Navigating your way through the payment landscape

Open Banking, PSD2, ISO200022, SWIFT gpi, Request to pay, Enhanced data, Confirmation of payee, Payment status – what do all these mean, and more importantly how can they give your company a strategic advantage? 

This episode on The Payments Podcast looks at regulations previous and forthcoming to examine how payments will change over the next 5 years. This episode features Jon Rushton, Director of Commercial product management focusing on how to make the most out of all these changes that are taking place.

Subscribe to The Payments Podcast    

Podcast transcript: 

Rich Williams: The payments landscape is changing, so don’t get left behind. 

Hello, I'm Rich Williams, the host of the payments podcast. Never before have we seen such an accelerated rate of change in the payments landscape. How often do you give your friend a cheque to pay them back for the holiday they’ve booked these days?

You can now move money around different accounts in a matter of seconds, and that’s not the best of it. This episode will discuss what changes are on the cards, the timescales, and what these regulations mean for your business, and the action to take.

With me today is Jon Rushton, Director of Commercial Product Management at Bottomline Technologies. 

As I mentioned in the introduction, never before have we seen such an accelerated rate of change in the payment landscape. I think it’s important to understand why that is, so could you explain for us, please?

Jon Rushton: It’s a combination of factors, technological, political and socioeconomic. The world is fundamentally different to that in which most payment systems were originally designed or grew from.

As an example, look at BACS, its heritage goes back to the 1968 launch of the Interbank Computer Bureau above a Barclays branch in the middle of London, that actually predates the first email in 1971.

Although the communication types and the technology that comprise them has changed, the processes like the three-day cycle can be traced back directly through lineage over the last 50 years to that bureau. It’s the same with the card networks. With BankAmericard or Visa, as you now know them, tracing its lineage back to California in the late 1950s.

The world we have today is important in a key regard, and that’s the ubiquity of communications, particularly internet services. The rise of the connected PC gave us e-commerce, and now your watch and phone are always connected, powerful devices capable of interacting with payment networks in new ways worldwide.

Whereas you previously had to get an ISDN phone line installed to your business, install a card terminal, now you can do it all from your mobile anywhere, with a simple Bluetooth dongle.

This is the key to opening up great opportunities. It’s great that we’re not doing the same things we did 20 years ago. Increased competition, digital innovation, customer immediacy, experience, expectations, and the corresponding rise in financial crime, where they look through for weak spots in traditional systems that don’t respond or evolve quickly enough.

Rich Williams: How do the consumer and business markets differ in their respective rates of change?

Jon Rushton: Well, I think it’s important to consider that in recent times, the consumer market definitely leads the way, and that’s often prompted by a fascinating relationship with regulation.

Rich Williams: What do you mean by that, Jon?

Jon Rushton: Well, in Europe, and particularly in the UK, we have a really strong focus on the rights and protections of the citizen and the consumer.

The heritage of payment systems can lead to a status quo with an in-built resistance to change for the participants, particularly because of the revenues from the services provided.

Look at the cheque, an instrument that goes back hundreds of years. In 2000, the Cruickshank report was published on competition in UK banking, and that had in it a key resolution to remove the profit made by the banks on the float in cheque clearing, a decision that led directly to the creation of the Faster Payments network, where the UK led the world.

Rich Williams: Are there any other examples you can share?

Jon Rushton: Yes, so this is an example of intervention and change through regulation or resolution, to disrupt the market status quo. Similarly, SEPA, or the Payment Services Directive as it was originally known, removes barriers to EU payments.

The focus on consumer protection is a common feature of policymaking in the EU, and it’s popular politically with initiatives like GDPR and the Right to be Forgotten championing citizens’ rights.

This combined with the revolutionary user interfaces over the last decades, and the changes in computing have brought, you are now able to do the same thing at work that you can do at home.

People want immediate ease of use. They want to take that home computing experience into their business environment, and as a result, we’re more accepting of the market of things like cloud payments. We use them every day. We use them in our business systems, in our payroll and in accounting.

Rich Williams: What are likely to be the most influential changes likely to be introduced and implemented over the next few years?

