Time for Next ‘Killer Punch’ from EU Regulators on Interchange?

Key legal challenges – what happened?

Five years ago, EU regulators devised the controversial Interchange Fee Regulations (IFR), capping Mastercard and Visa consumer-card interchange fees.

The EU Regulators cited their experience in regulating anti-competitive practices: to fuel innovation and change. The EU now needs to assess what has been achieved against its 2015 aspiration. The regulatory review process is underway, but what has it concluded to date including next steps?

How will the EU regulators act with interchange in a post IRF / PSD2 Europe? Here comes IRF2?

What did the IFR review achieve?

Initially, the IFR quelled concerns of EU and national Regulators and those of key merchant lobbying groups across Europe. It challenged the interchange rate levels, the methods of calculation, and it simplified the complex card scheme qualification criteria in place at that time.

Mastercard and Visa brought legal challenges but struggled to present robust defences. Some believe they missed the opportunity to explain more eloquently that even cash has a cost. But in the end, some common-sense prevailed, leading to interchange fee rate reductions.

Consumer debit (and prepaid) rates decreased to 0.20%, even in markets where typically this had been a fixed fee. Consumer credit rates lowered to 0.30%. But there were challenges:

  • Mastercard and Visa presented different timelines for fee reduction.
  • Acquirer systems were not ready, which led to manual workarounds.
  • Merchants were concerned by the changes (fixed fee to ad valorem and in how caps and different cards were treated.
  • Merchants were not prepared for ‘interchange plus plus’ pricing and did not like manual workarounds.
  • Issuers across the EU were not prepared for the revenue reductions.
  • Commercial cards and other consumer card brands were excluded.

These challenges were compounded by other high-profile legal actions against the schemes by the EU and national regulatory bodies too, as well as from merchant groups.

An additional change for merchants in October 2019 seemed positive when Mastercard and Visa reduced interregional rates for consumer POS transactions to 0.2% and 0.3%, and additionally inter-regional CNP transactions accepted in Europe down to 1.15% for consumer debit/prepaid and to 1.50% for consumer credit. Again, commercial cards were excluded.

Has it worked?

As with Schrödinger’s work, the IFR review has ‘worked’ and also ‘not worked’ depending upon your perspective. It has undoubtably introduced unintended consequences and controversy.

Yes, it worked….

IFR debates have led to global changes in the approach to interchange fees; and led to greater scrutiny of acquirer and scheme fees. It contributed to the PSD2/Open Banking initiative and evolved greater trust and transparency and new payments thinking. More recently, it led to the UK Payment Systems Regulator (PSR) undertaking a market review of card acceptance costs (reporting H1 2020) along with other EU National Competent Authority reviews.

But in reality…… no, it really has not worked….

The IFR review has led to years of delays and destructive legal cases between the EU regulators, major merchants and the international payment networks. The result appears to be a reduction in interchange fees but has been largely ‘cancelled-out’ by increased scheme fees and ergo acquirer fees. As these were outside the IFR scope, these many ‘new fees’ have been passed onto the merchant. Merchants blame acquirers, as their card processing costs increased, as have the revenues and profits of some acquirers and the card schemes.

Card issuers lost revenues as the result of lower interchange rates, replacing these in many cases with card fees, account fees and transaction fees, higher borrowing rates and reduced ‘free borrowing / repayment periods’; along with removing or weakening many cash-back / reward programmes.

Next steps 

We now need to complete and assess the findings of another regulatory review:

Strategic considerations?

  • What price changes have consumers seen from any Merchant cost changes?
  • Has competition, choice and innovation in European payments been realised, as originally sought by EU regulators?
  • Has the reduction in interchange rates, as part of the overall merchant commission, been simply replaced by other fees, that were and remain out of scope of the original IRF?
  • Have regulatory bodies learnt any more about the true costs of cash and other non-card payment methods?
  • Have the IRF reductions undermined the European Regulator promotion of PSD2 initiatives and alternative payment methods? Is there viable competition to cards now, e.g. account to account payments / credit transfers and PISPs?
  • Is there greater transparency on merchant fees?
  • Has individual country National Competent Authority (NCA) enforcement/ guidance been seen and sufficient?
  • What have we learnt from loopholes, vagueness and omissions in EU IRF regulatory language?

