Payments Views

Making Digital Access Work in eGovernment Payments: Principles of Pro-Poor Design

2021-10-08T14:59:10Z

Time to Read: 7 minutes

Highlights:

Design for low-income citizens is essential for successful eGovernment services
Glenbrook has identified pro-poor implementation success factors: channel selection, payment methods, fee structure, and education
Goal centered design brings the considerable benefits of eGovernment to all citizens

Expanding eGovernment Services to the Poor

eGovernment, which includes both online service delivery and, where applicable, digital payment for government services, is no longer just for wealthy countries. To reach low-income families, however, eGovernment programs in developing countries must be intentionally designed. Otherwise, these initiatives risk being accessible only to wealthy citizens.

Design of ePayment solutions and eGovernment services requires planning and strategy regarding payment channels, citizen costs, and enabling programs (awareness and digital literacy) to ensure the substantial benefits of eGovernment reach all citizens.

According to the 2020 United Nations E-Government survey, all but one of the 193 member countries have a national eGovernment portal to improve service public sector access and transparency. Online service delivery for government-to-citizen and government-to-business services grew rapidly between 2018 and 2020. UN member states provided, on average, 14 of the 20 services identified in the eGovernment survey (below). This represents a 40% increase over 2018 in online government service delivery.

Source: UN E-Government Survey, 2020

Despite this very real progress, a recent benchmarking analysis of government ePayment services conducted by Glenbrook suggests that multiple eGovernment programs in the developing world lack solid pro-poor design. Our work also revealed a range of effective practices for service of low-income citizens by certain developing countries.

The following is a summary of our findings.

How Digital Access to Government Services Benefit Citizens

By digitizing both the service delivery process and the payment mechanism, citizens reap considerable cost and time savings. Through everyday phone-based interactions, they may access services and pay using familiar e-money systems.

Consider the Indian state Karnataka’s use of the MobileOne platform. It offers digital access and payment capabilities to over 1,000 government services. By using digital payments, users report the ability to earn an additional INR 1,000 – 3,000 (USD $10-15) a month because they no longer have to travel during business hours to government offices to transact in person.

For those living far from government offices, digital access expands accessibility. Senegal’s The Customs School provides a good example of eGovernment services. Once it digitized the payment process for entrance exam registration, registrations increased by 50%. The school noted that most of the additional registrations came from candidates located outside of the capital city, Dakar. Users of the digital platform estimated a per-payment savings of at least USD $8 on transportation costs.

Both the service delivery and the payment mechanism must be digital to
reap the full benefits of digital access to government services.
See Glenbrook’s post on the eGovernment – ePayment Conundrum

These successful examples of eGovernment service implementations can be powerful motivators for further use of digital financial services. Since all citizens, regardless of demographic, need to avail themselves of government services, provision of citizen-to-government digital payments increases the utility of digital transaction accounts.

The goal is to encourage signup and use of these accounts among the financially excluded. As some government payments happen on a recurring basis (e.g., utility payments in many countries), citizen-to-government payments may help citizens gain familiarity with digital payment options and thereby build confidence in the use of digital financial services in other contexts.

Three Implementation Best Practices That Promote Pro-poor Outcomes

Choose the Appropriate Channels and Payment Methods

To ensure success, governments need to be mindful of the existing level of technology access and comfort among their citizens. In countries with low smartphone penetration, rolling out an eGovernment portal exclusively through a smartphone-based mobile app only serves to benefit the smartphone-toting few. This basic design error reinforces the divide between wealthier smartphone users and the rest of the population.

To truly make eServices and ePayments available to all citizens, governments must assess citizen technology capabilities, i.e. internet/computer access, smartphone penetration, feature phones, etc., and then deliver appropriate channel solutions. Where necessary, governments must consider solutions that bring additional information communications technology (ICT) infrastructure to citizens.

Rwanda provides an example of a well-thought-out channels strategy. According to the ICT and Innovation Minister, mobile phone penetration stands at about 80%, while smartphone penetration stands at about 15%. When rolling out its one-stop-shop government services portal, Irembo, in 2015, Rwanda’s government made the decision to enable payment access via mobile money using a USSD menu. Users with feature phones can readily access and pay for government services. To further extend reach to those without any phone at all, the Rwandan government partnered with an existing agent network so that Irembo agents, for a small commission, can assist citizens in requesting and paying for government services.

System design needs to accommodate gender differences. A recent study by Caribou Data in collaboration with the Bill and Melinda Gates Foundation found that, among smartphone owners, women are more likely to favor USSD access to mobile money services.

Moreover, a persistent mobile phone gender gap persists in developing economies where women are less likely to own mobile phones than men. This suggests that enabling USSD access and agent access for eGovernment services and government ePayment may especially promote women’s access to government services. Excluding these channels could exacerbate existing gender divides in digital financial services.

Pro-poor Fee Strategies

That citizens save time and travel costs through digital access to government services is nothing new to governments. Some have tried to capitalize on this savings by charging fees to citizens for the convenience of paying digitally. These costs may be in the form of ‘convenience fees’ or ‘surcharges’ on the processing cost. The GSMA notes that citizens are willing to pay reasonable fees for transactions with government agencies. However, that willingness decreases for frequent or low value transactions. This suggests that citizens will choose a digital transaction only when the benefits outweigh the perceived cost of transacting in cash.

To encourage use, governments may consider foregoing convenience fees and absorb part or all of payment processing costs. Consider Rwanda as an example once again. The government absorbs payment processing costs and charges no convenience fees for use of its Irembo platform. For transactions done through its agent network, the Rwandan government covers the agent commission fee for a select set of common services such as birth certificate access. For less frequently needed services, the citizen pays the agent commission, however these fees are capped at 500 RWF (USD $0.50). By charging no or very low fees, the government has widened access to economic benefits for those at the bottom of the pyramid.

Awareness and Digital Literacy

A government may build the best eGovernment platform and establish the right channel strategy, but for real uptake of digital services, citizens have to know:

That the service exists
That there are real benefits for using the service
How to access the service simply and reliably

Awareness and digital literacy campaigns must be prioritized to educate the target users.

Governments have historically struggled with raising sufficient awareness for their ePayment channels. A landscape study on person-to-government payments in developing countries by Karandaaz found that insufficient investment in consumer awareness remains a key barrier to consumer uptake of eGovernment services.

Know Your Citizens

While some governments simply do not prioritize investment in consumer education, others may be investing ineffectively. Karandaaz discovered, for example, that almost none of the organizations studied had conducted market research to determine the most effective messaging for their outreach efforts.

Assumption of responsibility for awareness raising can also be a barrier. Is it the government’s responsibility, or the responsibility of the payments service providers, or both? Successful efforts often involve a collaboration among stakeholders with both government departments and payments service providers sharing in the effort.

When the government of Kenya launched its one-stop-shop eGovernment portal, eCitizen, in 2014, it enlisted the support of mobile money providers in the market to promote use of eCitizen through the mobile money channel.

Conclusion

Governments are supposed to serve everyone. Yet all too often, for citizens residing far from the capital city or in rural areas, government services may be prohibitively difficult to access. eGovernment solutions that offer both digital service delivery and payment capabilities can bring government closer to the people. They also promise meaningful, positive impacts in terms of time and cost savings for users.

However, to reach all citizens, especially those with limited technology access, who may be lower-income, and less familiar with digital financial services, governments will need to be intentional in their implementation or risk exacerbating existing divides.

Key steps in effective system design include:

Selection of appropriate digital channels and payment methods to reach all citizen regardless of their level of technology access
No- or low-costs for citizen-to-government payments and citizen benefits access
Investment in education through targeted customer awareness and digital literacy campaigns so citizens know why and how to access digital government services

Built with these principles, eGovernment programs have a better shot at reaching their full potential in bringing government to the people.

If you are a policymaker, infrastructure provider, or financial services provider thinking about any of these challenges, we would love to hear from you.

About the Author

Laura Dreese is a Senior Associate with Glenbrook’s Global Practice. She comes to Glenbrook with 8 years’ experience working in microfinance credit and technology solutions on a global scale. Laura holds an MBA from Columbia University and a BS from the University of Wisconsin Madison.

The post Making Digital Access Work in eGovernment Payments: Principles of Pro-Poor Design appeared first on Payments Views.

The Open Banking Phenomenon, Explained

2021-09-30T12:45:21Z

Time to Read: 9 minutes

Highlights:

An introduction to open banking, its key concepts, and implications for payments industry participants
A framework for understanding open banking principles
Adoption and usage statistics

What is Open Banking and Why Does it Matter?

Over the last few years, the concept of open banking has gained popularity with numerous banks and fintechs eager to upend the traditional banking experience. Driven by regulation and market dynamics, open banking is taking root around the world. To guide this global phenomenon, open banking regulations are going into force in Russia, China and Southeast Asia. Mexico, Brazil and Japan have announced their plans for formal regulations. In the U.S. open banking has primarily been market driven, however the CFPB has signaled their intention to propose regulation.

In light of these announcements and already existing regulations in Europe (PSD2 and GDPR) and the U.K., we at Glenbrook believe it is useful to provide an introduction to key open banking concepts for those not already familiar with the topic.

