Global Payments: Fraud and the FutureSWIFT Exec Says Banks Should Leverage Advantages of Payments Complexity
Globalization and regulatory mandates are going to affect the financial space like they never have before, a topic Leibbrandt discussed at length this spring during SWIFT's operations conference in New York.
"The big thing, I think, for banks right now is to use the international platforms that they have, such as the FATF, the Financial Action Task Force, that is operating internationally, and make sure that as many of these regulations are done in an international context," Leibbrandt says. "I think the risk is real that with all this we see a fragmentation of international payments, and banks have to make a choice. ... Ultimately, such fragmentation could force banks to choose between which environment they want to operate in, rather than operate globally; and that, in the end, could even provide a menace to global transactions and to global trade."
The international regulatory landscape is just one piece; the electronification of payments is another. Real-time, electronic payments are complicating the scenario, particularly from a fraud-detection and prevention perspective. "As banks move more payments to electronic channels, the convenience is not only helping consumers; it's helping the bad guys as well," Leibbrandt says. "Banks are responding with token security, and other increased security requirements, to enhance and improve their networks."
During this interview [transcript below], Leibbrandt discusses:
- Digital identity and tokenization for international payments;
- Leveraging regulatory complexities;
- The future impact of international standards and regulatory mandates.
Leibbrandt, as head of global markets for SWIFT, works to define SWIFT's value for varying customer segments by analyzing payments standards and solutions. Leibbrandt previously served as SWIFT's head of standards. Leibbrandt joined SWIFT in 2005 after an 18-year career with McKinsey & Company.
TRACY KITTEN: International payments, globalization and regulatory mandates are going to affect the financial space like they never have before. How will emerging technologies, expanding channels, and evolving fraud threats impact payment security in 2015 and beyond? Hi, I'm here today with Gottfried Leibbrandt, head of markets at SWIFT, the Society for Worldwide Interbank Financial Telecommunication. Leibbrandt recently spoke at SWIFT's operations conference in New York about digital identity, growing global payments, and security and fraud concerns the global financial market will face in coming years.
Gottfried, SWIFT recently hosted its annual operations conference in New York, during which you delivered a keynote address about several trends impacting the global payment space. Security, you suggested, is playing a more prominent role in payments than it ever has before. Can you give our audience an overview of some of the highlights from your presentation as you see them from a security and fraud prevention perspective in the global payment space?
GOTTFRIED LEIBBRANDT: Sure, Tracy. I think as banks move payments increasingly to electronic channels, clearly, corporates and customers aren't the only ones who've discovered the convenience of that; the bad guys have hooked onto the act as well, and I think financial institutions worldwide are seeing increasing sophistication of attempts to -- fraud attempts -- using the new electronic channels and all the new facilities that are offered by those same tools that give convenience to their customers. We're seeing hacking attempts into networks. We're seeing fraud schemes that span multiple countries that allow people to operate across border -- none of that will be new to your audience. What we're seeing at the same time is banks are responding to that with increasing countermeasures, such as token security for an increasing amount of customers, much tighter process around identification authentication, and also increased security requirements for their networks. And I think SWIFT has always prided itself in being a very secure and resilient network, and we are seeing that that plays to our advantage in these trends, because we are seeing our customers appreciate even more all the efforts that come with running such a network and what it provides to our customers, the banks.
Securing Global PaymentsKITTEN: One of the topics SWIFT has been keen to talk about relates to digital identity. SWIFT recently released a personal digital identity solution that it calls SWIFT Secure Signature Key, or 3SKey, for short. What is this solution, Gottfried, and how does it work? How will it improve the security of payments transactions?
LEIBBRANDT: 3SKey is aimed at the corporate users that have multiple bank relationships, and these customers find themselves with multiple tokens, one from each bank, to identify and authenticate their transactions with that bank. What this does is it allows them a single token, a single certificate, if you will, that each bank will tie to that customer, and thereby they can sign their transactions with all of the banks that they do business with, instead of having to switch between these tokens. This solution, by the way, is network independent, so you can use it for all your transactions with the bank, not just the SWIFT transactions. Its main goal is to improve convenience for these corporate customers, allowing them to use a single token, and yet we think it will also improve the security because it will enable more banks to put in place these token measures without overburdening the corporates.
KITTEN: And, of course, I'm assuming that this is something that can be facilitated for international use, right? This isn't something that's just confined to certain parts of the world.
LEIBBRANDT: No, no. This is especially aimed at those banks that operate in multiple countries with multiple bank relationships that tend to have global treasuries. The biggest of these corporates will have up to thousands of accounts with hundreds of banks, and for them especially, this solution should greatly simplify a lot.
KITTEN: And Gottfried, how does 3SKey fall in line with SWIFT's strategy or vision for 2015?
LEIBBRANDT: Well, our 2015 strategy is really aimed at two things: One, increasing the services to our core segments, and then selectively expanding that core. One of the core segments we've built up over the past 10 years is corporates. They are an increasing group that uses SWIFT to connect to the banks, allowing them a single window on these banks, a single format of instructions to send their payment instructions to all the banks; and 3SKey really enhances the services to those corporates. So, it's another tool to give these corporates better multibank services, which is part of our proposition toward the corporate customers.
Payments CompetitionKITTEN: And, Gottfried, what will payments look like in 2015? What impact will emerging technologies, such as mobile payments, and security measures, such as authentication, encryption and tokenization, as you've just talked about, have on the global payments infrastructure?