Impact on card usage?

  • Has IFR led directly to increased consumer card spending?
  • What has the effect been upon displacing cash at merchants?
  • Has the prohibition of surcharging on cards been simply replaced by discounts for cash, merchant steering of consumer payments and/or minimum purchase amounts?
  • Where surcharging on cards outside of scope is permitted, how has this been performed and what was the effect?
  • Has interchange fee reduction derived benefits such as increasing contactless payments across Europe?

Regulator next steps?

  • The EU regulator should now see a clear way to make further sweeping changes.
  • A cap should be considered for the total fees (including interchange) paid per transaction, especially poignant for higher-value card transactions?
  • The regulator should rule also on commercial card rates
  • Further regulation, including broader review of acquirer pricing and scheme fees to issuing and acquiring clients should now be proposed?

We should not be satisfied with the EU regulator actions of five years ago either. The European Commission was tasked in 2015 to assess the IFR effectiveness by 2019, They struggled to find and appoint research consultants, only appointing Ernst & Young (EY) in late 2018. The long-awaited review and publication of results has been delayed until 2020.

Back in 2015, when EU regulators pulled this programme together, they and we did not know what we know, see and experience now. We still have uncertainty, lack of clarity on what benefits have been achieved, the unintended consequences of these changes and continued marketplace evolution.

The EU regulators really must act. They have no choice. What we can be assured of though, is that we WILL be surprised, changes will be significant, complex and ever more impactful, and as ever stakeholders will fight and then find ways around restrictions. The payments marketplace will both continue and evolve. So, let’s have some fun with the journey!

Riskskill.com is a leading Europe-based payments and risk management consultancy, with an impressive international track record of helping payments businesses to find and mitigate payments challenges and risks, competing in a fierce world and dealing with regulatory and scheme changes. Riskskill.com works with clients to put in place strategies and programmes of work to make payments businesses or functions more profitable, less susceptible to losses, risks and regulatory issues and compliance problems. Its people are widely accepted as some of Europe’s leading payments and risk experts and they are frequent commentators on the issues involved. The key team have a wide experience in banking, insurance and the financial services and payments sectors and are thought leaders at the forefront of many industry wide and international debates.

Riskskill.com is an approved Visa Inc. GARS Reviewer.

For further information, please contact:  Bill Trueman or Kevin Smith at Riskskill.com

enquiries@riskskill.com

Bill Trueman and Kevin Smith

Principal Consultants, Riskskill

www.riskskill.com

Contactless Card Payments Limit Increased From £30 to £45 in UK

UK contactless card payment

Contactless payments limit in the UK increases from £30 to £45 is being seen as Another blow for cash payments in United Kingdom. This will off course help the customers to save time during checkout at retail stores.

After much speculation, the contactless payments limit in the UK increases from £30 to £45. It has been under discussion for some time but recent Covid-19 developments have accelerated the decision and communication processes.

Effective from 1 April 2020, there will be a lengthy and phased migration for consumers and across merchant sectors. This will be further complicated by the retail temporary closures as a result of the steps to manage Covid-19.

All stakeholders, especially cardholders and merchants should welcome the increase. There will of course be concerns about fraud on contactless payments, but we should remember that current fraud figures show fraud on contactless payments is just 2.5p in every £100 spent.

For more information visit https://www.ukfinance.org.uk/contactless-limit-change-faqs

Kevin Smith is a Senior Payment Services & Risk Management Consultant & Industry Advisor at Riskskill.com and permanent member of AIRFA. He helps businesses in the payment sector perform better, in complying with regulation, doing more business, challenging partners and/or helping to put things right when they go wrong and if/when regulators, card-schemes and other parties start to challenge what our clients are doing.