At a fundamental level, open banking is the permissioned exchange of banking information from traditional financial institutions to third-party providers (TPPs) in order to facilitate innovative applications and services. Third-party providers can be defined as organizations or intermediaries using APIs to access customer financial data or as providers using this data to create new products and services. Examples of TPPs include:

Fintechs
Networks
Financial Institutions
Payment Service Provider
Merchants
Credit Rating Agencies

Glenbrook’s Framework for Understanding Open banking Principles

Follow the three C’s: Control, Competition, and Choice:

Control – Open banking recognizes that consumers are the owners of their data, have the authority to grant permission to third parties to access that data, know where their data is being used, and have the ability to revoke permission at any time.
Competition – Open banking increases competition on multiple fronts. Breaking the former monopoly on customer data, TPPs can create innovative products and services that challenge financial institutions as well as other providers. Furthermore, by reducing the burden associated with switching banks, consumers can more easily move accounts, forcing financial institutions to compete to attract and keep customers by providing the best experience.
Choice – Building on the tenets of control and competition, open access to customer data creates a foundation for innovation, which in turn gives consumers more choice when it comes to the financial products and services they use.

How Open Banking Affects Payments Industry Participants

Open banking carries the potential to disrupt key members of the financial services industry. In most cases the participants—FIs, TPPS, and consumers—enjoy clear benefits, but those benefits come at an asymmetric cost:

Financial institutions will have to invest time and resources to API-enable their core systems. Such overhauls require a massive level of effort and investment.
TPPs will have to integrate with the financial institutions in order to create compelling customer use cases. In some cases, financial institutions will be working on both simultaneously.

Financial Institutions

Financial institutions, with their traditional monopoly on customer financial information, are the party with the most to lose. By exposing customer data and payment initiation capabilities to third parties, financial institutions face the salient risk of relegation to a background, purely utility role while the customer relationship shifts to the TPPs. The TPP builds the new improved customer experience while banks are stuck holding deposits and performing back-office tasks like compliance.

However, opportunities exist for banks in the open banking world. Smaller financial institutions, credit unions and large commercial banks can all benefit, with creative opportunities for innovation and partnership. However, financial institutions will not experience the paradigm shift the same way:

Smaller financial institutions and credit unions remain dependent on their core processors for enabling open data access via new APIs. Furthermore, these institutions almost always lack the budget and resources to execute a digital transformation.
Large commercial banks carry the two-fold burden of updating their infrastructure to enable data access through APIs while creating products and services to compete with other financial institutions and new third-party providers. They benefit, on the other hand, from large customer bases and established channels to expose new products and services.

Freedom to Develop and Integrate

While banks are required to provide access to TPPs—by regulation in some jurisdictions, by the market in others—there are no restrictions on banks acting as TPPs themselves. This means that banks can take advantage of other providers’ APIs to build a better customer experience for their own users.

In the UK for example, HSBC shifted its open banking ‘Connected Money’ app that includes account aggregation and folded those capabilities into its base mobile banking app. Barclays recently went further and created a payment initiation use case, which allows consumers to make payments from other financial institutions within their Barclays interface. In the U.S., banks have released their own APIs and developer portals for other banks and fintechs to leverage.

Examples include Capital One, Wells Fargo and Citi with numerous financial institutions using open banking and APIs to improve the customer experience.

API-enablement lets financial institutions improve technical efficiency. Screen scraping is taxing on physical infrastructure as a result of its high data load, bandwidth, and data storage requirements. Jeff Bezos famously required all departments within Amazon to expose data and functionality via APIs or risk getting fired. As a result, the business enjoyed enhanced internal performance and the opportunity to expose functionality to third parties. While initially daunting, wise banks are following the same path.

Finally, where not restricted by regulation, financial institutions can monetize open banking. Depending on the data value and the quality of the API access, organizations or developers may be willing to pay a premium for enhanced API access.

Neobanks

Neobanks are arguably the greatest beneficiaries of open banking. Digital-first and built on modern tech stacks, neobanks are able to easily digest banking API’s and provide real time account updates. Use cases vary by region with more mature models existing in markets driven by regulatory requirements. In the UK, for example, Atom Bank announced a partnership with Plaid to provide small business loans.

With access to historical transaction data and Plaid’s Payment Initiation API, the bank can streamline the lending process and provide real-time decisioning. In the U.S., many neobanks are forming partnerships with data aggregators to fund customer accounts and perform account verification/validation functions.

As adoption of open banking APIs expands around the globe, we expect to see even more uptake and nuanced use cases take flight.

Third-Party Providers

All participants of the payments and financial services ecosystem can participate in open banking as TPPs, an inherent characteristic of the new regime. Fintechs, networks, financial institutions, merchants, and even credit rating agencies can actively participate as both users of the information exposed by APIs to improve internal processes and as providers of new products and services. Arguably, any actor in the payments value chain can use open banking to its advantage.

Third-party providers, represented by both incumbents and new players, see ample opportunity in the market. Access to customers’ permitted financial data, previously enjoyed only by financial intuitions, creates opportunities for new business models, products, services, and revenue streams.

Potential examples could include:

A fintech such as Wealthfront might use a bank’s “Customer Data API” or a data aggregator such as Plaid or Yodlee to get permissioned access to consumer banking information in order to drive a personal financial management (PFM) app.
TAB Bank leveraging Mulesoft’s Anypoint Platform to quickly process small business loans. The bank could connect to MuleSoft’s APIs to get real time banking data and speed up lending decisioning for its customers.

From independent app developers to large technology companies (e.g., Apple, Facebook), open banking has leveled the playing field for delivery of financial services and what those services look like. Having greater variety in providers with unique perspectives and resources increases innovation and improved products. With a clear view of a customers’ finances, consumer-centric TPPs can provide targeted offerings that should increase customer loyalty and improve the customer experience.

No Open Banking Standardization Just Yet

A key challenge TPPs face is in implementing open banking APIs, and in cases where they do not exist, weighing the risks and benefits of alternative data access methods. Despite regulation in some markets, there is still fragmentation and lack of standardization in open banking API offerings.

For example, in the EU, PSD2 did not mandate specific standards. Rather, various standardization efforts emerged such as the Berlin Group, the Open Bank Project, and the Open Banking Implementation Entity. In the U.S. there’s several industry associations advocating for standardization.

The most notable is the Financial Data Exchange (FDX), a consortium comprised of financial institutions, fintechs, data aggregators and industry participants that sets technical standards for open banking APIs. In cases where APIs are not available, many TPPs are still utilizing screen scraping to gather banking data into their applications, posing a large security risk for customers and banks.

Accountholders and Consumers

The cooperation and coordination between financial institutions and TPPs benefits consumers and business customers alike. If open banking’s goals are realized, consumers will have more financial services and products on offer as well as improved functionality. They should benefit from better insight into their financial lives that enables them to make better choices and reduces the stress of financial management. The competition open banking enables, and the innovation it brings about, should raise the quality of products and services.

Finally, in a world where real-time payments are more prevalent with funds pushed instantly and irrevocably from account-to-account, well implemented open banking should improve the security of consumer banking login credentials.

Security Concerns

Despite the potential benefits, there are real risks in exchanging sensitive financial data. Without standardized security protocols, third parties are free to store and use data as they wish. Many third parties are still using old standards of data exchange and storage, which increases the risk of data compromise from bad actors. Even when third parties take the appropriate steps to increase security, there is still potential for other types of poor consumer outcomes.

As with any new technology, participants are still adjusting to the API ecosystem. In some cases, there are still issues with API availability leading to unsuccessful API calls. Downtime due to large-scale platform outages prevents consumers from accessing vital financial information, creating a poor customer experience, at best, and potential financial loss.

Potential Impact

We’ve seen some key global indicators that demonstrate this increased interest in and adoption of open banking across the industry. Financial institutions have responded with a massive spike in open banking platforms around the world. Developer adoption of the OpenAPI specification increased by over 68% between Q3 and Q4 2020. (Platformable). Adoption by consumers is increasing. The Financial Data Exchange (FDX), published their Spring 2021 API usage stats depicting steady growth in North America, touting 16M customers.

As we continue to witness higher adoption, we expect increased innovation and more sophisticated use cases within the space. There are opportunities for all parties in the value chain to benefit as long as steps are taken to address security and privacy concerns.

Questions for Stakeholders

Open banking offers substantial opportunities for third party providers such as fintechs, data aggregators and financial institutions. Incumbents tied to their existing business model face a looming threat. Some key questions remain for stakeholders participating in this ecosystem:

Third Party Providers

As providers of products and services to end users, where are there opportunities to innovate? What are key areas of exploration and investment? How can financial institutions, account holders and other providers benefit from innovation in this space? Will fintechs be at the forefront of innovation or will third party providers rely on innovation from financial institutions?
How can permissioned financial data be leveraged to improve business performance and aid in additional revenue streams? Are there additional opportunities to monetize data paired with unique product features or value added services?
With APIs at the forefront of secure data exchange, do you have the technical capability to connect or digest proprietary banking APIs? What are you doing to ensure sensitive information is used appropriately and safe from data compromise?
What types of strategic partnerships can be formed between financial institutions or other providers to gain additional customers and propel more sophisticated use cases? Who have you identified as competitors or potential partners in the space?

