Third Quarter, 2019
In 2017, in an article entitled ‘The world’s most valuable resource is no longer oil, but data’, The Economist noted that “data are to this century what oil was to the last one: a driver of growth and change”.
Two years later there are several reasons to concur with this view, at least in terms of data as a potential driver of the success of the Australian digital economy. These include the recent passing of the legislation for the Consumer Data Right, current industry work on retail incident reporting, and evidence from overseas.
The legislation for Australia’s CDR, which aims to give consumers greater control over their data, was passed in both the House of Representatives and the Senate on Thursday 1 August 2019 and received Royal Assent on Monday 12 August 2019.
While the legislation passed without amendment by the Australian parliament, the Government undertook to introduce a Bill later this year to address changes relating to the consumer’s right to delete data.
Following the passing of the legislation, the ACCC distributed the ‘locked down’ version of the proposed CDR Rules on 2 September 2019. The Data Standards Body – on whose Advisory Committee I am fortunate enough to sit – published V1.0.0 of its consumer data standards on 30 September 2019. This version is expected to become the initial binding data standards for the CDR regime and represents the baseline for implementation in accordance with the rules and phasing timetable made by the ACCC.
Excitingly, on 29 August 2019, the ACCC also released a position paper on a data access model for the energy sector, marking the first step in extending the CDR beyond banking, to eventually apply sector by sector across the whole economy.
Meanwhile, in banking, and ahead of the legislation being passed (and therefore on a voluntary basis), three banks publicly released their product reference data through application programming interfaces (APIs). These encompass the initial four product categories covered by the CDR regime, namely:
Work is underway between AusPayNet, its Members, the Reserve Bank and APRA on retail incident reporting. The target outcomes are to modernise the reporting of outages in retail payments, improve the actual incident data’s consistency and utility (the latter by focusing it on customer impact), and agree and implement a framework for disclosing such data. This will provide useful data on both outages and system uptime for the payments industry and other users.
In its recent publication, “Data in the Payments Industry – Response to our Discussion Paper”, the UK’s Payments System Regulator (PSR) concluded that as the UK moves to a new payments architecture, it should also look to share data relating to the clearing and settlement of payments. They note that a possible first step could be to develop and publish synthetic data; this is created by applying a machine learning model to real data to generate an artificial dataset that has similar characteristics to that real data.
The PSR suggests that giving firms access to such synthetic data would allow them to explore potential use cases for the data without putting real transaction data at risk. If use cases are developed, this may then justify sharing real data. Should this eventuate, the use of such artificially created data, and the use cases created with it, will be fascinating to observe and learn from in an Australian context.
Inevitably when considering data, the topic of digital identity comes to mind given the strong links between the two concepts, not just the potential use of digital identity as an authentication method for data sharing. AusPayNet has now taken on the Australian Payments Council’s TrustID framework and encouragingly we are starting to see potential digital identity service providers come forward to understand the framework and consider potential pilots and accreditation under it.
For both data and digital identity, a key aspect that the industry will need to get right is consumer education. None of “open data”, “consumer data right”, “digital identity” and “TrustID” necessarily resonate with consumers. In one sense this doesn’t matter: that consumers will use services and products built on the CDR or that use a digital identity without needing to know those terms. But in another sense, there is work to be done to educate consumers on the benefits of the CDR and of digital identity, in reducing the quantity of personally identifiable information that is shared, in focussing on customer consent, and in ensuring consumer privacy.
Get this right and we will see data, and digital identity, drive growth and positive change in Australia’s digital economy.
Momentum is building in the lead-up to our Summit to be held in Sydney on 10 December 2019. This major one-day event will bring together decision-makers, innovators, experts and regulators from across the payments community to explore the theme ‘Payments – the Key to the Best Customer Outcomes‘.
Our recently announced program features compelling topics including Trust (with a presentation from Canadian TD Bank), payments innovation, emerging technologies, digital currency, financial inclusion and security. A great line-up of new confirmed speakers joins our keynote, Philip Lowe, Governor of the Reserve Bank of Australia, with more to be announced.
Register now and join us for a jam-packed day of presentations, roundtables, panels and networking.
With international experts on sanctions screening and digital ID in Sydney, we took the opportunity to bring our members together in August 2019 to explore the complexity of the changing payments landscape.
Our session on Digital ID featured a presentation by Oliver Lauterwein, Sales Director at Digidentity (The Netherlands), on ‘The Future of Digital Identities’ followed by a discussion with David Birch from Consult Hyperion (UK). The session highlighted the growing need for better ways for individuals and organisations to securely identify themselves online. Key insights included the importance of customer experience, interoperability and reach, and using digital ID to strike the right balance between compliance, risk and customer experience. Bookmark our Events page to keep up to date on what’s happening.
We were delighted to have Richard Storey, Head of Risk Solutions Sales at Refinitiv host an insightful panel discussion on sanctions screening. He was joined by experts Dinesh Anand, Head of Sanctions Compliance at ANZ Group, Oliver Lauterwein, Sales Director at Digidentity) and Rachel Waldren, Partner at Murray-Waldren Consulting. Discussion centred around how to manage risk in an increasingly complex sanctions environment. Click here to find out more in our blog.
