I seem to be relentlessly blogging about fintech, cryptocurrencies and disruption these days. I guess because these are the things that are being discussed the most at the conferences I attend. So it’s easy to forget that there are key regulatory changes coming into play, and the consequences of these, probably because these things are boring.
Talking about Dodd-Frank or PSD2 just sends most of the audience to sleep, so you avoid going down that alleyway, but if you ignore these changes then it’s at peril as these are the things that are enabling new competition.
A great example is the PSD2 (Payment Services Directive update in Europe) which comes into force in sometime in Spring 2017 if all goes to plan. Within this Directive, there is an explicit requirement for banks to provide Third Party Payment Processors (TPPs) access to account information on demand. This is so that payment processors like PayPal and Stripe can process payments without having to go through the card schemes or get approvals from other intermediate service providers. It’s direct account access with the payee’s bank details. The problem that banks have with this is the law of unintended consequences.
Take the first PSD. The first PSD, implemented back in November 2009, started the harmonisation of the European Payments Markets and reinforced the move to SEPA, the Single Euro Payments Area, that had been developed by the banks over the past decade. The unintended – or was it intended? – consequence is that any company could apply for a payments licence.
A payments licence is an interesting nuance, as it allows companies without full banking services to process debits and credits. That means that you can have companies like Holvi set up to look like a bank, feel like a bank, operate like a bank …
… but it’s not a bank. It’s a licenced and passported across Europe payments service provider.
There are others like TransferWise, who don’t even process payments. They just transfer information by matching requests to move money across borders, and moving the information between account holders to enable remittances. It has to be a payments institution in order to do this, but it's not a bank or full deposit taking company even though it looks a bit like one.
There are many others out there who are noteworthy but the reason I pick on Holvi and TransferWise is that they both look like banks to the user, when they are not.
Now add Third Party Account Access to the equation and what have you got? These rising stars being given full access to all customer information about their bank services, with none of the obligations of a bank. In fact, the European Commission has made it clear that if there’s a problem with a bank transaction – fraud, mistakes, requests to reverse transactions, etc – then the bank will be held accountable as the first port of call for the regulator. That means the bank would have to prove it was the Third Party who caused the error. All in all, this means that the regulators are creating more competition by opening the banking system and lowering the barriers to entry whilst, at the same time, holding banks accountable for all the risk and compliance exposures this creates.
Seems a bit unfair to me, but who am I to comment?