OFA response to Future of Payments Review report and recommendations
Position paper – 13/12/2023
OFA welcomes the publication of the Future of Payments Review (FoPR) report, along with the Government’s endorsement of the report’s key recommendations in the Autumn Statement.
In particular, we strongly support the Review’s recognition that Open Banking has the potential to become the primary alternative to card schemes for merchants, delivering better outcomes in consumer-to-business and consumer-to-consumer payments. We also agree that appropriately addressing consumer protection and commercial incentive issues will be key to realising this broader potential. Addressing these issues in a manner that ensures open banking payments can effectively compete with cards with be critical.
OFA has been working closely with JROC and other stakeholders in supporting ongoing initiatives in these areas, and will continue to do so. As open banking moves to a new long-term regulatory framework, it will be critical to ensure any changes to the current rules of the road – in particular, on charging practices for basic open banking functionality – are managed in a way that does not disrupt the still nascent open banking ecosystem.
OFA looks forward to working with policymakers and industry partners in helping to deliver on the potential of open banking so strongly identified in the Review through the proposed National Payments Vision and Strategy.
Below we provide our comments on the key recommendations and report elements that are directly relevant to open banking.
OFA comments on key recommendations from the Future of Payments Review (FoPR)
FoPR Recommendation: “An Open Banking alternative payment journey is developed to give retailers choice beyond card schemes.”
OFA is strongly supportive of this recommendation. In addition to giving retailers choice beyond card schemes, we think open banking payments have potential to help mitigate fraud risk given they are inherently more secure (see response on consumer protection below). We believe the best and fastest way of realising this open banking-based alternative is through the broad enablement of non-sweeping VRPs (NSVRPs). NSVRPs have the potential to support a multitude of retail payment use cases that are currently dominated by card-based solutions (e.g. subscriptions, one-click ecommerce journeys).
JROC have identified enablement of NSVRPs as a priority and are close to making further recommendations and policy interventions to support multilateral NSVRP industry pilots next year. Any further policy interventions to support alternative retail payment journeys should focus on supporting and complementing these existing in-flight initiatives, including by ensuring they are sufficiently ambitious in their scope and timeliness. An important focus of any policy work in this space should be supporting open banking-based retail payments being of lower cost than card-based alternatives – this will be key to ensuring they can viably compete with cards and drive merchant adoption.
FoPR Recommendation: “Open Banking is leveraged to improve the person-to-person bank transfer payments journey.
OFA agrees that Open Banking can help play a role in delivering a truly world-leading person-to-person bank payment experience. However, given the fact that (i) establishing viable business models around person-to-person payments has historically proved particularly challenging and (ii) that the Review identified this recommendation as a medium-term objective, we believe higher priority should be first given to enabling open banking for broader use in the person-to-business retail space (see previous recommendation).
FoPR Recommendation: “Government and Joint Regulatory Oversight Committee (JROC) prioritise agreement of a commercial model for Open Banking so that there is scope to invest in both infrastructure and consumer protection.”
OFA supports the development of commercial models for premium open banking functionality. Critically, these commercial models need to work for all actors across the open banking supply chain (ASPSPs, TPPs, etc.), and must support delivery of competitively priced propositions to end users. This is particularly important for retailers, which typically bear the direct cost of retail payment acceptance; as identified in the Review, increasing card fees are an important driver of retailer demand for a viable digital alternative to card schemes.
Critically, development of commercial models should focus on charging arrangements for premium open banking functionality, rather than revisiting economic arrangements for basic open banking functionality, that ASPSPs are obliged to make available at no charge under regulation (in differing regards by both the CMA Order and the Payment Services Regulations).
We agree with JROC’s assertion in its ‘Recommendations for the next phase of open banking in the UK’ report, published in April 2023, that ‘the existing baseline of regulatory-led free access has been and remains pivotal to democratising access to data as well as to supporting innovation and competition’ (emphasis added). This foundation must be preserved as we transition into a phase of growth driven more by market dynamics. OFA sees significant risks in not maintaining the existing baseline:
- Moving away from the regulatory principle of banks being unable to charge for basic open banking payment functionality (i.e. Single Immediate Payments and Sweeping VRPs) would present material disruption to the development of the nascent open banking payment ecosystem, which is only just now beginning to gain real momentum. This risk is recognised in the European Commission’s recent proposals for PSD3/PSR, which state that if open banking services “were to be subjected to a charge, where there was no charge hitherto, the impact on the continued provision of those services, and therefore on competition and innovation in payment markets, could be very significant” (emphasis added).