In September 2019, we launched our application system BECS Connect to members of the direct entry system. This new system automates the previously manual transaction negotiation authorities (TNAs) between financial institutions to process direct entry payments. Financial institutions are now able to access the information of more than 350,000 direct entry users (companies) in real-time and synchronise it with their internal systems. The new system has been well-received by our members, and has significantly increased operational efficiency in the direct entry system.
AusPayNet is developing best practice guidelines to ensure new payment solutions are inclusive and accessible. As part of this process, we undertook an extensive consultation process with representative bodies for the disability community and people with lived experience of disability to better understand their views. More than 250 stakeholders took part.
The new guidelines balance security and privacy requirements with an accessible solution for entering PINs on touchscreen devices. The aim is to ensure that people with vision or motor impairment can access a touchscreen device independently and enter their PIN securely. The industry guidelines will be released in December 2019.
Read more in our blog.
Cheques continue to decline at record rates in Australia as customers choose convenient and secure digital payments. This year, cheque use plummeted by a record 25% to a low 60.2 million, following a 19.6% drop in 2018 and 21% drop in 2017.
AusPayNet is implementing the strategy recently developed by the Australian Payments Council (APC) to manage the decline of cheque use. The focus is on helping those that still use cheques transition to digital alternatives. Initiatives include customer education, advocating for payment method neutrality in legislation and removal of the few remaining formal requirements for payment by cheque. As stated in the 2019 Payments System Board Annual Report, given the accelerating decline of cheque use “it will be appropriate at some point to close down the cheque system”.
AusPayNet is undertaking a consultation in November 2019 on the future state of Australia's payment systems. This consultation is complemented by the Australian Payments Council’s (APC) recent consultation to inform its Strategic Agenda and the RBA/APC consultation on migration of RTGS to ISO 20022.
The purpose of AusPayNet’s consultation is to gather further input to build a consensus view on what the payments system might look like in the next 5-10 years.
As part of the consultation process, we are considering relevant developments overseas, for example in the UK and across Europe, and strategic roadmaps of payment system operators. Other factors to be considered are the likely retirement of the cheques system, questions around the longevity of BECS and the impacts of migration to ISO 20022.
We’re delighted to be hosting two Working Groups of global standards body The International Organization for Standardisation (ISO) in December 2019. These meetings will bring together representatives from across the globe including the US, UK, France, South Korea and China.
At the December meeting, the Working Groups, TC68 /SC2 /WG13 – Security In Retail Banking and TC68 /SC2 /WG11 - Encryption Algorithms Used In Banking Applications, will focus on:
We are also participating in the PCI SSC Asia-Pacific Community Meeting to be held in Melbourne on 20-21 November 2019. A highlight will be the presentation of the new PCI Contactless Payments on COTS (CPoC) standard, which is due for publication in December 2019. CPoC will allow smartphones and tablets to accept contactless EMV transactions without a PIN when under $100. Once the new standard is published, AusPayNet’s technical security committees will review its suitability for adoption in Australia.
AusPayNet’s Emerging Technology Experts Group (ETEG) assesses the likely impact of emerging technologies. Recently, the group set up three work streams to evaluate Authentication, Privacy in Payments and Payments Acceptance. At its September meeting, the group reviewed each work stream’s priorities, and agreed to investigate a common QR code for Australia (similar to the one adopted by Singapore, the SGQR) under the Payments Acceptance work stream. The group will also create a fourth work stream to further support the market activity surrounding Artificial Intelligence and Machine Learning.
Join in the conversation
Please get in touch if you have any feedback or suggestions for ETEG: ETEG@auspaynet.com.au.
In the last quarter, we welcomed the Northern Trust Company as a new member participating in the High Value Clearing System. Northern Trust is a full-service provider to the Australian and New Zealand market and delivers a range of asset servicing solutions for institutional clients.
Our membership now exceeds 130 payment organisations. For more information on becoming a member, click here.
The Australian Payment Card Fraud report we released in August signals a change in fraud trends. The latest figures show a decline in the overall rate of card fraud for the first time since AusPayNet began publishing fraud statistics in 2006. In 2018, the rate of card fraud dropped to 72.8 cents per $1,000 of card spending, down from 75.0c per $1,000 in 2017.
The figures show that counterfeit/skimming fraud fell by 37% to $19.5 million, the lowest-ever level recorded. With chip technology providing strong protection for face-to-face transactions, fraud continues to migrate online, however the rate of increase in is slowing. In 2018, card-not-present (CNP) fraud increased by 2.4%, compared to 13.9% in 2017. For the full report, including industry initiatives to combat CNP fraud, click here.
In August 2019, AusPayNet made a submission to the Treasury Consultation on the draft Currency (Restrictions on the Use of Cash) Bill 2019 (the draft Bill). Arising out of a recommendation from the Black Economy Taskforce, the draft Bill would introduce an economy-wide cash payment limit of $10,000 for payments made or accepted by businesses for goods and services. In doing this, the Government aims to reduce the ease with which black economy transactions might be made.
As AusPayNet made an earlier submission to the Black Economy Taskforce in June 2018, our response focused on specific issues. We supported the exemptions in the Bill for payments involving cash-in-transit providers and suggested that further exemptions be made to allow for cash payments where in the rare instances outages occur. Treasury also confirmed that the associated Instrument exempts The Royal Australian Mint and the Reserve Bank of Australia in their roles of issuing currency (coins and banknotes respectively), as part of their official Government function.