Payments System Board Annual Report – 2018 Retail Payments Regulation and Policy Issues

The Reserve Bank determines policy for retail payments systems and undertakes research into retail payments issues under its remit to promote a safe, competitive and efficient payments system. Recent policy work has included evaluating the case for reforms that would require least-cost routing functionality to be provided to merchants, and monitoring the implementation of the Bank's recent reforms to the regulatory framework for card payments. There has also been an ongoing focus on innovation in the payments system, including the use of distributed ledger technology, and policy issues associated with digital currencies

Least-cost Routing

Least-cost routing (LCR), or merchant routing, is an initiative aimed at promoting competition in the debit card market and keeping downward pressure on payment costs in the economy. It refers to merchants being given the opportunity to route contactless debit card transactions via whichever card network costs them the least to accept. During 2017/18, the Board responded to the slow pace of industry progress in providing LCR functionality to merchants by considering the case for regulation. Following consultation with stakeholders and commitments from the major acquirers that they would make LCR functionality available by early 2019 or sooner, the Board decided in May that a standard was not required, but that it would reassess the case for regulation if there were further material delays to implementation.

Background

Around four-fifths of debit cards issued in Australia are dual-network cards, which allow a payment to be processed via either eftpos or one of the two other debit card schemes (Debit Mastercard or Visa Debit). A payment made using a dual-network card typically draws on the same deposit account regardless of which debit card scheme processes the transaction. The three schemes also offer similar protections to the cardholder in relation to fraudulent and disputed transactions. From a merchant's perspective, the cost of accepting a debit card payment can vary depending on which of the three networks processes the transaction. For many merchants, payments via eftpos can be significantly cheaper for them to accept than payments via the international schemes (see the section on ‘Merchant fees’ in the chapter ‘Trends in Payments, Clearing and Settlement Systems’).

When a cardholder inserts their dual-network debit card into a terminal to make a payment, they are asked to select the debit card scheme to process the transaction (for example, by pressing CHQ or SAV for eftpos and CR for Debit Mastercard or Visa Debit). By contrast, if the cardholder chooses to make a contactless (‘tap-and-go’) payment, which is becoming increasingly common, the transaction is automatically routed to the network which has been programmed as the default network by the issuing financial institution. Until recently, contactless payments were only available through the two international networks, which completed their rollout of contactless cards in 2012, and those networks have been the default. However, with eftpos having completed its rollout of contactless functionality, contactless payments can now also go through the eftpos network. This raises the possibility of LCR, whereby merchants might choose to route contactless transactions via whichever of the two networks on the card costs them less to accept. This would have the direct effect of helping merchants reduce their payment costs, it also increases competitive pressure between the debit schemes such that there is greater incentive for all of them to lower their fees. LCR functionality would typically be made available to merchants by acquirers providing updates to their terminals. Regardless of whether a merchant uses LCR, cardholders would still have the option to select a particular debit network by inserting their card in the terminal and making a selection rather than tapping.

Support for least-cost routing

The Board has long supported the issuance of dual-network debit cards in Australia and giving merchants the ability to choose how contactless transactions on these cards are routed. This support reflects the benefits dual-network cards can have for competition and efficiency of the payments system.[13]

In recent years, a range of stakeholders have called for acquirers to begin providing merchants with LCR functionality now that most payment terminals and dual-network debit cards in Australia support contactless functionality for eftpos as well as the two international debit schemes. A number of recent government reports have also supported providing LCR functionality to merchants, including the Third Report on the Review of the Four Major Banks by the House of Representatives Standing Committee on Economics (December 2017), the Productivity Commission's Report on Competition in the Australian Financial System (February and August 2018), and the Black Economy Taskforce's (BETF) Final Report (October 2017). The payments-related aspects of these reports are discussed more fully later in this chapter.

Issues and outcome

In response to concerns about the lack of any industry progress in providing LCR functionality, in 2017/18 the Board considered whether regulation was needed to ensure the functionality would be made widely available to merchants. To support this, Bank staff consulted widely with stakeholders and gathered information on merchants' cost of acceptance for different types of payment networks to determine the potential demand for LCR and on the technical changes required to enable LCR functionality.

At its May meeting, the Board reviewed industry progress on providing LCR functionality and noted that:

  • One smaller acquirer had already begun offering LCR to its entire merchant base and a large merchant with its own terminal fleet had begun to implement LCR with the cooperation of one of the major banks.
  • The four major banks had made commitments to the Reserve Bank to complete the necessary technical work to make LCR generally available within the next year, with two of them expecting to roll out the functionality on their terminals within six months. Other banks and acquirers indicated that they would also be making LCR available within six months.
  • Terminal providers were making good progress in developing the necessary functionality, and some large and medium-sized merchants with their own terminals would likely be able to implement LCR independently of their acquirers' schedules.

In view of this progress, the Board decided that consultation on a standard requiring the provision of LCR was not necessary at that point in time. This decision was consistent with the Board's usual approach of regulating only where an appropriate industry solution is not forthcoming. However, the Board indicated that it would reassess the case for regulation if there were further material delays in acquirers providing merchants with LCR functionality.

In addition to the provision of LCR functionality, the Board also considered a number of other issues relevant to the effective implementation of LCR. These included the potential strategic responses of the debit card schemes and the awareness of LCR among merchants, especially small and medium-sized merchants. The issue of strategic responses relates to concerns of some merchants that the international card schemes might respond to a merchant's decision to implement LCR for debit card transactions by increasing the interchange fees that apply to that merchant's credit card transactions. The Bank has raised these concerns with schemes and the three schemes have provided the Bank with assurances that they will not respond to LCR in ways that would limit competitive pressure in the debit card market. The Australian Competition and Consumer Commission (ACCC) is also aware of these concerns. The Board asked the staff to closely monitor pricing developments in the payment card market and whether smaller merchants are being provided with reasonable access to LCR by the major banks.

