This is the text of the speech as drafted and may differ from the delivered version. This speech was delivered at Pay360 on 18 March 2021.

Thank you for inviting me to speak to you today, and for essentially welcoming me into your homes for the next twenty minutes or so. My name is Genevieve Marjoribanks, and I’m Head of Policy at the Payment Systems Regulator. The PSR is the UK’s economic regulator of payment systems, and our aim is to ensure that those systems work well for everyone who uses them, while also promoting innovation and competition.

Our work covers the broad payments industry, from issues such as access to cash, to protecting consumers, to future innovations and developments in payments. But today, I’d like to focus on three of our projects which look at:

  • The future infrastructure that many interbank digital payments will come to rely on here in the UK;
  • The protections we want to be in place now to protect victims of fraud; and
  • Potential protections for interbank payments in the future.

If you’ve heard me speak before, spoken to any of my colleagues, or read our publications, you’ll likely know that the New Payments Architecture, or NPA, is one of our key priorities at the PSR. And of course, you’ll also know about our focus on Authorised Push Payment, or APP, fraud. But one area you may not have heard so much about from us is our work on consumer protections more broadly, and the work we’re doing to identify whether the current offering in interbank payments is sufficient.

This is the text of the speech as drafted and may differ from the delivered version. This speech was delivered at Pay360 on 18 March 2021.

I’ll be talking to you about all three today, looking at how they’re interlinked with the world of digital payments and the steps we’re currently taking on each of these projects.

Digital payments

Given the three statutory objectives of the PSR are to promote competition and innovation in payment systems, and ensure those systems are operated in the interest of the people that use them, it will come as no surprise that consideration of digital payments features in our work frequently!

How can the NPA meet the growing demands for digital payments and support increased competition? What are the implications of digital payments on cash use? How are fraudsters manipulating digital payments to exploit customers? These are just a few of the questions we consider as part of our work on a day-to-day basis.

With the constant evolution and increasing use of digital payments, we have to make sure that our work takes this into account. And the three projects I’m talking to you about today are asking these kinds of questions right now.

New Payments Architecture (NPA)

So, onto the NPA. For those that don’t know, the New Payments Architecture is the payment industry’s proposed way or organising the clearing and settlement of most interbank payments in the future. Whether I’m receiving my wages, paying bills, or – hopefully in a not-too-distant post-lockdown world – transferring my half of last night’s restaurant bill to a friend, interbank payments are essential to the functioning of our economy in the UK.

This work is hugely important, and we’re now at a critical point of the work that Pay.UK is doing in facilitating delivery of the NPA. We’ve been monitoring this work, alongside the Bank of England, to ensure that the NPA is a resilient, secure service that promotes competition, innovation and the interests of the people and businesses that use the system. In turn, this ensures that we have the infrastructure in place to support the development of digital payments for years to come.

Ultimately, the current programme being led by Pay.UK needs to be de-risked. We think that there are unacceptably high risks that the programme:

  • will not provide value for money
  • will stifle competition and innovation in payment services, and
  • will delay realisation of the benefits of the NPA.

I know you don’t just want me to tell you there’s a problem – you want to know what we are actually doing about it at the PSR. Well, in February we launched a consultation to look at reducing risks to the delivery of the NPA.

We’re looking at limiting the initial central infrastructure contract to only those services that are most important to its successful launch. We think a phased approach, where Pay.UK only buys the services needed to migrate Faster Payments for now and deals with the more complex issues around Bacs later down the line, will significantly de-risk the delivery of the NPA. It will make the procurement quicker, easier, and more efficient, and could ultimately mean we can realise many of the benefits of the NPA sooner.

A phased approach also promotes competition, by giving third parties an opportunity to provide services that support the migration of Bacs transactions, rather than procuring these services from a single provider now.

We’re also considering whether taking a different approach to the procurement of the central infrastructure would help lower delivery risks. We think there are three options for Pay.UK for the procurement:

  • Continue with the current tender;
  • Start an entirely new tender; or
  • Directly negotiate with the current provider of Faster Payments and Bacs without a competition.

Of course, none of these options are perfect and the relative challenges and issues of each option need to be considered.

As well as looking at lowering risks to delivery of the NPA, we are also consulting on proposals for mitigating risks to competition and innovation relating to when the NPA is operational, including the role of the PSR’s regulation of the NPA and the firm providing the systems and infrastructure. But the point of the consultation is to gather stakeholder views; we want to know if you support our proposals or have suggestions on how we can best make this work. This is a once in a generation change to the fabric of our payment systems, and it’s vital that we get this right for everyone.

Authorised Push Payment (APP) scams

It’s important that we ensure payment systems are innovative and competitive, and therefore allow for the progress we’re seeing in digital payments. But it’s imperative that these systems are safe to use and work in the interest of everyone that uses them. That’s why Authorised Push Payment fraud remains a key priority for us at the PSR.

APP scams can have a devastating impact on those who fall victim to them. As a consequence of the pandemic, we’ve seen more people falling victim to APP scams, where a fraudster tricks someone into transferring money to them by posing as a legitimate payee or constructing fraudulent reasons for a payment.

