Key Trends in Q2 Fintech M&A activity – Payments lead the way

Fintech deal activity hit a peak in Q4 2015, and as discussed in a previous post, steadily went down through most of last year. However, this year after a good start in Q1, there was a strong rebound in Q2 2017, and recent news have been pointing to some big ticket deals happening within the payments space.

As per KPMG’s quarterly report, globally Fintech investments hit a healthy $8.4 Billion across 293 deals. Rebounds were particularly noticeable in both Europe and UK. Fintechs in Europe managed to attract $2 Billion (in investments) in Q2, which is more than double the Q1 number ($880 Million).

VCQ2-1

Some of the key trends from the report,

  • Corporate Venture Capital continue to increase their involvement in Fintech deals
  • Asia sees a dip in Q2 investments due to low China deal activity
  • Regtech deals could create a record year 2017. At the current pace its likely to surpass 2015 and 2016 activity (in size and count)
  • Focus moves from B2C (customer experience) to B2B (mid and back office efficiencies)

VCQ2-2

Apart from the VC activity, Private Equity firms have turned their attention to Payments, as the deal sizes within payments start to increase. In the last eight weeks we have had some M&As and private equity deals announced within payments.

  • Igenico acquires Bambora for $1.5 Billion. This happened after Ingenico tried a hostile takeover of WorldPay assets
  • Worldpay merged with Vantiv with a £9.1 Billion deal. The new firm will be jointly led by Vantiv’s Charles Drucker and Worldpay’s Philip Jansen.
  • Worldline acquires Digital River World Payments and First Data Baltics, giving them operational positions in the Nordics and in the Baltics.
  • Visa invested in Klarna – how much they invested and at what Valuation is not disclosed.
  • Blackstone and CVC announce acquisition of Paysafe for £2.9 Billion

These are some of the top stories, but the key takeaway is that money is flowing the Fintech way, again!! Both in the VC and the PE space!!


Arunkumar Krishnakumar is a Fintech thought leader and an investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.


 

Fraud Detection using AI and Mastercard’s acquisition spree

“Progress is made by the improvement of people, not the improvement of machines.”

fraud-detection

Image Source

As more consumers turn to digital banking for their everyday transactions they will generate huge amounts of data that banks can use to identify trends and highlight suspicious behavior.

As digital transaction volumes increase, and real-time payments become the norm, banking solutions to identify frauds are often inadequate. In most cases these systems will need to determine if a transaction is genuine or not in a fraction of a second. Thanks to the AI wave, as fraudsters get better, machines spotting them get better too.

Cybercrime is estimated to cost the global economy 400 billion dollars. Credit card fraud accounts for a large proportion of this cost. Artificial Intelligence (AI) can provide faster, cheaper and more accurate fraud detection.

Some of the key considerations of a payments infrastructure (using AI) while solving the fraud detection problem are,

  1. Initiate the payments safely
  2. Handle billions of transactions
  3. Identify relationships through graph maps
  4. Social media integration and Sentiment analysis
  5. Behavioural analysis
  6. Adapt quickly as fraudsters evolve their modus operandi

An AI system can use thousands of data points in every transaction and do a fuzzy lookup to billions of other transactions to identify patterns, coincidences and anomalies.

Most payment giants are increasingly turning to AI and Mastercard is no exception. They have been acquiring firms focusing on fraud detection as AI deal activity hit all time highs in Q1 2017. In March 2017 Mastercard announced the acquisition of NuData Security to deliver online and mobile anti-fraud solutions using session and biometric indicators.

AI_MnA_Q1-17_2


“Our unprecedented use of artificial intelligence on our network is already proving successful. With the acquisition of Brighterion, we will further extend our capabilities to support the consumer experience.”

– Ajay Bhalla, President of Enterprise risk and security for Mastercard


 

Earlier this month, Mastercard announced the acquisition of Brighterion. Brighterion’s portfolio of AI and machine learning technologies provide real-time intelligence from all data sources regardless of type, complexity and volume. Its smart agent technology will be added to Mastercard’s suite of security products already using AI.

