the enabling environment for digital financial services
TRANSCRIPT
Main determinants of success
RegulationAgentsIssuers
Transaction limitsRegistration
CustomersSign up
Active UseProduct design
PricingPlatformsAgents
Sign upTraining
Management (i.e. liquidity,
branding, equipment, etc.)
Business Models
ProviderProduct design
PricingPlatform
Basic Principles and Key Issues in Creating an Enabling Environment for DFS
Mohammad Moniruzzaman, 2009 CGAP Photo Contest3
Proportionality Proportionate regulation maximizes the net-benefit of regulation
Benefits CostsThis is best to be achieved following a risk-based approach that allows for rationalizing the use of scarce supervisory resources by focusing on issues posing the highest risk to the achievement of the regulatory objectives of inclusion, stability, protection, and integrity (I-SIP)
4
Level Playing FieldSame risks should be treated in the same way, different risks differently
No material differences between regulatory treatment of agents hired by banks and nonbanks, as long as they offer the same products
Regulation based on function, not on institutional type, e.g.• E-money accounts can
be issued by banks and nonbanks
• Agents can be used by various types of financial service providers
• Financial consumer protection rules apply to entire range of financial service providers
Provide scope for banks and different types of nonbanks (MNOs and others) to compete on equal footing
DFS regulation impacts every participant in the DFS value chain
FSP ClientAgent
DFS participant
Regulatory environment
Prudential regulation of banks and e-money issuers
1 Agent regulation2 KYC regulation3
Consumer protection regulation
4
6
Competition regulation
“Basic regulatory enablers” in digital financial services
Broad consensus about short list of most critical topics
1. E-money issuance
2. Agents
3. AML/CFT
4. Competition
5. Consumer protection
Nonbank players permitted?
Bank and nonbank agents?
Tiered, risk-based KYC structures?
Different types of institutions?
Tailored to specific risks?
Main issues
7
Ban
glad
esh
Gha
na
Indi
a
Ken
ya
Mya
nmar
Paki
stan
Rw
anda
Tanz
ania
Uga
nda
E-Money No Yes Yes Yes No No Yes Yes Yes 67%
Agent networks Yes Yes Yes Yes Yes Yes Yes Yes No 89%
Tiered KYC Yes Yes Yes Yes No Yes No Yes Yes 78%
Multiple institutions No Yes Yes Yes No No Yes Yes No 56%
Consumer protection Yes No No Yes No Yes No No Yes 44%
Overall score 60% 80% 80% 100% 20% 60% 60% 80% 60% 67%
A snapshot of basic enablers in nine countries CGAP has been working on
Positive regulatory changes in recent years
Areas in which change is relatively likely to happen soon
8
The banking part of DFS regulation
FSP ClientAgent
DFS participant
Regulatory environment
Prudential regulation of banks and e-money issuers
1 Agent regulation2 KYC regulation3
Consumer protection regulation
4
10
Competition regulation
Bank Agent ClientNonbank (e.g.,
MNO)
What difference does it make for regulatory treatment?
Bank
Contractual relationship
It is important to draw clear lines between payment, e-money, and deposit
Payment Electronic money Deposit
Definition
Who can issue?
Prudential requirements
Deposit insurance
Transfer between two parties; Time
restricted (e.g. within T+3)
Special type of repayable funds with transaction
focus
“Repayable funds”, intermediation
Payment Service Providers
E-Money Institutions; regulated financial
institutions
Regulated financial
institutions
Low Medium High
NA In most cases not Typically yes
Fund safeguarding and fund isolation are two key regulatory provisions
Fund safeguarding
Maintain liquid assets equivalent to e-float
Restrictions on use of funds
Diversification of e-float fund holdings
Fund isolation
Ownership of funds
Trust account/escrow account
Issuer failure: hierarchy of claims
Transaction limits constitute additionalrisk mitigation measures
Maximum transaction values
Maximum value of individual transaction
Maximum monthly/periodic load
Maximum holdings
“Emerging regulatory enablers” in DFS
Paying interest to e-money holders
Typically not permitted in order to differentiate from
banking
Could be “pass through” of interest on pooled
account
Bringing e-money accounts under deposit insurance
Coverage limits too low or e-money excluded from
coverage
Pooled accounts in insured institutions can
provide coverage for each customer
How about the three models we introduced yesterday?