 

E-Money Risk, Fraud & Compliance Advisory Service by RiskSkill

About RiskSkill’s e-Money Compliance Services

Mobile Payment Fraud Prevention

RiskSkill help businesses avoid €multi-million fines and embarrassing brand damaging mistakes from regulatory non-compliance and process and regulatory mistakes. We help clear up the mess when we are called in later.

E-money Licence Changes:

Recent new financial services legislation in the UK, has led to the Financial Conduct Authority (FCA) introducing a Payments Systems Regulator from April 2014. The ECB, and the European Commission are also proposing ways to regulate and police the whole e-money arena, as are the international card schemes. The FCA is now also starting to review and audit the e-money licences they have granted previously and for observance with ALL regulations and also best-practices.

We believe that the FCA have seen that the governance of payment systems, including e-money issuers, is a difficult and continuous task and needs several layers of supervision and oversight in the way that other payment methods have already established (e.g. through the regulations of the international card schemes).

Requirements:

As an e-money licence holder, you need to ensure that your organisation and all of its agents, including passport holders, are fully conversant with and engaged in all due diligence in customer selection and identification, transaction/event screening, suspicion reporting, record-keeping, corporate assessment of exposures and risk, and the Base II (and III) capital assignment to the exposures. Having reporting to the FCA, a clear payment strategy and ABOVE ALL understanding and observance of laws relating to payments in all areas of operation are all also essential.

The main legislation that is pertinent is the meeting of the requirements of the Money Laundering regulations for all countries in which an e-money licence holder, and its agents and Passport Holders, operates. Not doing what is right by the European Money Laundering directives is the quickest way of losing money, being fined, suffering crippling bad media attention, or losing a market – or a full e-money licence (which will happen when firms are reviewed).

emv chip and pin online payment fraud

ACTIONS 

In advance of the FCA performing its own validation on individual license holders (and making high profile examples of those who are not fully compliant), you need to:

A. Make sure that all your processes, operations and compliance teams are all fully observant of all applicable regulatory requirements, laws and best practices.

B. More importantly though, are you confident that your third party agents are also fully compliant?

We Can and Will Help You In: 

1. Determining your current state of preparedness and identify areas for attention and action before the FCA requests an onsite review of your business.

2. Review the state of compliance and preparedness of your third party agents or passport-licences and report to you on them as the principal e-money licence holder?

We can provide you with our credentials when you need help, as we are a team of payment industry specialists, that have previously worked in many banks and card schemes, and now help organisations assess their current operational status, and become and remain compliant. We have also worked extensively with the rules, regulations, legislation and best practice across the sector, in the UK and across Europe and advise payment organisations on market strategy and direction rather than simply focusing on ‘tick-box’ auditing.

Contact RiskSkill for our Services for all Risks, Fraud and Compliance solutions for e-money, e-payment, internet payments, e-funds, e payment systems, online payment and digital cash’s safe transactions. RiskSkill is also a permanent member of AIRFA an independent and global risk and fraud advisors organization.

How to Protect from Being Victim of Mobile Payment & Internet Banking Fraud?

All About Safe ‘Mobile Payments’ and Internet Banking Transactions

What is Mobile Payments and what are the top 10 things that we should be doing to stop us from losing all our money?

Bill Trueman - Risk Review Specialist

Well as technology moves forward we’re now increasingly using our ‘mobile devices’ – we used to call them phones – to make payments. In its simplest form it is calling the bank to make a payment to someone; or using an iPhone/android app to contact our Bank to make a payment, or pay for something with a credit card. Looking forwards there’s the prospect that our mobiles will become the main payment device in shops and cinemas etc. We will probably just ‘tap and go’ for small transactions. There is naturally then a lot of evolution that has happened and this will continue as everyone from credit card companies to banks jump on the bandwagon. In response phone companies are rapidly integrating device and software technology to make payment by phone easier and easier.