“Progress is made by the improvement of people through the improvement of machines.”


Arunkumar Krishnakumar is a Fintech thought leader and an investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.


 

IRS Subpoena to Coinbase and the broken US Fintech regulatory regime

IRS4

Image Source

There is nothing certain in life except death and taxes! In March 2004 the IRS issued guidance on taxation of crypto-currencies. The gist of the message to consumers and corporates were the following:

  • Digital currency payments must be reported to IRS.
  • Gains from the sale of digital currencies are treated like those from a real estate investment.
  • Wages paid to employees in digital currencies are taxable and must be reported.

In November 2016, the IRS sent a “John Doe” Summons to Coinbase, asking for a complete dump of all transactions that happened on the platform from 2013 to 2015. Now, this sets a bad precedent when governing agencies demand such data that hurts data privacy of consumers. This could be because, the IRS has no clue what the taxation on crypto-currencies should be. And the intention behind the blanket data request is perhaps to understand what the thresholds for taxation should be.

Fintechs in the US have generally struggled with the regulatory landscape, primarily because of structural challenges and overlapping regulations. Unlike the UK where the regulations are pretty centralised, the US has state and federal agencies coming up with regulations that can be painful for startups to navigate through. There is little coordination between these regulatory bodies. Also, the regulations are very rules based and not considered as principles, which means they are inflexible.

'We heard that laughter is the best medicine, so beginning Monday we'll be regulating it.'

Moreover serious criminal penalties may be imposed on an entrepreneur who chooses to take a liberal interpretation of when an activity is a money transmission. There can also be serious implications under the Bank Secrecy Act if an entrepreneur naively chooses to seek forgiveness rather than permission. This liability regime also extends to investors, managers and employees in some cases.

At the moment, crypto-currency transactions are treated like property transactions, irrespective of the size of the transaction. The taxation policy on foreign exchange is slightly better where there is a threshold on gains(of $200) above which one needs to report the transaction. However, if I bought a cup of coffee using bitcoins it is a taxable event. And if I managed a gain between the time I acquired a Satoshi and spent it, I must report it to the IRS irrespective of the size of the gain.

The coinbase summon from IRS has triggered some republican congressmen to lobby for better tax laws around crypto-currencies. Coincenter, a non-profit is leading the efforts on getting better clarity on taxation of crypto-currency transactions and has seen positive responses from some members of the congress. With bitcoins starting to get recognised across various government bodies in developed economies, some clarity from Washington DC would be more than welcome.

While taxation on crypto-currencies seem to be one area where the rules are still unclear, Fintech/Payments regulations in the US need ground up thinking too. Earlier this week, Coincenter sent out a letter to the “Office of the Comptroller of the Currency” (OCC) asking for an innovation friendly regulatory regime.

In the letter they praised the UK’s Financial Conduct Authority (FCA) for making it easy and quick for innovative startups and entrepreneurs to comply with consumer protection regulations. They have recommended that the US replicate the UK regulatory regime to promote innovation.

'Well, the boss told us to launder the money, didn't he?!'

There is the other issue of governance of crypto-transactions to avoid terrorism financing. A recent assessment by the Center for a New American Security acknowledges that there is only anecdotal evidence that terrorism is being financed by crypto-currencies. This is primarily because the financial crime and money laundering controls at banks are still incomplete or insufficient to stop terrorist financing. However, congress may soon commission a study in this regard which will further influence the regulatory landscape of crypto-currencies in the US.


Arunkumar Krishnakumar is a Fintech thought-leader and an investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.


 

Cyber Attacks in Cashless India – Ransomware just the start

cyber7-900px

Image Source

In November last year India went through a demonetization drive when the government banned the Rupees 500 and 1000 notes. It caused a lot of near term pain with some serious liquidity crisis in a primarily cash driven economy. However, sanity returned in a few months with various private and public sector initiatives driving the move to a cashless economy. But the lack of governance and awareness on cyber has left the consumers and banks exposed to large scale cyber attacks. The recent ransomware attacks were very successful in India, and that feels like just the start.