Financial Institutions

What is the right strategic response to open banking? What role does your institution need to play? How well positioned are your existing partners to support an open banking initiative? What are your direct competitors doing about open banking? Is competition, cooperation or a coopetition-based strategy the right way forward?
What services based on open banking and fintech can be brought in-house through internal development or through provider partners?
Serving the fintech community requires specific technical and business competencies. What is your level of readiness to address this market? What strengths in the areas of compliance, risk management, network sponsorship, and technology exist? How long will the window be open to serve the fintech providers before their needs are met by other banks?

About the Author. Heather Cerney has followed open banking regulations around the world since its inception in 2015. Heather helps lead Glenbrook’s research on banking innovation and open banking initiatives. Her background is in banking, having worked at Wells Fargo and Bank of the West prior to joining Glenbrook.

The post The Open Banking Phenomenon, Explained appeared first on Payments Views.

ACH is Hot

2021-06-09T19:42:03Z

Time to Read: 8 minutes

Highlights:

ACH, though a 50-year old payment system in the U.S., continues to grow
The ACH ecosystem is evolving to meet modern-day needs:
- Nacha, the rule-making body, plans to implement a series of enhancements that address shortcomings in ACH usability
- Dynamic payment service providers (PSPs) and fintech infrastructure players are innovating on top of this legacy system to provide cost savings and benefits, such as safety and security, to businesses and consumers alike

The ACH Ecosystem Expands

Electronic payments saw accelerated usage due to the COVID-19 pandemic and ACH was no exception. 2020 ACH transaction volumes increased 8.2% over the previous year, continuing a 10-year growth trend.

Some of this growth was due to the unique circumstances caused by the pandemic. However, as economic recovery continues, will the ACH system continue its steady pace of growth? Will consumers increasingly prefer having a “pay with my bank account” option as an alternative to card payments?

Data from Q1 2021 shows early indication of continued growth:

Source: Nacha

There is no doubt that ACH has its benefits: it’s low cost, it’s a “workhorse,” and it’s ubiquitous. But it is also not without its challenges. As such, Nacha is implementing a series of enhancements to address shortcomings. For example, new Account Validation and upcoming Data Security Rules will help originators reduce exceptions and better manage risk. An additional settlement window and increased transaction limits should increase Same Day ACH utility.

Furthermore, payment service providers (PSPs) that specialize in bank transfers want to make payment acceptance more cost-effective for merchants by offering an alternative to cards, and more consumer-friendly by providing easier ways to use a bank account to make a payment.

Let’s take a look at some of the trends and developments we’ve observed in the ACH payments ecosystem, first within ACH itself and then through enhancements from solution providers.

ACH Had a Banner 2020

ACH Transaction Count (billions):

Source: Nacha, Glenbrook

ACH transactions saw an 8.2% increase in 2020, compared to debit card transactions, which grew about 6%, and credit card transactions, which remained relatively flat (Nilson Report, February 2021).

While one-time stimulus payments delivered via Direct Deposit contributed to some 10% of the total 2 billion in incremental transactions last year, overall network growth reflects a broader shift away from check payments.

Same Day ACH, although representing less than 2 percent of total ACH transactions, grew 39% year over year. Some of last year’s growth can be attributed to the increased transaction limit, from $25,000 to $100,000, which went into effect in March 2020. As of March 2021, a third Same Day ACH settlement window went into effect to better accommodate West Coast originators. By March 2022, the transaction limit will be increased to $1 million. The new upper limit will be particularly beneficial for B2B transactions, but will increase ACH fraud concerns.

Same Day ACH Transactions relative to Standard ACH (billions):

Source: Nacha, Glenbrook

Enhanced Validation Necessary to Reduce ACH Exceptions

With increasing volumes and transaction limits, ACH shortcomings become more important to address. There is no authorization function, as in the card networks, to determine sufficient funds and guarantee payment. The lack of authorization, or even a simple way to verify account balance prior to debiting an account, often leads to revenue uncertainty for merchants, and costly NSF fees for consumers (in 2020 alone, banks reportedly made $30B in NSF fee income). Furthermore, the traditional methods to verify account ownership have been somewhat lackluster – both prenotes (zero dollar test to validate bank account information) and microdeposits are time-consuming.

As of March 19th, 2021, Nacha’s account validation rule for WEB debit entries went into effect to address the issue of excessive returns and exceptions. The rule specifies that originators implement a fraudulent transaction detection system that, at a minimum, verifies an account is open and valid. The rule does not specify that originators validate ownership of the account.

Nacha does not prescribe a specific way to meet its requirement. Nacha’s guidance indicates that standard prenotes and microdeposits can still be used. However, the rule making body also suggests a series of “preferred partners” and “certified vendors” that offer functionality above and beyond these traditional approaches.

Nacha defines two categories of validation providers:

Data Consortium Vendors rely on pools of data to validate account information
Credential Validation Vendors rely on online banking credentials to access account data such as balance information and transaction history
Some providers offer a combination of both

Source: Nacha Account Validation Resource Center

Solution Providers Build on ACH

Glenbrook has been watching various solution providers, noted for their differing approaches to making the ACH system more usable for broader use case adoption. Examples include:

Nivelo
Trustly
GoCardless
Square
Plaid

Nivelo.io has introduced a real-time risk scoring mechanism that leverages various data partners to confirm validity of routing number, account number, and identity. When combined with historical cash flow analysis and machine learning, Nivelo’s approach helps determine the likelihood that a transaction is subject to security threat or failure (for more on Nivelo, check out our Payments on Fire® episode with CEO and Founder, Eli Polanco, here).

Other providers specializing in ACH processing include payment service providers (PSPs), such as Trustly and GoCardless (we recorded a podcast with Chief Product Officer, Duncan Barrigan), which make ACH more merchant-friendly. Their core value proposition includes lower payment acceptance cost and fewer exceptions. While both companies initially started in Europe, they have since expanded into the U.S. market. They charge an ad valorem fee, and are betting that businesses are willing to pay a premium over standard ACH fees, because the cost is still lower than that of credit or debit acceptance. In some instances, they will offer a payment guarantee. Trustly, in particular, offers account validation through direct connections with banks, in addition to its bank transfer money movement service.

Square has partnered with Plaid for bank account validation, and recently announced that it will support ACH acceptance for invoiced transactions, charging a 1% processing fee (for reference, other SMB providers such as Intuit and Bill.com charge about $0.50 and 1%, respectively, for ACH acceptance).

The Plaid Bank Transfers beta will combine Plaid’s account validation and data aggregation services, with money movement as well. (Plaid’s plans to actually move money on behalf of its customers is among the many reasons the Justice Department vetoed Visa’s acquisition of the company. Visa would own two dominant payment networks.) As many of us in the industry are familiar with the now infamous volcano diagram, it will be interesting to see the company’s messaging around a more public launch of the product.

What’s on the ACH Horizon?

ACH will likely see further growth as the industry continues to digitize payments, and as Nacha implements additional rules and enhancements. Some of the upcoming Nacha rule changes for the remainder of 2021 include:

Data security requirements. Requires that Originators protect deposit account information, similar to tokenization standards set forth by PCI-DSS for card information
Limitation on warranty claims. Limits the length of time in which an ACH payment can be charged back, providing Originators with greater payment certainty
Meaningful modernization. Attempts to simplify the ACH user experience through guidance on authorization processes, technologies and channels, setting the stage for Request for Payment messaging

ACH is a ubiquitous and systemically important payment system. Even with faster payments slowly gaining traction, thanks to Nacha’s efforts to remedy various system pain points and the growing set of solution providers, use cases for overnight and Same Day ACH will continue to be plentiful.

Considerations for Implementers

The economics of ACH transactions are compelling, while risk management is complicated. The right combination of management tools and processes requires in-depth examination of risks at each point in the transaction flow, from initiation to completion via interbank settlement.
ACH is a ubiquitous payment system. Can added risk management functionality for ACH debit transactions render it “good enough”? Or is there a need in the market for instantaneous, push-only payments via real-time rails like RTP and FedNow? The trade-off is specific to use case and stakeholder.
How important is the speed of payment when considering Same Day ACH vs. alternatives?
Will consumers be more inclined to use bank transfers as a payment method if the provider combines superior UX design and experience with additional security measures in place to protect sensitive account information?

About the Author. Nicole Pinto is a self-proclaimed payments nerd and enjoys monitoring the competitive landscape across the payments value chain. She is particularly interested in non-card rails such as faster payments and ACH, and how fintech players are driving changes in payments and banking.

The post ACH is Hot appeared first on Payments Views.

The True Cost of Being Underbanked

2021-05-03T13:55:50Z

Highlights

It’s expensive to be a low income American, driven in part by the high cost of financial services available to such consumers. In this post, we break down where cost comes from, and how fintechs are changing the way working class Americans are able to access affordable financial products.

Fintechs have an opportunity to displace the traditional, high-cost services that target low income consumers. Through the consumer profiles we discuss in this piece, we can see that using fintech products instead of traditional services has a material impact on the financial wellbeing of low-income consumers.

Who Pays to Pay?

On the periphery of the payments ecosystem, a subset of Americans are paying millions of dollars each year just to transact. While payments professionals expect consumers to rely heavily on cards and ACH transactions, many financially marginalized consumers pay with cash, prepaid cards, and money orders. Many must take out payday loans for short term credit. The Financial Health Network estimates that in 2020 the financial services industry serving this market cost American consumers $255B.

