A noted historian once observed that history is nothing but the unfolding of miscalculation. If this is true, then the Indian Prime Minister Narendra Modi made history on November 8th when he ordered two large denomination banknotes to be withdrawn from circulation and replaced.
No one doubts that criminals, corrupt officials, dodgy businesses, and tax evaders, purveyors of the so-called the shadow or “parallel” economy, prefer to deal in cash. Cash payments cannot be tracked or traced. Cash is also counterfeited. Electronic or digital payments, on the other hand, provide an effective way to weed out these evils and bring greater transparency to the workings of the economy, reduce corruption, fight crime, and ensure everyone pays their fair share of taxes.
If cash could be taken out of circulation, would it help? The answer is yes. Provided the reduction in cash is permanent and if there are electronic alternatives easily accessible to everyone for migration to digital means. Developed markets have done this before. The European Central Bank (ECB) acknowledged that large value currency is convenient for criminals and has decided to withdraw the €500 note by 2018. Because of high availability of digital infrastructure, high incidence of electronic payments, high penetration of bank accounts and credit cards, high percentage of tax payers, and (relatively) honest tax payment collection, developed markets can afford to gradually phase out large denomination notes.
In a developing economy such as India where digital infrastructure is rapidly developing but still in early stages of development and where a majority of citizens do not have access to financial services, taking cash out of circulation, has created untold havoc on ordinary people especially the poorest and most vulnerable who are heavily dependent on cash for wages and earnings.
In India, 98% of payments are made in cash. The government decided to withdraw 500 and 1,000 rupee notes which make up 85% of cash in circulation, announcing a 50-day period for people to deposit or exchange the banknotes. The premise is that most illegal transactions and illicit wealth are represented by large denomination banknotes. Banning the notes, so the argument goes, will make it very difficult for corruption to thrive in the economy as it does so today.
The move was designed as shock-therapy but its intended targets seems to have largely escaped the consequences. Instead it has delivered some unintended consequences by hitting the country’s most vulnerable the hardest who had to queue up for hours and even days to exchange their money losing wages which are already at subsistence levels. According to Bloomberg, “[Prime Minister] Modi’s cash decision has forced many families to spend as many as four days a week lining up to withdraw money or exchange old bank notes, costing them an estimated 615 billion rupees in lost business.”
A surprise attack, by definition, is privy to only to a select few. But this secrecy can result in inadequate preparation which is exactly what happened in India. Reports indicate that a “group of 5-10 people – a young team of researchers working in two rooms at Modi’s New Delhi residence”, developed the monetary medicine and the method for administering it.
To make matters worse, the Prime Minister also famously takes advice from a widely popular multi-millionaire yoga guru with interest in politics and loads of home-grown ideas to improve the country’s economic health. He had previously threatened the government by his intention to fast indefinitely to force the government to take action against corruption. He now believes that the move was not been implemented properly and has gone one to assert that corrupt bankers are somehow hampering the drive to weed out corruption.
What is obvious to most, but not perhaps to the demonetisation apologists, is that in any country, especially one with significant inflationary conditions, a majority of the black” or illicit wealth is stored away in tangible assets which appreciate over time such as jewellery or real estate, and not in paper currency. Estimates place only 5 – 6% of black money in India to be represented in currency notes. In other words, the demonetisation plan was built on a false premise.
A central motive behind the whole thing was that if a substantial amount of cash representing black money was not deposited before the deadline and, therefore, voided – the central bank of the country, the Reserve Bank of India (RBI), would be able to reduce its currency liability and pass the gains on to the government. That too, did not happen. In-fact more than expected cash has circled back into the banking system. Over 80% of the withdrawn currency notes have been deposited or exchanged.
In another bewildering move, the government has announced it will introduce a 2,000-rupee banknote – of significantly larger denomination than those voided. If the idea was to void large value banknotes because they are more convenient for criminals, why replace it with an even bigger banknote? Sceptics think the 2,000 rupee banknote is a bait which will be cancelled a few years from today in a similar demonetisation move.
Economists have explained the net effect of the demonetisation drive as a “de facto” tax amnesty. The government amended the law relating to taxation to include a clause which says that unaccounted-for cash deposited before Dec 30 will attract a tax rate of 50% (along with other restrictions regarding funds withdrawal timeframes). It is now believed that the tax on such funds realised by the government in the short term is likely to be relatively small. There is also likely to be litigation relating to unpaid taxes on such deposits which will take a very long time to resolve.