- The business models of all existing TPPs are predicated on the principle of free-to-use basic payment and data APIs. Changing this would result in a material shift in the economics of the industry, and would demand TPPs implement universal end-user repricing and renegotiate all existing contracts. Many TPPs would likely exit the market and it would be a significant shock to the end-users who have only recently engaged with this new and emerging payment method.
With respect to this issue, several mentions are made in the report to providers “recouping” the costs of providing open banking infrastructure. OFA does not think that is appropriate for potential future commercial models for open banking to include consideration of recovery of historical investment and operating costs incurred by ASPSPs in meeting their regulatory open banking requirements (and we understand that this is not the intention of the author). These requirements were introduced by the CMA order and the Payment Services Regulations to address competition issues identified in the current account and payments sectors, including an incumbency advantage enjoyed by the UK’s largest retail banks (which largely persists to this day). We can see no justification to now look to shift the costs of these requirements on to other market players.
However, OFA are fully supportive of commercial models that support providers in recovering efficiently-incurred incremental costs generated by the provision of premium open banking propositions. (It is important to note that ASPSPs still charge their business customers to receive incoming Faster Payments, and consequently ASPSPs do currently receive revenue for incoming Open Banking payments.) These propositions should rightly look to be built upon and leverage existing functionality developed through historical investment in regulator-mandated initiatives (such as sweeping VRP capabilities).
Further, over time we think retailers and consumers will naturally look to adopt propositions based on premium open banking functionality – that may include enhanced technical functionality and other features such as enhanced consumer protections (e.g. purchase protection – see response to next recommendation) – over potentially cheaper but more basic propositions based on mandated open banking functionality.
FoPR Recommendation: “Consumer protection on payments made via Open Banking is enhanced with a minimum form of dispute resolution. This will create the trust and security that consumers need to adopt Open Banking solutions.”
An important point that we do not think was reflected clearly enough in the Review is that open banking payments are inherently secure, and already come with certain consumer protections.
All open banking payments are subject to strong customer authentication, and unlike card payments, no bank credentials are shared with the merchant as part of the transaction. Under the Payment Service Regulations, if the payment goes wrong – for example, because it is taken without consumers authorisation, or doesn’t reach the intended recipient – consumers are entitled to a refund from their bank. If a purchase goes wrong, consumers have legal protections under consumer rights legislation.
However, we do think an industry-standard dispute resolution mechanism could be developed to facilitate communication between ecosystem participants in support of resolving a disputed open banking payment, and to support consumers in securing the timely benefit of the pre-existing legislative consumer protections they are entitled to.
We think consideration of any extension of consumer rights to refunds from the open banking payment services provider – as opposed to the merchant – for disputes relating to provision of underlying goods or services (i.e. “purchase protections”) should only be considered as part of a premium open banking proposition that is underpinned by a sustainable commercial model.
FoPR Recommendation: “Government develops a National Payments Vision and Strategy to bring clarity to its future desired outcomes for UK payments.”
We support this recommendation. We think the development of the vision and strategy should focus in the following areas:
- Rationalising roles, responsibilities and accountability between policymakers for the future development and delivery of the Government’s ambitions for Open Banking. The current fragmented regulatory landscape has required multiple policymakers to come together to form JROC to try to make collective policy decisions. We think this has been suboptimal and has slowed decisionmaking.
- Ensuring the transition from the current regulatory state to the new “Long Term Regulatory Framework” for Open Banking is done in a way that minimises disruption and protects business models of innovative open banking providers providing benefits to businesses and consumers in a nascent market. Specifically, this should include maintaining the ability for TPPs to access basic open banking functionality at no charge. Any new mandatory calls for contributions to funding of centralised ecosystem infrastructure (e.g. central entities) should be fair and proportionate to fintech operators, and reflect the risk parties take on to provide innovative services to businesses and consumers.