Reforms to Card Payments Regulation

The remaining elements of the Reserve Bank's 2016 card payment reforms took effect during 2017/18. In July 2017, the new interchange fee standards took effect, and in September the new surcharging rules took effect for smaller merchants, with reliance on the cost of acceptance information that acquirers were required to provide from mid 2017. For larger merchants, the surcharging rules came into effect a year earlier. These various requirements reflected the conclusions of the Bank's 2015–16 Review of Card Payments Regulation. This review was a comprehensive examination of the regulatory framework for card payments, guided by the Board's mandate to promote competition and efficiency in the payments system.

Interchange fees

Under the new interchange standards, the weighted-average interchange fee benchmark for debit cards was reduced from 12 cents to 8 cents, and applies jointly to debit and prepaid cards in each designated scheme. The weighted-average benchmark for credit cards was maintained at 0.50 per cent. These weighted-average benchmarks are now also supplemented by ceilings on individual interchange rates: 0.80 per cent for credit; and 15 cents, or 0.20 per cent if the interchange fee is specified in percentage terms, for debit and prepaid. To prevent interchange fees drifting upwards in the manner they had previously, compliance with the benchmarks is now observed quarterly, based on transactions in the preceding four quarters, rather than being observed every three years. A scheme is required to reset its interchange fee schedule within two months in the event that its average interchange fee over the previous four-quarter period exceeds the relevant benchmark.[14]

Card scheme interchange fee resets

When the standard relating to credit card interchange fees came into effect in July 2017, both Mastercard and Visa reset their credit card interchange fee schedules to comply with the new ceilings on individual interchange rates and the revised benchmark methodology. Both schemes made two further schedule resets in 2017/18, in line with the requirements of the standard, after their weighted-average credit card interchange fees exceeded the benchmark. These further adjustments to the fee schedules were relatively minor (Table 4).

Mastercard and Visa also published new debit and prepaid card interchange fee schedules in July 2017. Mastercard made one further schedule reset during 2017/18 and Visa made two resets to its interchange fee schedule (the changes in these more recent resets were small relative to the July 2017 changes (Table 5)). Both schemes have reduced their interchange fees for consumer premium and commercial card transactions in order to comply with the new ceiling; interchange fees on these transactions were previously as high as 1.05 per cent but are now 0.20 per cent. In addition, Mastercard has changed its consumer standard rate from 0.27 per cent to 12.5 cents per transaction, and increased interchange fees for some of its strategic and industry-specific merchants. Visa also reduced its interchange rate for consumer standard transactions, but has left the rates unchanged for most strategic and industry-specific merchant categories. Both schemes revised their interchange fees on prepaid cards after these transactions became part of the weighted-average benchmark calculation under the new standard.

The eftpos interchange fee schedule was unchanged in 2017/18; no adjustment was needed to meet the lower interchange benchmark for debit and prepaid cards when the standard came into effect. In July this year, eftpos Payments Australia Limited (ePAL) increased its interchange fee for digital transactions and for transactions (at some merchants) on proprietary eftpos cards (Table 6).

Net payments to issuers and other reporting requirements

To prevent possible circumvention of the interchange fee caps and benchmarks, the new standards introduced a requirement that no issuers may receive net compensation from a scheme in relation to card transactions in a given scheme (or scheme pair in the case of debit and prepaid card schemes). This requirement is intended to limit the possibility that schemes may use payments to issuers (and higher scheme fees on acquirers) as an alternative to interchange fee payments from acquirers to issuers. Schemes and issuers are required to certify their compliance with this requirement annually. The first certifications covered the period 26 May 2016 (when the new standards were registered) to 30 June 2018; subsequent certifications will relate to financial years.

Companion card arrangements

Under the new interchange standards, interchange-like payments and net compensation payments from the scheme to issuers under the American Express companion card arrangements are now subject to equivalent regulation to those that apply to the Mastercard and Visa credit card systems. These changes addressed concerns that the previous regulatory arrangements were not competitively neutral and may have been distorting market developments. Subsequently, all four of the major banks in 2017/18 either ceased, or announced their intentions to cease, issuance of their companion card products. This may partly reflect the new regulation, which limits the interchange-like revenue for issuers to fund the more generous cardholder rewards these cards had typically provided. As a result, there has been a marked decline in the use of American Express companion cards during the past year.

Surcharging

The Bank's new surcharging standard took effect for large merchants in September 2016 and for all other merchants in September 2017. The new standard preserves the right of merchants to surcharge but ensures that consumers using cards from designated systems cannot be surcharged in excess of a merchant's average cost of acceptance for that card system. Additionally, since June 2017, acquirers and payment facilitators have been required to provide merchants with easy-to-understand information on the cost of acceptance for each designated scheme that will help merchants in decisions regarding surcharging.

These reforms work in conjunction with legislation passed by the government in 2016 that banned excessive surcharges and provided the ACCC with new enforcement powers. Since the new regime came into effect, the ACCC has investigated a large number of complaints of excessive surcharging and has issued infringement notices to two companies that resulted in the payment of penalties. Additionally, the ACCC has commenced proceedings in the Federal Court against another company over alleged excessive surcharging.