More opportunities (for money laundering)
Ironically, the economic misadventure has resulted in new opportunities for money laundering which a whole gaggle of unscrupulous entrepreneurs has capitalised upon. Bloomberg reports that these include flying plane loads of cash to the north-eastern states of India which are exempt from restrictions; brokering the services of high-turnover businesses who will “absorb” the ill-gotten currency charging premiums ranging from 10 to 50% “depending on the difficulty”; or offering jewellery or real estate in desirable locations around the capital at considerable premiums. In other words, the move designed to curb money laundering and tax-evasion has created more of the same.
Even religion is seeking ways to profit from the debacle. A television channel filmed a local priest offering to whiten money in exchange for donations which are exempt from the currency ban.
Trying to plug the widening leak, the government is taking further measures to stop these practices which include, believe it or not, asking for police approval for flights “taking off from airfields not controlled by the government,” requiring pilot and passenger “screening”.
No serious government, after seeing India’s demonetisation adventure, is likely to repeat the measure. The government of Venezuela, a country perennially on the brink of economic collapse, however, decided to do something similar.
In December, it withdrew the 100 Bolivar bank note causing riots and chaos. Those who managed to deposit the notes were puzzled when the same banknotes were dispensed by ATM’s. The new banknote has failed to make an appearance. Civil disorder has forced the president to postpone the move.
Doing it the right way
The good news is that away from the initial idea of catching criminals, counterfeiters, and thwarting corruption, the government is changing its tune to moving towards a cashless economy which is more credible and welcome. New bank accounts have been opened and even alternative payment platforms such as the paytm wallet linked to a major e-commerce website has seen significant new accounts on-boarded. The government is taking active measures to provide discounts and other incentives to bolster digital payments.
As a result of this, there are many consumers who will switch to digital payments. But for many more, the whole episode will be a painful memory that achieved nothing. They will continue to use banknotes – smaller denomination banknotes or new ones – not as a mark of protest against but simply because that have always used cash. Cash is embedded in people’s daily lives and the government has not provided them with compelling reasons to go digital nor a wide enough digital payment acceptance footprint.
For criminals and the corrupt the move may be a temporary set-back but they are not likely to change their behaviour and become honest simply because now there are new notes in circulation.
The process to bring greater transparency to the system in order to erode the parallel economy and introduce the fruits of digitisation – is a gradual one, it takes time. It requires making it worthwhile for consumers and offering very clear reasons and benefits for people to switch to electronic payments wherever possible.
Only 17% of Indians own a smart phone. Compare this to other BRIC countries – Brazil 41%; Russia 46%; China 58%. Another indicator: Adult % with access to the internet – India 22% (only 13% in rural areas); Brazil 60%; Russia 72%; China 65%. Compare credit cards: 2.1% Indians have credit cards – in developed markets the figure is around 52%. When it comes to payment acceptance – measuring the penetration of electronic payment acceptance – “Brazil – with a population 84% lower than India – had nearly 29 times as many POS terminals”.
The government’s efforts and money should have been better spent to bolster these numbers. Also, money should have been spent to bring more people within the tax-paying segment and root out corruption in tax collection. Only 5% of Indians declare their incomes and 1 % pay income tax.
Shock-tactics offer the lure of a magical end to endemic problems. Putting penalties on the use of cash or applying shock measures may inconvenience criminals temporarily or provide a welcome short-term impetus to digitisation, but its side effects on a developing economy as a whole are too damaging. Even the uptick in digital accounts may prove temporary as people revert back to using cash for precisely the same reasons as before.
An empathy deficit
Political bribes are rife in India. The law requires political parties to declare only high value donations. Donations to Mr Modi’s party doubled in the year of his election made by those hoping to profit by his success. Of these, more than two-thirds came from undeclared sources. Calling for transparency from everyone while keeping one’s own funding sources private warrants some serious self-correction.
Listening to economic quacks and not possessing the experience to foresee the economic misery inflicted upon the poor and the vulnerable, leads a New Delhi based prominent Indian author and journalist to describe Mr Modi’s problem as an “empathy deficit”. Effective modernisation and rehabilitation should be based on better planning and a concern for all segments of society, not just on the fruits of hurried research or the ill-advised recommendations from quick-fix gurus especially where one of the most important economies of the future is concerned.