Ensuring the New Payments Architecture (NPA) delivery supports the Government’s ambitions for Open Banking, in particular by ensuring the infrastructure-level costs of making and receiving instant payments is as low as possible and cheaper than today.
FoPR Recommendation: “The PSR should conduct a review of the new APP fraud rules after 12 months of implementation and we are suggesting that the Government set a more ambitious fraud crime reduction target beyond 2024. The emphasis should be to prevent the crime in the first place.”
We support this proposal, given our concern that the PSR’s ‘reimburse first, investigate later’ framework for tackling APP fraud will be detrimental to the Open Banking ecosystem, including end users.
The PSR’s new rules will expose banks to greater liability, which will encourage them to find ways of disproportionately de-risking account-to-account payments – for example, by blocking or limiting legitimate Open Banking payments to an even greater extent than they currently do, or building more friction into the payment process, harming customers’ experience. Banks may also pass the costs of managing APP fraud disputes or FOS escalations onto merchants in the form of higher Faster Payments fees.
As well as being harmful for OFA members, these outcomes would be sub-optimal for merchants, eroding the benefits of Open Banking payments relative to the global card networks. Perversely, they would also hamper the fight against APP scams, because Open Banking payments are an effective countermeasure to this form of fraud:
- Open banking providers onboard and carry out due diligence with the payee: When an open banking provider enables payments for a business, they enter into an ongoing commercial contract with that business, and undertake due diligence on the business as part of that. This reduces the likelihood that the beneficiary of an open banking payment will be used for fraud. In the unlikely event that fraud occurs, the open banking provider can immediately raise this with their client (the beneficiary).
- Payee details (sort code and account number) are pre-populated by the open banking provider: This removes the possibility of human error when typing payee details or customers being tricked into sending money to an account controlled by a fraudster. The beneficiary’s name is also presented back to the payer by the payer’s banks in the authentication journey.
For these reasons, the Open Banking Implementation Entity (OBIE) has observed that the risk of APP fraud in Open Banking payments initiated by PISPs through merchants is ‘exceptionally low’.
OFA believes that ongoing customer adoption of Open Banking payments will help to reduce the risk of people falling victim to APP scams. It is therefore crucial for the PSR to monitor the impact of its APP fraud rules, and address any unintended and negative impacts on the adoption and performance of Open Banking payments that emerge.
In this section we provide comments on elements of the report that are not formal recommendations (e.g. they are areas “For consideration” or relate to other statements or conclusions made in the report).
1. Open banking at point of sale
FoPR comment: “If (mobile device NFC and merchants’ point of sale terminals) remain open only to cards, it will be very hard for any Open Banking journey to fully rival the contactless experience at point of sale. An area to potentially explore is opening the point of sale infrastructure to payment rails other than cards.”
These are clearly structural barriers that need to be addressed for Open Banking journeys to compete with cards at the physical point of sale. Given their structural nature, we think these barriers will take some time to address and that policy work aimed at addressing them should begin in the short-term.
We suggest that this issue is included in the National Payments Vision and Strategy, which should consider how Open Banking payments in physical in-store settings could be unlocked, for example, by use of contactless technology, retailers’ apps and the use of QR codes at checkouts.
2. PISPs and Customer Due Diligence requirements
FoPR comment: “A concern was raised to us that it is not clear whether the MLRs 2017 require PISPs to carry out AML checks on merchants only, or also on payers. Concerns also raised about competitiveness if it applies to payers, as this would be out of line with existing practice.”
The Report calls out the lack of clarity about whether PISPs need to do full anti-money laundering (AML) checks on payers as well as merchants. In practice, this is a blocker to commercial variable recurring payment (VRP) adoption as they are a disproportionate burden. Requiring PISPs to conduct customer due diligence (CDD) on the payer:
- duplicates those performed by the ASPSP
- is unnecessary and disruptive given the PISP does not hold or transmit any funds themselves
- Puts PISPs at a disadvantage to comparable products such as cards and direct debit, which are not required to perform such checks
OFA welcomes the acknowledgment of this issue and suggests that it can be resolved more simply via an update to Joint Money Laundering Steering Group (JMLSG) guidance to exempt PISPs from applying CDD on the payer whenever a PISP initiates a transaction.
Copyright OFA 2022