But what does that number mean for individual consumers? And how can the industry improve the financial lives of at-risk consumers? To find out, we developed three consumer profiles and simulated the cost of financial services for each over the course of a year.

We take a look at how these three consumers get paid, save money, transact, and borrow. Our consumer profiles are informed by Glenbrook’s ongoing research into financial inclusion in the U.S. including conversations with stakeholders and desk research.

The “Conventional” Consumer

Figure 1: A year in the life of a conventionally well-served consumer

Let’s start by talking about the sort of consumer we, as payments professionals, are likely to have in mind as we develop new products.

Meet Andrew, a digital marketing professional in Los Angeles. He makes around $65,000 a year which is paid to him over the ACH network via direct deposit, costing him nothing to receive his paycheck. On top of that, he saves money in his Citi Savings account, which accrues very modest interest.

Even though he’s well-served, Andrew’s financial picture isn’t perfect. He relocated to LA to take his digital marketing job and needed to cover moving expenses. He had to take on a $1,000 revolving balance on a Capital One credit card. At an 18% interest rate, this costs him around $180 over the course of the year.

For everyday purchases, he uses his Chase Freedom Unlimited credit card and, after an annual spend of $22,000, earns about $331 in cashback rewards points.

Upon settling into his new apartment, he decided to buy an iPad for himself to catch up on reading for $300. He put this large ticket purchase on his Target credit card, and gets $15 back on the purchase.

His AT&T communications bill and his utility bill amount to $600 each month, and he pays them through Citi’s bill pay portal at no additional cost. He pays his $1,400 rent via ACH on his landlord’s website each month, which is also free to him.

After a year, Andrew has accumulated $169.53 in net income simply through his payments activity as illustrated in Figure 1.

The Traditional Underserved Consumer

Figure 2: A year in the life of a traditionally underserved consumer

Next, let’s meet Ross, a low income consumer using traditional solutions who works as a line cook at a restaurant in Ypsilanti, Michigan.

He makes $35,000 a year and is paid by check. He receives his salary biweekly and pays $3 to cash each check at the local Kroger grocery store. Over a year, he spends $72 on check cashing.

To cover some expenses between paychecks, he takes out a payday loan. He typically borrows around $300 dollars on a two-week loan at CashAdvantagePlus (not a real store, but representative of the sort of local financial centers that dot low income communities). This local payday lender charges $15 on every $100 borrowed. So the total cost of the loan to him is $45. If, on average, he takes out one of these loans per month, he spends $540 over the course of the year.

He makes his everyday purchases using cash, so that doesn’t cost him anything over and above his cost for receiving cash from CashAdvantagePlus or Kroger’s check cashing service.

Like Andrew, he purchased a $300 iPad, although Ross is buying his as a gift for his boyfriend’s birthday. To take advantage of a sale online, Ross purchases a prepaid card at Walgreens for $4.95 in cash and uses this payment method to buy the iPad from an internet retailer.

Ross pays his bills by postal money order. His AT&T and utility bills are each less than $500, so those money orders cost him $1.25 each. His rent is $725, so that money order costs him $1.75. He spends $4.25 per month at the post office in order to pay his bills, adding up to $51 for the whole year.

At the end of the year, his net impact in Figure 2 shows that he has spent over $667 on financial services. At least partially because of this burden, he hasn’t saved any money. He’s also spent a lot of time going to different stores and service providers, time that’s really valuable if you’re working long hours or multiple jobs. And it costs money to get around, an additional cost that’s not reflected here.

The Fintech Consumer

Figure 3: A year in the life of a consumer using new fintech products

Ross’s picture is bleak. He pays a lot and saves nothing. Now, let’s look at what the picture might look like for someone with the same salary but using fintech alternatives.

Meet Lena. She is a gig worker in Atlanta working for a (hypothetical) company called LocalDash, delivering goods from local stores to customers across town. She uses Cash App as her bank account, and receives her income via direct deposit thanks to the Lincoln Savings Bank account that sits behind her Cash App account.

Lena used to worry about when her paycheck would arrive in the mail and occasionally used payday loans to cover some emergency expenses in the past, but she can now access her funds two days early through earned wage access provider PayActiv. This costs her $5 a month, which is PayActiv’s membership fee. If you calculate that in APR terms assuming a loan term of two days, it amounts to around 16%, which is much more reasonable than what a payday lender would charge and lower than the rate charged on credit cards at this end of the market.

For her everyday spend, she uses Cash App’s Cash Card debit card product, and pays nothing to do so.

She also bought a $300 iPad to help with a creative side project she’s working on. Like Andrew, she purchases it at Target, but she checks out using Affirm. She takes out an Affirm buy-now-pay-later loan at a 20% APR over 12 months, which works out to around $33 in interest charges.

Thanks to the bank account that powers her Cash App experience (my colleague Laura touched on the mechanics of this in the previous post in this series), she’s able to pay at no cost her AT&T bill, utility bill, and rent via ACH.

As Figure 3 shows, she spends $65 on financial services over the course of the year, far less than the $677 that Ross had to pay. While Lena uses Cash App, Venmo or a neobank like Chime or Dave offer similar economics. Consumers in this space are savvy shoppers who might turn to Cash App for one set of services and Chime for another, or may stick to one provider to take advantage of the convenience of having everything in one place. Regardless, the end result is that underserved consumers now have greater opportunities to save, and fintechs are better positioned than ever to meet their needs.

What’s Next?

Fintech is not a panacea for the financial hardship faced by low income Americans. Black, Hispanic, and Indigenous communities remain disproportionately underserved by the financial industry. However, an increasing number of solutions offer bank-like services, often with FDIC insurance, direct deposit, etc. As we have demonstrated, these solutions are often less expensive and offer compelling value to consumers.

We hope that fintech providers will continue to create new affordable solutions for low income consumers. We’re watching this space closely to see how providers are stepping up to the challenge of better supporting financially vulnerable populations.

If this topic interests you, please reach out! We would love to hear from you.

About the Author

Justin Pituch helps lead Glenbrook’s research on financial inclusion in the U.S. Justin recently co-hosted a Glenbrook webinar discussing the potential for financial technology to alleviate the cost burden of financial services for low income Americans. Justin’s background is in treasury and banking consulting, but his first job was at a community bank in the Chicago suburbs.

The post The True Cost of Being Underbanked appeared first on Payments Views.

Raising Women’s Financial Inclusion in South Asia

2021-04-19T21:17:40Z

Zak Kazzaz co-authored this post.

Time to Read: 7 minutes

Highlights:

There is a set of high payoff steps necessary to increase financial inclusion of women in South Asia and other markets

Collaboration across the stakeholder ecosystem accelerates female participation in financial services

Glenbrook’s framework is an approach to evaluation and roadmapping

As financial inclusion efforts continue to scale across the globe, there has been a steady increase in women’s ownership of financial services accounts. However, the total growth can obscure the persistent gender gap in many regions. Despite that, digital financial services (DFS) promise to be an effective tool to help close the gender gap.

For example, a recent study on the uptake of M-PESA, a mobile money platform in Kenya, shows that 194,000 Kenyan households have been lifted out of poverty between 2008 and 2016. Women have shown the greatest benefits (MIT). Female-headed households saw far greater increases in consumption than male-headed households. This demonstrates the possibility of closing the gender gap and highlights the societal value of doing so. Closing the gender gap is essential to improving multiple aspects of a woman’s life including autonomy and empowerment, better outcomes for households and children, and overall poverty reduction.

Account Ownership by Gender

Characterizing the Situation

Recently, Glenbrook hosted a virtual workshop on International Women’s Day in South Asia to examine gender gap impact and determine potential mitigation strategies. Our global practice group has engaged in similar efforts to improve gender equity around the world through improved access to financial services by women.

Traditional and Digital Financial Products

Women utilize both traditional and digital financial products in the South Asia region. Providers have created products catering to women for different use cases. Given the multiple roles women fill and their limited access to financial products, female-centric offerings are prime for innovation.

For example, a local bank we spoke to has created niche credit and microfinance products for female entrepreneurs and small business owners. Oftentimes these products require no upfront collateral, helping to drive adoption by women. Additionally, USSD-based products have high adoption rates by women and are successful at driving access and usage of DFS.

Through our work, Glenbrook developed a framework to apply a gender-conscious lens to financial inclusion across three dimensions: product, communication, and account onboarding. When applied, this framework can help lower gender-specific barriers to digital financial services.

A framework to guide organizational change aimed at eliminating the gender gap

Product Characteristics

Our user research focused on women in South Asia. Their views on DFS were assessed using focus groups and in-person interviews.

The principal findings revealed that women are most concerned with security and convenience when it comes to accessing financial services.

Security and Privacy are Essential

Women tend to distrust digital access of financial services. Female users voiced concerns over the use of a personal phone number to sign up for an account as well as over a lack of data protection methods to prevent fraudulent use of their phone numbers. Similar concerns were found over account balance notifications that lack privacy controls. Women expressed their need for autonomy and confidentiality in their use of DFS.

To address these concerns, trust building product features and services are necessary. Examples include dispute mechanisms for mobile PIN issues (PIN reset procedures, linkage to personal information) and digital receipting to reinforce payment confirmation.

Targeted Messaging for Women

Several communication tactics proved to be most effective across multiple channels. This is a departure from the typical provider’s approach to ignore women and the impact of the gender gap on financial inclusion.