Undeterred and unrepentant, Mr Modi spoke about his early life experiences of being a tea vendor and that he continues to brew a strong cup of tea even where larger matters of the economy are concerned. But he has also developed the practice of breaking down during speeches to emphasise the sincerity of his plans and his good intentions. This brings to mind an ancient saying which is relevant: Any man can make mistakes, but only an idiot persists in error.
Image source: DNA India
Pollsters whose job it is to talk to people and predict the outcomes of elections, sometimes get things badly wrong: the general election in Britain in 2015 when Labour performed unexpectedly poorly; the Brexit vote this year which took everyone by surprise; and finally, the US presidential election, which shocked the whole world.
Pollsters got these so wrong because they rely on sampling and extrapolating techniques. Statistical analysis is accurate only if the sample is representative of the whole. In the US presidential election, for example, voter samples excluded entire voter segments such as white working class voters and were also disproportionately skewed towards other segments such as politically conscious urban voters (who don’t get fed up of being called again and again considering there were many of these polls just before the elections). Yet another problem was that voters were not entirely honest and may have held back their choice for whatever reason.
Surveys from Princeton Election Consortium that used statistical “Bayesian” model developed by Professor Sam Wang, Neuro / Data Scientist, and Professor at Princeton, the model which correctly predicted 49 of the 50 states in the 2012 election, confidently rated Hilary Clinton’s chances of winning at 99%.
Predicting the unpredictable
Provided the sample is statistically relevant, determining which way people will vote is still the easier thing to do.
Predicting the outcome of events that do not entirely depend on individual decisions is far harder. In such cases, polling is useless. No one who is polled has any specific information to share. When something is unknown, it does not matter how many people you ask, the larger the poll, the larger the pool of guesses.
But for events that are not entirely random there are different bits of relevant information that may be known to different people. Some people believe that asking a group is more accurate than asking a single individual.
James Surowiecki, the author of the best-seller “Wisdom of Crowds”, argues that “under the right circumstances”, a group of people is better able to estimate, forecast, or predict than single individuals in that group.
Economists believe that the best way to predict the future, particularly where politics are concerned, is to let the markets do it for you. Betting companies have been doing this for years relatively successfully.
But betting or “prediction” markets failed to predict the Brexit vote. Polls and markets shifted towards “leave” in early June but not enough to overtake “remain.” On the day of the referendum, markets priced “an 85% likelihood” for Britain to remain in the EU. Markets also failed miserably to predict Trump to win the Republican nomination. But perhaps bruised from these miscalculations, markets clearly predicted the outcome of the US presidential election.
Prediction markets are considered more accurate than polls because they take into account the “weight individuals’ beliefs by conviction as well as frequency”. This means that people who are convinced of the outcome often place high wagers than others who are simply just placing a bet. These punters can also adversely influence the market if they are driven by closely held biases rather than rational judgements something known as “cognitive bias”.
Specialised predictive markets, set-up for the purpose of trading the outcome of future events, are exchange-traded markets best positioned to benefit from aggregate individual predictions.
The Iowa Electronic Market is an academic market dedicated to elections and limits the positions its members can take to $500. iPredict operates out of New Zealand and trades in a number of political events relating to that country. NewsFutures counts major corporations such as Siemens, Renault, and Pfizer as its customers. Microsoft launched its own predictive markets and Google uses the concept internally to identify “discontinuous product ideas.” Other large companies that use predictive markets internally include France Telecom and Hewlett-Packard. The Hollywood Stock Exchange, now part of Cantor Fitzgerald, trades in the prediction-shares of movies, actors, and directors and has made many accurate Oscar predictions.
The caveat Surowiecki inserted in his argument about the wisdom of crowds: “under the right circumstances”, is made up of 4 conditions:
It seems that the conditions for the wisdom of crowds to work are almost tailor-made for blockchain based distributed ledger (DL) systems.
DL systems can be developed to aggregate individual opinions that have been arrived at independently by a very diverse range of people. That is exactly what distributed ledger based systems do.
DL systems are designed primarily for decentralised aggregation of diverse but independent input in order to arrive at collective consensus-driven decisions enabling some processes and even organisations to operate autonomously.