The pure bank model: Equity Bank• Using telco as channel• MVNO license provides access to SIM
The standalone payments model: bKash• MFS Guidelines: bank-led model• Behaves very similar to e-money model
The non-bank model: Airtel Money• In most countries directly licensed by the regulator• In a few it’s more complicated: e.g. Uganda, India
Basic enabler #1: Regulations permitting and governing e-money
India - yesNo nonbank e-money issuance, but:• Prepaid Payments
Instrument Issuers (Restrictions on cash-out/requirements to partner with banks)
• New: Payments banks
Pakistan - noDifferent types of banks can issue stored value accounts and MNOs have been permitted to own majority stake in banks
Bangladesh - noNot really, but –• bKash very much operates
like a nonbank e-money issuer
Rwanda - yesE-money issuer defined in PSP regulations, but same rules apply as for PSPs except for trust account rules
Uganda - yesMobile money service providers (MNOs and other nonbanks) can offer e-money services, but in partnership with banks as the entity receiving the regulator’s no objection
20
What do we want to see and how do we get there?
Nonbanks or limited purpose banks can issue e-money / stored value accounts / small savings accounts
Sufficient fundsafeguarding and fund isolation rules
Not subject to full range of prudential regulations applied to financial intermediaries
Appropriate e-money regulation National Payment
System Law or clear authority in another law to regulate payment system
Implementing regulations governing the issuance of e-money by nonbanks (and banks?)
Alternatively: Limited purpose banks (“differentiated banks”, niche banks)
Typical steps
required to get there
21
REGULATORY REFORM TO ADVANCE FINANCIAL INCLUSION:
A CASE STUDY OF GHANA
ELLY OHENE-ADU, BANK OF GHANAMARCH 2016
Background• During early to mid 2000s, Ghana recognised
the need to expand the boundaries of financial services
• MM technology was introduced in the same period providing a window of opportunity to extend financial services to rural areas
• In 2008, Ghana issued guidelines on Branchless Banking (BB) focused on a bank-led and bank-based approach to BB
Branchless Banking Guidelines
• Mobile money viewed as a channel for use by only banks and deposit-taking financial institutions to reach unbanked segments of the population
• MNOs and other Non-banks: Regarded as Agents to make their platforms available to banks to use
• Mandated that banks alone should lead the process, own the customers as well as the agents
• Interoperability: “Many-to-many” model - Group of banks to partner with a group of MNOs; agents were required to be shared
Poor incentives weakening supply-side deployments
• Banks were mostly disinterested; Happy to keep the float accounts
• Active banks reluctant to make investments in new developments for fear of free-riders
• MNOs made investments, did all the work butwere in contravention of the regulations
• Weak support of agents by banks stifled the adoption of Mobile Money by users
Low access to financial services
According to Finscope Report of 2010……• 59% of population lived in rural areas
• 56% adults had access to financial services– 41% formal, 15% informal
• 44% had no access at all and were financially excluded
• Only 34% of Ghanaians had a bank account
• However, 80% of population had access to mobile phones (Also in rural areas)
The Financial Landscape in Ghana2010
Finscope Survey, 2010
34% 7% 15% 44%
Bank Non-bank formal Informal only Excluded
The Solution:
• Innovation
• Incentives
• Security
• Risk Management
• Consumer Protection
• Well articulated sanctions
The Solution: Revise, Experiment, Monitor
• Introduce clear, pragmatic and flexible regulation that would enable and foster a healthy environment for financial inclusion to succeed
• Revise the BB Guidelines to fit market dynamics• Adopt flexible experimental stance (Kenya,
Philippines, Tanzania, Mexico)• Adopt proportionate risk-based approach to
regulation• Keep eyes on the ball: Monitor and manage
emerging risks
Engineering Incentives• Allow non bank-led model but require them to
establish non-bank subsidiaries licensed and regulated by the central bank
• Abolish many-to-many requirement to free operators from tight and unmanageable relationships
