On June 11th, 2014, we participated in PayExpo 2014 as a bronze sponsor and our VP of Banking and ePayments participated in panel regarding recent payment regulations in the EU.
Panel Members:
Reed Clayton, Recombo
David Abbott, EMEA Payments Lead, Fiserv
Paul Anning, Partner, Osborne Clarke
John Burns, Senior Manager, Compliance Advisory, Transaction Banking
Peter Howitt, Secretary, Gibraltar E-Money Association & CEO, Gibraltar Betting and Gaming Association
We have heard a lot coming into the event about Payment Services Directive (PSD2) and Multilateral Interchange Fees (MIF). Can you summarize the key points?
Paul Anning
The main point is that it is designed to encourage competition
PSD2 is about refining previous regulation and increasing competition between third party processors
Encouraging the access to, and use of, electronic money accounts
To encourage the use of electronic money, they have harmonized rules across the EU.
What do you think is missing from PSD2?
John Burns
One of the main missed opportunities is to sort out acquiring.
The problem with acquiring is that no one in parliament or on the council thought about how the provisions will apply to the way acquiring works.
PSD2 is better because there is now a definition of acquiring, but they did not sort out exactly how it will apply to their business model.
Another issue, related to the online space, is that no one knows where someone making a payment is. So we suggested a provision that required an organization providing payment services into the EEA, they need to be authorized to do so. It would provide more security for the payee.
How can firms implement these new rules better?
Well, the rules came from problems customers were having with their banks. That is why the regulations protect customers first. So if you are not sure how to implement, look at it from your customer’s point of view first. You will get a more sympathetic hearing in the case of a violation.
What can be done to help with the automation of complying with these regulations?
Reed Clayton
Create a database of up to date individuals charged with tax crimes and beneficial ownership that can be accessed automatically via an API (Application Programming Interface) and that is uniform across the EU.
There are already good services for lists like the OFAC list, but we are not aware of automated services available to comply with the coming regulations.
A good example of this is MasterCard’s MATCH list in North America.
Maybe we can pose that question to the audience? Is there anyone in the room that is aware of automated services to check individuals for tax-crimes or companies for their beneficial ownership?
Tell us how that works in Canada?
Reed Clayton
Well when a customer is onboarded we automatically do things like check the OFAC list, check to make sure they are not a Politically Exposed Person (PEP), we validate the identity.
All of these checks happen seamlessly in the background, so the customer experience is seamless and unaffected.
What’s interesting as well, from an audit perspective, you actually embed the audit trail in the actual document so that when you go back to audit you can see all the checks and work that you did on an account-by-account basis.
While the changes coming down the line in regulations seem daunting, we expect technology to allow the automation of compliance.
Share with us the challenges that you have doing business cross-border.
Peter Howitt
To pickup where Reed picked up with the 3rd and 4th directive that Reed mentioned; I think the EU could do much more to create policy that makes doing business cross border easier.
Some businesses will find themselves working across border and will find themselves excluded from useful databases.
There is no sense that Parliament has an understanding of what needs to be addressed and how to address them.
There are things we could do to make it easier for SMEs to comply with the law in that territory, work with the one regulator in that territory, so that they don’t need 27 legal opinions on how to do business.
A single-platform like the one in North America that Reed explained isn’t possible until that happens because it’s too complex.
The new payments infrastructure is very exciting, however we know much more about it as payments specialists, but customers know very little. Because of that, disclosure has become an important part of the newest regulations. How can we get that right?
That is interesting because in the past organizations have taken the position that because something is in the T’s and C’s that they have told the customer. But the reality is that customers don’t read the entire T’s and C’s.
What it is going to come down to is avoiding information overload. I think they should focus on:
What do I need to do to give permission to make payments?
How can I revoke that permission?
How will the payment process work?
What happens if there is a mistake?
For example, there is no standard way to deal with payments that go to the wrong account. If you provide the wrong payments details, it can be difficult to get money back that went to the wrong place by mistake. So we need to work out what does the customer need to know? From a young, technology-savvy person to an 80 year old grandparent.
Can you share some good examples of proper disclosure from NA?
Reed Clayton
There are a few ways that we see our clients do it. Sometimes they will force the customer to click a link or a check box and record that in the audit trail. Often we will also force them to scroll down the Terms and Conditions and sign that they have read it.
But that process changes by product or business-line, so a high net-worth wealth management account will have higher requirements forcing the customer to read them than a quick, ‘Square-like’ or mPOS signup.
The post Understanding the Implications of Recent Payment Regulations in the EU appeared first on Agreement Express.