Of course there is no way to ascertain how independent these opinions are because everyone is exposed to public opinion or influenced by general market sentiment, or worse, collective biases which often override reason, but certain questions may work better than others.
Online betting exchanges are not all,owed to operate in the United States but they are available elsewhere such as the world’s largest exchange market, Betfair.
Augur is an exchange prediction market that uses blockchain concepts to predict the future set to go live in 2017. The way it works is simple. Individuals on the platform can make predictions by trading shares in event outcomes such as the outcome of the presidential election. If the odds are even, the share is bought at 50 cents, if you win, you get back $1. If you lose, nothing. Just like other prediction markets.
The key difference with Augur is that it is entirely open-sourced and decentralised and allows for the execution of contracts on the Ethereum platform. This means that anyone, anywhere can set up a prediction market of their choice and it will manage itself autonomously.
Notable supporters of the project include Intrade co-founder Ron Bernstein, the Thiel Foundation and Vitalik Buterin.
While prediction markets are usually better than other methods of divining the future, these will provide the ultimate test for blockchain concepts to offer an open-for-everyone method for assembling collective wisdom and if the Augur project delivers results, it may end up as the most useful application of blockchain technology – more so than its currently discussed uses in others sectors such as finance and payments.
Photo credit: BT.com
(Photo credits: ibtimes)
Money laundering crimes, when discovered, are dealt with a heavy hand by law enforcement authorities. Record penalties and fines have been imposed on some of the world’s largest institutions held responsible for supporting money laundering in any way, knowingly or not, and violating laws relating to money transfers and payments.
Could the blockchain concept, in its extended application – more precisely, distributed ledgers, do better?
Sure there are some big breakthrough cases and record penalties inflicted on some of the world’s largest financial institutions. But these cases are the products of painstaking detective work undertaken over a long period of time and often involving insiders / whistle-blowers. Despite the AML controls that must be complied with and exemplary punishments, global money laundering flows are estimated to be as high as 5% of the world’s GDP – just over $2 trillion.
Critics claim that Anti-Money Laundering (AML) rules and regulations are outdated and pretty much ineffective. The approach favoured by regulators is to encourage banks and other financial entities to hire more people and invest more money to implement AML controls and impose penalties. Yet the effectiveness of these controls has never been empirically established. No serious studies have been undertaken to determine the results these procedures produce.
When discovered, money laundering cases can be seriously damaging for the financial institutions involved. Money laundering, aiding and abetting anyone involved in illegal transfer of funds, non-compliance with AML controls, attract criminal prosecution in most markets, hefty fines, and this also means losing the privilege to continue all or some of the legitimate business activities such as currency trading or payment facilitation.
In 2012, HSBC Bank was fined a whopping $2 billion by US authorities for violations of AML regulations in Mexico. The bank had allegedly been the partner of choice for Mexico’s Sinaloa cartel which counted Guzman “El Chapo”, the drug lord who was recently arrested and extradited to the United States. In a 300-page report to the US Senate, the Mexican office of the bank was shown to be a willful partner of the Sinaloa cartel. Other money laundering violations involved the Colombia Norte del Valle cartel. A drug lord was on record saying that HSBC Mexico “was the place to launder money”. Despite all this and the issues relating to money laundering in the country, the bank assigned Mexico its lowest risk rating and reportedly excluded hundreds of billions of dollars from AML monitoring reports.
The US Senate investigation into the matter said that the bank acted as a conduit for “drug kingpins and rogue nations”.
In addition to aiding and abetting criminal businesses, facilitating international payments for “rogue nations” which are on a country’s sanctions list are also classified as money laundering by the US authorities. Banks who violate these sanctions can be heavily fined or else risk losing the privilege of taking part in dollar denominated international transactions (if they violate US sanctions). Whether one agrees with the political arguments or subscribes to a different definition of what constitutes a rogue nation, a bank or any business for that matter must not violate the sanctions imposed by the nation in whose jurisdiction or with whose currency the organisation runs a significant part of its business.
In 2014, the French bank BNP was charged by the US authorities for undertaking, “through a series of egregious schemes to evade detection and with the knowledge of multiple senior executives, BNP employees concealed more than $190 billion in transactions between 2002 and 2012 for clients subject to U.S. sanctions including Sudan, Iran and Cuba”. The bank was said to be “essentially functioned as the central bank for the government of Sudan… [and] concealed its tracks and failed to cooperate when first contacted by law enforcement.” The penalties and related fines later imposed on the bank amounted to a record $9 billion.