The Right Channels

Social media marketing and advertising campaigns are very effective because smartphone penetration is starting to increase among women in this region. Radio works to reach women without smartphones. Additionally, door-to-door is very effective when banks and organizations dedicate brand ambassadors. This person-to-person contact is especially important in rural areas and where financial literacy is low.

Opportunity exists to harness the power of agent banking to improve outreach to women. There is particular value in hiring and training female agents, as they are both trusted and adept at teaching women how to use mobile money products through such personal interactions.

Messaging Matters

Messages focusing on the female journey are effective. Meena is an example of a nationally recognized personality able to deliver an effective message to women. Meena’s messages address gender, child rights, education, protection, and development. Her story promotes social issues in an appealing and provocative way. Messages tied to women’s lifecycle events (marriage, childbirth) are also effective ways at gaining women’s attention.

Simplifying Account Onboarding

Beyond the development and communication of female-centered DFS products, women are often excluded at the point of access, facing logistical and legal barriers when trying to open a new account. Some jurisdictions require the presence of a male guardian (i.e., husband, father) for women to receive or renew an identity card. Competing needs, lack of reliable transportation, and exclusion from legal residency documents (e.g., property deeds, leases) raise further barriers. These impacts combine to drive down the issuance rate of government identity among women to a mere 55% in lower-income countries compared to 70% for men.

To be inclusive, providers should consider alternative or no-KYC requirements for products catered to women. Glenbrook previously analyzed how this can be done safely and securely, with more information found here.

Surging Interest in Serving Women

The good news is that NGOs, nonprofits, ICT (Information and Communication Technology) providers, and governmental organizations are working on these issues. Coordination among these players will increase the effectiveness of their efforts.

Glenbrook looks forward to supporting and strengthening this ecosystem of supporters as it works to improve women’s access and usage of digital financial services. The benefits to women, their children, families, and national well being are indisputable.

We welcome the opportunity to discuss this, and related, issues with you. Please contact the authors or simply connect here.

About the Authors

Heather Cerney focuses on the topic of financial inclusion in the U.S and around the globe. She’s particularly interested in the emergence of digital financial technology as an enabler to facilitate access and usage of banking products in underserved communities. She comes to Glenbrook with previous experience in the digital banking space.

Zachary Kazzaz is passionate about financial inclusion, having worked on programs in more than 15 emerging countries. He focuses on the strategy underlying new financial infrastructure and the associated products and services that encourage usage among vulnerable populations.

The post Raising Women’s Financial Inclusion in South Asia appeared first on Payments Views.

Where is Financial Inclusion in the U.S. Today?

2021-03-24T14:04:57Z

At Glenbrook, international financial inclusion work has long been a major focus area. Given the challenges racial equity concerns raises for the U.S., Glenbrook as a firm has returned our focus to financial inclusion here at home.

To begin that examination, we look at the state of financial inclusion in the US and what are companies doing to address it. We look at some of the reasons why people remain financially excluded and why this remains a problem. In subsequent posts Glenbrook will delve further into the myriad solutions directed at financially underserved and vulnerable consumers.

Financial Inclusion in the U.S. Today

According to a 2018 Federal Reserve Report, six percent of American households are considered unbanked. Another 16 percent of American households are considered underbanked. These people must reach outside of the banking sector to meet their financial service needs. This represents 22 percent of American households, or about 56 million adults.

Definitions

Unbanked: No one in the household has a checking or savings account.

Underbanked: While they have a bank account, these households have used an “alternative financial service” like a check casher, non-bank money order, or payday loan in the last year.

Why Are So Many Americans Unbanked?

In its biennial survey of unbanked households, the FDIC asks respondents why they are unbanked.

The most frequent reason, cited by nearly 50% of respondents in 2019, was “not being able to meet the minimum balance requirements set by banks.” This makes sense when we consider that “free” checking accounts often require a minimum balance or deposit activity to stay “free.” For example, Bank of America’s Advantage Plus checking account has a $12 monthly maintenance fee if deposit activity falls below $250 every month, or the daily minimum balance is lower than $1,500.

For low-income Americans living paycheck-to-paycheck, meeting those minimum balances is often not practical.

The second most cited reason may be more challenging for bankers to address. Thirty-six percent of respondents indicated a lack of trust in banks as a factor in not having a bank account. Distrust in banks has actually increased since the FDIC began asking this question in 2015. Over just four years, the percentage of respondents who listed not trusting banks rose from 30 to 36 percent of respondents.

This “I don’t trust banks” answer suggests that even if banks respond by eliminating minimum balance requirements and overdraft fees, there will still be a portion of the unbanked population that will continue to distrust financial institutions.

These gaps have opened up opportunities for fintechs to offer bank-like services without the baggage of “banking’s” reputation.

Why the Bank Account Gap Matters

When designed with low-income consumers in mind, bank accounts support financial security. Direct deposit, deposit insurance, debit cards, free ATM withdrawals, and access to affordable credit products like mortgages and auto loans, all contribute to financial wellbeing.

Let me be clear that having a bank account is not a cure for financial vulnerability. Wage growth has lagged well behind the rise in basic household costs during this century. Having a bank account isn’t going to make any of that go away, but the lack of one increases costs and challenges.

Without a Bank Account, It’s Harder to Save

The FDIC data shows that, among American households earning less than $30,000 per year, being unbanked is correlated with a significantly lower savings rate than for banked households. 46% of banked households reported saving for unexpected expenses in the last 12 months compared to only 24% for those without.

Why this correlation with higher reported savings? One hypothesis is that it is harder for the unbanked to save because the alternatives like cash or valuables carry significant risk of theft or loss. You could also save using a prepaid card, and while this may be a better option than cash, most reloadable prepaid cards come with bank-level monthly fees.

Alternative Services Cost More

Those without bank accounts are also much more likely to turn to alternative financial services that often come with hefty fees. Take check cashing for example. According to the FDIC data from 2019, those without bank accounts were almost 8 times more likely to report using non-bank check cashing in the past 12 months compared to those with bank accounts.

Check cashing, together with payday lending is a big $11B business. While individual fees vary wildly, even one of the more affordable check cashing options, Walmart’s Money Center, charges $4 to cash a check of up to $1,000. If a customer cashes a sub-$1,000 paycheck every other week, this still comes out to over $100 a year in check cashing fees. Fees would double if the paychecks were for more than $1,000 each.

Contributing to Inequality

Given the savings implications and the need to turn to these often expensive alternative financial services, being unbanked is another factor contributing to U.S. inequality. The unbanked rates for Americans of Color and low-income Americans are much higher than for White or high-income Americans.

Surging Interest in These Customers

Despite the starkness of the problem, the good news is that there has been renewed interest in serving the unbanked and the underbanked. An article recently published in American Banker describes how entrepreneurs are increasingly seeking to launch banks to cater to Black and Hispanic communities.

Fintechs are also becoming increasingly attractive bank alternatives. There are a growing number of fintech / bank partnerships — like Cash App and Lincoln Savings Bank — that provide bank-like features to unbanked fintech customers. The fintech manages the customer relationship; the bank operates in the background to provide ACH routing numbers, card network sponsorship, and FDIC deposit insurance. Through such partnerships, fintech customers get “kind-of” a bank account, likely without even knowing it.

Some customers may wish to work directly with a bank and don’t mind transacting digitally. For this group, the rise of digital-only banks has provided a host of options that tend to be low or no fee, often without minimum balance requirements. For example, Chime offers a checking account option with no monthly fee.

Consumers today have more alternatives to the conventional bank offerings of accounts, credit cards, direct deposit, and bank portals than ever before. Next gen fintech alternatives include mobile wallets, neobanks, buy now – pay later installment lending, and earned wage access are filling some of the gaps we have discussed. The traditional “alternatives” of the past like cash, payday loans, check cashing, and money orders are seeing declining use as these next generation solutions emerge.

The jury is still out on whether these next gen alternatives can solve the financial inclusion problem in the US. What is certain is the amount of momentum and excitement around this issue today.

Stay tuned for further posts on financial inclusion in the U.S. and what is being done about it. And reach out if you’d like to discuss this important concern with us.

About the Author

The post Where is Financial Inclusion in the U.S. Today? appeared first on Payments Views.

Will Digital Cash Be the New King of Payments?

2021-02-26T18:15:03Z

First of a series on Central Bank Digital Currencies

Central banks around the world are in the process of developing digital cash, commonly known as central bank digital currency, or CBDC. At Glenbrook, we’re kicking off a series of Payments Views posts that explain CBDC and its implications for various aspects of the payments value chain.

In this post, we start with a couple of basic concepts: what is digital cash, what is CBDC, and why is 2021 a pivotal moment for CBDC?

What Is Digital Cash?

To understand what “digital cash” is, it’s useful to define what cash is and how it relates to other forms of money. We divide the sort of money that we hold into two categories: notational and token-based.

Notational Money

Think of notational value as the money stored in your Chase bank account or on your Venmo app. The funds in these accounts represent value, and can be credited or debited from other accounts.

Token-based Money

In contrast, cash is token-based. Whether a coin or a paper note, cash is not a representation of value, but a store of value. Funds are transferred not through debits and credits but through the transfer of the token itself. For example, I can exchange two quarters for 20 minutes of parking on the street in Berkeley, California. Another aspect to note: tokens can be lost. If one of the two quarters falls out of my wallet and rolls into a sewer drain while I’m standing at the meter, the token is gone forever.

