Retail Payments Risk Forum
Font Size: A A A

Portals and Rails

January 06, 2014

When It Comes to RCCs, Can We Make the Invisible Visible?

In May 2013, the Federal Trade Commission (FTC) issued a proposal for public comment to amend the telemarketing sales rule to prohibit telemarketers from using certain payment types, including remotely created checks (RCCs). The proposal addressed attributes of RCCs that make their use susceptible to abuse. RCCs, sometimes referred to as demand drafts, are checks that payees issue rather than the consumer or the consumer’s bank, and are not signed by the consumer. The attributes the proposal addresses include the difficulty of distinguishing RCCs from check images, the absence of reliable data on the volume of RCCs and returns, and the lack of centralized fraud monitoring. Together, these attributes make RCCs relatively invisible.

RCCs usually garner attention only when a law enforcement case uncovers their use in fraud, typically when consumers are victimized by unfair and deceptive practices. Still, RCCs are not just a tool for committing fraud—they are used for legitimate purposes and are frequently authorized by consumers as payments for credit cards, charitable donations, and insurance premiums. At times, banks originate the RCCs themselves or on behalf of the payee, so in these instances, the bank monitors returns, identifies issues, and manages them.

In other payment methods, including ACH transactions and cards, the ability to recognize the payment, track volume and returns, and monitor fraud centrally have proven to be beneficial in addressing fraud. For example, ACH operators have data on forward entries and returns for ACH transactions that enable ACH participants to identify and address issues proactively. Adding these layers of data to enable identification and monitoring of RCCs would prove equally beneficial to the depository and paying banks, as well as regulators and law enforcement to potentially identify and address RCC fraud more directly.

How can the industry improve the identification and tracking of RCCs? One option could be to develop some kind of technology that would distinguish between RCCs and check images with a high degree of accuracy. Another option could be to approve a standard for an identifier in the MICR (short for magnetic ink character recognition) line to indicate that this document is an RCC.

Some industry participants have pursued the MICR line identifier in the past, but these efforts did not gain traction within the industry. However, it may be an idea whose time has come given the concerns that regulators and law enforcement officials are raising about the "invisibility" of RCCs. A MICR line identifier would also allow for centralized fraud monitoring. For instance, depository banks could report periodically to their primary regulator on RCC returns. This reporting would provide information to regulators and law enforcement on possible fraud and support banks in their efforts to mitigate improper RCC usage.

Does your institution see value in making RCCs visible in the processing stream and quantifying their use?

Photo of Deborah ShawBy Deborah Shaw, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

January 6, 2014 in fraud, regulations, remotely created checks | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c019b0450ee36970d

Listed below are links to blogs that reference When It Comes to RCCs, Can We Make the Invisible Visible?:

Comments

Another consideration for financial institutions is the liability difference for electronic RCC vs. 'traditional' RCC. eRCC are never printed therefore not allowing the Federal Reserve to provide Check 21 warranties. This method puts all of the liability on the Bank of First Deposit. Normal liability is incurred for the traditional RCC.

Posted by: Brad Smith | January 06, 2014 at 03:40 PM

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

December 16, 2013

Is It the Right Time for Lower ACH Return Rate Thresholds?

Monitoring return rates for automated clearing house (ACH) transactions is an important element of a bank’s risk mitigation program for its business and third-party clients. Recently, NACHA issued a request for comment (RFC) that addresses proposed changes to return rate thresholds included in the NACHA Operating Rules.

The NACHA Operating Rules currently identify a return rate threshold for unauthorized debit entries of 1 percent. The threshold is intended to reduce unauthorized entries transmitted over the ACH network. The NACHA Operating Rules hold an originating depository financial institution (ODFI) that has an originator or third-party sender with an unauthorized return rate over 1 percent subject to ODFI reporting and possible fines if the rate of returns is not reduced in a timely fashion.