To date, we’ve advocated an industry-led approach to combating APP scams, which culminated in the voluntary, industry Contingent Reimbursement Model Code. The Code, which came into force in May 2019, has been a key tool in combatting APP scams and protecting victims through reimbursement and repatriation.

But while the Code has improved outcomes for consumers, our analysis suggests that this could still go further. According to UK Finance, nearly £208 million was lost to APP scams in the first half of 2020. Yet the overall level of reimbursement and repatriation remains at only around 50% of those cases assessed under the Code. The other concern with this reimbursement rate is how much it varies across Code signatories. All of this means that customers who have acted appropriately are still bearing a high proportion of losses.

We think that elements of the Code are too open to interpretation or are difficult to apply in practice, which means that customers are missing out. And even more are missing out because the Code is voluntary, and so Payment Service Providers, or PSPs, are under no obligation to refund these customers who have done nothing wrong.

The Payment Services Regulations 2017, which implement the EU’s Second Payment Services Directive into UK law, prevent us from requiring reimbursement. But should legislative changes be made, more options will be available to us. If this happens, we want to be ready with solutions to further prevent these devastating crimes from happening and protect those who do fall victim.

That’s part of the reason why we launched our APP scams call for views last month. In it, we outline three outcomes which could potentially provide these solutions for Faster Payments and Bacs Direct Credit.

The first – improving transparency on outcomes, by requiring PSPs to publish their APP scams reimbursement and repatriation levels.

The second – greater collaboration to share information about suspect transactions, by requiring PSPs to adapt a standardised approach to risk-rating transactions and to share the risk scores with other PSPs involved in the transaction.

And the third – introducing mandatory protection of customers, by changing industry rules so that all payment firms are required to reimburse victims of APP scams who have acted appropriately.

It’s important to note that while there are some legal impediments to us using our powers to force introduction of the measures we’ve outlined, there is nothing to stop the banks from implementing these measures or undertaking to reimburse their customers who lose money through no fault of their own right now. The reason we’re planning to take stronger action, when we can, is because so far, industry has failed to do so on its own. We would very much welcome industry participation or even leadership in getting these measures and other measures to prevent scams in place as soon as possible.

To ensure that we’re taking the most appropriate steps to provide protection to consumers, we want to hear from stakeholders with feedback on our proposed measures, how they should be developed, and any additional options you think we should be exploring. Of course, we’re also interested in any other proposals that help to reduce fraud and improve protections.

We always want to support competition and innovation in payment systems and digital payments, but, at the same time, we want to make it harder to commit these devastating crimes and see victims properly protected from them.

Consumer protection

While our focus has historically been on protecting people from APP scams, it’s important that we look at the idea of consumer protection more holistically – and you don’t need to tell me how broad a topic this is! So, while our work on APP scams certainly continues, we’re also looking at protections in interbank payments more widely.

More and more of us are using digital payments more frequently, often for more varied purposes too. If, as I’m sure it will, the use of Faster Payments continues to grow as a frequently used payment method, we must ensure that there are appropriate protections in place for consumers should something go wrong with their interbank payment. The sheer volume of interbank payments we make on a day-to-day basis – for example, transferring money to family or friends or paying an invoice – only emphasises the need to ensure that consumers are confident in the protections in place.

We are therefore looking at the levels of protection available to consumers using interbank payment methods. As many of you will already be aware, we aren’t the only ones considering this issue – a number of other regulators and organisations across industry are too. But our work serves to complement the work that’s already been started and builds on those foundations. As the UK’s economic regulator for payment systems, we are ideally placed to steer the debate and ensure that any insights gathered by different organisations ultimately lead to actions that work for everyone involved in interbank payments.

So, we have also recently launched a call for views on consumer protections in interbank payments, to identify whether the current protections that are in place are sufficient and, if not, what more needs to be done. We want your views on what we and the payments industry, can do to protect people making and receiving interbank payments – giving everyone greater choice to safely make payments in ways that work for them.

It’s important that there are consumer protection measures that benefit consumers by making it easier to make a claim when something goes wrong. It’s also essential that there are clear guidelines about where liabilities lie. And we want to make sure that, as Faster Payments continues to grow, and use cases evolve and become more varied, we are considering how we can ensure there are adequate levels of consumer protection.

Your views will help us assess the best course of action for us to take to support the development of effective protection measures and we look forward to engaging with you, our stakeholders, on this important topic.

Conclusion

As you can tell, we’re making a lot of progress in these key areas and want to keep making more. We cannot ignore the continuing developments of digital payments and in any case, we want to encourage innovation in payment systems and services, as well as ensuring that there is effective competition in them. But at the same time, it’s equally important to us that the interests of everyone that uses payment systems – consumers and businesses – are considered as part of the plan.

We expect industry to take these considerations into account in everything they do, and we’re here to make sure it happens. The consultation and calls for views that I’ve talked about to you today are key elements of this, ensuring that these developments are accessible, reliable, secure and value for money.

But, as I said earlier, this isn’t just about industry deciding to make these changes, and it isn’t just about us making industry comply with what we think is best. We really want to hear from you – to make sure that we’re achieving our objectives and making sure that changes to payment systems and developments in digital payments work well for everybody.

Thank you.