2020 Legal Trends to Watch: Payments and open banking

2020 Legal Trends to Watch: Payments and open banking


As part of our sector-focused series, we have spoken with our esteemed colleague and financial regulation solicitor, Rory Copeland. Below, he gives us his thoughts on the key legal trends to watch in payments for 2020. 

This article focuses on: instant payment fraud, Customer Authentication (SCA), open banking and the privatisation of currency. 

Look out for similar 'Legal Trends to Watch' articles from the series, focusing on different industry sectors and practice areas, and read more of Rory's pieces here.


Slowing down instant payment fraud


Regulators, industry bodies and government departments all realised in 2019 that ubiquitous instant payments provides a huge market for payment fraud. Specifically, new 'authorised push payment' (APP) services allow a payer (often through the medium of their phone or computer) to send money directly from their bank account to another bank account. These payments don't engage card networks or credit clearing (which occurs when a cheque is sent), so are instant for the most part.

Whilst APP is good news for many businesses and consumers, it also creates a huge market for fraud. APP fraud is a growing phenomenon in the UK and is well-documented. As online and mobile banking has become more widely used, regulatory responses to APP fraud have begun to crystallise and may be implemented in 2020.

Firstly, Confirmation of Payee (CoP) is a mechanism developed by Pay.UK. Every bank account has a unique sort code, account number and account name, but only the former two are needed by payment systems to execute a transfer. Fraudsters can 'intercept' a payment by impersonating the intended payee and providing different account details. CoP will ask a payer to confirm, before a payment is executed, whether the account number to which their payment is directed matches the account name which is in fact tied to that account.

Secondly, 2019 saw the establishment of the APP Voluntary Code, which sets out the protections that banks and other payment service providers (PSP) will put in place for their customers. An important and innovative component of the code is a 'no blame pot' to compensate victims when neither their PSP nor the payee's PSP was at fault in a fraud. PSPs failed to reach a consensus on how to fund the pot in November 2019, but the pressure will be on major financial institutions to ensure the Code is system is implemented in 2020.

Thirdly, a UK treasury report in November 2019 recommended that a 24-hour delay on all first-time payments by consumers to new accounts. The policy motivation is to give potential victims the chance to discover the fraud or confirm the account details with the intended payee. Whether this 'speed bump' proposal becomes law in 2020 will hinge upon ongoing discussions between the Treasury, regulators and industry bodies, as well as a full assessment of whether it will have any preventative impact.




Making Strong Customer Authentication work


The rules on Strong Customer Authentication (SCA) have been regarded by some as the Achilles heel to the otherwise revolutionary provisions of the EU's second Payment Services Directive. The headline proposal, that all payments for goods should be authenticated using two unrelated pieces of evidence known as 'factors', is a commendable counterweight to the ease of instant payments. In the contexts of physical stores and mobile shopping, the rules meet strike a good balance between consumer convenience and account security. But 'card-not-present' purchases have been severely affected by the choice of authentication factors which the European Banking Authority (EBA) has chosen.

So unrealistic was the deadline for compliance with the SCA rules that the UK, numerous other EU countries and subsequently the EBA has implemented phased implementation plans. The EBA timeline is shorted than that previously agreed by UK Finance, the representative industry body, and requires all PSPs to comply with the rules by the end of 2020. A lot hinges upon the development of technology platform 3DS v.2.2, which is used by a large number of merchants to facilitate online retails transactions.


From open banking to open finance


Following the creation of the bank account switching tool, the Financial Conduct Authority (FCA) is now applying pressure on barriers to mortgage and investment platform switching. In October 2019, the FCA's set out its policy statement on the need to assist 'mortgage prisoners' who were faced with prohibitively high switching fees even when they were up-to-date with payments. The regulator has also proposed to restrict or ban exit fees which are often charged by investment platforms to users.

Running in parallel to these policy positions have been a range of marketplace innovations which may attract much more attention in the year ahead. Mortgage platforms offer to on-board customers in days rather than weeks using account information provider authorisations. Others compare the market continuously for re-insurance options and give switching advice based on live bank account data provide by the customer. A YouGov poll sponsored by Dashly, a re-mortgaging comparison tool, found that 29% of UK borrowers would permit a firm to automatically re-mortgage them to a better deal without informing them. Momentum clearly lies with those open banking propositions which go far beyond payment apps.


Privatising currency or nationalising payments?


Facebook's 'Libra' project—to create a cryptocurrency payment system which could power free and instant transactions between anyone – received a hostile response from almost every major financial regulator worldwide. The litany of concerns was wide-ranging and included financial stability, money-laundering and competition.

In the midst of this criticism, however, was the apparent realisation that tokenised payment systems build on blockchain technology could perform exactly as Libra proposed. French minister Bruno Le Maire asserted that, whilst Libra was a "threat to national sovereignty", EU member states should consider how to create their own digital currencies. The Chinese central bank was equally transparent in its analysis: Libra was a US attempt to extend the Dollar's hegemony as the world's reserve currency to the digital domain, and so should be pre-empted by China's own 'central bank digital currency'.

In the world of monetary policy and international financial regulation, a key issue in financial services and legal trends guises, 2020 may be the year in which either private cryptocurrencies become a significant force in financial infrastructure. But it may also be the year that governments and regulators, including the Bank of England, develop payment tokens and transfer system to exist independently to the banking system. It's currently unclear which outcome will transpire, but the current frequency of regulatory publications on this area suggests that major change could take place.

Related Articles:
Latest Articles:
About the author:

Rory is a solicitor in the Financial Regulation team at Pinsent Masons LLP, with personal academic interests in private, public and international law approaches to emerging financial technologies.