Attacks by Country

Wannacry Ransomware attacks were reported across about 48000 computers in India with 60% of targeted victims being institutions and 40% being consumers. On investigation, it was revealed that the weak link that allowed many of the attacks was Windows XP and unpatched Windows operating systems used by institutions. However, about 70% of the country’s ATMs run on these operating systems and largely remain unpatched, hence posing a huge risk to consumer banking credentials.

During the attacks, Cyber Peace Foundation (CPF), which is running a research project monitoring cyber attacks, saw nearly a 56-fold increase in breach attempts at sensors installed across eight states in the country. Computer Emergency Response Team (CERT-In) asked the Reserve Bank of India (RBI), stock exchanges, the National Payments Corporation of India (NPCI) and other vital institutions to safeguard their systems against the ransomware.

cert

Just a few weeks after the demonetization announcement, Prime Minister Mr.Narendra Modi announced the BHarat Interface for Money (BHIM) mobile application, which was downloaded 17 Million times within two months of launch. PayTM, India’s leading mobile payments service crossed the 200 Million users mark earlier this year, and have most recently launched PayTM bank with about $1.4 Billion raised from Softbank valuing the firm at $7 Billion. The “Jan Dhan Yojna” scheme successfully brought about 200 Million unbanked consumers into banking. Post demonetization, bitcoin has started to be more widely used.

This is all great news, but it feels like the country is doing it all too fast, without the right governance, and more importantly consumer awareness on cyber risks. Over the last few years, India has consistently been identified as one of the most vulnerable countries to cyber attacks as the digital infrastructure was growing at a crazy pace without the necessary controls in place. The country has about 300 Million internet users of which about 150 Million are only using mobile internet. However many of these phones use vulnerable operating systems and are easily hacked.

One of the common modes of cyber attacks in the country happens through malicious applications on smart phones. This occurs when users download mobile applications that come with some online offers, and allow access levels to the applications that in turn allow the hacker to ask the users’ contacts to make payments using mobile wallets. With a booming e-commerce industry projected to reach $64 Billion by 2021, banks and payments providers lack the capability to keep Cyber attackers at bay.

Charts-03.jpg

Challenges in handling cyber attacks are different depending on if the victim was a bank/firm or a consumer. The problem with banks is the secrecy they maintain about cyber attacks on their systems. A few months ago, data of about 3.2 million debit cards was lost in what is claimed to the India’s biggest breaches. SBI, HDFC Bank, ICICI, YES Bank and Axis were all hit by the breach of debit cards. RBI has hence mandated banks to reveal any cyber attacks that banks have had to suffer. Cyber attacks cost Indian businesses about $4 Billion every year as per latest estimates.

Banks in India have also managed to set up shadow or decoy systems which resemble the actual systems and have developed honey pots to trap such hack attempts. However, they still lag behind their western counterparts in sophisticated techniques and forensics needed to counter cyber attacks.

Still, banks are much more prepared to handle cyber attacks than consumers who are easily manipulated. This is primarily because consumers lack awareness of cyber attacks and social engineering techniques by the hackers are getting more and more sophisticated. There are measures from the government (unlike old times) to bring awareness to people on Cyber risks. 90% of the consumers are unaware that the government runs a 24X7 TV channel “Digi-Shala” that focuses on digital payments.

When Demonetization was announced, the Modi supporter in me felt super thrilled about the possibilities as the economy accelerated towards a cashless state. Even the near term pains faced by the common man felt justified in some ways, but it feels like India is ill-prepared to take on cyber risks inspite of efforts from the government and central bank. Watch this space.


Arunkumar Krishnakumar is a Fintech thought-leader and an investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.


