Archive for: Regulation

Mobile operators have notched some high profile successes in offering financial services to the poor. Think M-PESA in Kenya or GCash and Smart Money in the Philippines. They’ve have logged several million users for their mobile money transfer services which appear cheaper and more convenient than traditional banking products.

Will banks respond by emulating their new competitors from the mobile world? Banks have an appetite for offering multiple products to their clients, so it would be a boon to the poor if banks wanted to ramp up their offerings via new electronic channels. But the emerging picture is not always rosy.

Many banks see mobile as merely a threat, according to IFC’s Andi Dervishi, who leads investments in alternative-payments systems for the IFC. “Banks remain conservative. They don’t see this as a big opportunity. They are taking a more defensive position, rather than offensive, and not really going after the customer. Their business model needs to be changed.” Countries like India, China, Brazil and Russia now have more mobile phones than ATMs, giving rise to the notion that mobile will support the next wave of innovation in banking in emerging markets where low-revenue customers means banks need to find low-cost channels. But instead of jumping to explore, most banks are playing defense.

Read the rest of this page »

Yesterday, the Reserve Bank of India (RBI) cautioned banks which have started offering mobile payment services to put a hold on such services until final Operative Guidelines are issued by RBI.

A draft set of mobile banking Guidelines were issued for comment in June, but are still in development. RBI signaled several times in the prior year that it planned to look in earnest at mobile financial services.

CGAP’s Notes on Regulation of Branchless Banking in India took stock of the situation earlier this year.

July 25 UPDATE: RBI has announced it will issue final m-banking guidelines within 2 weeks.

This is an excerpt from a recent CGAP paper, The Early Experience with Branchless Banking. The paper synthesizes the observations and research of the CGAP Technology Program. Gautam Ivatury and Ignacio Mas wrote the paper, with substantial input from the entire program team. This blog series will cover seven observations, four uncertainties and four predictions for branchless banking - what we call mobile banking and other technology-enabled banking solutions.

Know your customer (KYC) requirements on financial institutions have received increasing attention by governments in their anti-money laundering and combating the financing of terrorism (AML/CFT) initiatives. AML/CFT regulations introduce specific obligations on account opening, including, at the very least, checking the customer’s identity. This poses a particular challenge to branchless banking for two reasons. First, the absence of branches means that banks need to find alternative ways of conducting face-to-face interviews or identity checks, where those are required. Regulations may allow banks to “outsource” this function to a third party (perhaps the cash-in/cash-out agents) , but it remains the bank’s responsibility to ensure KYC procedures are performed adequately. In the Philippines, the growth of rural agent networks has been limited because all agents need to take a Central Bank-supervised training course in Manila before they are allowed to operate. Many agents find this required training to be too costly and disruptive. Second, to the extent that branchless banking targets poorer and more remote customers, it may be more difficult for these customers to show proof of identity at all.

On the other hand, AML/CFT risks associated with branchless banking initiatives can be mitigated by capping account sizes, account functionality, and transaction volumes. As governments’ interest in access to finance grows, they are becoming increasingly pragmatic about KYC requirements, allowing for simplified procedures where risk is limited. In South Africa, the Reserve Bank permits remote account opening for certain types of accounts; this has allowed WIZZIT to undertake KYC procedures through a network of roving “WIZZkids”—often previously unemployed youths.

For branchless banking to develop, governments need to continue to work with providers to find flexible solutions that meet policy and business requirements. It is unlikely that there will be a one-size-fits-all solution. Instead, governments will need to be responsive to proposals coming from providers and to evaluate these proposals based on the risks involved.

This is an excerpt from a recent CGAP paper, The Early Experience with Branchless Banking. The paper synthesizes the observations and research of the CGAP Technology Program. Gautam Ivatury and Ignacio Mas wrote the paper, with substantial input from the entire program team. This blog series will cover seven observations, four uncertainties and four predictions for branchless banking - what we call mobile banking and other technology-enabled banking solutions.

Mobile banking raises security concerns. In principle, security concerns over mobile banking are more manage able than that of Internet banking, because they happen on a more trusted—or at least a more tightly controlled—network. On the other hand, security concerns over mobile banking are bigger than for traditional ATM or POS devices, which are more directly specified and controlled by the provider.

We still do not know the tolerance threshold for errors and fraud for both users and providers in the mobile banking context. Because the mobile banking service is intangible, it is likely that customers will react negatively to (real or perceived) security risks of mobile banking more quickly than to the risk of loss or theft of physical cash. We suspect that customers will not be very tolerant of security lapses, and therefore the security track record must be impeccable.

