large build on their awareness of the challenges and opportunities that lie ahead.
2020 was originally earmarked as the year for banks to plough ahead with their ISO 20022 migration, with the first domino of the implementation dates to topple in 2021. Clearly Covid-19 had other plans.
While Swift’s
decision to delay its migration to the data-rich language was announced in March without reference to any Covid-19 related pressures, the European Central Bank’s decision to delay its
T2-T2S consolidation also by 12 months cited both Swift’s decision and Covid-19 as key obstacles standing in the way of an effective migration.
In January this year – a simpler time – institutions across the payments landscape
had a varied interpretation of the readiness of the industry, as the complexity of the project, cumbersome legacy systems and potential for compromise began to surface as clear challenges to a successful transition.
Covid-19 has brought about another slew of considerations, and while the pandemic may have bought the straggling institutions a little more time, the question of resource allocation remains at the fore.
Kevin Brown, Independent Member of the RTGS/CHAPS Board and Chair of the CHAPS Strategic Advisory Forum, Bank of England, in addition to holding numerous committee and board positions across the FCA, Phone-paid Services Authority, and Payment Systems Regulator
lends his insight to the complicated questions that currently weigh on the payments community’s approach to ISO 20022.
The pressing obstacles
To contextualise, Brown first delves into the challenges inherent in the migration project for institutions across financial services.
Citing SEPA across Europe and Faster Payments in the UK, he explains that banks have been continually updating legacy systems and adopting new standards and payment services as the business case for each new opportunity becomes compelling. “Technology continues
to move rapidly with the introduction of cloud, APIs, microservices architectures and concepts of reusable software components.”
While the rollout of these initiatives have addressed certain difficulties that come with legacy systems, “the challenge now is about ensuring and optimising a more harmonised and efficient internal information flow to support both outgoing and incoming
customer payments.
“This next wave of innovation is expected to centre around data, customer insight and machine learning, so data management and harmonised data concepts are becoming fundamental. This comes at a time when the ISO 20022 financial messaging standard has reached
a maturity when national payment systems all around the world are adopting this common standard, requiring all the banks in those markets to harmonise and use ISO 20022 as the common business language for businesses processes such as payments.”
Why timing matters
Petia Niederländer, head of retail and corporate operations at Erste Group Bank AG, continues that the challenge of juggling a clutch of impending regulatory and systemic changes presents a different timeline challenge for banks than originally expected.
The ECB’s decision to postpone by 12 months “will inevitably lead to a crowded investment scene in 2022,” argues Niederländer. “But it’s a good thing that the 12-month extension was granted as it gives banks more time to onboard corporates and focus on tying
up loose ends which may not have happened properly before.”
While a crowded investment scene shouldn’t endanger changes in the pipeline such as the ISO changes for collateral or SEPA payments, Niederländer believes “it makes the other portfolio obligations very tight. If something else happens unexpectedly then obviously
banks have to rearrange their project timelines once again.”
When pressed about whether Swift’s decision to delay their ISO 20022 migration schedule was of greater impact than perhaps has been reported, Niederländer argued: “I personally think that given the economic situation now – which no one could have predicted
– the delay should have happened anyhow.
“For banks, it’s vital to have both migrations occurring at the same time to allow for orchestration and management dependencies. Given the pressures it would have been very difficult for banks to deliver these projects in 2021 as originally planned.”
Brown furthers the point, observing the difficulty of balancing competing priorities across the various market infrastructures and payments systems in which they participate. “Market Infrastructures (MI’s)/Payment Systems Operations (PSO’s) are well aware
of the ‘fixture congestion’ issue here; indeed the Bank of England is committed to ensuring that the CHAPS ISO 20022 implementation balances the objective to realise benefits as soon as possible, with the need to provide users of the messages reasonable time
to be ready.”
In July 2020 the Bank of England
published their Industry Review of the CHAPS enhanced ISO 20022 messages for detailed feedback on the near-final ISO 20022 messaging schema and their work so far to progress the policy objectives to be delivered through the new messaging schema. The final
publication of the schema is due to go ahead in September 2020.