What Is CDBC?

The idea of creating digital cash isn’t new. Companies like DigiCash, CyberCash, Mondex, and others explored digital coins during the 1990s. None stuck. An early concern was that tokens, like any type of digital file, could be copied, creating a digital version of counterfeit bills. This fear was assuaged, in part, by the introduction of new encryption technologies like public key encryption. However, you still had to trust your digital cash provider to keep your tokens safe and secure. The emergence of bitcoin in 2008 was a breakthrough in terms of trust. By distributing encryption across a ledger and deploying well understood encryption in a novel fashion, users could trust that their digital tokens would not be counterfeited.

But even as the value of bitcoin climbs, and a cottage industry of startups makes the digital currency more convenient to spend at the POS terminal, the notion of bitcoin as a transactional instrument remains a novelty (at least outside of the dark web).

Inspired perhaps by bitcoin’s success, Facebook believed in the transformational transactional potential of digital coins and spun up Libra (now known as Diem) with development beginning as early as 2018 on this Facebook cryptocurrency. Libra was envisioned as a blockchain-based currency that could be used for transactions by all Facebook users. The project touted lofty goals of financial inclusion and promised to unite the world through a single currency.

Lighting the CDBC Fire

This spooked central bankers, who were concerned that a currency used by Facebook’s billions of users would have adverse effects on their ability to control macroprudential policy. After significant backlash, Libra 1.0 became Libra 2.0, a coin pegged to the value of real-world currencies including the U.S. dollar and euro.

Despite these changes, central banks had already been catalyzed to act and began working on their own digital cash projects, or CBDCs. It’s worth noting that some countries had been working on CBDC projects prior to the introduction of the Libra concept, but the project clearly spurred central banks to act more decisively. More governments have entered into CDBC development.

Beyond keeping control local over their domestic currency, CBDCs are attractive to central banks for a number of reasons:

Depending on a variety of design options (that we will get into in subsequent posts), CBDCs could give governments greater insights into how money is spent
In times of economic uncertainty, CDBCs can be programmed to accommodate negative interest rates
CBDCs can be coupled with novel payment systems to facilitate instant payments to shift volume away from global card giants Visa and Mastercard, making domestic transactions less expensive
Digital cash is also cheaper to mint that physical currency
And, for the most ambitious CBDC developers, digital currencies represent an opportunity to unseat traditional reserve currencies like the U.S. dollar

Why Is 2021 Pivotal for CDBC?

Today, only one country has launched a CBDC: the Bahamas, with its digital Sand Dollar. However, R&D is well underway across the globe. China has been particularly ambitious in its pilot of a digital yuan, and is additionally exploring the idea of creating a regional digital currency to facilitate trade across east Asia. In the United States, the Boston Fed is working with MIT to develop a prototype CBDC, announced in 2020.

As we continue to observe progress across the numerous countries testing the CBDC waters, we will publish a series of further Payment Views posts exploring the effects of government-backed digital currencies on consumers, merchants, and payments providers. We will examine design considerations for governments and opportunities for ecosystem participants to add value to CBDC projects.

We look forward to taking this journey with you.

The post Will Digital Cash Be the New King of Payments? appeared first on Payments Views.

Why Risk Management is a Team Sport

2021-02-09T17:14:53Z

In today’s world, risk management and security are front and center topics for every enterprise. And because money is money, the management of payment risk and security has to be a priority.

In this chapter of our Merchant Payment Operations series, we look at top of mind payment and security risks facing today’s enterprises and the essential steps you should consider when improving your controls environment.

As a reminder, the foundation of effective payments risk management is the Money Team. It’s the Money Team’s job to oversee payments functions across the organization. As we will see, because risk management is complex and applies across the entire organization, the organizing role of the Money Team becomes particularly beneficial. The Money Team’s purview extends across all areas of merchant and biller operations. With a cross-functional remit and with representation from across business lines, the Money Team ensures risk management concerns will be addressed holistically.

Read more about the Money Team and its functions here.

What’s Your Risk Profile?

Risk tolerance is highly specific to each enterprise. Each company makes its own determination on how to mitigate risk and where to invest in controls to do so.

It takes a thorough risk assessment process to make those decisions because only through a complete investigation can risk be quantified. A comprehensive risk assessment is necessary to protect your interests. And that is another reason to put the Money Team’s risk experts to work.

In Glenbrook’s payments strategy consulting work, we use the following Payments Risk Taxonomy to lay out the major categories and types of risk to be assessed.

Let’s review the Payments Risk Taxonomy in some detail:

Business Risk

The systems, processes, and people that touch money are components of Business Risk.

Automation Risk. Payments handling is dependent upon automation. Included here are a wide range of IT operational risks ranging from inadequate authentication processes to business continuity in the event of a natural disaster or a pandemic. Think of the deeply systemic role that IT plays to appreciate the myriad ways tech compromise and failure can impact the enterprise. And consider the distributed nature of responsibility for those functions across your organization.

People Risk. People Risk extends well beyond the classic case of the insider enabling external criminal activity. For example, many payments industry companies had to manage the risks of moving thousands of their employees into work from home mode at the COVID-19 pandemic’s beginning. Process changes were required and with changes potential process errors are introduced. Mitigation steps include up-to-date training, regular process reviews and reevaluation, plus incentives that align with risk and security goals. Consider how broadly these roles and responsibilities are distributed across your company.

Vendor Risk. Many payments functions are provided to the enterprise as services by partner companies. These vendors provide essential services but they also introduce risk. Strategies exist to mitigate vendor risk because service level agreements (SLAs) cannot directly address or adequately compensate the company, for an extended service outage, for example

The enterprise must regularly receive evidence of security compliance as well as verified regulatory compliance. Compliance at this level is table stakes for a sound vendor relationship. There are far too many instances of lapses by a partner company impacting their customer’s operations, and ultimately reputation. Vendor risks and controls must be verified during the RFP process and vetted continuously throughout the life of the partnership. Indeed, monitoring vendor compliance is part of the Money Team’s responsibility.

Even with maximum use of third party outsourcing, it is still the Money Team’s responsibility to maintain and improve the firm’s risk management capability. Think broadly about all the vendor relationships you rely on for processing payments. How often are these relationships reviewed from a financial, operational, and reputation standpoint?

Settlement Risk

Access to money and the cost of that access comprise Settlement Risk.

Timing Risk. In treasury management, timing is everything.. Every payment system moves money into and out of the enterprise’s accounts with distinct metrics and associated costs. Should the proceeds of a day’s sales show up a day later than scheduled, the enterprise may be subject to a cash flow shortfall – a painful position to be in if commitments against those funds are in place.

Credit Risk. Payments require two end parties to complete a transaction, and credit risk is the risk that one end party can not meet its obligation to pay. In enterprise payments, these risks can emerge when payment service providers are unable to settle funds to the enterprise’s account. Today when every size business is “going global”, a new sanction or geopolitical hiccup can create credit risk.

Currency Risk. For businesses accepting payments from or initiating payments to another country, currency fluctuations affect transaction profitability. Timing risk adds to the complication of managing cross-border and cross-currency transactions.

Think about the payments your organization accepts. How well do the teams responsible for processing these payments understand settlement risks and the controls required to optimize cash flow and mitigate unfavorable outcomes?

Legal Risk

Legal risk is the risk that the enterprise is in violation of contract terms, government regulations, or operating rules. These violations have ramifications to the enterprise beyond fines and penalties.

Regulation Risk. Municipal, state, national, and international regulations prescribe how payments are handled and funds held. Changes in government regulations can challenge payment operations. New regulations can literally reshape markets. Payments regulations can be direct, specific to a payment transaction process, or indirect, such as data or privacy laws that surround transaction processing.

The ability to comply with and nimbly respond to regulatory change can be optimized through thoughtful technology vendor selection as well as other controls.

Rule Risk. Payment systems operate under a set of business rules to which direct and indirect participants must conform. While indirect participants may not have a contractual relationship to the system operator, they may be subject to the system’s rules as expressed through their contract with the direct system participant. A card accepting merchant does not, for example, have a contractual obligation to Visa or Mastercard. But should one or both of the card networks make a rule change, the merchant’s acquirer will pass the relevant obligations to the merchant. System rules changes can enfranchise a new business model and, as quickly, kill off another.

Contract Risk. Compliance to contract terms is at the center of vendor management. Concerns go beyond delivering on SLAs. Contract terms should require vendor compliance to all applicable rules and regulations. Performance audits are generally necessary to assure contract compliance.

If the vendor falls out of compliance, risk may fall onto the enterprise. While a contract may spell out the remedies should a vendor fail to deliver, those remedies may do little to compensate for the real damage to the business. Mitigating this particular risk may require the use of redundant providers.

Think about the contracts, operating rules, and regulations underpinning your payment operations. How easy is it for your people to gain access to, understand, and implement these obligations?

Focus on the Right Things

Anticipate Change

Resilience in business includes preparation for the unexpected. COVID-19 has revealed how unprepared many businesses were for the shift to “touchless” commerce.