Security can always be tightened, but that often results in higher demands on the user (more complicated password procedures) or a less favorable customer experience (reentry of PINs, SIM swap). We do not know the extent to which the benefits of mobile banking will be sufficiently appealing to cause customers to put up with increasingly frustrating security measures or, indeed, to develop a higher tolerance for errors or fraud. The industry will need to find ways to offer sufficient security to manage risk.

Of fraud or violation of privacy, without making what is already a precarious customer experience (because of very limited user interface capabilities of mobile phones) a hopelessly frustrating one.

The Reserve Bank of India issued draft guidelines on mobile banking today. They are accepting comments through June 30.

Here is a report from the Business Standard on the move. Excerpt:

The wait for rolling out mobile banking seems to be over, with the Reserve Bank of India’s (RBI) issuing draft operative norms for such payment system. Now, RBI said, it will be easier and safer to use mobile phones for carrying out a gamut of banking transactions.

Banks can offer mobile-based services only to their own customers. Banks should have a system of registration before commencing mobile-based payment service to a customer, RBI said.

For providers and regulators alike, the idea of mobile banking is inseparable from the question of mobile security. When stories like this pop up – about dozens of mobile banking clients defrauded in South Africa earlier this year – it raises warning flags for some. But are questions about mobile security really new questions, and does it provide cause to pause in pursuing mobile banking?

A new study from Bankable Frontiers digs deep into the issues. Some issues are very familiar: the use of outsourced IT providers, customers protecting their PIN numbers. Several are newish, but really permutations of issues with any electronic banking channel: the reliability and end-to-end security of communication networks carrying sensitive data.

These factors do not make most mobile banking channels more or less risky than other forms of e-banking. In fact, the range of m-banking technologies already available includes some with the highest degree of security possible. But automatically requiring the most technically secure platform carries substantial tradeoffs, not least of all that high-end technologies are substantially less likely to be suitable for low-income clients.

Read the rest of this page »

State Bank of Pakistan has cleared the way for banks to use agents to handle cash, and outlined a risk-based approach to customer due diligence to enable banks to extend their reach to lower-income clients. The regulations also come with detailed guidance on minimum standards for data and network security, customer protection, and risk management procedures.

But only for banks… This shouldn’t be a surprise. SBP’s policy paper on branchless banking (last year) was clear on this point: a nonbank model “may be allowed at a later stage after we have sufficient experience in mitigating agent related risks using bank led model and need to think about mitigating only e-money related risks.” So for now, mobile phone companies are still waiting for the door to be opened to them as well, test the waters without clear permission and detailed guidance, or find a JV with a bank. For those with deep pockets, buying a bank outright might be an option, too.

Stefan Staschen works with CGAP’s technology and policy teams.  

Kenya’s banking law and regulations look all too familiar: if an institution accepts deposits and uses this money for lending or investment, it needs to have a bank licence. And banks can only transact through their head office or branches. Full stop. But the Central Bank of Kenya has realized that operating through full-fledged branches, which are subject to detailed regulatory requirements, is a very expensive proposition. If the huge gap of banking services in remote and rural areas is ever to be closed, alternative delivery models will be required. Branchless banking models such as mobile phone banking (pioneered in Kenya by M-Pesa, which is run by a mobile network operator and not a bank) and the use of retail agents will be low-cost alternatives allowing for increased rural penetration. The Central Bank Governor, Prof Njuguna Ndung’u, has now pledged to institute necessary regulatory changes allowing banks to offer financial services outside bank branches.

Mobile banking, access to finance, and the attendant challenges and opportunities are all on the agenda at the Mobile Money Summit, which takes place May 14 – 15 in Cairo. This is an opportunity to hear from innovators, meet new partners, and engage with leaders from finance, telecom and the development community. CGAP is proud to co-organize this event with DFID, IFC, and the GSM Association, which represents more than 700 mobile network operators.

Read the rest of this page »

Mobile operators find navigating financial regulation isn’t quite so easy as sailing through the telco world.

If they want to convince central bankers that hold the keys to the payments space, mobile operators will make persuasive arguments about how mobile financial services meet traditional thinking about deposits, the new domain of payment system regulation, and the hot button issue of anti-money laundering, especially when sending money across borders.

No operator better illustrates this than Vodafone and its M-PESA money transfer service. Read the rest of this page »