• Mandate Non-banks to keep the float with RFIs
• Designate a 15% threshold beyond which the float should be split and transferred to other banks to safeguard against bank insolvency
Engineering IncentivesFinancial Inclusion:• A three-tiered account structure with related
transaction limits; risk-based approach to KYC and CDD so that Individuals with little ID could be included in the formal financial sector
• Require float-holding banks to pay interest on the float
• Require electronic money issuers to pay not less than 80% of interest to account holders
Engineering Incentives• Establish strong consumer protection,
complaints resolution structures to afford consumers safeguards against abuse
• Set technology, security and compliance framework with requirement for certification in PCI DSS and ISO 27001 standards
• Detailed reporting requirements
• Well articulated sanctions
Permissible Transactions
▪ Domestic payments▪ Domestic money transfers, including to and from
bank accounts▪ Bulk transactions (Salaries, benefits, pensions etc.)▪ Cash-in-cash out transactions ▪ Over-the-counter transactions ▪ Inward international remittances▪ Savings/credit products under-written by
Regulated Financial Institutions (RFIs) ▪ Insurance products under-written by duly licensed
insurers.
Implementation Challenges
• Negative reaction from banks• Requirement for agents to take images of
photo IDs of customers upon presentment• Requirement for compliance with ISO and PCI
DSS standards• Interest payment and its sharing between
DEMIs and account holders
A changed picture in 2015
Access Strand in FII 2015 vs FinScope 2010
Note: Figures show access to services, not accounts
34%
36%
7%
22%
15%
17%
44%
25%
2010
2015
Bank Non-bank formal Informal only Excluded
The main driver in Ghana has been nonbank formal servicesAccess to these services tripled in five years
34%
36%
7%
22%
15%
17%
44%
25%
2010
2015
Bank Non-bank formal Informal only Excluded
3x
AML/CFT: do transaction
limits provide sufficient comfort?
Need of regulatory
oversight for simple
“payment services”?
Interest payment and
deposit insurance on e-
money accounts?
Transaction limits as sufficient AML/CFT measure?
Rules on use of prepaid funds?
Regulating agents as a new channel
FSP ClientAgent
DFS participant
Regulatory environment
Prudential regulation of banks and e-money issuers
1 Agent regulation2 KYC regulation3
Consumer protection regulation
4
42
Competition regulation
Which risks are regulators most concerned about?
Operational risk Agents as a new channel give rise to new operational
risks Issues such as IT continuity, contingency planning, and
internal controlsConsumer risks
The other main concern of supervisors and one that receives increasing attention
Issues such as fraud, unauthorized fees, lack of receipt, lack of liquidity (cash at agent), system downtimes, inadequate dispute resolution, abusive treatment
Money laundering and terrorist financing risks The supervisors’ focus on this depends on importance of
the topic more generally (e.g., a high priority in Pakistan)
43
Authorizing the use of agents: Observed tools and techniques and recommendations
Current practice Recommendation
Authorization of channel use and of individual agents
• 1 or 2 stage (channel authorization and authorization of individual agents)
• Risk of delaying agent rollout/closure; overstretching supervisory capacity no approval of individual agents and only new authorization for significant changes to original agent business proposal
What to check at time of authorization?
• Contract review• Business and
operational plan• Financial projections• Agent due diligence
docs and agent roll-outplan
• IT infrastructure
• Opportunity to bar poorly designed agent businesses
• Use model agent contract to be approved by supervisor or min. standard clauses
• Check contracts with third parties such as aggregators
• Look at agents as part of broad operational risk review of the supervised entity
45
Ongoing supervision: Observed tools and techniques and recommendations
Current practice RecommendationInspecting providers
• Targeted inspection vs. being part of regular inspections
• Transaction simulations• Agent due diligence
procedures• Internal controls• Access rules to IT system• Transaction simulation• Etc.
