Considering the huge developments in financial technology in recent years, how has the payments industry changed?
The biggest change is in user expectation. The thing about payments is that it’s a secondary activity, and so should be as invisible as possible. The primary activity is the buying—payment comes afterwards, and we want to take as much of the friction out of that as possible.
Currencycloud works on cross-border payments, which is part of the evolution of faster payments, and one of the areas that currently has the most friction. We want to make the payment as ‘background’ as possible, and that means simple, smooth and fast.
How does this translate to the back office?
Ultimately, all transactions have to be connected to an account, and there can be a lot of layers of processing involved in that. Each transaction could go through five or six steps, passing from the agency bank to the issuing bank, being issued as a payment, and so on. So, in the back office, the goal is to remove some of those layers.
With each layer comes a delay, a reconciliation problem and a traction problem, and things get more complicated. If we remove as many layers as possible, everything can run more simply and without that friction, which makes it cheaper. The costs of each layer may be infinitesimal, but when you add it up, it comes to something. A lot of it is just about clearing up.
For example, in the UK, the Bank of England has said it will allow more firms to link up to the UK faster payment system. That means these firms wouldn’t have to go through a bank, but could connect directly, taking a layer out of the system. It’s not fully implemented yet, but it’s a step in the right direction.
The UK is pretty enlightened about this kind of thing, and the regulator wants to do the right thing. But it can be much more difficult in jurisdictions where the regulators are more difficult.
Currencycloud hooks up faster payments through the banks, and there are still a lot of steps involved in that. At some point we would like to be able to remove some of those steps, giving us more control and making for a better experience for our customers. Of course this is easier said than done, but we will get there.
How is PSD2 going to change things?
There are a couple of key concepts in the second Payment Services Directive (PSD2), one of which is that financial services and fintech firms will be able to access account information in a very simple fashion. The theory is that this will allow for more innovation in the services available to the client, and that’s a great idea.
The other key part, from our perspective, is around transparency and cross-border pricing. There is going to be much more transparency and more openness in what clients are being charged. In principle, I think this is correct, and should allow a whole series of fintech firms to offer services related to particular accounts.
Changes will be very slow, however, considering the amount of time it will take for everyone to open an application programming interface and for standards to be agreed. But, again, it is evolving in the right way, and these kinds of directional movements are important.
The banking system is, by definition, set up to protect customers and to protect money, so it moves very slowly. And I don’t see any problem with that. We put a lot of pressure on the system and we want it to be reliable and working with the right information.
At Currencycloud, we have $5 to $6 million of customers’ funds coming through our system monthly. That gives us a certain fiduciary responsibility. You can be pretty innovative, but if you move too fast you risk losing control. The regulatory safeguards are there for a reason and they’re not going to decrease—when you have the trust of people’s funds your business is going to be regulated.
However, it could be the case that some of the information services handling the funds could be managed more efficiently outside of the bank. The bank then becomes a repository for the money and for certain parts of the data, and the analytical parts and processing parts could be done elsewhere, allowing for innovation at the same time as meeting the fiduciary responsibility.
Where does cybersecurity come into it?
There are two kinds of security. First, there is the security of the funds—making sure that the money is protected—and the regulators look at that in terms of capital requirements and reconciliations.
The second part is about security of data. Every day we find out new information about customers, and we have to find a way to protect that information.
Data protection standards differ between, for example, the US and the EU, which can also become confusing, but the protection of people’s identities and data is incredibly important, and we have to work on that constantly, as does every other firm.
We may be seeing better and better technology that allows us to complete processes more quickly and more efficiently, but at the same time, you can’t implement this technology at the expense of customer protection. Data protection is a full-time job and a full-time responsibility now, and we have to keep investing in that.
This is perhaps why we are seeing a lot of investment into regulatory technology—there is currently something of a tension between cybersecurity responsibilities and boosting efficiency. Regulations are adding extra steps into transactions in order to protect the data more effectively, but that adds friction, which drives up costs.
There is no real solution to this at the moment, but technology can play a role in addressing that, and, especially as standards start to evolve, these things will come together.