LEIBBRANDT: Predicting is hard, they always say, especially the future, and I've learned over the course of the years to be cautious about trying to predict the future. I think we are seeing an unprecedented wave of changes. What is new, I think, is that we're seeing retail trends impacting wholesale. We see techniques emerging out of the retail and personal space, like social media, like Internet browser technologies that start with the consumer space and then move into the business-to-business space. And we're seeing the same in payments. In the consumer space, I think we're seeing things, as you say, like mobile, like PayPal and even Facebook credits, and a lot of banks in the corporate banking space and in the business-to-business banking space are wondering what that means for them. I think it will have an impact over time. One aspect where we're seeing it in international payments is worker remittances -- payments by workers abroad, mostly from third-world countries who send home their payments. We are seeing a shift and people experimenting with new clearing systems and new techniques. And we're also seeing, increasingly, techniques being used to enhance the security for personal payments, retail payments, as has been the norm for corporate payments for a while now.
KITTEN: And, Gottfried, what about the global regulatory environment? Of course, anytime we have a fluid regulatory environment, it poses challenges, not only for U.S. entities operating overseas but also for international institutions and corporations operating in the U.S. How do you see the global regulatory environment impacting global payments? And specifically, what challenges do you see the U.S.A. Patriot Act and the Bank Secrecy Act posing for international institutions working in and with the U.S.?
LEIBBRANDT: I think those challenges are very significant, and one of the things I would say that keeps the CEOs of banks awake at night; they find themselves often in conflicting environments, where one government may mandate something and another government may actually mandate them to do exactly the opposite. The Swiss banks are a good case in point, where the U.S. government mandates them to hand over information and then their own government mandates them not to do that because of privacy concerns. And that's just one example of a lot of conflicting demands in areas like sanctions screening, and in areas like compliance with all sorts of regulatory requirements that these banks find themselves subject to. The big thing, I think, for banks right now is to use the international platforms that they have, such as the FATF, the Financial Action Task Force, that is operating internationally, and make sure that as many of these regulations are done in an international context, to prevent these conflicting requirements that act upon these banks. I think the risk is real that with all this we see a fragmentation of international payments, and banks have to make a choice. The jurisdiction they operate in, I think, in the end, will even provide a menace to international commerce. Ultimately, such fragmentation could force banks to choose between which environment they want to operate in, rather than operate globally; and that, in the end, could even provide a menace to global transactions and to global trade, to the facilitation of global trade, if you will.
Preventing Global Payments Fragmentation
KITTEN: And, Gottfried, you raised a good point, and I know predicting the future, of course, is not something that's easy for any of us to do. But when we look out, not just to 2011 but also to 2015, which year was the crux of the conference. Talking about the regulatory environment, it's very interesting that it could in some way help to fuel fragmentation. How can financial institutions communicate with regulators, or what could regulators be doing to better communicate with financial institutions, as the world becomes a smaller place, to help eliminate some of this fragmentation?
LEIBBRANDT: I think banks are in a difficult position. I think, vis-Ã -vis the regulators, the banks aren't in a privileged position, following the global financial crisis, and I think there's real frustration on the part of many regulators that they haven't been able to push as much reform through as they would have wished, for all sorts of reasons. So, for banks to then go these regulators and point out inconsistencies in the regulation is not a very grateful task. What they can do is point this out. I think, to be fair, regulators are as frustrated with everybody else with the lack of cooperation. Banks can help by pointing them in the right direction, but ultimately, it is the governments themselves and the regulators that are going to have to resolve their issues and get aligned. And that's proving a daunting task, I think, as much between opposite sides of the globe, for example, China versus the U.S. That is, of course, a significant challenge, but even between the U.K. and the U.S., we're seeing misalignment of regulatory measures, with countries going in different directions. The U.S., U.K. and Europe, continental Europe, I should say, Frankfurt and the ECB, all seem to have their own approach to regulation and answers to the problems; and that fragmentation, I think, poses a real challenge and potential threat to the banking system.
KITTEN: And talking about regulatory mandates, I'd like to talk a little bit about the impact of some of these international mandates or international initiatives. When we think about SEPA, EMV or Basel, which of those should U.S. institutions operating in and with international markets be most concerned about, or are all of them equally concerning?
LEIBBRANDT: Well, I think they're very different. Basel is clearly a global framework, and while it seems to have more attraction in Europe than in the U.S., I think the regulators are looking for applying those capital requirements on a global basis, so that will affect everybody. SEPA is Europe-specific, but anybody operating in Europe should be concerned about or aware about complying with it. EMV, to some extent, the same. Again, EMV seems to be a global standard. But I think EMV, especially in Europe, has now become the standard for card transactions; so again, they should be concerned. I think it sort of depends on where they operate, but clearly Basel should be a concern for everybody.
Banks' AdvantageKITTEN: And finally, Gottfried, before we close, what final thoughts would you like to share with our audience about international payments, globalization and the impact on regulatory compliance, as well as the changing face of fraud and security that the industry can expect to see in the coming years.
LEIBBRANDT: I'd like to stress the impact of regulatory compliance and the impact of fraud and security. I think their impact is underestimated outside the core banking world, if you will. For the payments system, especially international payments, the regulatory compliance is putting an increasing burden on it. Banks have, over the past five to 10 years, incredibly beefed up their compliance departments. They've put in place all sorts of checks and balances to make sure they comply with all the different regulations around the world. They've put in place all sorts of measures to make sure that their systems and their customers' systems remain secure and fraud-proof.
So, two thoughts: One, I think that trend will continue, and it may even intensify, so most banks should reckon with even further challenges in that area. I think at the same time banks should find ways to leverage this, because at the end of the day, now that they've built up these capabilities, it is a real strength toward competition from non-banks, if you will, because anybody who wants to start shifting money internationally will have to worry about regulatory compliance and will have to worry about fraud and security. So banks should be looking at ways to leverage that, and really see it not just as a cost center, but as a source of additional revenue for providing it as a service to others.