Outdated AML Controls
Industry observers believe, notwithstanding the high profile prosecutions, most of illegal money flows continue to pass through the preventive network of anti-money laundering rules and regulations, undetected.
The Financial Crimes Enforcement Network (FinCEN) in the United States or internationally, the Financial Action Task Force (FATF) or several other organisations in regional or domestic jurisdictions including central banks set out rules and guidelines that must be complied with.
There are specific laws that must be respected such as in the US, the International Emergency Economic Powers Act (IEEPA) and the Trading with the Enemy Act (TWEA) which BNP had been accused of conspiring to violate. In the EU, the Money laundering Directive has to be applied to develop laws and rules at the state level.
Critics say that there are a number of serious problems with the Anti Money Laundering systems and procedures that are in place today. But AML compliance requirements are so far entrenched in the financial infrastructure that it will be difficult to displace without disrupting the whole system.
Some of the problems with today’s AML controls are discussed below:
Brawn Not Brains
Reports and papers authored by academics have found systemic flaws in the AML guidance and in the form of controls and rules that exist today.
Regulators seem to encourage banks to spend more by hiring more and more employees to comb through an institution’s financial transactions and to check compliance with the rules and regulations.
In a paper published in the Notre Dame Law Journal, the paper’s authors observe that no tests have been carried out nor has any data been collected and analysed to understand how effective AML controls are in the first place. Just spend more and hire more seems to be the message from the regulators (Lanier Saperstein, Geoffrey Sant & Michelle Ng – Notre Dame Law review).
The present compliance frameworks set out by authorities focus on processes and not on performance or the unintended consequences of the threat of punishment that brings untold suffering on many people. For example, the abandonment of money transfers to Somalia by most banks over the last few years because of fear of heavy fines has created intense humanitarian hardship in the war torn country and has sent money transfers underground.
Though the prosecution of cases against some of the world’s largest financial institutions as described above does happen, a majority of money laundering channels remain undetected and when they do get discovered, the perpetrators simply move to new means and new partners to continue the monetary traffic. There is little sharing of information across governments and regulators.
For The Sake Of Compliance
Banks and other institutions are fined for non-compliance not because there was something illegal or irregular that took place but simply because AML rules had not been complied with.
Standard Chartered Bank was fined $300 million a few years ago not because there was evidence of money laundering available to the authorities but simply because the bank’s compliance was considered to be below par and there were supposed weaknesses in its New York branch in relation to AML systems and controls.
There are other cases like that.
In the Notre Dame Law Journal paper the authors argue that, “the regulators have been punishing the banks not because of any actual money laundering, but rather because the banks did not meet the regulators’ own subjective vision of the ideal anti–money laundering or counter–terrorist financing program.”
Most of the time international banking transactions that are caught in the preventive net of automated controls and sanctions lists are flagged as suspicious are only missing some necessary information.
These are sent back to the originators who complete the information and resubmit. The red flags are thus raised in an overwhelming number of cases for regular transactions making the personnel overseeing these, view these as just ordinary transactions.
Every institution engaged in transfer of funds is obliged to prepare and submit detailed reports such as, in the US, Currency Transaction Reports (CTRs) for transactions above $10,000 and Suspicious Activity Reports (SARs) relating to what could be illegal activity.
Reports are filled out in such huge numbers, hundreds of thousands, that it is impossible for an entity with even with vast resources of a governmental agency at its disposal to process and review and identify potential illegal activity.
Often after a high profile case such as those described above, the filing of SARs suddenly goes up as people become over-cautious to ensure compliance.
The international money movement system is complex and criminals often channel transactions through multiple accounts so that the origination and termination of transactions cannot be fully tracked or understood. In the BNP case, the bank admitted to setting up elaborate “structures” to route payments through other “satellite” banks in order to disguise the point of origination for such transactions.
Risk management systems as they are available today are not always able to track complex transaction trails especially when the practice of “information stripping” has been deployed where some key information is deliberately left out by those in the know so as not to trigger any key words in sanction list databases.
Can Distributed Ledger (DL) Systems Help?