 

China Face-Off America – Battle of Global Payments between Tech Titans

America-Eagle-versus-China-Dragon-fight-battle-war-illustration.png

Source

Earlier this year Daily Fintech did a China week, and there were several interesting topics and key insights discussed. We analysed how the three Chinese Tech giants (Baidu, Alibaba and Tencent) have led the Fintech boom in China and what the favourable factors that helped were. However, over the past few weeks, we have had some developments with WeChat expanding into Europe, and almost as a reaction (perhaps not), Facebook ramping up group payments on messenger, Android pay collaborating with Paypal and more. We have Ant Financial’s bid for Moneygram and there is also a rumour that Whatsapp was ramping up to launch payments in India. That feels like a heated battle between Tech giants of the east and the west (really Chinese vs Americans, such a cliche) for Global Payments Glory. 

While we immerse ourselves in Fin and tech in the west, we often tend to forget that there is a whole new world out there in Asia that completely dwarfs what we have achieved in the west with regards to Fintech. FinTech financing in Asia-Pacific was almost US$10 billion in the first half of 2016, eclipsing the aggregate of North America’s (US$4.6b billion) and Europe’s (US$1.85 billion). WeChat sent 32 billion digital red envelopes over Chinese New Year in 2016 and 46 Billion in 2017. Paypal did 4.9 billion transactions in the whole of 2015 and 6.1 billion in 2016. This list could go on, but you get the point. The dragon really dwarfs the west!!

China Fintech

Stats aside, Chinese tech giants have had tremendous success in their local Fintech market. In comparison, Apple, Facebook, Google and Amazon (the Fantastic Four) have had mixed results in the west.

I am fascinated by what Alipay(from Alibaba) and Wechat (from Tencent) have managed to achieve in China. A good story about the growth of these firms is how WeChat created a highly localised product to compete with Alipay. WeChat had been lagging Alipay upto the launch of “Lucky Money” during the Chinese New Year of 2014. It combined the Chinese tradition of “Red Pocket” with conventional peer-to-peer transaction, and achieved huge success by adding a fun flavor of luck into its payment function. During the New Year holiday of 2014, approximately 10 million users engaged and bundled their bank cards, and 40 million red pockets were dispatched. In 2016 these numbers on WeChat further increased to 420 million, and reached a massive 8 billion that same year. Jack Ma called this strategy by WeChat the “Pearl Harbour Attack” on Alipay.

WeChatVSAli

WeChatVSAli1

Source

Now, lets take a look at what the Fantastic Four have achieved in Payments.

Facebook, apart from hiring David Marcus (from Paypal) haven’t really had much joy with its payments business. Its payments revenue (for 2016) of $753 Million is tiny when compared to ads revenue of about $28 Billion. And the payments revenues were down 11% from 2015.

Google’s Wallet project didn’t go anywhere at all, however it had a much better uptake with its Android Pay. By end of 2017, Android pay is projected to have about 27 Million users. Android Pay have just agreed to integrate Paypal to it, which would mean customers can use Paypal through Android Pay.

Amazon’s “Pay by Amazon” has been a good story from the time it was launched. It has now 33 Million users which is almost a 50% annual growth from 23 Million users last year. Amazon managed to get its Wallet License in India last week (watch this space).

Apple pay has been the leader of the pack in the payments world. With about 84 Million users projected by end of 2017, Apple have so far done well in this space, however still lags behind Paypal.

All these numbers from the Fantastic Four are tiny when compared to the numbers achieved by WeChat and AliPay.

Alibaba have been quite active in expanding through acquisitions. Investment into PayTM in India, provides them a hold into PayTM’s 200 Million user base in India. However the most recent news on Moneygram is an ambitious step into the remittance market, and if the deal did happen (post all the drama), it would provide Alibaba a 5% share of the 600 Billion pound remittance market.

'The Americans aren't objecting in principal to a merger down the line as long as we build a Chinese wall to keep a couple of things secret from the Chinese.'