• Consider materiality of agent business for the provider
• Make use of offsite analysis and previous onsite inspections to plan for visits
• Focus on headquarters and review of risk management program
• Also visit agent network managers if heavily involved in operation of agents
• Check quality of reporting process
Offsite surveillance • Wide range of intensity from detailed database with data on agent level to no regular reporting on agent activities
• Only collect information that feeds into the risk assessment or serves other regulatory purposes (e.g., financial inclusion monitoring)
• Automated process• At a minimum quarterly reporting on
aggregate level
46
Ongoing supervision: Observed tools and techniques and recommendations (contd.)
Current practice RecommendationInspecting agents • Random sample
• Targeted samples according to certain criteria (top/worst performers, most fraud cases, most complaints, etc.)
• Mystery shopping• Most countries don’t do this
on a regular basis
• Inspect individual agents only with very clear supervisory purpose (e.g. To check price disclosure, conduct transaction similations, audit particularly problematic agents) and prioritize targeted sampling
Enforcement actions • Wide range of measures available vs. only withdrawal of letter of no objection
• No serious enforcement actions have been taken yet
• Sufficient enforcement powers needed including changes in contracts, suspending or prohibiting certain practices, and penalties
47
Two important issues to consider in agent regulations
How to ensure level playing field between bank and nonbank agents?
Who can be an agent?
• No material difference between bank and nonbank agents’ regulatory treatment (but bank agents might be permitted to do more)
• Best achieved by single regulation covering both types of agents or by identical regulations applying to both types
• Otherwise risk of regulatory arbitrage and contradictorytreatment of shared agents
• Liability of the provider core element of both agent types
• Set minimum standards without unnecessarily circumscribing growth potential
• Business registration?• Length of operations?• Credit history?• Criminal record?
• Avoid geographic restrictions or barring certain legal entities from operating as agents
• Allow for tiered agent structure and use of agent network managers
48
Exclusivity Non-exclusivity
Should providers be allowed to impose exclusivity on agents?
There is a trade off between different considerations and no simple answer
Some countries have opted for limited exclusivity periods
Require technological capability to interconnect with other payment systems
How does M-Shwari fit Kenya’s current legal framework?
Bank product: The provider is a bank (CBA) and the customers open bank accounts with CBA no e-money involved
No direct physical channel for redeeming funds: M-Shwari customers are not permitted to use CBA branches. There are no M-Shwari agents. Customers can only move money into and out of their account by first transferring it to M-Pesa (with a corresponding change in the M-Pesafloat as the aggregate amount of e-money issued changes)
50
Neither agency banking nor e-money regulations apply, M-Shwaricustomers use M-Pesa agents, but only after bank money has been converted to e-money (or vice versa)
India - yesHave had agent rules for a long time (since 2006), but restrictions were only lifted
over time
Kenya, Tanzania, Bangladesh - yesDifferent rules for bank and nonbank
agents potentially leading to level playing field issues
Uganda - noOnly for nonbanks (MFSPs), but not permitted for banksMyanmar - yes
Mobile Banking Directive permits agents, but lacks clarity (e.g. on exclusivity,
tiered agent structure)
Basic enabler #2: Regulations permitting and governing the use of agents by banks and nonbanks
51
What do we want to see and how do we get there?
Use of agents permitted by range of relevant providers
Provider liability clearly stated
Preferably other relevant elements clearly prescribed
Appropriateagent
regulations First step is to permit agents (Uganda example for what happens if not) and to establish general principal agent principles
Second step is to define clear rules
Other relevant issues: (i) exclusivity; (ii) level playing field for different types of agents; (iii) tiered agent structure; (iv) use of prefunded accounts; etc.
