The Shot Heard 'Round the FinTech World
Where were you on August 18, 2015, when the first great FinTech war started? Okay, that might be a bit dramatic, but 1) you clicked to read this, and 2) the 18th did see a pretty significant shot fired by the old guard against relatively new companies. The Clearing House, an association of 24 large banks, published a white paper calling for payments companies (“Alternative Payment Providers” in the Clearing House’s parlance) to be more heavily regulated to ensure customer data is secure. The report named names and provided specific policy proscriptions to fix what it claimed is unfair regulatory arbitrage by payments companies that is compromising the security of customer information. The white paper was remarkable in its directness and represents a departure from the more collaborative tenor previously seen between banks and FinTech companies.
The Clearing House’s white paper is worth a look and contains a lot of nuanced analysis of the laws, regulations, and private duties that govern payments services for banks and non-banks. While the white paper’s arguments should be read in full, here’s a summary:
- Both banks and non-bank payment companies provide payment services and handle highly sensitive customer information.
- Banks are more heavily regulated than non-banks, particularly because banks are subject to regular examinations by their prudential regulators (e.g., the Office of Comptroller of the Currency or the FDIC), which judge them on precise and robust requirements. Meanwhile, non-banks are subject to more vague and narrowly scoped requirements and not examined. They encounter scrutiny only from a regulator (usually the Federal Trade Commission) if something has gone wrong.
- The paper says the relative lack of oversight makes customer data held by non-bank payments providers less secure and places greater risk and cost on both the consumer and the bank (since the consumer likely is using the non-bank payments provider to access funds in their bank account, and the bank, by regulation and custom, will likely have to make the customer whole in the event of a loss due to fraud, for example).
- According to the white paper, this is unsafe and unfair to consumers and banks, and the regulatory environment for non-bank payments providers should be updated to mirror bank regulation, including more precise rules and an inspection regime to safeguard client data.
As I said, read the white paper since there is much more analysis and argumentation, but that’s the gist.
In response, Jason Oxman, the CEO of the Electronic Transactions Association, which represents electronic payments companies, put up a blog post today (also worth reading) in which he disagrees with the main thrust of the Clearing House’s position and argues that improved collaboration between banks and FinTech firms, rather than increased regulation, is in the customer’s best interest.
The debate about how innovative payments providers should be regulated is a serious one. The space is growing and diversifying, with capabilities (and corresponding risks) varying significantly. However, we may want to ask whether bank regulation is the model we should aspire to for payments services. Banks have multiple important functions, such as taking deposits, making loans, and getting money from the Federal Reserve, that justify their proactive and significant prudential regulation. While some payments providers have similar functions, others are much more limited in scope. There is a big difference between a service like PayPal, where you can store money as a general obligation of the PayPal corporation (somewhat like a bond holder), versus Apple Pay, which just holds your payment card credentials (that are probably connected to a bank).
Whether the whole spectrum of innovative payments companies should be regulated more like a bank or regulation become more specialized, is bank-style regulation even a good idea in such a dynamic space? Or will it excessively chill innovation? The Clearing House has proposed its answer, but it will ultimately be policy makers, regulators, and the voting public who decide.