Many businesses have scrambled to add or expand their digital payment capabilities. The surge in new online accounts meant that one in two of these transactions were flagged as high risk. And many of these new to digital channels have been confronted by fraud. Per a NuData report, the increase in ecommerce chargebacks was 36% and the increase for buy online pickup instore (BOPIS) was 124%.

Others who have seen their volume shift to online channels have discovered that fraud detection is now more complex. Good customers have shifted channels. Pandemic induced changes to shipping addresses have been common as people moved to temporary locations. Such changes complicate fraud detection.

[Take a listen to our Payments on Fire® podcast discussing this issue.]

These stats highlight the need to manage all “channels” and technology in an integrated fashion. A strong Money Team and well documented risks and controls make anticipating and preparing for change easier.

Control Risk, Maintain Compliance

Controlling risk is more than “complying with the letter of the law”. System rules and government regulations often lag the technology advancements that businesses (and fraudsters) use on a daily basis. While rules and regs often do not require certain controls, at the end of the day it is the obligation to the customer and ultimately the reputation of the business that informs risk mitigation. Going beyond mere compliance often is the better choice, provided the choice is based on study, judgement, and prudence.

For example, e-commerce controls are available and necessary at multiple points in a transaction. But how many controls and where to place them is critical in balancing risk with a smooth customer experience. Some questions to ask when analyzing an ecommerce customer journey include:

What controls are necessary at login to prevent account takeover (ATO) via bots or more complex attacks?
What controls are necessary post login as the user journey continues?
How might rewards, coupons or other incentives entice fraudsters?
How are fraudster attack vectors used across multiple fraud schemes?
How can preventative steps in each channel complement one another so that all channels benefit?

These questions highlight the need to employ a cross-functional team in order to identify and to focus on the right tasks. Risk management in particular benefits from coordinated action.

We have pointed out the suboptimal results that stem from siloed perspective and actions. Don’t just look at login page hacks. Include account confirmation pages, checkout, and payment pages. Fraud mitigation is a complex discipline that demands a layered approach. And techniques that worked only last month are quickly circumvented. Hackers are sophisticated. For example, bots that mimic human behavior are commonplace. CAPTCHA controls were initially subverted by fraudster-staffed teams who manually complete these forms when bots cannot. More recently fraudsters are using AI to provide correct responses once thought only possible with human cognition. This is an arms race that demands in depth collaboration.

Hacker Sophistication Demands Cross-Functional Defense

Security requires defense in depth. Hackers have increasingly powerful tools at their disposal, abundant time, zero rules or regulatory oversight, and multiple targets to exploit within your enterprise, each of which is susceptible to various methods of attack.

Building a multi-layered defense is hard. One layer manages who is getting access to your system and what users do as they traverse it. Authentication at login is a first line of defense and it is a target under significant pressure. Account takeover (ATO) attacks, augmented by bots able to emulate human behaviors, are proving to be increasingly effective.

The use of multiple techniques that look not only at the actual login step but also at the behavior on payment confirmation and checkout pages is required. And this e-commerce transaction flow is just one of many possible targets.

Understanding how these attack vectors are used across different fraud schemes is critical to the selection of the right controls. Building an adequate defense requires the participation of those who understand how fraud is conducted and those who understand the applicable technologies. Together, strong procedural and technical controls can result. Otherwise, the enterprise is doomed to play an expensive and losing game of fraud “whack-a-mole.” This is yet another benefit of cross-functional collaboration.

Ask: Should We Keep Doing It This Way?

With the Money Team in place, the power of collaboration can be put to work. And it can start with a review of basic assumptions.

Most decisions made years ago were right at the time. But risk mitigation and security options have expanded significantly in just the last few years. Asking “why are we doing it this way?” is a healthy exercise that, in our payments strategy consulting experience, can improve security. An example of this might be the elimination of merchant-owned systems when outsourced options are available. Oftentimes system and process simplification through automation and outsourcing reduces cost as well as risk..

A rigorous payments process review produces real benefits.

Prove It: To the Auditor and to Yourself

For a time, proof of compliance with the applicable security standards was viewed as sufficient evidence that controls were in place. Yes, demonstration of PCI compliance is an important checklist item for card acceptance security. You have to satisfy your acquirer that your controls are up to snuff.

There are many ways to prove compliance. An entire industry has been built around PCI compliance so that you can demonstrate to your card acquirer and insurer that you meet an external standard. However, as the merchant or biller adds other forms of payment (ACH, PayPal, etc.) different compliance requirements apply, and new security concerns arise. Complexity increases.

Proving risk management strength to yourself is another matter. That process review is a great start. Another step is external validation through penetration testing. You hire “white hat” outsiders to employ the latest hacking tools and tactics in order to reveal the unknown risks compliance testing cannot find. Taking this idea a step further, “red teams” that attempt to game controls via fraud schemes can highlight weaknesses before real fraudsters exploit them. Hopefully.

In the end, the goal is to prove to yourself and your organization that your risk management controls are adequate to meet your company’s ’s risk tolerance.

A Board Level Concern

Risk management and payment security are board level concerns. A breach may cause lasting, and expensive, reputational damage. Legal costs and network fines can mount. An ecommerce retailer that cannot process payments for an hour in December loses real money. It is the Money Team’s responsibility to surface and quantify these risks so that enterprise leadership can direct risk mitigation investments.

The board sets the “tone at the top” and the organization’s risk appetite. Risk in some areas may be worthwhile and in others entirely unacceptable. It’s the board’s job to make those determinations. And to make sure executive leadership carries out the board’s directions.

The Money Team’s work can inform leadership, providing insights into the mechanics, probability, severity, and control options for payments risks.

This Takes Work

This chapter demonstrates risk management’s complexity. That complexity demands cross-functional assessment and mitigation. The knowledge required to meet the challenge goes well beyond that of a single line of business, a single payment method, or organization.

Starting with a thorough risk assessment – risks categorized and characterized – the organization is able to establish a framework for ongoing assessment, reporting, and process improvement. Risk-based resource allocation can then be made. Without that level of leadership and comprehensive, collaborative participation, inefficient implementation of controls is as good an outcome as can be expected.

Risk management and how it fits within a merchant’s payments operations is a major component of Glenbrook’s payments strategy consulting work. Do reach out to get answers to any questions or to discuss your payments roadmap.

The post Why Risk Management is a Team Sport appeared first on Payments Views.

Merchant Payments Operations: Accounting and Reconciliation

2020-10-20T00:40:41Z

A core component of Glenbrook’s methodology for assessing a merchant’s payments operations includes review of certain processes managed by the business’s accounting team, particularly the level of effort required to reconcile payment activity.

The business’s accounting team is responsible for a variety of fundamental financial activities, including record keeping and reporting, accounts payable and receivable, payroll, and financial audits and controls.

Among the team’s responsibilities that are affected by payments operations is payment reconciliation, a key function that helps ensure the general ledger is complete and ready to produce timely and accurate financial statements. Reconciliation is a necessary task across all of the payment systems that the business connects to: cards, ACH, digital wallets, and more. Reconciliation is also critical for financial, compliance, and risk audits, especially for merchants and businesses with money transmitter licenses. Fintechs, take note!

Reconciliation is a complex job that calls for automation. Variations in cutoff times, inconsistent currency conversions, uneven support of data formatting and naming conventions across banks/PSP/acquirers are all challenges that the business’s money team must address.

We’ll examine each of these challenges in more detail below, and highlight some best practices that we recommend to our clients.

Rethinking Reconciliation Strengthens Operations and Positions Teams for Broader Contributions

Reconciliation is the process of comparing the status and amount of authorized transactions to the settled funds received. This generally involves three data sources: the business’s own order system, transaction data from the acquirer or PSP, and bank statements. To accomplish this, the business has a few reconciliation methods to choose from:

2-Way Reconciliation: The merchant compares only 2 of the 3 data sources, orders against transaction data for example. This is a sub-optimal path for obvious reasons, as it is an incomplete reconciliation.
3-Way Reconciliation: The merchant compares transactions logged in their internal system to reports generated by its payment providers, and then to the bank accounts where settled transactions are ultimately deposited. This improves visibility but data shortcomings inhibit total transparency.
Transaction Level Reconciliation – This path produces the clearest picture but is difficult to do as bank statements generally do not support transaction level data, instead providing aggregate data to match to the sum on the order and payments reports. Further, PSPs and acquirers do not all support transaction level reporting, particularly for non-card transactions.
Aggregate Level Reconciliation – This path is the most common but without the underlying numeric detail it is hard to produce crisp reconciliation results. Variations in cutoff times for processing and reporting, reporting of chargebacks and reversals, currency exchange, and simple time zone differences add further complexity.

When discrepancies between any of these data sources exist, exceptions are generated and an investigation is required to determine the discrepancy’s cause. This can be a daily task requiring that each day is used to investigate the prior day’s exceptions. If the business operates globally, even the definition of a “day” becomes less clear.

Depending upon merchant size and sophistication, the reconciliation process can be highly manual. We continue to find even very large merchants using spreadsheets to identify exceptions and generate accurate reports. Smaller merchants operating in the point of sale and remote commerce or online domains face similar challenges, especially when using multiple payment service providers.

Not only is this repetitive manual work tedious and demoralizing, it is impossible to manage and control. If you were to ask a CFO, they will be the first to say that manual processes and spreadsheets in financial operations are disasters waiting to happen.