According to the RFC, the unauthorized debit return rate declined due to several risk management efforts—including the 1 percent threshold, established in 2008—from 0.06 percent in 2005 to 0.03 percent in 2012. These reduced numbers demonstrate that the monitoring of return rates by banks and other network participants helps to identify issues and leads to fewer problematic transactions.

This RFC proposes three changes to how the NACHA Operating Rules currently address return rate thresholds.

  • A reduction in the return rate threshold for unauthorized debit entries from 1 percent to 0.5 percent.
  • Establishment of a return rate threshold for data quality debit entries (such as invalid account number) of 3 percent.
  • Implementation of an overall debit return rate threshold of 15 percent.

NACHA had issued an RFC in spring 2011 that proposed changes similar to the first two listed items, but ACH participants did not provide sufficient support then and the changes were not implemented. It seems that the time may now be right. The RFC indicates that the environment for this proposal appears to have changed, with ACH participants expressing interest in looking at new thresholds. And the proposal for an overall debit return threshold stresses the need for banks to focus on their overall return rates in addition to specific return reasons.

Regardless of which thresholds are included in the NACHA Operating Rules, banks should monitor for any increase in returns. They should also understand the underlying cause and remedies that their business or processor customers are implementing. A bank focus on return issues is one element of a robust risk management program that helps to ensure the bank’s origination of high-quality payment transactions.

With this proposal on return rate thresholds, is your institution rethinking its internal policies for return rate monitoring?

Photo of Deborah ShawBy Deborah Shaw, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed


December 16, 2013 in ACH, banks and banking, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c019b0317a3ef970d

Listed below are links to blogs that reference Is It the Right Time for Lower ACH Return Rate Thresholds?:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

December 09, 2013

What Do Crayons and Virtual Currencies Have in Common?

Coloring with my young boys the other day, I was a bit amazed by the variety in colors. The days of a single blue crayon from my childhood has now expanded to at least 10 different shades of blue with names such as "Pacific blue" and "cerulean." I quickly learned that my regulation of the usage of crayons by the boys also varied by color. For example, the lone black crayon required ample regulation (and was quite challenging to enforce) to prevent an all-out toddler brawl. Because the blue crayons had such variety, they clearly required less and were much easier to enforce.

Just as crayons come in a variety of colors and shades, virtual currencies have a variety of different attributes, including:

  • Open or closed: Closed virtual currencies can be used only within a specific community. Open virtual currencies can be used anywhere the currency is accepted.
  • Unidirectional or bidirectional: Unidirectional flow allows the currency to be obtained at a specific exchange rate using fiat currency. This currency cannot be exchanged back to the fiat currency. Bidirectional currencies are bought and sold according to exchange rates.
  • Centralized or decentralized: A centralized currency has a central authority that issues the currency and operates the system. A decentralized currency does not have a single entity acting as a central issuer or clearing house.
  • Asset backed or demand backed: An asset-backed currency is tied to an asset or assets held in reserve while a demand-backed currency has no tangible value other than the value established by its market.
  • Machine-based or human-based: Monetary policy of machine-based currencies, or crypto-currencies, is managed by computers. A central authority establishes monetary policy with human-based currencies.

The regulation of my children's crayon usage differed depending on the particular crayon being used. In that case, it was a matter of scarcity, so the analogy isn't perfect—but it will also be imperative for the regulation of virtual currencies and their enforcement to differ according to the characteristics of the various currencies. Undoubtedly, a decentralized, demand-backed currency not only poses different risks than a centralized asset-backed currency does but it may also include a unique set of participants not part of other virtual currency schemes.

Most of the regulatory discussion currently taking place is focused squarely on a particular virtual currency. And while this particular currency has an enormous market share of the virtual currency market, there are at least 50 other virtual currencies in the marketplace. If I had regulated the blue crayons in a similar way as the black crayon, my children would likely have left their coloring books and moved on to the train table.