Payment Card Fraud

Bank staff regularly brief the Board on developments in payment card fraud in Australia, consistent with the Board's mandate to promote a safe and efficient payments system. As noted in the chapter on ‘Trends in Payments, Clearing and Settlement Systems’, there has been a steep rise in card-not-present (CNP) payment fraud over recent years, associated with the rise in online commerce. The Board has been concerned by this trend because CNP fraud imposes significant costs on merchants and other participants in the payments system and can undermine trust in electronic payments.

The industry has been pursuing various strategies to tackle CNP fraud. One strand of work has focused on protecting the card data, including by upgrading security where merchants hold card data and by utilising ‘tokens’ rather than card numbers in transactions. A second strand has focused on improved fraud detection tools. More recently, however, the industry has been developing a coordinated strategy to reduce CNP fraud. This required cooperation between issuers, acquirers, payment gateways, schemes and merchants. AusPayNet was tasked with drafting a CNP fraud mitigation framework, which was released for consultation in August 2018.

In broad terms, the framework would make it mandatory for merchants and issuers to perform strong customer authentication (SCA) on CNP transactions acquired in Australia when fraud rates exceed certain specified thresholds. SCA involves verifying that the person making the transaction is the actual cardholder using at least two of the following independent authentication factors: something that only the customer should have (e.g. a card or mobile device); something only they should know (e.g. a PIN or password); and something the customer is (e.g. a biometric such as a fingerprint). Certain transactions will be exempted from SCA requirements, including recurring, card-on-file and mobile wallet transactions, where the customer has already been authenticated. Under the framework, acquirers will be responsible for monitoring and reporting on merchant fraud rates and ensuring that their merchants are complying with the framework. The framework will be incorporated into the rules of AusPayNet's Issuers and Acquirers Community, with participants facing sanctions, including possible financial penalties, if they do not comply. The framework is expected to be implemented over the coming year, subject to industry discussions.

The Board has strongly supported the industry's work on a CNP fraud mitigation strategy and Bank staff will be closely monitoring the implementation of the framework and the impact on CNP fraud. Over time, as SCA becomes more common and familiar to cardholders, there may be scope to reduce the thresholds for mandatory SCA in order to put further downward pressure on CNP fraud. The Bank will continue to monitor trends in payment fraud and will consider whether there are any other actions it can take to help facilitate or encourage industry initiatives to address payment security.

Digital Identity

An initiative that could also help to mitigate CNP fraud is the development of a system for portable digital identity in Australia, which would allow individuals to prove who they are in the digital environment and then reuse their digital identity in other online interactions. Digital identity is fragmented and siloed today, with people having to separately establish their identity with the different digital services they interact with, resulting in a multitude of identity credentials. This can create vulnerabilities associated with the way in which sensitive identity data are stored and the tendency for consumers to reuse passwords. It also creates inconvenience and inefficiencies, both for consumers and online service providers, which can undermine the development of the digital economy.

Digital identity is one of the key strategic initiatives of the Australian Payments Council, which has a work program currently underway that is developing a model for a coordinated system for digital identity. The Board has been strongly supportive of this work, given the potential for it to deliver significant security and efficiency benefits for Australia's increasingly digital economy. While there would be benefits in a payments context, including by strengthening ‘Know Your Customer’ processes and helping mitigate online payment fraud, the benefits would extend well beyond this to other parts of the economy.

As with payments, digital identity has network effects and requires the collaboration of multiple parties to maximise the benefits. Though there have been some hurdles, the Board has been encouraged by the progress that has been made to date and welcomes the willingness of payments industry participants to continue to collaborate on this initiative through the Council. Cooperation with the Government's Digital Transformation Agency (DTA) is also important to ensure that a private sector digital identity system is interoperable with the solution the DTA is developing for government. The Bank, in its capacity as a Council member, has also been actively involved in this work and, along with other participants, has helped fund the project.

Issues in the ATM System

During the past year, the Bank has continued to engage with ATM industry participants on the future of the ATM access reforms that were introduced in 2009. The reforms were designed to increase competition in the ATM industry by making it easier for new deployers to become direct participants, and make pricing more transparent by allowing ATM owners to set their own fees and compete directly for transactions. They were achieved through a combination of an ATM Access Regime imposed by the Bank and an industry administered ATM Access Code.

A number of changes have occurred in the ATM industry since the reforms were introduced that may provide scope for the Bank to step away from regulation at some point. In particular, there has been the development of switches and other hub-based infrastructures that make it easier and cheaper for new entrants to join the system without necessarily having to establish direct bilateral connections with all other participants. There has also been a significant decline in the use of ATMs over the past decade associated with a decline in the use of cash for transactions, which is encouraging many deployers to look at ways to rationalise and consolidate their ATM fleets.

The decisions by many of the bank deployers last September to remove all remaining fees for using their ATMs has effectively created a large network of fee-free ATMs in Australia. This has strengthened the economic incentives for deployers to rationalise their fleets, particularly where multiple fee-free ATMs are in close proximity to each other. Some bank deployers have been discussing the possibility of combining their off-branch ATM fleets into a shared utility as a way to help manage costs and sustainably maintain ATM coverage.[15]

Given the changes in the ATM industry since the Access Regime was put in place, the Bank believes it is appropriate to review the future regulatory arrangements for the industry. Following a recent update to the ATM Access Code, the Bank has encouraged the ATM industry to consider whether a self-regulatory model could deal with future access issues and provide scope for the Bank to consider removing the Access Regime at some point. The industry has a work program currently underway that is considering these issues and the Bank hopes to reach agreement on a roadmap for the transition to industry self-regulation in the near future.

