Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Comments are moderated and will not appear until the moderator has approved them.
Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.
In addition, no off-topic remarks or spam is permitted.
Federal Reserve Web Sites
Other Bank Regulatory Sites
October 21, 2019
Looking for Partners in Safer Payments
The Federal Reserve Bank of Atlanta is currently identifying financial technology companies (fintechs) involved in payments. Our goal is to build relationships with these companies so we can understand their issues and challenges.
The Federal Reserve's mission for payments is to ensure an effective and efficient system. In pursuing this mission, the Atlanta Fed focuses on the accessibility, integrity, and confidentiality of payments. We play a significant role in this mission by virtue of being an operator of ACH and check clearing as well as a payments researcher.
We are also at the center of an important regional hub of fintech activity. In Georgia, there are 120 fintech companies employing more than 38,000 workers. According to the Technology Association of Georgia, the top 20 Georgia-based fintech companies generate $72 billion in revenues annually, and 70 percent of all domestic card transactions flow through Georgia-based fintechs, earning this region the nickname of "Transaction Alley."
In addition, venture capital investment in fintech contributes to Atlanta being ranked as the 13th most important fintech hub in the world and fourth in the United States (behind San Francisco, New York, and Chicago), according to the University of Cambridge's 2018 Global Fintech Hub Index .
Given our expertise, our role in payments toward furthering the Federal Reserve’s mission, and our location, the Atlanta Fed, in partnership with fintech companies in Transaction Alley, has a unique opportunity to have a real impact on advancing safety in this innovative payments space.
Fintechs in payments aim to produce useful and profitable payments-related products and services but may lack awareness of consumer compliance and rights or the importance of development practices that culminate in safe and secure products and services. Our work will focus on safer payments innovation for payments used by consumers.
The Atlanta Fed is also interested in experimenting with innovative technology used by fintech companies where we believe the technology could solve our business problems or be beneficial to us. This experimentation will give us first-hand experience and deep knowledge of fintech-developed technology and therefore an understanding of the contribution and impact the technology has on the payments ecosystem.
Through this work, we hope also to advance economic mobility and resilience, another priority for the Atlanta Fed. Our desire is to engage fintechs with products or solutions that provide low-cost, accessible options to advance financial inclusion and improve consumers' financial health.
Together with the payments fintech industry, we can bring clarity regarding the impact of fintech solutions on the payments system. So we encourage the fintech payment innovators to partner with the Atlanta Fed to understand payments risk and create safer payments solutions.
Get in touch with me at Mary.Kepler@atl.frb.org to start the conversation.
December 3, 2018
Building Blocks for the Sandbox
I just returned from a leave of absence to welcome my third child to this world. As I catch up on payments news, one theme emerging is the large number of state and federal regulatory bodies launching their own fintech sandboxes. Typically, these testing grounds allow businesses to experiment with various "building blocks" while they innovate. Some businesses are even allowed regulatory relief as they work out the kinks. As I've researched, I've found myself daydreaming about how my new little human also needs to work with the right building blocks, or core principles, to ensure he develops properly and "plays nice" in the sandbox.
But—back to work. What guidance do fintechs have available to them to grow and prosper?.
On July 31 of this year, the U.S. Department of the Treasury released a report suggesting regulatory reform to promote financial technology and innovation among both traditional financial institutions and nonbanks. The report in its entirety is worth a review, but I'll highlight some of it here.
The blueprint for a unified regulatory sandbox is still up for discussion, but the Treasury suggests a hierarchical structure, either overseen by a single regulator or by an entirely new regulator. The Treasury suggests that Congress will likely have to assist by passing legislation with the necessary preemptions to grant authority to the newly created agency or a newly named authoritative agency.
The report outlines these core principles of a unified regulatory sandbox:
- Promote the adoption and growth of innovation and technological transformation in financial services.
- Provide equal access to companies in various stages of the business lifecycle (e.g., startups and incumbents). [The regulator should define when a business could or should participate.]
- Delineate clear and public processes and procedures, including a process by which firms enter and exit.
- Provide targeted relief across multiple regulatory frameworks.
- Offer the ability to achieve international regulatory cooperation or appropriate deference where applicable.
- Maintain financial integrity, consumer protections, and investor protections commensurate with the scope of the project, not be based on the organization type (whether it's a bank or nonbank).
- Increase the timeliness of regulator feedback offered throughout the product or service development lifecycle. [Slow regulator feedback is typically a deterrent for start-up participation.]
Clearly, the overarching intent of these principles is to help align guidance, standards, and regulation to meet the needs of a diverse group of participants. Should entities offering the same financial services be regulated similarly? More importantly, is such a mission readily achievable?
People have long recognized the fragmentation of the U.S. financial regulatory system. The number of agencies at the federal and state levels with a hand in financial services oversight creates inconsistencies and overlaps of powers. Fintech innovations even sometimes invite attention from regulators outside of the financial umbrella, regulators like the Federal Communications Commission or the Federal Trade Commission.
In the domain of financial services are kingdoms of industry. Take the payments kingdom, for example. Payments are interstate, global, and multi-schemed (each scheme with its own rules framework). And let's be honest, in the big picture of financial services innovations and in the minds of fintechs, payments are an afterthought, and they aren't front and center in business plans. Consumers want products or services; payments connect the dots. (In fact, the concept of invisible payments is only growing stronger.)
What is more, a fintech, even though it may have a payments component in its technology, might not identify itself as a fintech. And a business that doesn't see itself as a fintech is not going to get in line for a unified financial services regulator sandbox (though it might want to play in a payments regulator sandbox).