I fear that should regulations be developed based on a single virtual currency and then applied to the market at large, the regulations could drive away the innovators in the virtual currency space that may hold long-term promise if they promote a faster, more secure, and more efficient payment system.

Douglas A. KingBy Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

 

December 9, 2013 in currency, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c019b027651c7970b

Listed below are links to blogs that reference What Do Crayons and Virtual Currencies Have in Common?:

Comments

While I'm not well versed in virtual currencies, your point about regulations being based on one market mover and then applied to the rest of the industry is interesting. In general, I think most financial regulation is applied in this manner since it serves as a simplifying assumption and since regulation is generally reactive rather than proactive. My guess would be that the other virtual currencies will continue to innovate around whatever regulation is issued. However, I understand that some may exit the industry altogether if that regulation is too stifling.

Posted by: Saba H | December 13, 2013 at 07:47 AM

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

November 18, 2013

Forum Focuses on Best Practices and Other Tools to Fight Payments Fraud

The Retail Payments Risk Forum and the southeastern Regional Payments Associations (RPAs) cohosted an Executive Fraud Forum at the Atlanta Fed on October 30. Forum attendees engaged with speakers and panelists on such issues as the latest payments fraud trends, legislation and regulation, and best practices for financial institutions to mitigate risk in today's dynamic payments environment.

In one session, Federal Reserve Bank of Atlanta senior examiner Tony DaSilva discussed best practices to combat cybercrime. Cybercrime remains top of mind for financial institutions because denial-of-service attacks, which overload an institution's computers so customers cannot access their account information, can affect an institution's reputation and divert attention away from account takeover attempts. Account takeover is when a fraudster uses malware to attempt to steal a customer's valid online credentials and direct payments—often via wire and ACH—out of the customer's account. DaSilva suggests that financial institutions should assume that their systems are infected, and thus constantly, proactively monitor for cybercrime.

DaSilva also highlighted the importance for an institution's board and management to understand the nature of current cyber threats, assigning adequate IT resources and using industry tools to contend with cybercrime. DaSilva also emphasized the importance of following regulatory guidance.

A critical piece of regulatory guidance in this area is the Federal Financial Institutions Examination Council's (FFIEC) 2011 supplement to its 2005 guidance, Authentication in an Internet Banking Environment. The updated guidance recognizes the changing nature of cyber threats, including account takeovers, and emphasizes three area of responsibility for institutions.

  • Periodic risk assessments, at a minimum every 12 months, are important. In these assessments, institutions should consider the current threat landscape, changes in customers, and actual incidents, and then make adjustments to customers' authentication controls
  • Layered security for high-risk Internet-based systems should at a minimum detect and respond to anomalies and have robust controls for system administrators of business clients
  • Education should focus on making consumer and business customers aware of security steps, and should explain federal consumer protection provisions, risk controls offered by the institution and relevant institution contacts

For more on this topic, view Tony DaSliva's video interview and presentation on the conference web page.

Photo of Deborah ShawBy Deborah Shaw, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

November 18, 2013 in cybercrime, malware, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c019b014a7228970c

Listed below are links to blogs that reference Forum Focuses on Best Practices and Other Tools to Fight Payments Fraud:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

September 16, 2013

Be Sure to Dot Your I's and Cross Your T's in Vendor Agreements

A new twist on an existing issue has recently surfaced for financial institutions (FI) in managing vendor risk. Patent infringement lawsuits, which are not new to the banking community, have grown as FIs have become more dependent on vendor-provided technologies. FIs are being drawn into more legal proceedings, or the threat of them, in which a party sues for alleged infringement of a patent on a product or process that a vendor has provided the FI. In particular, allegations of infringement have targeted technology enhancements related to scanning and imaging, mobile banking and payments, data storage, debit and prepaid card production, and transaction management processes. In a number of cases, the FI pays a royalty or fee to settle the dispute and avoid further legal expenses.