During the past year, the Board also considered an application by a number of banks and an ATM deployer to extend a scheme that provides fee-free ATM services in certain very remote Indigenous communities. The scheme was originally established in 2012 after a Treasury/RBA Taskforce recommended it as a way to reduce the high expenditure on ATM fees by residents in those communities. The scheme involves participating banks reimbursing an ATM deployer for the costs of providing fee-free ATM services to customers in those communities. The scheme had an original term of five years and operated under an exemption from relevant parts of the ATM Access Regime that was granted by the Board in 2012 (Exemption No 1 of 2012). At its August 2017 meeting, the Board determined that it was in the public interest to allow this exemption to remain in place for another five years so the participants could continue to provide the remote communities with fee-free access to ATM services in a similar way to most Australians. The ACCC also re-authorised the scheme from a competition law perspective in December 2017. The Bank has recently issued its written consent to the extension of the Implementation Agreement for the scheme for up to five years, meaning that Exemption No 1 of 2012 remains in force.

Government Reports Concerning Payments

During the past year, a number of reports were published by government committees and inquiries that included some findings and recommendations relevant to retail payments systems and the Board's mandate.

House of Representatives Standing Committee on Economics Review of the Four Major Banks (Third Report)

In December 2017, the House of Representatives Standing Committee on Economics tabled the third report from its ongoing review into Australia's four major banks. One area of focus was the increase in merchant payment costs as a result of the shift to ‘tap-and-go’ (contactless) payments. The Committee observed that contactless transactions on dual-network debit cards usually default to the two international debit schemes, which typically have higher average merchant fees than eftpos. The Committee recommended that the banks provide merchants with the ability to send contactless transactions on dual-network debit cards through the network of their choice. If the banks do not do this voluntarily, the Committee suggested the Board should take regulatory action to require it. As noted earlier, the Board considered the case for regulatory action at its May 2018 meeting and decided against it based on industry progress and commitments to implement least-cost routing functionality.

Black Economy Taskforce

In May, the Government released the final report of the Black Economy Taskforce (BETF). The BETF was established by the Government in 2016 and tasked with developing policies aimed at combating the black economy in Australia. The BETF made several recommendations relevant to the payments system, all of which were endorsed by the government in its response to the report.

The BETF recommended various measures aimed at reducing the cost of electronic payments and encouraging a further shift away from cash, which was seen as reducing the scope for black economy activity. One recommendation was that the Bank consider taking further action to lower card interchange fees in its next review of card payments regulation. The BETF also recommended that the Board consider regulating to require the provision of LCR functionality as a way to help lower the cost of card payments to merchants. The government referred both these recommendations to the Bank and acknowledged the Bank's existing work in these areas. The government also referred to the Bank a BETF recommendation to undertake further research into the role, use and location of high-denomination banknotes, in particular requesting that the Bank update its March 2018 Bulletin article on high-denomination banknotes in circulation.[16]

The government also endorsed the BETF's recommendation to introduce a limit of $10,000 for cash payments. Following consultation on the implementation process, the limit is expected to be effective from July 2019. The limit will only apply to payments to businesses and not to payments between individuals. The government also agreed in principle with the following other payments-related recommendations from the BETF:

  • mandating the payment of salaries and wages by bank transfer
  • offering tax incentives for businesses to adopt non-cash business models
  • providing ABN verification in electronic payments
  • introducing standardised digital identity credentials.

Productivity Commission Report on Competition in the Australian Financial System

The Productivity Commission published its final report from its inquiry into Competition in the Australian Financial System in August 2018. While the report largely focused on competition in the banking sector, it made a number of recommendations focused on retail payments. Overall, the report supported the regulatory actions taken by the Board over the past 15 years. The Bank provided an initial submission to the inquiry in September 2017 and a further submission on its draft report in March.

In relation to card payments, the report recommended that the Board introduce a ban on card payment interchange fees and also recommended regulation to ensure that merchants have the ability to determine their preferred network to route contactless transactions for dual-network cards (that is, LCR functionality). The report raised concerns about access by new participants to the payments system infrastructure and recommended that the Board consider imposing an access regime on the NPP as a way to enhance access and competition. The report also recommended a review of the complex regulatory arrangements for purchased payment facilities and making the ePayments code administered by ASIC mandatory for any entity that sends or receives electronic payments.

At its meeting in August, the Board reviewed the payments-related conclusions of the Commission's final report. The Board discussed the Commission's finding that interchange fees in card payments systems can distort incentives, leading to inefficient outcomes. It noted that regulation of the card payments system was reviewed in 2015/16 and that the impact of the new regulatory framework resulting from that review is still being observed. The Board noted that there are currently a number of different options available to entities wishing to access NPP services and around 60 small financial institutions have already connected to the NPP via aggregators. The Board asked Reserve Bank staff to continue to monitor how access is working in practice and to ensure that new entrants to the payments industry are also able to take advantage of NPP functionality.

Open banking

The government's Open Banking Review delivered its final report in December 2017. The government had already announced its intention to introduce an open banking regime in Australia and had tasked the review with recommending the best approach for implementation. The review proposed a regime to allow bank customers to direct their bank to share transaction-level data from specified deposit and lending products with accredited third parties. The aim is to give customers more control over their data and promote greater innovation and competition in a range of financial services. To preserve the integrity of customers' data, it was proposed that the ACCC be responsible for determining the criteria for, and method of, accreditation for data recipients that are not authorised deposit-taking institutions. The Bank made a submission to the review, which was supportive of an open banking regime, noting the potential for it to also promote innovation, competition and efficiency in the payments system.