Brown adds that the BoE is also committed to ensuring that the timeline for CHAPS migration remains co-ordinated with other financial market infrastructures’ ISO 20022 migrations, as “this helps reduce both project resourcing challenges at payments services
providers or vendors, and the technical and legal challenges surrounding truncation of payment data.”
Should end-to-end ISO 20022 standards be mandated?
As explained by Brown, while there is a strong desire to ensure full end-to-end transmission of enhanced data, it is difficult for a single financial institution to manage all financial crime risks (FCRs) in the end-to-end process given the multiplicity
of parties involved.
Regardless of whether or not authorities have the power to mandate end-to-end transmission of MX messages, Brown elaborates that the
Wolfsberg principles which set out best practices (for collection and transmission of information) note that “full adoption of ISO 20022 standards would assist greatly in overcoming some of the existing challenges around payments transparency.”
“I’d certainly be surprised to meet an MLRO (Money Laundering Reporting Officer) who didn’t welcome the complete end-to-end transmission of any enhanced information! Identification of the originator and ultimate beneficiary are examples of very important
transaction data that needs to be maintained and visible to parties in payment processing.”
This issue of conversion remains a point of concern, as varied approaches are being taken by institutions where the provision of a translation service is being offered by some operators for a short period of time. Brown contends that this should only ever
be viewed as a transitory arrangement crafted in a bid to reduce risk and or support full implementation. “It is important that full ‘end-to-end’ transmission of data is delivered to ensure the significant benefits of ISO 20022 implementation are realised.”
Is there such a thing as too-much data?
A concern about the ability of certain legacy systems to process the data-rich ISO 20022 payloads has led to some parties arguing that outdated systems may need to be abandoned altogether.
Brown argues that while banks are moving away from legacy systems for a number of reasons, they “don’t have to be abandoned just because a financial messaging standard is being adopted. They do however need to work with more modern technologies to ensure
the business data held in these core systems is accessible to new digital channels and to maintain compatibility of data with national payment systems as they adopt ISO20022.”
While this may be true for some institutions, Niederländer explains, the element of time will influence how the data question will play out in reality. She highlights that as we are only at the beginning of the migration at this stage, “we will only see
the real demand on performance requirements once really big corporates start joining and bearing meaningful requirements on the banks.”
She elaborates that at the moment ISO 20022 migration is only a project for banks, for the corporate world it’s a matter of getting to understand and familiarise themselves with the messaging requirements.
Niederländer points out that today, particularly given Covid-19 pressures, the corporate world is focused on solving their core issues of best measures and managing economic downturn. This shift in priorities means that banks don’t appear to have “the time
for significant legacy replacement projects, they are trying to be prudent with their investments.”
This may hamper the efficacy of ISO 20022 delivery, she warns, as “the prolonging of tactical solutions will lead to certain performance and business issues which we may not be able to envisage today. But that’s the world we are in and what we have to work
with.”
“As soon as we help corporates to understand the opportunities and use-cases available to them as a result of ISO 20022 migration we will begin to see the real demand. It is this demand which may lead to performance issues. The current level of activity
should not cause any trouble.”
Echoing the value of use cases, Brown insists that while the focus often remains on the complexity of transitioning to the messaging aspect, “it’s the business processes and business dictionary at the core that allows banks and systems alike to unlock the
value of data.”
Structured data is safer data
Brown believes that ISO 20022 has the ability to impact AML related transaction monitoring and sanctions screening significantly. “It is generally expected that AML and sanctions monitoring is likely to be one of the areas that stand to benefit most from
the introduction of ISO 20022 and the use of enhanced data. The standard allows a more granular meaning of data to be more specifically understood within the context of a transaction the parties involved.”
In May this year the EU’s six-point action plan to fight money laundering (including tools such as a single EU rulebook and EU-wide supervision) in conjunction with the UK’s transposing of 5MLD in January underlines a push toward greater oversight and enforcement.
Financial services, naturally an already heavily regulated industry will need to ensure their infrastructure is sufficiently robust and up to date in order to remain compliant. Brown explains that as with any development that offers more functionality in
a world of increasingly integrated solutions, cyber criminals will attempt to exploit the opportunity.
While banks are well aware of this risk, “good collaboration and cooperation between institutions remains key in tackling cyber risk and this ISO 20022 standard will provide a further common ‘data’ platform to work together including utilising financial
data analytics to strengthen the fight against cyber risks.”