Typical steps
required to get there
52
Responding to AML/CFT concerns
FSP ClientAgent
DFS participant
Regulatory environment
Prudential regulation of banks and e-money issuers
1 Agent regulation2 KYC regulation3
Consumer protection regulation
4
54
Competition regulation
The Financial Access Task Force (FATF) stipulates that a risk-based approach may be taken to KYC requirements
The regulation provides guidance at very high level, leaving room for interpretation under local market conditions
Countries and FI’s are required to “identify, assess and understand their ML/TF risk”
1. “Identified Higher Risk”:
Enhanced measures must be applied (i.e. obtaining additional information on customer (occupation, volume of assets, source of funds, etc.) and more frequent updates)
2. “Identified Lower Risk”: Countries may simplify measures to be applied by FIs
3. “Proven Low Risk”: Countries may exempt FIs from certain recommendations
Who determines the regulation? What does the regulation say?
The FATF is an Intergovernmental body
which develops international standards on
combating:
• Money laundering
• Terrorist financing, and
• Proliferation of weapons of mass
destruction
• Feb 2012: Issue of Revised Standards
• 40 Recommendations + Interpretive Notes
55
Source: Banxico Circular 2019/95 as modified by Circular 14/2011
Level 1 Level 2 Level 3Level 4
Traditional bank account
Max amount in monthlytransactions
US$ 280 + max balance of US$ 370 US$1,110 US$3,700 No limit
Customer information required to open account
NoneBasic Information(Name, Address,
Gender)Full customer information required
Documentation N.A. No paper copy required Paper copyrequired
Customer present at opening No
No (but bank has theoption to request
it)
Yes Yes
Access point Only debit card. No mobile
Mobile, card, bank transfer
Mobile, card, bank transfers
The same plus cheques
Tiered account structureThe example of Mexico
59
Using biometrically verified SIMs for account openingThe case of Pakistan
439 665 929 1,060 1,447 1,761
2,112 2,399 2,643 2,966 3,475
3,832 4,238
4,713 5,415
7,538
10,881
13,192
15,322
-
2,000
4,000
6,000
8,000
10,000
12,000
14,000
16,000
18,000
Branchless Banking Accounts(in thousands)
Basic enabler #3: Tiered, risk-based KYC structures
Pakistan - yesSeparate KYC rules for
branchless banking, while in most other countries existing rules for banks apply mutatis
mutandis
Bangladesh - yesCentral bank-issued rules vs.
general rules under AML Law: One can be better at defining
proportionality than the other, but AML Law generally prevails
India and Pakistan - yese-KYC allows customers to
open accounts at agents (and in Pakistan even on the phone
with biometrically verified SIMs)
Kenya - yesCoverage of ID and
accessibility of database: if good, even low risk accounts
can make use of official ID and the need for alternative forms of identification for low
risk accounts is less important
Rwanda - noNot clear whether PSPs (and
thus EMIs) fall under definition of “reporting entity” in the AML
Law
62
What do we want to see and how do we get there?
Simplified CDD for low risk accounts
The extent to which KYC/CDD is a problem strongly depends on the quality of the ID system
Biometric verification of SIMs can be a game changer
Risk-based KYC rules
Ideally the AML law provides room for simplified CDD
The question of how simplificationwill look like strongly depends on quality of ID system
Pakistan as example that pricingcan also play important role
Typical steps
required to get there
63
Agent Guidelines
• Serves to regulate both banking agents as well as agents of e-money issuers
• Requirement for central bank authorisation to use agents with submission of ADD, AML, risk-assessment and conflict resolution policies
• Specifies strict agent eligibility and due diligence requirements
• Non-exclusivity of agents• Strict adherence to consumer protection
regulations set forth in the EMI Guidelines
Agent GuidelinesPermissible Activities: E-Money
• Opening of Minimum and Medium KYC e-money accounts on behalf of principals
• In addition, master-agents may open Enhanced KYC e-money accounts
• Balance inquiry and provision of account statements
• Cash-in and cash-out to/from the customer’s own account
Agent Guidelines
Permissible Activities: E-Money
• Cash-out of direct transfers not received to an account, including international remittances, salaries, benefits, loan disbursements
• Funds transfers, domestic remittances, • Inward international remittances• Marketing of credit, savings and insurance
products offered and provided by licensed financial institutions
Agent GuidelinesPermissible Activities: Banks