WeChat have more recently started global expansion into South Africa, set up its European offices in Italy and planning a London launch soon. While they are behind Alipay with their global expansion, their customer acquisition strategy has worked better (than Alipay’s) so far.

When I talk to innovators in India, I often tell them to create a simple solution to an existing problem without overengineering it. That’s generally true for most developing nations. There are ample problems to solve and a half decent solution can see massive growth if executed well.  In the case of China a few hundred million users went from Cash to Mobile Payments and it was a classic leapfrog moment. Most likely Alipay and WeChat wouldn’t see this again in their Global expansion adventures.

I believe they would have better success through acquisitions, investments and partnerships with key payment players in their target markets, rather than trying to lift and shift their business model in China elsewhere. I also think that the winner of the East vs West payments war would be decided by key battlegrounds in India, LATAM and Africa. If Alipay and WeChat could expand into these regions quickly, then the Fantastic Four would struggle to gain ground. However, you don’t write off the likes of Apple, Amazon, Google and Facebook that easily. Watch this space!!

Arunkumar Krishnakumar is a Fintech thought-leader and an investor. 

Get fresh daily insights from an amazing team of Fintech thought leaders around the world. Ride the Fintech wave by reading us daily in your email.

How digital cash is being used in Finland to help refugees

The best part of writing on consumer finance, is that there could be more drama to it than the other sectors within Financial Services. As I discuss socially impactful financial services with people, I frequently encounter the view that you can either have social impact or you can make a profit. It is viewed as a hard choice and a trade-off. I firmly believe that technology can be both socially impactful and profitable. The refugee crisis is bringing the kind of problems that we normally associate with the developing world, to our neighbourhoods in Europe and the rest of the developed world. However, a few Nordic startups are working with their governments to onboard the refugees into their society.

We talked to a company in Finland called MONI that is using pre-paid cards to help refugees get onto the ramp to being a productive member of society in their host country. Before getting to the details of MONI’s work, I would like to touch upon a research done by Tufts University on digital and financial inclusion.

Nordics_Refugees1

Research on Cashless Economies:

No discussion on cashless economies is complete without discussing the Nordics and their progress in this space. They have clearly defined the blueprint for going cashless by creating the ecosystem to do so. Based on the research conducted by Tufts University, there are two main drivers to identify countries that would benefit the most from going cashless:

  • Digital evolution and
  • Cost of Cash

The Digital evolution Index provides an overview of how mature the financial services infrastructure is and also more importantly the level of digital inclusion. This is because, financial inclusion becomes a lot easier if policy makers and industry leaders first focused on digital inclusion. Africa is a great example where mobile payments growth followed penetration of mobile services. The Nordics are the leaders in this space, where digital evolution has been exploited well by policy makers to drive cashless initiatives.

Nordics_Refugees2

The other factor that would optimise benefits when a country went cashless is the current cost of cash. Cost of cash is generally high where the banks have to take a lot of efforts in keeping ATMs stocked up and where the cost of access to cash is high due to the country being large like Russia, Australia or the US. Another factor that increases the cost of cash is the lack of effective governance around tax. For example, in India, the shadow economy was about 20% of GDP before the cashless drive kicked in late last year and that was about $500 Billion approximately. No wonder the cashless drive kicked in even though digital inclusion wasn’t as good.

The Refugee Crisis

One key point that we can infer from the research above is that, when the digital evolution/readiness is higher, the cost of cash can be proactively kept under a threshold, even in crisis. One of the largest crisis of our generation is that of the Syrian refugees. About 11 million people have fled homes and about 400,000 have lost their lives. There is help with funds pouring in from various parts of the world, and technology firms creating new ways for NGOs to collect donations. However, one of the key challenges for refugees is inclusion into the society they have moved into. One ray of hope in this space is the relentless efforts of the Nordic start-ups that have supported their governments in providing the refugees digital and financial inclusion.