The government has accepted the recommendations of the review and endorsed a phased approach to implementation. The four major banks will be required to make data on credit and debit card, deposit and transaction accounts available by July 2019, and data on mortgages by February 2020. Data on other products will be made available by July 2020. All other banks (excluding foreign bank branches) will be required to implement open banking a year after each of the dates set for the major banks. The ACCC, as the nominated primary regulator of the open banking regime, will be responsible for determining the implementation details and will have flexibility to adjust the timing where necessary. Data61, the data innovation arm of CSIRO, has been tasked with developing the technical standards for data sharing in the system in collaboration with industry, fintechs, and consumer groups.

Open banking will be the first application of the consumer data right in Australia, a more general right being created that will allow consumers to direct businesses to provide their data to third parties. The government plans to implement the consumer data right on a sector-by-sector basis – with banking to be followed by the energy and telecommunications sectors – until it is eventually rolled out across the economy.

Technology and Innovation

The Bank monitors developments in technology and innovation relevant to the payments system, and staff periodically brief the Board on these developments and their implications for the safety, efficiency and competition of the payments system.

One area of focus for the Bank recently has been the significant innovation and change taking place in retail payments systems, both in Australia and overseas, which has been driven by three key factors: the emergence of new payment channels; the application of new technologies; and the influence of new participants.

As consumers have been reducing their use of cash and shifting to electronic payment methods, mobile devices such as smartphones have become an increasingly popular channel for electronic payments. Growth in mobile payments has been associated with the wider availability of mobile-based services that accept in-app payments, as well as the shift to online commerce more generally. Mobile devices are also increasingly being used to make payments at the point of sale. Wearable devices – including smart watches, fitness trackers and jewellery – as well as the ‘internet of things’ more broadly, are also expanding the range of devices through which payments can be made. In Australia, these new payment channels typically rely on the existing payment ‘rails’, particularly the card schemes, though the NPP could become more important as additional services are developed for it.

New technologies are also driving innovation in retail payments. Much of the focus in recent years has been on the application of distributed ledger technology (DLT) to payments and the rise of cryptocurrencies such as Bitcoin, though other technologies, such as cloud computing, artificial intelligence and cryptography, are also contributing to innovation in payment systems. In the case of DLT, new payment mechanisms using the technology have the potential to be more efficient and reliable, with a reduced role for traditional intermediaries. But while there has been significant interest and experimentation with DLT in recent years, there are still a number of challenges to widespread commercial adoption.[17] While new technologies and innovation have the potential to improve competition and efficiency in the payments system, the Bank is also mindful of the need to ensure that risks associated with new technologies are appropriately managed, particularly in relation to operational resilience, data security and privacy.

The Bank has been closely watching developments in relation to cryptocurrencies, or crypto-assets more broadly. Though there was a significant spike in the demand for many cryptocurrencies in late 2017, mostly driven by speculation, the Bank's assessment is that cryptocurrencies do not meet the usual attributes of money and, consistent with this, they are rarely used or accepted for everyday payments.[18] As such, cryptocurrencies are not seen as raising significant policy issues for the Bank at this time, but they may pose bigger issues for investor protection, money laundering and terrorist financing, which the relevant regulators in Australia have been responding to.[19] Alongside the focus on cryptocurrencies, the Bank has also been giving thought to the question of whether there is a role for a digital Australian dollar issued by the Bank. The Board has considered some of the policy issues associated with central bank digital currency and Bank staff are continuing their research and engaging with other central banks on the topic (see ‘Box B: Central Bank Digital Currency’).

A third force shaping retail payments systems has been the entry of non-traditional participants. Large technology firms are increasingly offering payment services, leveraging their large networks for existing services. In China, for example, there has been a drastic reshaping of the payments market in recent years as a result of the rise of two non-bank payment providers focused on mobile payments, Alipay and WeChat Pay, which now dominate retail payments in that country. In Australia, the most visible examples of non-traditional participants entering the payments market have been the launch of mobile wallet applications by technology companies like Apple, Google and Samsung. There has also been a proliferation of start-up fintech firms active in the payments space and new digital-focused (neo) banks have recently launched. While the entry of new players can be beneficial for competition and innovation in the payments system, it can also pose a challenge for regulators to ensure that the regulatory perimeter remains appropriately calibrated to encourage innovation while maintaining the safety and efficiency of the payments system.

Though Australia's regulatory framework for retail payments has generally served the country well, a few areas of potential improvement have been identified in recent government inquiries and, in an environment of rapid innovation, it is important to ensure that regulation remains ‘fit for purpose’. One area of potential improvement is the regulatory framework for purchased payment facilities (PPFs), which has been identified as being unnecessarily complicated, involving multiple regulators (including the Bank) and various regulatory thresholds, requirements and exemptions. The CFR has established a working group, chaired by the Bank and with representation from APRA, ASIC and Treasury, which is considering ways that retail payments regulation could be improved, with a focus on the regulation of PPFs.

To inform its work on innovation in payments, the Bank regularly engages with a range of industry participants, including potential new entrants, representatives from industry groups (e.g. fintech hubs) and technology providers. The Bank also engages with other domestic regulators in relation to payments innovation, both informally and through formal channels. For example, the Bank is an observer on ASIC's Digital Finance Advisory Committee and chairs a CFR working group on DLT with representatives from ASIC, APRA, Treasury and AUSTRAC. This working group has provided advice to the CFR on the implications of DLT and crypto-assets for the financial system and acts as a forum for inter-agency information sharing. The Bank also regularly communicates with other central banks about their work in the area of payments innovation, and participates in relevant work streams of the international standard-setting bodies. For example, the Bank is a member of a CPMI Working Group on Digital Innovations that has recently been considering a number of policy and design issues associated with central bank digital currencies.