Two things to note: First, this article is focused on money laundering via international value transfers only, which are usually high value not on the variety of activities that fall in the broader definition of money laundering. Second, references to blockchain in the context of this article relate to distributed ledger systems and not necessarily to blockchain as envisioned within the Bitcoin system.
A little context around blockchain and distributed ledgers repeated from a previous blogpost:
Distribued ledger systems can provide the basic infrastructure and tools for various areas within risk management and money laundering. Of-course developing a DL based system will require incurring costs and pooling shared resources and will take time to come to fruition.
In the context of AML activities, there are some clear benefits of following a DL approach:
The legitimate credentials of the two primary parties to a transaction – the originator and the beneficiary – must be verified. A DL system can provide a digital certificate that can be checked quickly by any participating entity to ensure the credentials are verified and also to review the types of credentials verified at the time of onboarding (and check if any information is missing).
DL systems will not revolutionise the Know-Your-Customer (KYC) process but enable banks and other financial entities as well as law enforcement officials to check credentials of parties involved in a value transfer transaction in a quick and timely manner.
An additional element could be added to the KYC process which is the reputational score or track record of the financial intermediary undertaking the KYC check. There is already talk about multi-market KYC “utilities” that provide more robust proof of identity. But such utilities are likely to be controlled by technology vendors while a distributed architecture would benefit everyone provided they are eligible and meet the criteria for joining the network.
A distributed ledger approach will not be able to discover or prevent KYC fraud where individuals or entities use fake or stolen credentials to open bank accounts as was the case with the Bangladesh Bank heist when hackers stole millions from the bank’s accounts with the NY Fed earlier this year and routed the funds to account opened with fake credentials at a Philippine bank.
Maintaining Audit Trail
A fundamental feature of a DL architecture is that it validates and authenticates the chain of value transfers in an open and transparent manner so that each transaction is checked and validated by anyone participating in the system without the need for centralised oversight.
In the DL approach, funds transfers can be recorded using private digital keys by both the originator and the beneficiary. While this may not be feasible for smaller money transfer transactions, the large funds transfers between institutions and corporates will be digitally recorded and verifiable by those who participate in the distributed ledger system.
In other words, it will be much harder to lose track of the source and destination of a transaction simply because criminals undertake several transactions and deploy multiple “satellite” banks to break off the trail. This type of transparency does not mean that all bank transactions will be out in the open for everyone to examine.
In fact, the DL system, unlike the blockchain which is inherently open and transparent, will be confidential and only accessible to those involved in the transaction to validate the potential risk of a transaction without revealing to third parties the details of that particular transaction. The transaction trail could also be checked by those responsible for risk management in an organisation or the authorities and law enforcement officials.
Speed of Discovery and Intervention
In a fully deployed DL system, participants whether banks, central banks, or corporates or any other related entities, will be able to share information on all transactions by contributing to the extended distributed ledger. Algorithms built in to the DL system will be able to identify patterns and analyse data on an aggregate level. Regulators will be able to monitor activity at many levels and determine the risk of a specific transaction channel in a much more scientific and meaningful manner.
Arguably, a mega centralised system will be able to do the same but in the DL environment, local databases will be leveraged so there will be no need to construct and maintain a monstrously big centralised authority complete with its own army of compliance staff and special technology and infrastructure. The work of individual entities and specific markets will be taken into consideration and the system will be updated for law enforcement authorities both at local and global levels in a very timely manner.
Today this sharing of data across institutions is at a very rudimentary level. Information that is shared is not readily available to everyone in the system.
DL systems would better determine the probability that a certain corridor or institution or even specific transactions have been compromised. This will reduce, if not eliminate, the ease with which criminals are able to send money over international payment systems. It will also help one institutional system to alert another of a transaction or set of transactions that potentially could be illegal or on the borderline requiring further checks.
Can blockchain or distributed ledger technologies help prevent attacks on the world’s critical financial systems?
Banks use standardised electronic messages, made up of codes and identifiers, a sort of a common financial language, to make international payments and move money around the world.
There are checks and balances, policies, and procedures in place to comply with legal requirements, validate the parties involved, detect irregularities, and looking out for anything suspicious, anything out of the ordinary. Transactions are checked against special databases such as those containing information on blacklisted individuals and entities or those under government sanctions. Hundreds of billions of dollars are at stake so it is hardly surprising there are so many controls built into the system.