• All functions analogous to those under e-money, except the opening of bank accounts
• Receipt, verification and forwarding of applications for credit, savings, investment and insurance products to principals
• Receipt and forwarding of applications for credit cards and check books to principals
• Delivery of bank mail and check books to bank customers
Threats• Lack of reliable national personal identification
system • System related fraud: Systems should be secure
and robust to prevent fraudulent access• Agent related fraud: Some agents access
customer accounts while supporting them and withdraw additional funds when not authorized
• Consumer related fraud: PIN secrecy rules are not enforced and therefore relatives and agents get access to consumer account and defraud them
• Cybercrime and Money Laundering
The Way Forward• National strategy on financial inclusion to
address some payment related issues• Build capacity, strengthen regulation &
supervision to check abuses• Set up an agent registry to take stock of all
financial agents in Ghana• Continuous and closer collaboration with
other regulators in the financial space • Set up Payment System Council to continue to
drive payments ecosystem
Protecting consumers
FSP ClientAgent
DFS participant
Regulatory environment
Prudential regulation of banks and e-money issuers
1 Agent regulation2 KYC regulation3
Consumer protection regulation
4
72
Competition regulation
Responsible finance stakeholder survey Summer 2014
What level of responsibility do each of the following actors have to mitigate consumer risks?
0 10 20 30 40 50 60 70
Consumer Advocates
Donors
International SSBs
Consumers
Regulators
Providers
Results from Pulse Survey Summer 2014
primary responsibility medium responsibility no responsibility74
Seven Key Concerns of DFS Customers
1. Inability to transact due to network/service downtime
2. Inability to transact due to insufficient agent liquidity/float
3. Complex and confusing user interface
Source: CGAP
76
Seven Key Concerns of DFS CustomersCont’d.
4. Inadequate provider recourse
5. Lack of transparency
6. Fraud perpetrated on the customer
7. Inadequate data privacy and protection
Source: FSD Kenya
77
Recourse in Digital Finance: Emerging good practices
Opportunities: Increased consumer touch points and choice; SMS transaction records and confirmations
Good practices seen amongst DFS providers: Specialized DFS line and staff Specialized desks for common complaint types:
Reversals, lost SIM/PIN, non-payment products Dedicated agent hotline Training of agents on complaints handling and fraud
detection Enforcement of prominent display of hotline signage at
agent locations
82
Basic Enabler #4: Consumer protection rules considering specific risks in DFS
What is special about consumer protection in DFS?Effectiveness of CP rules on fair treatment, disclosure, redress in
practice?
Tanzania, Ghana, India, Myanmar (no), and Pakistan
(yes)A few lines in the relevant
regulations – is this enough? Or do we need a dedicated
financial consumer protection law?
KenyaRelevance of other regulators beyond financial regulator (in
particular Competition Authority of Kenya)
Kenya, TanzaniaDigital credit as newly
emerging area
84
What do we want to see and how do we get there?
Consumer protection rules specific to the provision of digital financial services
This could be part of a broad FCP regime or something specific for agents / e-money / digital credit etc.
Appropriate consumer protection regulation Broad authority in
law (increasingly under stand-alone FCP law)
Rules tailored to the specific consumerprotection risks in DFS
Typical steps
required to get there
85
Some lessons from BoG’s experience with introducing regulatory changes
• Leadership important• Market driven • Partnership with private sector:
– Provides visibility – Lends credibility and trust– Raises understanding and cooperation and collaboration – Ensures sustainability of innovations
• Incorporate incentives that create win-win situations • Should cross-reference with existing and planned
laws• Access without usage does not promote financial
inclusion consumer education highlighting benefits of electronic payments and transactions as well as key consumer-related risks and how to mitigate them
86
Some lessons from CGAP work on creating enabling environment for DFS
• Takes time (often two steps forward, one step back)
• Important to buildtrust with regulatorsand industry
• Requires good under-standing of local market
• Draw on deep expertise and global knowledge of basic enablers
87
Advancing financial inclusion to improve the lives of the poor
www.cgap.org 88