Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
December 18, 2017
Training Workers for Payments Jobs
Do you boast, or at least talk, about your work in payments at social events? When I tell someone in a social setting that I work in payments, they either move on, after a polite pause, to meet the next person, or they take a deep breath and ask, “What does that entail?” What is most humbling is when I overhear my husband trying to explain my job. And what has been the most entertaining was when a four-year old asked me to perform an interpretive dance representing my occupation—a payments Nutcracker, if you will. Whatever the circumstance, you have to be ready to engage and convey excitement about all things payments to keep our workforce thriving. The industry is growing so rapidly that many employers are struggling to fill positions.
Many people I meet assume I am a mathematician when I talk about my work in payments. While I do own a calculator, I tell them, people in the payments workforce have diverse skill sets that go above and beyond using calculators. This diversity becomes more important every day, as technology keeps growing and changing. Ultimately, the majority of the population may not care how payments work, and they may not care to see an interpretive dance about payments. But there are dedicated, skilled professionals who, thankfully, perform their payments-related jobs safely and efficiently. And we need more of them.
The payments industry is growing. Fintechs alone account for a good portion of this growth. According to an industry research firm, venture capital-backed fintech companies globally raised a total of $5.2 billion in the second quarter of this year—–a 19 percent increase from last year. U.S. fintech funding saw a 58 percent rise, to $1.9 billion in the second quarter this year compared to $1.2 billion in the first quarter.
We need a more robust pipeline of available workers to support the growth in the industry. We need to both cultivate new talent and attract available skilled talent. This task can be daunting given the range of jobs available in the industry that transcend traditional educational curriculums.
Here are just a very few of many inspiring workforce training initiatives supporting industry growth today:
- FinTech Atlanta, along with the University System of Georgia and other colleges and universities in Georgia, launched a FinTech Degree and Certificate Programs to create needed talent to fuel the fintech workforce.
- NACHA, with the regional payments associations, has launched a Payments Risk Professional accreditation program. The program brings together skills for managing risk combined with knowledge in payment services, whether for financial institutions, solution providers, processors, businesses, or other end users.
- Workforce Innovation Hub, sponsored by Accenture and affiliated with Atlanta's City of Refuge, provides nonprofit technical education options to lift the underemployed and underprivileged. The IT training program teaches software and application development, IT support, web development, graphic design, and more—all skills that can be put to use in payments and fintechs.
- Some professional development programs work with military veterans, offering career opportunities and education resources that can help prepare them for careers in the payments industry. One example is First Data Salutes; another is Syracuse University's Institute for Veterans and Military Families (IVMF) and its affiliated program Entrepreneurs Bootcamp for Veterans with Disabilities.
Be a payments ambassador at your next social event and talk about your favorite payments initiative. It is up to you to decide if you want to perform an interpretive dance of your payments job—but it's up to all of us to keep our workforce growing at pace with the industry.
By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
December 11, 2017
Fintechs and the Psychology of Trust
In the 14th century, Chaucer used the word trust to mean "virtual certainty and well-grounded hope." Since then, psychologists have described trust as an essential ingredient for social functioning, which, in turn, affects many economic variables. So how do we define trust in the 21st century, in the age of the internet? In particular, how do fintechs, relative newcomers in the financial services industry and not yet coalesced into an industry, gain the trust of the public? Would they more effectively gain that trust by relying on banks to hold them to certain standards, or by coming together to create their own?
In 2004, social psychologists Hans-Werver Bierhoff and Bernd Vornefeld, in "The Social Psychology of Trust with Applications in the Internet," wrote about trust in relation to technology and systems. They observed that "trust and risk are complementary terms. Risk is generally based on mistrust, whereas trust is associated with less doubts about security." They further explained that trust in technology and systems is based on whether an individual believes the system's security is guaranteed. Psychologically speaking, when companies show customers they care about the security of their information, customers have increased confidence in the company and the overall system. Understanding this provides insight into the development of certification authorities, third-party verification processes, and standardized levels of security.
To understand how fintechs might gain the trust of consumers and the financial industry, it's worth taking a step back, to look at how traditional financial services, before the internet and fintechs, used principles similar to those outlined by Bierhoff and Vornefeld. Take, for example, the following list of efforts the industry has taken to garner trust (this list is by no means comprehensive):
- FDIC-insured depository institutions must advertise FDIC membership.
- All financial institutions (FI) must undergo regulator supervision and examination.
- FIs must get U.S. Patriot Act Certifications from any foreign banks that they maintain a correspondent account with.
- Organizations with payment card data must comply with the PCI Standards Council's security standards and audit requirements.