Operational Incidents in Retail Payment Systems

With ongoing growth in the share of payments made electronically, the resilience of electronic retail payment systems has become more important. Accordingly, the Bank monitors retail operational incidents and disseminates related data, in line with the November 2012 conclusions from an informal consultation on operational incidents in retail payment systems.[20] As part of this work, the Bank collects information from Exchange Settlement (ES) account holders on significant operational incidents in retail payment systems, as well as other incidents resulting in less severe disruptions to participants' retail payment systems.

Box B
Central Bank Digital Currency

The emergence of cryptocurrencies has stimulated discussion about whether central banks should issue digital versions of their existing currencies. In this context, the term ‘central bank digital currency (CBDC)’ is used to refer to a digital version of fiat currency, a form of digital money that is a liability of the central bank rather than a commercial bank and which is legal tender. Similar to cash and commercial bank deposits, a CBDC would be denominated in the sovereign currency and convertible at par with other forms of money.

The Bank has been researching some of the policy issues associated with CBDC. The Bank's initial assessment – which the Governor set out in a speech in December 2017 titled ‘An eAUD?’ – is that there is not a strong case at present for the Bank to issue a digital currency for retail use (that is, a CBDC for use by households).[1] This assessment is based on physical banknotes still being widely available and used for transactions in Australia and households having access to a range of safe and convenient electronic payment methods. The NPP is expected to further enhance the available payment options for households. The introduction of a CBDC that is widely available to households could also have significant implications for the size and structure of the financial system, and for financial stability and the central bank's balance sheet. For example, in times of financial sector stress, the relative ease of switching from commercial bank deposits to a CBDC (compared to switching to physical banknotes) could heighten the risk of runs on the banking sector, which might have adverse implications for financial stability.

Many other central banks that have been considering the case for CBDC have also concluded that they do not see a strong case to issue a CBDC for household use in the near future. One exception is Sweden's Riksbank, which is actively exploring a CBDC for household use in the context of a considerable decline in the use and availability of banknotes in Sweden. The Riksbank has stated that it plans to make a decision on whether to issue a digital version of its currency by late 2019.

CBDC has also been considered by the BIS' CPMI and Markets Committee, which released a joint report in March 2018 that set out the potential implications of CBDC for payments, monetary policy and financial stability. The Bank contributed to this paper through its participation in the CPMI's Working Group on Digital Innovations.

Having made an assessment on CBDC for retail use, some central banks, including the Reserve Bank, are exploring the case for a new digital form of central bank liability that could be used as a settlement asset in transactions between businesses and financial institutions, separate from existing RTGS systems. The availability of such an instrument might enable payment and settlement processes to become more highly integrated with other business processes, generating potential efficiencies and risk reductions for businesses. The CPMI's Working Group on Digital Innovations is currently analysing the safety and efficiency considerations associated with wholesale digital currencies, both central bank and privately issued.

Footnote

Lowe P (2017), ‘An eAUD?’, Address to the 2017 Australian Payments Summit, Sydney, 13 December. Available at <https://www.rba.gov.au/speeches/2017/sp-gov-2017-12-13.html>. [1]

In 2017/18, there were more significant incidents compared with the previous year, and the average duration of these incidents increased. The increase in duration was caused by a number of unusually long incidents in the first quarter of 2018. Similar to previous years, the bulk of significant incidents during 2017/18 were caused by software issues or IT change activities, while online banking and mobile banking were the payment channels most frequently disrupted by these operational incidents. Since the second half of 2017, the Bank has been providing anonymised quarterly statistics to relevant ES account holders via AusPayNet in order to facilitate peer benchmarking.

Central banks and regulators have traditionally paid most attention to the resilience of high-value payment systems because of the systemic disruption that would likely occur if such systems were to experience an outage. However, as retail electronic payments have become more important, some regulators are starting to focus on the operational risks associated with retail payment systems, and whether the operators and participants of those systems are meeting appropriately high standards of resilience. The Bank has been closely monitoring the resilience of retail payment systems in Australia and will consider whether there are additional actions it should take to reduce operational incidents, consistent with its mandate to promote efficiency and safety of payment systems.

International Developments

The Bank monitors payments system policy and regulatory developments in other jurisdictions as they can be relevant to Australia given the globalised nature of many payment systems and the scope for similar issues to emerge. In 2017/18, a number of jurisdictions introduced regulations focused on improving the efficiency, competitiveness and security of their payment systems. The adoption of faster payment systems and the ISO 20022 payments messaging standard continued to gain momentum across many jurisdictions. In the European Union (EU), the revised Directive on Payment Services (PSD2) came into effect in January 2018, with some EU member states expanding the scope of the reforms as part of their domestic implementations.

Fast payments

There has been significant further progress in the development of fast retail payment systems over the past year. As at August, fast payment systems were available in 40 jurisdictions, including recently in Australia with the launch of the NPP, and a further 5 systems are under development.[21]

In the United States, a national taskforce on faster payments published the final part of its report on fast payment options in July 2017, endorsing the development of competing interoperable fast payment solutions. The US Federal Reserve endorsed the taskforce's recommendations and indicated that it would provide faster settlement capabilities to support real-time payments, either by developing a new real-time settlement service or by enhancing existing settlement services (for example, by introducing more frequent batch settlement). Also in 2017/18, the Clearing House progressed its plans for faster payments by launching the first interbank real-time payments clearing system in the US in November 2017.[22] The system is open to all US financial institutions and third-party service providers, and operates on a 24×7 basis. The Clearing House intends the platform to be available to every US resident by 2020.