Some aggressive patent infringement groups have become active over the last several years. Targeting financial services vendors and FIs, these "patent assertion entities" (PAEs) (or, more derisively, "patent trolls") are characterized in the June 2013 White House report Patent Assertion and U.S. Innovation as focusing "on aggressive litigation, using such tactics as: threatening to sue thousands of companies at once, without specific evidence of infringement against any of them; creating shell companies that make it difficult for defendants to know who is suing them; and asserting that their patents cover inventions not imagined at the time they were granted." According to the report, patent infringement lawsuits initiated by PAEs now represent 62 percent of all infringement suits—up from 29 percent just two years ago. The greatest danger from such aggressive legal action is a chilling effect on the development and adoption of innovative technologies.

So what might a financial institution do to mitigate its risk in this area? Federal and state officials are examining the problem and will likely make recommendations for policies or regulations that will provide a reasonable level of protection. However, this effort is likely to take time. In the interim, we suggest a number of potential actions for FIs and their legal counsel to evaluate. A critical element in risk management is understanding the sources of risk and their threat level. Consequently, FIs should consider a requirement in the vendor agreement that requires the vendor to immediately notify the FI of any such claims. Second, FIs should include an indemnification clause in the vendor agreement to protect themselves from being drawn into the legal dispute. And the FIs' lawyers should make sure that this clause requires vendors to stand behind the FI if the lawsuits target them for using vendor-provided technology. Lastly, FIs should consider obtaining or requiring the vendor to obtain patent infringement insurance.

Risk assessment and developing mitigation tactics should be an ongoing effort for all FIs. We would like to hear how your company is addressing this issue.

Photo of David LottBy David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

September 16, 2013 in innovation, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c019aff6dfd3d970d

Listed below are links to blogs that reference Be Sure to Dot Your I's and Cross Your T's in Vendor Agreements:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

September 03, 2013

EMV Is Coming to the United States--Right?

The conferences I have attended recently have all had a session where speakers or panelists opined on the state of EMV migration and its future here in the United States. Some of the panelists have been highly optimistic, admitting to the challenges the industry currently faces but confident the issues will be successfully resolved. Those on the other end of the spectrum have been downright dismissive of the effort and sometimes even the standard itself. Based on my research and some of the industry discussion I've heard, let me offer my perspective on the current and future state of EMV migration in the United States.

Terminal migration timeline
The difference in the timelines of ATMs and POS terminals for the liability shift to take effect was initially confusing to some but that confusion seems to have been resolved—although the difference of a year between MasterCard (2016) and Visa (2017) for the ATM is still a head scratcher. But it seems likely that both networks will agree on a common date before the end of 2014.

Much of what I'd been hearing indicated that there would likely be no rush for the merchant community to upgrade their terminals to meet the POS liability shift timeline, currently scheduled for October 2015. Something tells me that many will choose to ignore the liability shift date altogether. The unresolved Application Identifier (AID) battle currently being fought among Visa, MasterCard, and the debit networks is a major factor in both the debit card issuance and POS terminal decisions. Many of the major merchants and their industry associations have not been big fans of EMV, apparently because of a variety of control, financial, and technical reasons. Understandably, merchants are attempting to consolidate their terminal upgrade efforts to support both mobile payments and EMV, so they would prefer to put off major terminal purchases or upgrades until there is a final resolution of terminal requirements for both technologies.

When U.S. District Judge Leon delivered his July 31 ruling that the Fed's Regulation II debit card transaction routing requirements did not meet the legislation's intent, it seemed that there was a greater likelihood for EMV development efforts to be placed on hold until there is a final routing rule.

Card migration timeline
Based on comments I've also heard at recent industry conferences, many of the major card issuers' replacement plans seem to be focused on card replacement for international travelers and high net worth/private banking clients rather than a wholesale card replacement effort. This issuance policy appears to be more to ensure operability when traveling to an EMV-converted country than to take financial advantage of the liability shift. Again, it seems highly likely that Judge Leon's ruling will suspend any major debit card replacement efforts until there is a resolution on the routing rules and the related AID solution.