When regulatory restructuring takes place, I hope it will build a dedicated infrastructure to nurture the payments piece of fintech, so that all can play nice in the payments sandbox. (Insert crying baby.)
By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
September 10, 2018
The Case of the Disappearing ATM
The longtime distribution goal of a major soft drink company is to have their product "within an arm's reach of desire." This goal might also be applied to ATMs—the United States has one of the highest concentration of ATMs per adult. In a recent post, I highlighted some of the findings from an ATM locational study conducted by a team of economics professors from the University of North Florida. Among their findings, for example, was that of the approximately 470,000 ATMs and cash dispensers in the United States, about 59 percent have been placed and are operated by independent entrepreneurs. Further, these independently owned ATMs "tend to be located in areas with less population, lower population density, lower median and average income (household and disposable), lower labor force participation rate, less college-educated population, higher unemployment rate, and lower home values."
This finding directly relates to the issue of financial inclusion, an issue that is a concern of the Federal Reserve's. A 2016 study by Accenture pointed "to the ATM as one of the most important channels, which can be leveraged for the provision of basic financial services to the underserved." I think most would agree that the majority of the unbanked and underbanked population is likely to reside in the demographic areas described above. One could conclude that the independent ATM operators are fulfilling a demand of people in these areas for access to cash, their primary method of payment.
Unfortunately for these communities, a number of independent operators are having to shut down and remove their ATMs because their banking relationships are being terminated. These closures started in late 2014, but a larger wave of account closures has been occurring over the last several months. In many cases, the operators are given no reason for the sudden termination. Some operators believe their settlement bank views them as a high-risk business related to money laundering, since the primary product of the ATM is cash. Financial institutions may incorrectly group these operators with money service businesses (MSB), even though state regulators do not consider them to be MSBs. Earlier this year, the U.S. House Financial Services Subcommittee on Financial Institutions and Consumer Credit held a hearing over concerns that this de-risking could be blocking consumers' (and small businesses') access to financial products and services. You can watch the hearing on video (the hearing actually begins at 16:40).
While a financial institution should certainly monitor its customer accounts to ensure compliance with its risk tolerance and compliance policies, we have to ask if the independent ATM operators are being painted with a risk brush that is too broad. The reality is that it is extremely difficult for an ATM operator to funnel "dirty money" through an ATM. First, to gain access to the various ATM networks, the operator has to be sponsored by a financial institution (FI). In the sponsorship process, the FI rigorously reviews the operator's financial stability and other business operations as well as compliance with BSA/AML because the FI sponsor is ultimately responsible for any network violations. Second, the networks handling the transaction are completely independent from the ATM owners. They produce financial reports that show the amount of funds that an ATM dispenses in any given period and generate the settlement transactions. These networks maintain controls that clearly document the funds flowing through the ATM, and a review of the settlement account activity would quickly identify any suspicious activity.
The industry groups representing the independent ATM operators appear to have gained a sympathetic ear from legislators and, to some degree, regulators. But the sympathy hasn't extended to those financial institutions that are accelerating account closures in some areas. We will continue to monitor this issue and report any major developments. Please let us know your thoughts.
By David Lott, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
April 2, 2018
Advice to Fintechs: Focus on Privacy and Security from Day 1
Fintech continues to have its moment. In one week in early March, I attended three Boston-area meetings devoted to new ideas built around the blockchain, open banking APIs, and apps for every conceivable wrinkle in personal financial management.
"Disruptive" was the vocabulary word of the week.
But no matter how innovative, disruptive technology happens within an existing framework of consumer protection practices and laws. Financial products and tools—whether a robofinancial adviser seeking to consolidate your investment information or a traditional checking account at a financial institution—are subject to laws and regulations that protect consumers. As an attorney speaking at one of the Boston meetings put it, "The words 'unfair,' 'deceptive,' and 'misleading' keep me up at night."
A failure to understand the regulatory framework can play out in various ways. For example, in a recent survey of New York financial institutions (FI)s by the Fintech Innovation Lab, 60 percent of respondents reported that regulatory, compliance, or security issues made it impossible to move fintech proposals into proof-of-concept testing. Great ideas, but inadequate infrastructure.
To cite another example, in 2016, the Consumer Financial Protection Bureau took action against one firm for misrepresenting its data security practices. And just last month, the Federal Trade Commission (FTC) reached a settlement with another firm over allegations that the firm had inadequately disclosed both restrictions on funds availability for transfer to external bank accounts and consumers' ability to control the privacy of their transactions. Announcing the settlement, acting FTC chairman Maureen Ohlhausen pointed out that it sent a strong message of the "need to focus on privacy and security from day one."
As Ohlhausen made clear, whoever the disrupter—traditional financial institution or garage-based startup—consumer protection should be baked in from the start. At the Boston meetings, a number of entrepreneurs advocated a proactive stance for working with regulators and urged that new businesses bring in compliance expertise early in product design. Good advice, not only for disrupters but also for innovation labs housed in FIs, FIs adopting third-party technology, and traditional product design.
By Claire Greene, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
Take On Payments Search
- account takeovers
- ATM fraud
- bank supervision
- banking regulations
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- credit cards
- crossborder wires
- data security
- debit cards
- emerging payments
- financial services
- financial technology
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator MNO
- mobile payments
- money laundering
- money services business MSB
- online banking fraud
- online retail
- payments fraud
- payments innovation
- payments risk
- payments study
- payments systems
- Payment Services Directive
- phone fraud
- remotely created checks
- risk management
- Section 1073
- skills gap
- social networks
- thirdparty service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices UDAP
- wire transfer fraud
- workforce development
- workplace fraud