In the United Kingdom, in October 2017, the Faster Payments Scheme Limited announced a competitive tender process to renew and manage the Faster Payments Service (FPS) for up to 10 years. The winning bidder will be responsible for transitioning the system to the ISO 20022 international messaging standard and developing a new clearing and settlement risk management system for push payments. The renewal is expected to make it easier for participants to join the FPS, to generate operational efficiencies and to reduce the risks of cyber attacks.

Elsewhere, Payments Canada concluded a consultation on the design of a new core clearing and settlement system and a real-time payment system in February. The real-time payment system is expected to go live in the second half of 2019. The Hong Kong Monetary Authority has been conducting internal and industry testing of its faster payments system, which it plans to launch in September 2018. There is also work underway in Asia and Europe to connect a number of national fast payment platforms to facilitate cross-border payments.

ISO 20022 messaging standard

ISO 20022 is the global industry standard for financial messaging, and is intended to enable fully interoperable payment systems. It allows richer information to be sent with payments, which can provide a number of compliance and end-user benefits.

A number of jurisdictions are in the process of implementing the ISO 20022 messaging standard in their payment systems, and it is already used in Australia's NPP system. Progress has been made in North America on ISO 20022 implementation. The Clearing House's new real-time payments platform is ISO 20022 compliant. The standard will also be adopted in several payment systems as part of Canada's Payments Modernization Program. Jurisdictions in Europe have similarly made advances in adopting ISO 20022; the SEPA payment schemes, including SCT Inst which launched in November 2017, are based on this standard. In the United Kingdom, regulators initiated a consultation in June on adopting the ISO 20022 standard for a number of payment systems.

SWIFT is also consulting on a phased migration from the existing MT messaging standard to ISO 20022 for cross-border payments, commencing in 2021 or 2022 and taking around five years.[23] SWIFT has indicated that sometime after cross-border payments have been migrated, it will seek to discontinue support for MT messages. SWIFT is planning to make a decision on the roadmap and timing of the migration later in 2018.

Cards regulation

As required by PSD2, EU member states introduced a ban on surcharging of four-party card schemes (such as Mastercard and Visa) in January 2018; it does not apply to three-party card systems (such as American Express). The ban only applies to payments that are subject to a hard cap on interchange fees under PSD2, namely consumer card payments within the European Economic Area. While the ban does not apply to payments using commercial cards or cards issued outside the EU, some EU members have introduced additional requirements that are not stipulated in PSD2. For example, the United Kingdom implemented a ban on surcharges for all payment methods used by households in January 2018.

There have been further findings over the past year in a number of court cases relating to interchange fees or merchant steering. In the United Kingdom, the Court of Appeal recently ruled in favour of a group of retailers, concluding that the multilateral interchange fees set by Mastercard and Visa limited the pressure that merchants could exert on card acquirers and restricted competition. This finding overturned earlier judgements in favour of the card schemes, and the three relevant cases have been remitted to the Competition Appeal Tribunal for reassessment. In the United States, the Supreme Court found that American Express's anti-steering rules do not violate antitrust laws. American Express does not allow US merchants to steer consumers to use rival cards that would result in lower acceptance costs, and the court held that the complainant had not demonstrated that any cost increase to merchants from American Express's anti-steering rules also harmed consumers.

Regulatory reviews for retail payments activities

A number of jurisdictions have been reviewing their regulatory arrangements for retail payments to ensure that consumers are appropriately protected and that AML/CTF risks are being addressed. For example, the Monetary Authority of Singapore issued a consultation paper on a revised Payment Services Bill in November 2017. The proposed bill would extend the regulatory perimeter to include additional payments services – including money transfer, merchant acquisition and virtual currency services – within the regulatory framework. The bill would also create a single licensing framework for payment providers, and introduce compliance requirements based on the size of the payments provider and the risks associated with the payments activities. The Canadian authorities are also reviewing the regulatory perimeter and compliance requirements for retail payments, and have proposed that a new federal retail payments regulator be established.

Data sharing

Australia's approach to implementing open banking (see above) has been able to draw on the experiences of a number of other jurisdictions that are in the process of developing their own data-sharing regimes.

Most prominently, in Europe, PSD2 has introduced data-sharing requirements for providers of online payment accounts, such as banks, and established a licensing framework for third-party payment service providers that wish to access the data. Under these rules, EU member states must ensure that banks provide regulated third-party payment service providers with access to customer payment account information and that such providers can initiate payments, if the customer provides consent. These reforms are intended to promote competition in the payments market.

While PSD2 came into effect in January 2018, a key Regulatory Technical Standard (RTS) that addresses the data-sharing element of PSD2 does not come into effect until September 2019. In particular, the RTS dealing with strong customer authentication and secure communication will ban data collection using screen-scraping technology and, instead, require third parties to access data using bank-provided secure communication channels, such as application programming interfaces (APIs). Many entities will need to make changes to their systems to ensure they meet these requirements.

In January 2018, key elements of a related Open Banking reform came into effect in the United Kingdom. This reform was initiated by the UK's Competition and Markets Authority (CMA) in 2016 and, while it was expected to assist UK banks in meeting their PSD2 obligations, was originally envisaged to have a narrower scope than the directive. For example, it applied to just nine large UK banks and initially only covered personal and small business bank accounts. However, in November 2017 the scope was widened to all account types covered under PSD2. Open Banking required the nine banks to develop open APIs to facilitate both ‘read’ and ‘write’ data sharing with third-party providers, with a staggered release date across account types. Three of the banks were ready to launch the read/write access in January as scheduled and six were granted extensions to the deadline by the CMA. The UK's technical specifications on APIs and data transfer were recommended by the Commonwealth Treasury's Open Banking Review as a starting point for Australia's open banking regime.