Risk impact
Although it's normal for any major technology change to have its starts and stops, its advocates and critics, we must not forget that delays in finding a viable business solution for counterfeit card fraud only increases our risk profile through higher fraud losses and erosion of consumer confidence. We will be back to write more on this topic in future Portals and Rails posts, but for now we'd like to hear your thoughts.

Photo of David LottBy David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

September 3, 2013 in debit cards, EMV, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c019aff2a942e970b

Listed below are links to blogs that reference EMV Is Coming to the United States--Right?:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

August 26, 2013

Caution, Online Payday Lender Ahead

Payday lenders offer consumers short-term unsecured loans with high fees and interest rates. Payday loans—also referred to as deposit advance loans or payday advances—are a form of credit that some consumers may find appealing for a number of reasons, including an inability to qualify for other credit sources. The borrower usually pays the loan back on the next payday—hence the term "payday loan"—which means the underwriting process typically includes a history of payroll and related employment records.

A growing number of payday lenders operate their businesses virtually. Consumers can obtain loans and authorize repayment of the loans and fees during the same online session. In a typical online payday loan scenario, a borrower obtains a loan and provides authorization for the lender to send Automated Clearing House (ACH) debits to the consumer's account at a later date for repayment. The payday lender's bank can originate the debits through the ACH network. Wire transfer and remotely created checks may be other payment options.

Both state and federal regulators are currently focusing on the payday lending industry to protect consumers from illegal payday loans. Payday lending practices are usually regulated on the state level. Some states prohibit payday lending, while others require lenders to be licensed and to comply with maximum fees, loan amounts, and interest rate caps, among other restrictions. On the federal level, the Dodd-Frank Act has given the Consumer Financial Protection Bureau the authority to address deceptive and abusive practices by payday lenders.

Payday lenders' banks should consider all the risks involved with working with online payday lenders. And they should make sure to incorporate due diligence techniques and to become familiar with the available tools.

Reputation, reputation, reputation
First, there is reputational risk. A payday lender's bank should be aware that a business relationship—including ACH origination activity—with a company making illegal payday loans can damage the bank's image. Reputation can suffer even if the bank is not complicit in the illegal activities of its payday lender customer. But once a financial institution determines that facilitating payments on behalf of online payday lenders falls within its risk management model, it should ensure compliance with applicable laws and regulations. Providing periodic reports on ACH customers to the bank's board of directors is one way to facilitate review of whether these customers' activities remain within the bank's risk management model. It is critical that the bank protect its reputation, as that affects every part of its business.

The importance of know-your-customer practices
The payday lender's bank should also develop and follow adequate due diligence procedures. ACH rules require—and regulatory guidance advises—that banks perform "know your customer" (KYC) due diligence. KYC includes a variety of activities such as assessing the nature of the online payday lender's activities, setting appropriate restrictions on the types of entries and exposure limits for the lender, and monitoring origination and return activity.

Due diligence steps can include: 1) identifying the business's principal owners, 2) reviewing ratings for the business from the Better Business Bureau, consumer complaint sites, and credit service companies, and 3) determining if there have been recent legal actions against the business. A thoughtful review of the lender's website, including the terms of the consumer's authorization agreement as well as promotional materials, is advised. These due diligence practices during onboarding and on an ongoing basis for all merchants—including online payday lenders—help the bank with setting and enforcing appropriate restrictions for the customer and therefore mitigate the risk of the bank discovering a problem when it is too late.

Mitigating problems by being proactive
Banks can develop tools that flag potential problems in-house or obtain them from vendors, ACH operators, or NACHA. In addition, incorporating a process to monitor transactions and returns to identify anomalies can be very useful. An anomaly could, for example, be a sudden uptick in returns or an unusual increase in origination volume or average dollar amount. Detecting anomalies can be a trigger to conduct further research with a customer.

