As of late 2019, there are few people left who need to be talked into the “why” of instant payments — that case has already been well made. Ingo Money EVP and CPO Lisa McFarland told Karen Webster for the latest edition of the PYMNTS How To Instant Series that the conversation Ingo Money is having with potential partners, across all kinds of verticals, is not about pushing the merits of instant payments, and why organizations should be adopting them, because firms know that already.
Where the rubber hits the road — in terms of executing those ideas — is when the plans to switch to an instant payments paradigm are taken to those enforcing compliance and risk, she said, and when firms start taking a real look at how they can get instant payments up and running as an option safely and securely.
There is no shortage of risks to consider, she noted. There’s financial risk, and making sure the payee who ends up in possession of the funds is the intended recipient. There is data security risk, and making sure fraudsters aren’t harvesting all the information that must exchange hands for instant push payments to be possible. There is also regulatory risk, and ensuring that all the mechanisms and tools for payout are compliant with the relevant regulatory structures — both state and federal.
There is a lot going on there, and the relevant risk concerns vary across verticals. There is no one-size-fits-all solution, as merchant acquirers, insurance companies, banks, marketplaces and gig work platforms all have different needs and requirements in this area — and it is extremely important to get it all right, McFarland said. In that sense, she noted, the security and compliance team’s concerns are not misplaced.
“Risk is always a concern when you are making a payment, when you aren’t face to face,” McFarland said. “But where companies need to keep their focus is on the idea that risk and fraud are also associated with old, slow ways to pay. There isn’t more risk, or inherently worse risk, with an instant payment — it is just different risk.”
While that risk is real, she noted, it does have an advantage over its older analog equivalent: There is a lot of technology that can be thrown at mitigating a digital instant payment, such that it is “no more risky than any other transaction, and, in fact, probably less risky.”
Speed: The Biggest Benefit And Security Stumbling Block
The major risk with an instant payment, McFarland said, is unfortunately also its main benefit — the fact that it is fast. So fast that, once the funds are pushed, they are instantly usable to the payee who received them. When everything is good, and the funds have flowed to the right person, that is a terrific feature that means the receiver can pay a bill, make a purchase or head to an ATM and cash out. However, if something goes wrong, and the funds have been sent to a fraudster seeking to interlope, they can also instantly access those funds and be gone. The payment is irrevocable, and can’t be clawed back.
That can seem rather intimidating, she said, but a few facts bear considering. One, she pointed out, is that being slow doesn’t make a payment fraud-proof. Wherever and whenever money is changing hands, one can count on a fraudster to try to step in and steal from time to time. In the old world of analog check payments, a fraudster would steal checks, endorse them and have them cashed before the payee could call in and report that their payment hadn’t arrived.
Among the upsides of digital interactions with the consumer, McFarland noted, is the breadth of information that can be brought into authenticating a transaction — such as the type of account to which one is sending funds, whether it matches the name and address of the proposed payee, and how long it has been open. In short, does everything one is seeing match up with what one expects to see as a disburser? With those guideposts in place, payors can have a high level of confidence that they are paying out to the appropriate end receiver.
Customizing The Payment To The Context
Every vertical is different, McFarland told Webster, which is why, in some sense, every instant payment offering is a bespoke build. Merchant acquirers, for example, in creating settlements between payment processors and merchants, have a great deal of information about their merchant customers. In the case of merchant acquirers, then, she noted, much of what they are doing is looking at their onboarding processes, and making sure they have reason to trust those within the instant payments experience.
“If you have properly onboarded your merchant, and you understood their profile, if you have confidence in that process, then the speed of the payment is a negligible factor in terms of incremental risk. It really isn’t that different from a standard settlement process,” she said.
For insurance companies that operate under both federal and state jurisdictions, she added, the risk management elements quickly begin to center on regulatory risk, and making sure that — in each jurisdiction where they are pushing instant payments — they are operating in a method compliant with local regulations.
The fact that they have to build this capability, McFarland said, is really no longer up for debate — they know that; they’ve seen the data. The critical next step in getting there is showing them how they can use the technology to set the risk rules they want, and adjust them as circumstances require. Some acquirers will offer instant payments to some merchants, but not all, she noted, depending on profile or amount of time on the platform. Insurance firms will need to tailor their processes to the regulatory requirements of each locality in which they operate.
“The new conversation is about going through all of the kinds of controls that can be applied,” she said, “and helping clients work through building the risk management system[s] they need to get the result[s] they want, with more control over the entire end-to-end process than they have today.”