The pace of technology protection for consumers is also developing, but not as fast as the growing number of solutions or providers that are involved. Things like encryption, virus protection and chips and PINS, secret codes and memorable passwords etc are all protections, but the weakest point in the chain is you and me as the users. We are only human, and have to be careful too. More of us will run the risk of having our identities stolen, and with them have all our money stolen and our lives invaded by the people behind these attacks.

How can we Protect Ourselves, and Make Sure that we do not Become the Victims of Mobile Payment and Internet Banking Frauds?

  1. Don’t think that it will not happen to me.Because it will. With more technology use, and easier access to our data, and through more routes, the identities of people in their teens and twenties is increasingly becoming more of a problem as they are the group most eager to embrace new technology.
  2. Stop people from getting to our technology.There are password locks on most devices now. Use them. And make sure that they are not easy to guess, no “PASSWORD”, “0000”, or “Mary” if you or your best friend or dogs are called “Mary”.
  3. Do not keep data on your devices that could be used by others.Invest in an app that password protects your data / details. They only cost a small amount, and make sure that the details are then stored encrypted. If you have to store details on the device without these things, put them behind a code that only you can understand.
  4. Keep key information in different places.A lot of fraud and losses occur because people are still ‘silly’ with their details. Keeping a PIN with the card number, with address details and/or personal details that will help a fraudster. Whilst the advice used to be ‘do not write your PIN on your card”; now it should be ‘do not keep the log on details and password with the web access address!
  5. Beware of Phishing emails.Many fraudsters, half way across the world get your details from you WITH YOUR HELP. They make an email look like it is from your bank, a delivery company or someone else you are expecting emails from – like Paypal, the tax office, Facebook or Ebay; and then present you with a screen to sign on with your password. Then they have your private details. Be extra cautious of such incoming emails.
  6. Beware of sharp talking callers.Many frauds still start with crooks who call/text/email you or me and explain that there has been a problem on your account that has been blocked, and to disclose your card details/PINs addresses or other information, in order to unblock the account. Remember, if they want to ID you, who contacted who? Identify them first.
  7. Do not make payments in a hurry or when you do not want to.This is when we make mistakes and expose ourselves.
  8. Only use machines that you know.Internet Cafes can be infiltrated, have software added, hardware added or any combinations. DO NOT MAKE PAYMENTS from other people’s machines unless you really know what you are doing and you have a safe, end-to-end secure conversation going on; that you know that you are not being overseen, that there is no hardware/software running etc. And do not enter / remember passwords on any machines, especially not strange machines.
  9. Avoid using the same passwords.Obvious that one isn’t it, but so many people do!
  10. Look after all personal details.Be protective with personal details. Do not use your PINs, card numbers, card expiry dates, addresses, phone numbers or mother’s maiden names etc. in public, in earshot of others. Type PINs and passwords covered up, and always assume that someone is watching or that there is a micro-camera installed by crooks anywhere that you are putting, reading or typing personal details.

Remember, that as the technology and connectivity leaps forward it is the fundamentals and people issues that become the biggest weaknesses, and we all have to work to ‘mind the gap’ that this leaves open; until we have remote/mobile real-time DNA testing – which is a long, long way off.

Bill Trueman is a leading payment, risk & fraud expert who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit website at RiskSkill, apart from this Bill is also a permanent member of AIRFA.

European Union Initiates Reduced Inter-Regional Card Processing Fees

Kevin Smith, Riskskill: What does the inter-regional interchange fee rate picture look like today and where is it moving to?

 

Cards Inter-Regional Interchange Fees

The European Commission is the first competition authority to take action against Visa and Mastercard for their excessive inter-regional interchange fees. With its experience and successes in reducing intra-regional interchange fees in Europe, this latest action and its positive impacts has set an interesting precedent. It is great news. The European Commission move addresses both regulator and merchant concerns about the unfair and extreme costs of processing non-European cards.