Other tools can be NACHA's originator watch list and vendor-terminated originator databases, which can help banks identify customers that may warrant additional scrutiny. Periodic audits can also be a useful tool to identify rules compliance issues.

For a bank, protecting its reputation is paramount when it is considering offering payment services to high-risk originators like online payday lenders. It should exercise caution, performing risk-based due diligence on new customers and then diligently monitoring current customers so it can identify problems early and address them proactively.

Photo of Deborah ShawBy Deborah Shaw, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

August 26, 2013 in ACH, consumer protection, online banking fraud, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01901f04d739970b

Listed below are links to blogs that reference Caution, Online Payday Lender Ahead:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

July 29, 2013

Suspicious Activity Reports: What the Numbers Show

Initially intended to help law enforcement identify individuals and organizations involved in money laundering and terrorist financing, Suspicious Activity Report (SAR) filings are also used to help detect activities related to consumer fraud and identity theft. Depository institutions (DIs) and money services businesses (MSBs) together file about 98 percent of all SARs submitted annually to the Financial Crimes Enforcement Network (FinCEN). Industry groups are constantly working to educate SAR filers about the various types of activities that they should document so these activities can be properly tracked. FinCEN recently updated its statistics to include SAR activity in 2012, and the summary volumes are shown in the chart below. The Retail Payments Risk Forum believes that an ongoing educational effort of customers, as well as DI employees, is a vital element in recognizing and mitigating fraud in our payments system. As part of that effort, I think there would be benefit in examining the shifts among the different SAR activities and gain an understanding as to possible reasons for these shifts.

SAR Filings by DIs and MSBs: 2013-12

As the above chart shows, the number of SARs filed by DIs has risen steadily over the last two years. SARs from MSBs, on the other hand, dropped 14 percent from 2011 after seeing an average annual increase of 15 percent over the previous two years. So why the ups and downs?

From a pure numbers standpoint, the answer to the question lies in the details of the activities that can trigger a SAR. In the case of SAR filings from DIs, for example, 2012 saw a dramatic increase in identity theft and check fraud filings, while mortgage loan fraud SARs dropped. This shift is explained by the increased diligence being placed on mortgage loans and the alarming growth of identity theft and check fraud incidents. By contrast, SAR filings from MSBs showed a substantial decrease in the category where the person reduced the amount of money order or traveler's check purchase to avoid having to complete a funds transfer record (but still generating a SAR). One wonders whether this reduction represents progress in the fight against money laundering and terrorist financing, or have the individuals engaged in these illegal activities changed their money handling tactics by performing lower dollar value transactions to avoid suspicion and identification?

Every federal judicial district has a SAR review team. This team of regulators and federal and local law enforcement reviews SARs to determine whether they need to initiate new investigations or supplement the filings to existing cases. The efforts of these teams illustrates how more comprehensive reporting, improved data analysis, and stronger monitoring capabilities can help detect and address fraud and abuse within our payments system. FinCEN publishes a semiannual report—Trends, Tips & Issues—that provides a summary of key findings from the teams' reviews of SARs. These reports let involved parties know how they can use the information to provide greater protection to potential victims of fraud. We encourage you to read copies of FinCEN's reports to better understand current fraud trends so you can educate your employees and customers.

Photo of David LottBy David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

July 29, 2013 in money laundering, regulations, regulators | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c0192ac401cf6970d

Listed below are links to blogs that reference Suspicious Activity Reports: What the Numbers Show:

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

July 01, 2013

The Cost of "Free"

Many retail-centric banks have found themselves in a fee-revenue dilemma as the impact of regulations regarding overdraft fees and debit card interchange revenue begins to be felt. After decades of providing "free" services to consumers, these banks are under significant customer pressure to continue this practice even as they roll out new products and services. But this pricing model poses financial risk. The operating expenses of the bank are increasing at the same time that the banks are receiving minimal—if any—incremental revenue.

