By Brandes Elitch
If you work in the payments space, you cannot avoid the daily news, press commentary and speculation about the role and future of the Consumer Financial Protection Bureau, the Dodd Frank Act, as well as the Durbin Amendment to that act, and bank regulation in general.
Topics in the spotlight include whether the CFPB should be abolished, or its director fired, or how the bureau can be harnessed to make life easier for commercial banks, which are overwhelmed with regulatory and compliance costs. It seems that someone asks me every day what I think is going to happen in this space, and if the acquiring community will be affected, and if so, how?
I'll make the obvious point that being a processor or ISO means that your very existence is predicated on a bank sponsoring you and giving you access to the bankcard rails of the banking system. If your bank is taken over, or fails, you could lose your ability to process payments, which is why, as they say, attention must be paid.
First, a little background will put this into perspective. People are generally unaware of how close the U.S. banking system came to systemic failure in 2008. There are roughly 5,083 Federal Deposit Insurance Corp.-insured commercial banks in the country, but the problems lie with fewer than 20 very large banks, previously banks called "too big to fail."
Bank regulators are focused on what they call "systemically important" banks, defined as having more than $50 billion in assets, and the Fed requires that 31 banks undergo an annual "stress test" to determine how they would weather a downturn in their profitability. In case you think this emphasis on regulation and compliance is overbearing, let me remind you of what has transpired in the last decade. Boston Consulting Group reported that globally, since 2009, the largest banks have agreed to pay in excess of $321 billion in fines and penalties for egregious behavior, including money laundering, interest rate manipulation, terrorist financing, rigging credit derivative markets, rigging foreign-exchange rates, rigging interest rates (for example LIBOR, the benchmark rate that some of the world's leading banks charge each other for short-term loans) and rigging commodities markets.
In addition, some banks were penalized for homeowner foreclosure processing abuses, violation of U.S. sanctions, bogus tax avoidance schemes and misleading investors into buying toxic mortgage debt. Specific banks mentioned in this report include JPMorgan, Citibank, Bank of America, Wells Fargo, Barclays, Lloyds, Royal Bank of Scotland, Deutsche Bank, Union Bank of Switzerland, Credit Suisse, and Hongkong and Shanghai Bank. This is big bank bad behavior (BBBB).
Looking at the charges and settlements in detail, you could be forgiven for thinking that some of these banks acted as criminal enterprises. U.S. regulators levied most of the fines, as the European and Asian regulators have not yet caught up. Interestingly, to my knowledge, no officer of the BBBB banks has served any jail time for these crimes.
Systemically important banks are required to have a "living will." This is a credible plan for how the bank would wind down in an orderly fashion in the event of a crisis or impending bankruptcy. Currently, all large U.S.-headquartered banks have passed their stress tests, although it took a long time for BofA and Citibank to get there. Dodd-Frank requires that banks have a minimum capital ratio of 6 percent and also requires stricter lending standards. In a zero interest rate environment, where banks have been for the last few years, it is more risky to start a bank, which is why only three new banks were started last year. It is also very difficult (I would say impossible) for a new bank to succeed in a zero interest rate environment.
Before the financial crisis of 2008–2009, about 100 new banks were started each year. It also takes a new bank at least five years to reach profitability, so this is not an investment that most people would feel comfortable about in the current environment. This is important to ISOs and the acquirer community in general for one simple reason: acquiring (and issuing) credit and debit cards is a business of huge scale (literally tens of millions of cards on the issuing side). Today, all the large issuers are also the largest acquirers (although this was not always the case).
The card brands decided some time ago (when they were still associations, not publicly traded companies) that they didn't want any small bank acquirers with direct membership. But not many community banks were so-called principal banks for the card brands, because a small bank just cannot get to the critical mass that it takes to support an in-house bankcard sales, underwriting and processing operation.
This means, inevitably, that an ISO will either be a sub-ISO of a bigger firm or will need to sign up with a large bank, most likely one of the BBBB banks that have been deemed too big to fail.
In January, Professor Richard Benham, Chairman of the British National Cyber Management Centre, predicted that this year a major bank will fail as the result of a cyberattack (data theft, fraud or cyber propaganda), leading to a run on the bank. We now have to confront the reality that hacking can break the Internet. So monitoring the performance of your sponsor bank is vitally important.
A while back, it seemed common knowledge that the new world of fintech entrants would solve a lot of these problems, but this turned out not to be the case. Some people are now saying that blockchain could be the answer. Here's why: the root of the problem with BBBB is that it was difficult to discover the wrongdoing with any specificity, because someone had to get access to the bank records of the illegal transactions. Blockchain allows multiple parties to transfer and store sensitive information in a space that's secure, permanent, anonymous and easily accessible.
Moreover, it works best when there is some kind of transfer of title or ownership, which is where a lot of the banks' bad behavior was focused. Blockchain is ideal for keeping track of remittances, cross-border transfers, shareholder records and exchanges, securities trading, and complex multiparty recordkeeping, and it does away with secrecy, since everything is transparent. The logic of blockchain is powerful: it cuts costs and overhead dramatically for high-volume, paper-intensive, logistically complicated financial systems and recordkeeping. It also can achieve regulatory compliance more easily, which is not a trivial benefit today. In March 2017, we were in the 93rd month of a post-recession recovery. The only two longer recoveries were the 1991–2001 "Tech Boom" recovery from the recession that hit in 1990, and the 1982–1990 "Morning in America" recovery from the recession that began in 1980. It is easy to forget about the financial crisis of 2008–2009 today, but that would be a big mistake. The same BBBB players are on the court now as then.
For a particularly good sense of what happened, pull down the following article from the web: "Bank of America – Too Crooked to Fail," by investigative journalist Matt Taibbi (one of the best in the business), published in the March 29, 2012, Rolling Stone magazine, www.rollingstone.com/politics/news/bank-of-america-too-crooked-to-fail-20120314. This should reinforce my suggestion that you pick your financial institution carefully.
Here are a couple of suggestions for you. First, stop complaining about regulation. It's the financial services industry, duh. You are playing with other people's money. If you don't like regulation, try another business. Second, compliance is not just about spending money; it has a return on investment, too – namely, insurance against doing stupid things, and giving your firm a leg up on your competitors if you are well prepared and knowledgeable.
Only a small number of ISO agents work for firms large enough to be processors. Most ISOs work as merchant level salespeople or as sub-ISOs. As such, you will have limited interaction with the bank that is processing your customers' transactions.
But this doesn't mean you should put your head in the sand. Choose a bank that you would feel comfortable putting your life savings in, and continue to update yourself regularly on the bank's performance, particularly if it is one of the BBBB banks. The other 5,000+ banks – the community banks, regional and super-regional banks – will do just fine, thank you.
Brandes Elitch, Director of Partner Acquisition for CrossCheck Inc., has been a cash management practitioner for several Fortune 500 companies, sold cash management services for major banks and served as a consultant to bankcard acquirers. A Certified Cash Manager and Accredited ACH Professional, Brandes has a Master's in Business Administration from New York University and a Juris Doctor from Santa Clara University. He can be reached at firstname.lastname@example.org.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next