Since 2015, domestic and intra-regional consumer card interchange rates within Europe have been driven down significantly. Although the end result of these fee reductions should have been passed through from merchants to customers, it is not clear how or if this has occurred. Recent Payment Systems Regulator (PSR) attention and their UK industry consultation has shown that the merchant service charge (MSC) also contains many other scheme fees, acquirer fees and margins.

And let’s not forget the myriad of other organisations in the transaction processing flow, providing their services and expecting their fees.

European regulatory attention and merchant concerns should not be a surprise. Not when typical consumer card interchange rates within Europe are now at just 0.20% (debit) and 0.30% (credit) – where they are 1.20% and up to 1.97% for equivalent inter-regional POS transactions in Europe.

Most merchants in Europe, have more domestic card payments than other European card payments; and only lastly non-EU card payments. On this basis, most European merchants, do not experience or notice the impact of accepting cards issued outside of Europe.

However, for many European merchants with lots of international customers, their cost of accepting cards is exaggerated by these disproportionately higher inter-regional interchange fees.

The wide gap between domestic and intra-Europe interchange costs and those for inter-regional transactions makes us ask what the different costs are for processing these transactions, i.e. are there really any greater risks or costs involved with the inter-regional transactions?

Based on the rhetoric use by the European Commission, Visa and Mastercard strangely, did not fight for the status quo, so quickly led to the agreement of new and reduced fees.

So what does the inter-regional interchange fee rate picture look like today and where is it moving to?

Figure 1: Card Present Transactions acquired in Europe

Face-to-Face / Card Present Transactions Inter-regional Interchange Fee – Today Inter-regional Interchange Fee – Pending
Visa Consumer Debit Between 1.10% and 1.97% 0.20%
Visa Consumer Credit 0.30%
Mastercard Consumer Debit Between 1.10% and 1.98% 0.20%
Mastercard Consumer Credit 0.30%

Figure 2: Card Not Present Transactions acquired in Europe

Online / Card Not Present Transactions Inter-regional Interchange Fee – Today Inter-regional Interchange Fee – Pending
Visa Consumer Debit Between 1.44% and 1.97% 1.15%
Visa Consumer Credit 1.50%
Mastercard Consumer Debit Between 1.44% and 1.98% 1.15%
Mastercard Consumer Credit 1.50%

The European Commission argued that this reduction: “will lead to lower prices for European retailers to do business, ultimately to the benefit of all consumers”.

For those merchants with higher card acceptance from outside of Europe, the European Commission believe that the cost savings could be 40%.

The European Commission decision does not raise important further questions about other payment scenarios:

a) Now that the parties have agreed lower inter-regional interchange rates, when will these revised fees come into force?

The European Commission states: “Under the commitments, Mastercard and Visa each undertake to reduce the current level of inter-regional interchange fees to or below the following binding caps, within six months:”

NB: the scheme commitments will apply for five years and six months from the above date.

But when does this six-month period begin?

  1. The date from the which the European Commission made the scheme commitments legally binding under EU antitrust rules, or
  2. Is it from the date communicated by each scheme to its respective client issuers and acquirers?
  3. Or as reported by the BBC UK website on 29th April 2019, i.e. on 19th October 2019 for five years.

Scheme updates posted following the European Commission press release confirm that the effective date for the inter-regional interchange alterations is indeed 19th October 2019.

b) What about inter-regional debit and credit cards in mail order and telephone order (MO/TO) in Europe?

The European Commission only refer to online payments. Can we assume that MO/TO transactions, though not specifically mentioned, are included in the European Commission definition of Card Not Present transactions?

Scheme updates posted following the European Commission press release confirm that Card Not Present transactions are all transactions other than card present transactions, so MO/TO transactions are included in the planned fee reduction.

c) A trustee will be appointed by the Commission to monitor the implementation of the commitments. Who will be monitored?