It is important to understand the challenges that the refugees and the supporting governments faced. Most refugees don’t have identification that delays immigration and visa processes. However many of them are skilled enough to add value and are keen to work. Without work, some form of normal life, educating kids, and integrating into the society by contributing to it also becomes hard. Also, from the government’s perspective distribution of monthly allowances to refugees have been inefficient, insecure and expensive, thus making Cost of Cash pretty high. There couldn’t be a better situation where digital innovation could have helped the situation. I had an opportunity to interview MONI, a fintech startup who have been working with the refugees.

The MONI Story

MONI, a Finnish startup based out of Helsinki, focusing on digital payments have pioneered the cause of helping refugees by providing them and the Finnish government the ability to move to a cashless infrastructure. (Thanks to the team at MONI for accommodating an interview at short notice). Moni with good support from the Finnish Immigration Service have been able to distribute MONI prepaid cards to the refugees, thereby providing them means to manage their own accounts when they get their jobs and salaries. This wouldn’t have been possible with traditional banks where the KYC processes couldn’t have passed for refugees without identification.

Nordics_Refugees3

MONI’s accounts are customizable and their features can be easily switched on and off. This is particularly important as both the Finnish Immigration service and Financial Supervisors impose strict controls on accounts used by the refugees. MONI have also gone one step further and provided its user interface in Arabic, Farsi and Somali. This has now resulted in a super-efficient financial onboarding process for the refugees. During my interview with MONI, they also mentioned that refugees and the unbanked would be their key customers. They believe that by helping refugees into the financial ecosystem, they would not only be able to sell other products to them, but also create a huge customer base that are loyal to the MONI brand.

MONI are not alone in their efforts to help the refugees, and have support from other tech startups for the social integration of the refugees. In one of his interviews, Antti Pennanen CEO of MONI had mentioned that the people within the Finnish Immigration Service have been very entrepreneurial with a “lets do this” attitude, and have a genuine interest to integrate the refugees into the society. That goes to show how public-private sector partnerships can work like a charm when both parties are driven to create impact. MONI’s partnership with the Finnish Immigration Service is an excellent case study for countries that are aspiring for better financial inclusion after having cracked the digital inclusion challenge. If only we could have more MONI!

The SWIFT hacks may accelerate the transition to Blockchain based cross border payments

300px-SWIFT

It has been an interesting news cycle in Fintech. First we had Lending Marketplace Meltdown Week. The takeaway: “all this new fangled stuff is messed up and its time to go back to the tried and the true”. Then we had the news that SWIFT, the venerable cross border payment system got hacked again, for the second time in weeks. The takeaway: “the old tried and true is broken, its time to accelerate plans to bring in the new fangled stuff we have been brewing in our labs”.

Our mantra is “once means nothing, twice is coincidence and three times is a trend”. So the second SWIFT hack prompted a deeper look into what went wrong and to assess the likely second order impact.

Reactions from experts

First, here is the official SWIFT security announcement on 13 May after the second attack.

Daily Fintech asked some experts in FX and cross border payments for their reactions.

Alan Scott, a serial entrepreneur with deep experience of FX, cross border payments and blockchain technology focussed on the inherent weaknesses of closed systems:

“SWIFT derives most of its security from being a closed system operated by and for trusted parties.  Block chain as originally envisioned is an open system operated by trust less parties.  This hack really demonstrates the weakness of the first system, once in the hacker is protected by the system as by definition everyone in the system is trusted.  Once discovered, the owners of the system have a problem larger than the financial impact of the hack, that is do they inform the world that their system of trust has been broken?  Or can they just quietly fix the problem and inform only those on a needs to know basis?  In an open system system like block chain attempted hacks are visible, defences can be built and the issue of trust is owned by the entire community (distributed versus central).  In this way the technology evolves in a more organic manner, adapting when and where it needs to.  This ability to evolve is its competitive strength and why it will over time in my opinion prove to be superior.”