I recently participated in a conference that had a session comprised of a panel of four MBA students. The goal of the session was for the audience of bankers to better understand the driving forces for financial service decisions by the Gen Y, or millennial, customer. (I wrote a bit about this panel in a previous post.) One eye-opening statement universally shared by the panel was the expectation that mobile banking and mobile banking services be provided free of charge. When asked for a justification, they believe that by using the mobile channel they "saved" the bank money over writing a check or going into a branch office. When further questioned as to how the bank was going to pay for the development and operating expenses of such new products and services, their response was essentially that they believe the bank earns sufficient revenue from its lending operations, including credit cards and installment and mortgage loans. I am sure that many other consumer segment groups have this attitude as well.

After Regulation II capped debit card interchange fees for banks with assets exceeding $10 billion, some banks announced they would begin charging a monthly debit card fee. Consumer and media response was so negative that banks withdrew the proposed fee changes. Subsequently, many banks changed their checking account service fee waiver conditions by raising minimum balance requirements, requiring other account relationships (to provide additional revenue support), or eliminating some previously bundled services. The Bankrate 2012 Checking Survey found that only 39 percent of banks were offering free checking without a minimum balance requirement or maintenance fee. This percentage is down from 45 percent in 2011 and 76 percent in 2009. Credit unions have not followed suit—the number of them offering free checking is holding fairly steady at around 72 percent.

Is there anything banks can do to shift consumers' expectations and ease some of the financial risk associated with controlling operating expense levels? We would like to hear from you.

Photo of David LottBy David Lott, a retail payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

July 1, 2013 in financial services, mobile banking, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c0192abd00149970d

Listed below are links to blogs that reference The Cost of "Free":

Comments

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in

June 03, 2013

Do Digital Currencies Need Bank Secrecy Act Regulations?

Nearly two years ago, a Portals and Rails post looked at digital currencies and posed the question, "Will the use of alternative currencies gain popularity in the criminal world?" It appears that the answer to the question is "yes." According to the recent indictment of a digital currency provider, the currency under question "was designed to give criminals a way to move money earned from credit card fraud, online Ponzi schemes, child pornography and other crimes without being detected by law enforcement," ultimately building up a $6 billion money laundering operation.

At the heart of the issue with this particular digital currency is its anonymous nature. Payment instruments that provide anonymity do attract the criminal element. Anonymity is a major reason cash remains king when it comes to payments for illicit activities. The anonymity that prepaid cards provided in their earlier years attracted the criminal element, which ultimately resulted in regulators attaching Bank Secrecy Act/anti-money laundering (BSA/AML) regulations to these instruments.

There is no doubt that digital currency has benefits over paper and coins. The convenience of not having to lug around paper and coins is appealing to me, as is the fact that I wouldn't feel the need to scrub my hands after handling digital currency since it's no secret that paper money and coins are dirty. I am all for the success of digital currencies and can't wait for them to become more mainstream. But I believe that as long as any digital currency continues to support anonymity, it will be difficult for that to happen.

While regulation can stifle innovation, I believe that BSA/AML regulation of digital currencies could help increase the adoption of this type of payment instrument by the mainstream. One need look no further than the prepaid card industry to understand the potential impact. Many factors have played into that industry’s phenomenal growth rate, but the BSA/AML regulatory requirements also played a role by providing a credibility to prepaid cards that did not exist in their infancy.

What are your thoughts on the need for BSA/AML regulation of digital currencies?

Douglas A. KingBy Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed

June 3, 2013 in cybercrime, emerging payments, money laundering, regulations | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01901cef3bcf970b

Listed below are links to blogs that reference Do Digital Currencies Need Bank Secrecy Act Regulations?:

Comments

Great Post.
In my opinion all e-currencies need to be regulated, specially the more popularly used ones. It will be sad to see another one going down like LR.

Posted by: Bhagesh Nair | June 04, 2013 at 04:48 PM

Post a comment

Comments are moderated and will not appear until the moderator has approved them.

If you have a TypeKey or TypePad account, please Sign in