- Organizations processing ACH can have NACHA membership but must follow NACHA Operating Rules and undergo annual audits and risk assessments.
- The Accredited Standards Committee X9 Financial Industry Standards Inc. has developed international as well as domestic standards for FIs.
- The International Organization for Standardization has also developed international standards for financial services.
- The American National Standards Institute provides membership options and develops standards and accreditation for financial services.
FIs have often been an integral part of the standards creation process. To the extent that these standards and requirements also affect fintechs, shouldn't fintechs also have a seat at the table? In addition, regulatory agencies have given us an additional overarching "virtual certainty' that FIs are adhering to the agreed-upon standards. Who will provide that oversight—and virtual certainty—for the fintechs?
The issue of privacy further adds to the confusion surrounding fintechs. The Gramm-Leach-Bliley Act (GLBA) of 1999 requires companies defined under the law as "financial institutions" to ensure the security and confidentiality of customer information. Further, the Federal Trade Commission's (FTC) Safeguards Rule requires FIs to have measures in place to keep customer information secure, and to comply with certain limitations on disclosure of nonpublic personal information. It's not clear that the GLBA's and FTC's definition of "financial institution" includes fintechs.
So, how will new entrants to financial services build trust? Will fintechs adopt the same standards, certifications, and verifications so they can influence assessments of risk versus security? What oversight will provide overarching virtual certainty that new systems are secure? And in the case of privacy, will fintechs identify themselves as FIs under the law? Or will it be up to a fintech's partnering financial institution to supervise compliance? As fintechs continue to blaze new trails, we will need clear directives as to which existing trust guarantees (certifications, verifications, and standards) apply to them and who will enforce those expectations.
As Bierhoff and Vornefeld conclude, "it is an empirical question how the balance between trust and distrust relates to successful use of the Internet." Although Chaucer was born a little too soon for internet access, he might agree.
By Jessica Washington, AAP, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
December 4, 2017
What Will the Fintech Regulatory Environment Look Like in 2018?
As we prepare to put a bow on 2017 and begin to look forward to 2018, I can’t help but observe that fintech was one of the bigger topics in the banking and payments communities this year. (Be sure to sign up for our December 14 Talk About Payments webinar to see if fintech made our top 10 newsworthy list for 2017.) Many industry observers would likely agree that it will continue to garner a lot of attention in the upcoming year, as financial institutions (FI) will continue to partner with fintech companies to deliver client-friendly solutions.
No doubt, fintech solutions are making our daily lives easier, whether they are helping us deposit a check with our mobile phones or activating fund transfers with a voice command in a mobile banking application. But at what cost to consumers? To date, the direct costs, such as fees, have been minimal. However, are there hidden costs such as the loss of data privacy that could potentially have negative consequences for not only consumers but also FIs? And what, from a regulatory perspective, is being done to mitigate these potential negative consequences?
Early in the year, there was a splash in the regulatory environment for fintechs. The Office of the Comptroller of the Currency (OCC) began offering limited-purpose bank charters to fintech companies. This charter became the subject of heated debates and discussions—and even lawsuits, by the Conference of State Bank Supervisors and the New York Department of Financial Services. To date, the OCC has not formally begun accepting applications for this charter.
So where will the fintech regulatory environment take us in 2018?
Will it continue to be up to the FIs to perform due diligence on fintech companies, much as they do for third-party service providers? Will regulatory agencies offer FIs additional guidance or due diligence frameworks for fintechs, over and above what they do for traditional third-party service providers? Will one of the regulatory agencies decide that the role of fintech companies in financial services is becoming so important that the companies should be subject to examinations like financial institutions get? Finally, will U.S. regulatory agencies create sandboxes to allow fintechs and FIs to launch products on a limited scale, such as has taken place in the United Kingdom and Australia?
The Risk Forum will continue to closely monitor the fintech industry in 2018. We would enjoy hearing from our readers about how they see the regulatory environment for fintechs evolving.
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
- Looking for Partners in Safer Payments
- The Range of Un-Friendly Fraud
- Payments Webinar October 10: Cash in the 21st Century
- "Insuring" Ransomware Will Continue to Flourish
- Designing Disclosures to Be Read
- Is There a Generation Gap in Cash Use?
- What the Most Convenient Food Tells Us about Payments
- Is Friction in Payments Always Bad?
- Why Should You Care about PSD2?
- At the Intersection of FinTech and Financial Inclusion
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- account takeovers
- ATM fraud
- bank supervision
- banking regulations
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- credit cards
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- financial technology
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- online retail
- Payment Services Directive
- payments fraud
- payments innovation
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- skills gap
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workforce development
- workplace fraud