Jon Rushton: That’s a really interesting question. The agenda of using appropriate regulation and intervention to drive innovation and affect the status quo is really clear.

In the UK, we now have a payment services regulator, with a mandate to open up payment systems to new participants. We have open banking, driven through the Competition and Markets Authority’s remedies, identified in another investigation into retail banking.

Again, we’re leading the world in opening up access to accounts and aligning to the Payment Services Directive too. These are both set to increase competition significantly in the market, and encourage innovation.

The other key part of these regulations is not just driving innovation, it’s actually consumer protection, so reducing the opportunity for fraud in the networks, requiring things like secure customer authentication on transactions, driving programmes like enabling multiple factors of authentication when you make a payment.

It’s early days, but these initiatives offer great promise in the new services around consolidated bank account information and actions, particularly driven by APIs, which is what these services are all about.

I think another key change is the overall shift worldwide, to the ISO 20022 messaging standard for financial messages, or information exchange between parties, both through regulation and a natural change.

This offers, probably for the first time, a global common message framework that all parties are beginning to adopt, simplifying processes and requiring more detail within the transaction to support these protections, particularly around consumers and businesses, to avoid and reduce fraud. For example, the common clearing message or wire transfer regulations too.

These all provide tighter fraud prevention controls and then, of course, you’ve got the new payment architecture in the UK, which is the first bottom up redesign for almost half a century.

Rich Williams: How does this differ from current systems that we have in place?

Jon Rushton: Well, fundamentally, it’s a complete overhaul of domestic clearing systems in the UK. This year, the schemes were brought together under pay.co.uk, with a clear blueprint for the future, driven by work across the industry coming out the last few years. It’ll be a mix of both for the market solutions delivering by the scheme, and in the market solutions driving free market competition and innovation.

Launching in the next couple of years, all payments will move to single immediate payments, incorporating overlay services such as Request to Pay, you may have heard about in the press, enhanced data, confirmation of payee, and payment status.

The existing clearing systems, so BACS and faster payments will co-exist for a period of time, but it will be a limited time, and there will be a migration to the new payments architecture.

Rich Williams: We know that the payments landscape will change dramatically over the next few years, but what does this directly mean for organisations and the challenges they face from security issues, such as payment fraud, for example?

Jon Rushton: This is tremendously important because change can enable new and unique propositions that dispel preconceptions. Look at Venmo in the US, this is a payment platform that’s turned sharing payment history into a social network with people commenting, following trends on what other people are buying and purchasing, that’s a complete turnaround with what was previously considered deeply private information about what I'm doing financially actually shared openly with my friends.

Some of the future is yet to be proven out, but changes do bring new opportunity, giving access to better services, brining payment services together, and bringing innovation, which we will especially see with what the NPA is doing to make it easier for customers to pay and get paid.

Change also brings changing threats as forces adapt. I think it’s critical that companies invest in systems that will keep pace with the growing rate of change, from simple things like access controls and multiple factors of authentication that drive down from GDPR or PSD2 regulatory technical standards, right the way through to things like transaction monitoring and systems that spot the unusual.

The really key thing is to actually look at, and invest in, a vendor that has a forward-thinking view of all of this stuff, and will keep pace of change with the market as things evolve.

Rich Williams: That’s really great insight, Jon, and thank you very much for your time today.

If we think about the recent progression of regulations, such as GDPR over the last 18 months, we see that security measures, traditionally seen as additional, are now becoming commonplace and moving towards becoming mandatory, shifting liability for fraud and error in cases where they were not used previously.

It’s unsurprising that there's so much innovation in the industry in years to come. With technology advances and the inevitable rise of cyber-attacks, organisations must keep pace and invest in partners that can help them respond, without interruption to their business, as new opportunities and threats emerge. We clearly have a lot to look forward to.

Thanks everyone for your time today, and for listening. I think it’ll be good to re-approach this topic when we really start to see some of these things change, and to understand how to use it to your business’s advantage.

Should you wish to know more about this, please to take the opportunity to talk to any of us here at Bottomline.