Daily manual processes like these:

Take too much time to accomplish
Introduce user errors from data entry, data import and report generation mistakes
Lower the accounting team’s morale because it is routine, boring, and unproductive

Further, manual processes and spreadsheets are impossible to manage from a controls and process perspective:

How do you track changes?
How well can you secure access to spreadsheet-based financial data?
What happens if the person who manages the spreadsheet process leaves or is out of the office for a period of time?

With a workflow redesign, the increased efficiency can even improve the accounting team’s morale, allowing members to focus on strategic or other high-value activities. We all want to contribute to the success of the business and not to be saddled with tasks that should be automated end-to-end.

Key Areas of Consideration

Processes and Software in Use

Reconciliation processes vary by merchant size, organizational structure, and technical maturity. Table 1 illustrates the impact across the merchant categories.

Business Category	Description	Challenge
Startup to Mid-Market	Process improvement is a complex and all-too-infrequent job given the press of today’s business. But the impact can be profound on the organization’s financials as well as its personnel.	Automation of paper-based processes are often challenged by data integration. Excel, Tableau and Looker tools may bridge the gaps but opportunities for end-to-end integration and visibility should be evaluated. What is the level of effort required to achieve automated end-to-end integration of process reports into the general ledger?
Mid-market to High Growth	Reconciliation is not a priority for the business as engineering effort focus on product, sales, marketing, and scaling globally. Manual processes become more automated, staffing levels increase or may be outsourced to low cost BPOs, aggregated reconciliation starts to show “cracks”	Processes designed for an earlier business stage require significant manual effort when business volume and complexity increase. Automation of reconciliation tasks, among others, may require reevaluation of core accounting software. What is needed to support future growth?
Multinational Multi-subsidiary	Complexity makes manual processes untenable, increases time spent on investigations, the time to close the monthly books expands, audits are difficult and overly time consuming to support	Integration of multiple domestic payment systems, new acquirer/PSP data formats, operation of multiple ERP systems, all complicate transaction reconciliation, local compliance, and audit requirements. What is the enterprise strategy to speed reporting and optimize headcount?
University	A major university may have dozens of merchant accounts as well as vendors operating under it. Reporting and governance of multiple small “businesses” under its purview is an ongoing challenge.	Reconciliation of reports, even on a monthly basis, from dozens to hundreds of merchants and their payment service providers is painful. Where are the biggest inefficiencies and what is the best path to improve them?

Payment Provider Reporting

A critical input into the reconciliation process are the daily reports generated by payment providers. The format and transactional data included in these reports differ across providers, payment systems, and countries. These differences can stymie the integration and reconciliation task before the Accounting team. It is important to leverage the payment provider’s support team and relationship managers if the reports cause frequent reconciliation issues. Timely report delivery is also critical to ensure no time-sensitive processes are affected. As we describe in our post about Data and Analytics, report generation should be tracked for accuracy, timeliness, and, ideally measured against a metric enforced through a Service Level Agreement.

Overview of Processes and Policies

Accounting departments, especially at more established merchants, can be limited through a reliance on tradition – that is, doing things the way they’ve always been done. Of course, such historic processes and policies can become outdated and inefficient.

All too many merchants continue to use Excel spreadsheets to manage their accounting processes. They are more prone to user error and must perform far more manual steps to complete what can often be automated. For example, during a monthly close, the Accounting team must manage spreadsheet version control, the storage of files in shared internal folders, and manage approvals, steps that become increasingly unsustainable as an organization grows and becomes more complex.

When we undertake a payment operations assessment for a merchant or biller, we often find the reconciliation process to be rich with opportunity for improvement. Our review measures how well each Accounting process supports the team’s ability to complete key responsibilities and supports the broader business objectives.

Centralize for Team Visibility

A centralized solution that standardizes accounting processes provides visibility into these processes across organizational stakeholders. Centralization helps ensure that other team members are able to access critical information when they need it, creating further efficiencies across the organization.

Optimize for Your Organization

All merchants have unique characteristics that lead to nuanced challenges. These challenges often stem from decisions made under circumstances that no longer apply. As merchants grow and evolve, decisions made across business units can interact unexpectedly and result in lower efficiency, higher costs, and lower team morale. Accounting processes are disproportionately exposed to this as they are developed in response to vendors chosen by other teams. Accounting is then left to fill the capability gaps. Periodic reassessment of existing processes and mapping the results to any new capabilities offered by vendors provides an opportunity to improve critical performance metrics.

Process improvement is a complex and all-too-infrequent job given the press of today’s business. But the impact can be profound on the organization’s financials as well as its personnel.

—

How is your Accounting team performing? Are you taking advantage of the latest technology? We would love to help enable your team’s future success. Get in touch to discuss how your organization could benefit from Glenbrook’s Merchant Payments Assessment.

The post Merchant Payments Operations: Accounting and Reconciliation appeared first on Payments Views.

The Latest on Cannabis and CBD Payments

2020-08-28T16:03:17Z

Hosted as part of the Mobile Payment Conference (August 24-26) this inaugural conference brought together fintech influencers, payments experts, and providers to address issues facing financial services companies serving the Cannabis and CBD industry.

Setting the Stage

I was honored to kick off the workshop with an overview of the cannabis payments market. I stressed two realities:

The dichotomy between federal and state regulations
The differing treatment applied to Cannabis and CBD

These issues drive the heavy regulatory burden on financial services providers and a complex map of legality state-to-state.

Federal regulations determine the legal status of cannabis. To the Feds, it’s illegal. That status automatically eliminate any nationally chartered bank from serving Cannabis Related Businesses (CRBs).

Many states have enacted legislation to legalize cannabis, some for medicinal purposes, others for both medicinal and recreational use. Federal law allows states to license growers and sellers of CBD (2018 Farm Bill) but strict compliance programs are required.

These complexities keep many state-based financial institutions on the sidelines, even when they have CRB clients that want the safety and soundness of a business banking relationship.

Despite these constraints, according to New Frontier Data, the cannabis and CBD market reached $13.60B in 2019 and is expected to reach $30B by 2025. When hemp-based products are included, other forecasts estimate a market of $40B.

Conference Conversations

Much of the conversation was, of course, around retail payments and the not-always straightforward options in the market. Quite frankly, some solutions are designed to work around card network business rules. Because of federal regulations, American Express, Discover, Mastercard or Visa do not support cannabis transactions. None have created a valid MCC (merchant category code) for CRBs.

To get around those rules, some payment service providers (PSP) miscode customer receipts using a store name different than the one purchased from. Other solutions are just a poor user experience, requiring a “decoupled” or “multi-step” process to enable a transaction. Your receipt might show you bought a stored value prepaid card at the dispensary rather than the Trainwreck or Blue Dream buds you walked out with.

Talk about operating in the gray zone.

Other PSPs do it right. They rely on ACH or bank-based transactions that draw from the consumer’s checking or savings account. This approach is legal for the consumer and requires a bank partner that can navigate the compliance complexities. State chartered banks are typical partners for PSPs.

Session Highlights

The Understanding Sponsorship and Keys to Success session, moderated by Travis Dulaney from PayFi, addressed the dispensary, state bank and provider perspectives.

A highlight was the nuanced discussion of the risks dispensaries face. It’s not simply fraud. A big risk is not receiving the money earned from prior transactions when and if their PSP suddenly drops them. Concerns include:

What if my provider drops me?
Will I get paid for previously settled transactions?
How can I be certain this won’t happen?

This is a rampant problem. Despite PSPs wanting to provide merchant services to CRBs, the sponsoring settlement bank, the PSP’s upstream partner, will often shut down the PSP due to their own compliance concerns.

There were two sessions focused solely on compliance risk.

One, led by Gerard Olson of LegitScript, identified the various regulations applied to the industry. Beyond financial services regulations, agricultural and producer regs apply.
Andre Herrera, the compliance officer from Hypur, focused on the immense compliance burden financial services companies face when providing to hemp and cannabis related businesses. The complexity is daunting. It’s no wonder that so many banks, credit unions, and traditional payments companies avoid this growing and still untapped market.

Cash: Still the King of Cannabis Payments

Cash is still king. Approximately 70% of all transactions (B2B and C2B) are conducted in cash. The panel on cash handling at the POS delved into best practices, offering attendees practical advice on how to use the venerable payment method.

Partners Matter

The final keynote was by Chris Rentner, CEO and co-founder of Spence, a digital payment platform that recently announced its partnership with Chicago-based Burling Bank. Spence is an early entry into the burgeoning Chicago market, now that Illinois is implementing full legalization.

I was struck by two important points:

First is Spence’s choice of and reliance on a bank that has deep expertise in risk management practices and that knows how to navigate the legislative chasm between federal and state regulations.
Second is Spence’s hard focus on the end user experience with its clear communications around the use of ACH (customers bank account), straightforward FAQs on their website, and a consumer-friendly downloadable app to smooth the checkout flow.

This just seems to be the “right way” to enter the market and represents how payments providers should enter today, while preparing for a future fully legal status and the access to card payments that will allow.

The opportunity in Cannabis and CBD payments is immense. The companies that invest in compliance, legitimate payment types, and simple end user experiences will be the early winners and poised to grow as legalization expands.

The post The Latest on Cannabis and CBD Payments appeared first on Payments Views.