He furthers that as is the case with all financial messaging between institutions, the population of data must be consistent and tightly controlled in order to enable AML or sanctions systems to screen the full payments chain. “This should help ensure not
only that the right transactions are flagged/stopped by these systems, but that there are fewer bona fide payments being flagged as ‘false positive.’
In a recent
Linkedin post, Akhil Rao, fintech and payments consultant, Nth Exception, explained all the “noise behind ‘Structured Data’ or ‘Better Data’ in payments,” by comparing the data elements in a typical MT standard payment with that of a payment under the ISO
20022 standard.
Here’s how this might appear today in the MT standard:
:59:/678567932 The Original Syria Kibbeh
18 West Coast Highway
152124 Singapore
And here’s the name and address in ISO 20022’s structured format:
<Cdtr>
<Nm> The Original Syria Kibbeh</Nm>
<PstlAdr>
<StrtNm>West Coast Highway</StrtNm>
<BldgNb>18</BldgNb>
<PstCd>152124</PstCd>
<TwnNm>RedHill</TwnNm>
<CtrySubDvsn>SG-01</CtrySubDvsn>
<Ctry>SG</Ctry>
</PstlAdr>
</Cdtr>
Rao explained: In the first case, it’s highly likely the payment will drop in a sanctions filter, triggering an investigation. This is because ‘Syria’ appears in the name and address, and it’s otherwise unclear where the payment is going. In the ISO 20022
example, the postal address (PstlAdr) unambiguously identifies the country – ‘Singapore’ - using a standard two-character country code. It’s also clear that ‘Syria’ is part of the name (Nm) of the business, so no ‘false positive’ compliance hit should occur.
The payment can be processed smoothly. The money arrives on time and the bank benefits from reduced cost by avoiding manual processing.
A trio of practical pointers
Brown outlines three key pieces of advice for technical services providers who are widely the central players helping institutions to pivot their roadmaps to support ISO 20022 migration. First, he suggests that firms adopt ISO 20022 at the core of their
systems, aligning terminology, documentation and business processes to the ISO 20022 business model.
“Of course, support the messaging formats as they will be needed to exchange over many-to-many networks such as SWIFT but also be flexible with helping customers with API integrations which should be based on ISO 20022 concepts. This will allow banks to
reuse the investments they have made in cloud, APIs, open banking and digital channels.”
Second, while noting that it may err on the obvious, he insists that a careful read through of Swift’s and the payment systems operator’s respective documentation is vital. “The most immediate reference point is the technical documentation for each of the
relevant schema (e.g. CBPR+, HVPS+, Bank of England and Pay.UK CCM schema documentation). Whilst market infrastructures and payment system operators have sought to align as much as possible, there will inevitably be some small differences, reflecting the different
ways of the underlying systems and services.”
Third, Brown argues that it’s important to understand the broader strategic documentation that outlines what changes or additional data may become mandatory in the years following the go-live.
“Whilst the BoE will be introducing enhanced ISO messaging, with certain fields mandated for CHAPS payments from 2023, it has been clear that it intends to go further over time and will in due course introduce a regular version change. It is critical that
vendors keep this future change in mind when building their solutions.
“This underscores the need for technology providers to help banks deal with payments in an abstract way so that the underlying financial messaging can change but interfaces and API’s remain consistent, this will reduce the cost of maintenance when inevitable
changes come along.”
Tomayto-tomahto
And finally, the answer to the question you came here for, how exactly should ISO 20022 be pronounced?
Here are the most common versions we’ve come across:
- EYE-ESS-OH-TWENTY-OH-TWENTY-TWO
- EYE-ESS-OH- TWENTY-OH-TWO-TWO
- EYES-OH-TWENTY-OH-TWENTY-TWO
- EYES-OH-TWENTY-THOUSAND-AND-TWENTY-TWO
- EYE-ESS-OH-TWO-OH-OH-TWO-TWO
- ICE-OH-TWENTY-ZERO-TWENTY-TWO
Our approach? ICE-OH-TWENTY-OH-TWO-TWO
This (somewhat dated)
cartoon published by SWIFT in 2011 spells it out – quite literally.