Howard Tolman, a serial entrepreneur with deep experience of FX, cross border payments and security technology focussed on the difficulty of bolting stable doors after the horse has gone:

“Any dangerous malicious attack on a major financial institution will not only attract a lot of attention but will also get people running up and down trying to find immediate solutions which quite frequently are just not attainable. Swift probably knew about the fact that there was a potential problem through Application Security Testing either static, dynamic or interactive and network scanning applications would mean that they were also probably aware that they had applications running that had been updated to remove security flaws. The problem that large integrated organisations have is that installing a patch on a production application might in some cases do more commercial damage in the short term than the results of hacking. I would say that large numbers of institutions have reports on their desks saying that they have massive vulnerabilities but they just can’t solve them quickly for various reasons. So they hope for lady luck to help them out. 

In the Java space the only real way to solve things quickly is to eliminate the problem at the virtualisation layer through implementation at the JVM. This means that the application itself does not have to be changed but the problem from a practical standpoint is removed. This is the concept of RASP. 

Of the cuff I would say that the real big problems come about by systematic malicious attacks over a long period of time without discovery. Blockchain type technology has as its core complete transparency which almost by definition would mean malicious  attacks would be recognised promptly. I  am not an expert on specific security features in blockchain but what I describe in the previous sentence is certainly important. There seems to be tremendous momentum for those organisations with products that require distribution  of transactional data to multiple parties towards Blockchain type applications. The SWIFT hacking can only exacerbate that migration process.”

Basic Phishing Does Work

In my spam filter I recently an email telling me “We have sent the payment to your account as instructed by our customer. Kindly check the attached Swift copy of your confirmation.” Clearly some people do fall for this. Hackers only need one open door.

The weakest link in a chain

Hackers got hold of access credentials to send messages on SWIFT. As of publish date, it is not publicly known whether this was via internal collusion or via a phishing attack. The SWIFT statement has something about a PDF reader but that is the only clue. The earlier posted guidelines issued by SWIFT show the kind of best practices that consumers are told to do in order to avoid getting hacked. One might assume that banks operate to higher standards. The problem is that while that is true for 99.99% of banks, hackers only need to find one door to enter and then, as Alan puts it, “once in the hacker is protected by the system as by definition everyone in the system is trusted.”

As SWIFT Gets Bigger, Blockchain Maybe the answer

SWIFT is already far and away the biggest global payment system. Any bank that wants to send/receive payments internationally is a member. Corporates are also members. With great skill, one can build very large enterprise scale systems. SWIFT is an example. It is very, very big and has mostly worked very well. Now we are in an era when we need to build on an even bigger scale to allow more people to transact cross border and do it faster and at less cost. The most resilient massive system is the Internet – a truly decentralised system. Decentralized scales better than centralised. And a decentralised Blockchain based system can offer real time payments. SWIFT already has a Blockchain initiative. SWIFT has the perfect corporate structure to implement a Blockchain based cross border payment system on a global basis for banks because it is a cooperative owned by the member banks. SWIFT has the trust of Banks and an annual gathering of the tribes at SIBOS where personal relationships are renewed. If anybody can implement Blockchain based global payments on a mass scale it is SWIFT. We suspect that the SWIFT Blockchain team won’t lack for budget after these recent hacks.

Permissioned or Permissionless – the inclusion question

SWIFT can replace the 1970s based system with a 21st century Blockchain system. That is the easy bit. It is like a core banking system overhaul for a massive global bank. It takes a long time and costs a lot of money and requires a good team, but with all those ingredients, it is a very achievable. That SWIFT Blockchain upgrade can be done with a permissioned Blockchain system for the existing approx 8,000 current members of SWIFT. It would be much faster and much lower cost. Problem solved? Not entirely. This still puts Banks as the intermediaries to do cross border payments. A truly inclusive peer to peer network would be permissionless – everybody can transact cross border directly. This could be done in such a way that Banks are “in the loop” to offer loans and other value added services. This would be a bolder move by SWIFT. It will be interesting to see what they do.

Daily Fintech Advisers provide strategic consulting to organizations with business and investment interests in Fintech. Bernard Lunn is a Fintech thought-leader.