  1. Will they monitor Visa and Mastercard and whether they enforce the fee reductions in line with the agreement?
  2. Or will they monitor individual merchant acquirers and their agents to see if they deploy lower pricing within the agreed timeframe?
  3. Or will they monitor individual merchants to see if the lower costs lead to lower consumer prices?

d) How will EU card issuers justify and defend their continued receipt of higher interchange rates for card usage outside of Europe – i.e. the reverse of this agreement?

Will similar regulatory and merchant pressure outside of Europe lead to reduced interchange fee costs elsewhere and therefor reduced income for European issuers for non-EU based transactions?

As with previous interchange fee rate reductions, we should expect unexpected and unintended consequences?

e) If a South African-issued card accepted in Europe incurs the new lower interchange rate, what does that mean for the same card accepted in Australia or the US?

This is not a matter for the European Commission, but clearly, they will provide essential guidance and advice to other national payments and competition regulators around the globe to challenge Mastercard and Visa further.

International merchants with a presence in Europe and in other regions and countries around the world will increasingly question why they are incurring very different interchange fees across different regions and markets.

Is this the ‘beginning of the end’ for over-inflated and higher global inter-regional and local interchange rates?

f) What about the three-party model?

Inevitably, such schemes will be forced to revisit their merchant pricing to ensure any merchant preference or favour for such brands.

g) Will lower interchange fees, mean increases in other card processing fees?

In the UK most noticeably, and across the rest of Europe, we have witnessed that lower interchange rates have been offset by increases in acquirer pricing, such that the positive pricing effect does not pass through to the end customers.

Are we going to see a similar offset of inter-regional interchange fees with poorly explained increases in scheme fees for inter-regional transactions and corresponding acquirer processing fees?

h) What about non-EEA countries? The European Commission press release on 29th April 2019 states that the inter-regional interchange rate reduction will positively impact transactions acquired in EEA countries.

Effective April 2019, Visa no longer treats Israel, Switzerland and Turkey as part of their EEA market definition. This means that transactions into and out of these countries, for example the UK or US, are now treated as international for interchange purposes and scheme fee levels.

i) So what does this mean for commercial cards and any other programmes? These have been excluded from regulatory pressure on interchange reimbursement fee reductions.

Inter-regional commercial card transactions do remain a very small percentage of total card expenditure for many European merchants.

Commercial card interchange rates are typically between 0.20% and 2.10%.

Small Business, Commercial and Corporate Card Transactions Inter-regional Interchange Fee – Today
Visa Commercial Debit Between 0.20%+ GBP 0.01 (according to Visa Business Immediate Debit) and 2.00%
Visa Commercial Credit
Mastercard Commercial Debit Between 0.20% (according to Mastercard debit Government payments) and 2.10%
Mastercard Commercial Credit

So how long will it be before commercial debit and credit cards are included in the regulatory challenges to reduce interchange fees?

The changes and this agreement are all great news and positive developments, but the implications and implementation still need to be better understood and defined, and there remain many questions and some big issues there-in.

About Kevin Smith

With over 25 years in the payments business, Kevin is a trusted and experienced practitioner and thought leader in payments, technology, issuance, acceptance and acquiring. At Visa, Kevin headed acceptance and acquiring development and was instrumental for changing how Visa viewed payment acceptance, acquiring and retailers in Europe. Kevin also led fraud and compliance management functions at a senior level at Visa. Kevin has worked in retail management for a major UK retailer, and for a major UK high street bank in its retail banking cards and acquiring development business; in senior roles at Switch, the original UK domestic debit card scheme; as well as in Visa Europe and Visa International in the US.

About Riskskill

Riskskill is a leading Europe-based payments and risk management consultancy, with an impressive international track record of helping payments businesses to find and mitigate payments challenges and risks. The firm works with clients to put in place strategies and programmes of work to make payments businesses or functions more profitable, less susceptible to losses, risks and regulatory issues and compliance problems. Riskskill.com is a global GARS Reviewer for Visa and a member of AIRFA, the Association of Independent Fraud and Risk Advisors

For further information, please contact: Bill Trueman or Kevin Smith at www.riskskill.com and enquiries@riskskill.com