Use of data in payment systems
framing the regulatory response
29 June 2018
The Payment Systems Regulator (PSR) has issued a discussion paper (DP18/1) on the changing use of data in payment systems and exploring what actions the PSR should take in response to these developments. This DP is open for comment until 3 September 2018.
In the paper the PSR explains that data is becoming increasingly important in the rapidly evolving UK payments sector and that it is seeking to understand what role the PSR might play as a regulator, to help unlock benefits or reduce risks associated with the collection, use and sharing of data. For example, this could be through removing barriers to setting up new services, or mitigating risks associated with evolving uses of payments data.
In the DP, the PSR sets out its understanding of how data is collected, used and shared in the payments industry, providing examples of data flows for typical payment systems transactions. It also identifies various drivers of change, including market and technological developments, recommendations of the Payments Strategy Forum, as well as regulatory and policy developments, such as GDPR, PSD2, the Open Banking initiative and Payments Strategy Forum recommendations.
Payments Strategy Forum recommendations include:
- the creation of a new payments architecture (NPA) to replace the current interbank payment systems and facilitate provision of overlay services;
- adoption of the ISO 20022 standard for payment messages in the UK interbank systems;
- improvements to payment message data flows and the quality of data PSPs have about end users; and
- pooling of data held by PSPs with the aim of improving trust in inter-bank payment services.
End-user willingness to share data
The PSR highlighted that end-users may be unwilling to share payments-related data and that this may hinder the development of innovative "overlay" products and services, such as request to pay and confirmation of payee (i.e. broadly services that may be provided by TPPs under PSD2).
The PSR's research into this issue is broadly consistent with the conclusions of other bodies (such as the FCA in relation to PSD2), that end-user willingness to share data may be influenced by various factors, including data protection concerns, levels of trust in overlay service providers and end user ability to adopt digital payments technology.
The PSR suggested that this could be addressed in a number of ways, including through consumer education campaigns to help end users make informed decisions about data sharing and consent. They could be run alongside or incorporated into existing industry initiatives on Open Banking and PSD2.
PSP access to "global" transaction datasets
Whilst most PSPs have access to their own data, they do not generally have access to data about other transactions being processed in the system and so are not able to see the "bigger picture".
The PSR explained that allowing PSPs (including TPPs) to access this global transaction data may have a number of benefits, including to facilitate development of new AML and anti-fraud measures. It could also be potentially useful for providers of other services such as data analytics firms, and firms seeking to develop innovative overlay services.
The PSR understands that only payment system operators (PSOs) and central infrastructure providers may currently have access to global transaction datasets, which may make it difficult for third parties to enter the market and compete to provide overlay services that rely on that data.
Therefore, the PSR is considering requiring the New Payment Systems Operator (NPSO) to consider how the central infrastructure provider for the NPA can facilitate the safe and efficient sharing of global payments data with service providers, using secure open access APIs. The PSR noted this could be similar to the data sharing requirements under PSD2 and Open Banking and that it may seek to work with industry, the ICO and other relevant bodies to develop a common understanding about what data can be shared, and in what form.
Realising benefits of enhanced data
"Enhanced data" refers to the ability to add, associate, retrieve and access increased amounts of information to payment instructions, in a structured and standard form. This will involve the use or transfer of payments data within the NPA and will be facilitated by adoption of the ISO 20022 messaging standard.
The Payments Strategy Forum assesses that enhanced data will generate significant benefits for end-users, provided that enhanced data is adopted by both suppliers and end-users. However, firms may require significant investments to upgrade or migrate existing systems to implement these solutions.
Therefore, the PSR is considering whether the NPSO should have a role in developing and deploying mechanisms to enable interoperability and market contestability, and end-user take up. The PSR will also continue to monitor this issue and may take other action if it considers more could be done to realise the benefits of enhanced data.
In framing the discussion, the PSR clearly seems to be approaching these issues from the perspective of its statutory objectives to promote competition and innovation, and to ensure that payment systems are operated and developed in the interests of service-users.
The PSR is also considering issues that could potentially affect its objectives indirectly (e.g. impact of high fixed costs) and proposes, where appropriate, to work with other regulators to take joint action. The PSR is therefore seeking industry and stakeholder views on its findings to make sure it takes the right actions.