Crypto-assets, ICOs and DLT

A range of international and national regulatory bodies have been examining the benefits and risks associated with crypto-assets and the implications for regulatory frameworks.[24] At their recent meetings, G20 Finance Ministers and Central Bank Governors agreed that the technological innovations underlying crypto-assets, such as DLT, could deliver significant benefits to the financial system and broader economy. However, they noted that crypto-assets still lack the key attributes of sovereign currencies and raise issues with respect to consumer and investor protection, market integrity, tax evasion, money laundering and terrorist financing. While crypto-assets are generally not viewed as posing significant financial stability risks, the Financial Stability Board and international standard-setting bodies were asked to continue to monitor the risks associated with them and to assess whether any multilateral policy responses are needed. The Financial Action Task Force, which determines international standards for combating money laundering and terrorist financing, has also been asked to review how its standards apply to crypto-assets.

Regulators have been responding to the growth in crypto-asset activity in a range of ways. For example, South Korea's Financial Services Commission has required digital currency trading accounts to be linked to a bank account with the same name as a way to help mitigate AML/CTF risks. The Reserve Bank of India, on the other hand, announced that regulated banks and financial institutions would no longer be able to provide services to individuals or entities dealing or settling cryptocurrencies. In Australia, AUSTRAC recently required digital currency exchanges to register with it and have a program to manage and mitigate money laundering and terrorist financing risks. These actions are specifically directed at AML/CTF risks and do not imply any official endorsement of crypto-assets or entities dealing in them. Indeed, ASIC has issued investor warnings to those considering trading in crypto-assets and it received a delegation of power from the ACCC in April that enables it to investigate deceptive or misleading conduct related to crypto-assets, even when such products are not deemed to be a ‘financial product’ and therefore outside ASIC's usual jurisdiction.

Similarly, many regulators have expressed concerns around initial coin offerings (ICOs) and the potential risks they pose to consumers and investors. ICOs are a method of raising funds for DLT-based business ventures, where the business issues digital tokens or coins in exchange for funds from investors. There have been reports of many ICOs that have failed or have been fraudulent; various estimates suggest that anywhere between 20 and 80 per cent of ICOs are fraudulent. Regulators have responded in a range of ways. For example, Chinese regulators have declared ICOs illegal while the US Securities and Exchange Commission indicated that it was actively assessing ICOs under its existing regulatory framework for securities regulation. In Australia, ASIC has issued guidance to help issuers of ICOs understand the application of the Corporations Act 2001 to their business and has also issued investor warnings about the risks associated with ICOs.

Meanwhile, DLT itself continues to attract considerable interest and investment from financial sector participants. Financial institutions and financial market infrastructures continue to experiment with DLT to better understand how it could be used to increase the efficiency and resilience of their businesses. A number of central banks have also been actively exploring the potential use of DLT for interbank payments and securities settlement, and some have been undertaking proofs-of-concept to further their understanding. Despite all the research activity, there are still few commercial applications of DLT in payments.

Footnotes

The Bank had a series of discussions with the debit card schemes in 2012 that resulted in the schemes making voluntary undertakings to the Bank in 2013 that included commitments to work constructively to allow issuers to continue to issue dual-network cards (if issuers wished to do so) and to not prevent merchants from exercising their own transaction-routing priorities for contactless dual-network debit card transactions. See <https://www.rba.gov.au/media-releases/2013/mr-13-16.html>. [13]

The Bank made minor technical variations to the interchange standards in November 2017. The varied standards require schemes to reset their interchange fee schedule within 2 months and 1 day, instead of the 60 days specified previously, if they exceed an interchange fee benchmark. Prior to the variation being determined, Bank staff consulted acquirers and schemes who indicated that the minor change could result in a reduction in compliance costs. [14]

A Bulletin article published last December discussed a number of these developments in the ATM industry, including the results of the Bank's fourth survey of ATM participants. See Mitchell S and C Thompson (2017), ‘Recent Developments in the ATM Industry’, RBA Bulletin, December, pp 47–54. [15]

Flannigan G and S Parsons (2018), ‘High-denomination Banknotes in Circulation: A Cross-country Analysis’, RBA Bulletin, March, viewed 27 August 2018. Available at <https://www.rba.gov.au/publications/bulletin/2018/mar/high-denomination-banknotes-in-circulation-a-cross-country-analysis.html>. [16]

DLT and its potential application in the Australian market is also discussed in the chapter on ‘The Bank's FMI Oversight and Supervision Activities’. [17]

For more details on marked developments see the section on ‘Cryptocurrencies’ in the chapter on ‘Trends in Payments, Clearing and Settlement Systems’. [18]

See the section on ‘Crypto-assets, ICOs and DLT’ below for a discussion of international and Australian regulatory responses to crypto-assets. [19]

Available at <https://www.rba.gov.au/payments-and-infrastructure/resources/publications/payments-au/201211-operational-incidents-in-retail-payments-systems-conclusions/pdf/conclusions-112012.pdf>. [20]

See <https://www.fisglobal.com/flavors-of-fast-2017>. [21]

The Clearing House is a company owned by 26 large banks that operates the CHIPS interbank settlement and clearing system. [22]

The SWIFT consultation paper is available at <https://www.swift.com/resource/iso-20022-migration-study>. [23]

The term ‘crypto-assets’ is used here to refer to cryptocurrencies and other crypto-tokens such as Initial Coin Offerings. This is consistent with the term used in recent reports by international bodies such as the International Monetary Fund and Financial Stability Board. [24]