But even with all these financial fortifications in place and armies of back-office staffers monitoring money movements, now and again hackers manage to get way with very large sums of money.
Earlier this year, a massive heist took place. Someone stole around $81 million from the account of Bangladesh Bank, the country’s central bank, with the New York Federal Reserve. The audacious plan was to steal a whopping $1 billion from the account but the NY Fed caught most of it in its preventive net mainly due to an unexpected piece of good luck.
Here’s what happened.
Investigations are still underway but so far each party involved has been busy laying the blame on others. The NY Fed argues that it flagged and declined a majority of the fraudulent requests it received. Cybercriminals had sent 35 messages to the NY Fed pretending to be from Bangladesh Bank totalling nearly a billion dollars and only a few got through. The NY Fed handles $800 billions in international money transfers every day so in this context $58 million seems a relatively small amount.
The NY Fed should have caught the fraud in its entirety as the pattern of the requests to transfer money was highly suspicious, so argues Bangladesh Bank. Over the past year Bangladesh Bank had only requested around 2 transfers per month mostly to institutions, not 35 in one day addressed to individuals.
SWIFT, the bank owned entity responsible for the messaging protocols, the necessary software and hardware, and management of the secure network, is under fire too. The network handles 25 million communications every day for around 10,000 banks and corporates. Critics say that over the years SWIFT has not done enough to improve the security environment around its network. SWIFT should have been invested in the latest technologies to make communications over its network completely bullet-proof.
Bangladesh Bank has also a lot to answer. Its systems were compromised, some say due to the lax security controls deployed at the bank. Hackers were able to install malware a month before they struck which enabled them to prepare and plan the attack in February. Bank officials did not monitor their transactions online and the only way to review communications on the system was to physically print out the messages they receive over the SWIFT network. The hackers had disabled the print function and it was not fixed until the next day when the bank discovered the communications from the NY Fed and the fraud.
Lastly, the timing of the theft was deftly planned. The hackers sent the fraudulent instructions on a Thursday and by the time the NY Fed got back to them Bangladesh Bank employees had gone off for the weekend which is Friday and Saturday. By the time they discovered what was going on (after fixing the print function) it was the weekend in New York. When on Monday the NY Fed tried to stop the transfers they discovered it was the Chinese New Year holiday in the Philippines, the ultimate destination of the stolen funds.
The 35 fraudulent messages to transfer the billion dollars first came with some vital information missing and were rejected by the NY Fed’s system. The hackers soon corrected the error and re-submitted. This time the NY Fed cleared 5 of them. The others were rejected – according to early reports – by a piece of unexpected luck or a “total fluke” as someone described it. The destination for the transfers, a bank branch in the Philippines, happens to be located on Jupiter Street. This triggered an alert in the Fed’s system as Jupiter was also the name of an oil tanker and a shipping outfit from Iran under sanctions from the United States. The coast was otherwise clear.
Global Networks Vulnerable
The truth is that the all global networks especially those that deal with money transfers are a primary target for cyber criminals who have reached new heights of technical sophistication and are more organised than ever before.
These criminals now boast access to vast resources, even patronage of rogue governments and plenty of motivation to perpetrate multi-million dollar frauds. To compound the problem banking industry veterans also point to a culture at banks of keeping things quiet in case of breaches or thefts if they can help it. They should be sharing information and undertaking investigations in a spirit of openness and cooperation so that the points of vulnerability are identified and corrected.
The Bangladesh heist was the work of confident criminals who knew their way about the system, avoiding the strongest defences and targeting the weakest links in the international payments network. It is possible that the hackers were also responsible for an earlier theft of $12 million from an Ecuadorian bank’s account with Wells Fargo. The two banks are now fighting each other in the courts.
Symantec, the security company, believes the group called Lazarus, the one said to be responsible for the attack on Sony Pictures back in 2014 and sponsored by the North Korean government, may have been behind the attack.
Blockchain and Distributed Ledgers
The concept of blockchain was developed to support a virtual decentralised currency system called Bitcoin but the world’s financial systems work with centralised or “fiat” currencies, those issued by governments and considered legal tender in the country of issue. Decentralised systems are essentially “trust-less” systems since there is no central “trusted” authority or a single entity so decisions are driven through logic and consensus programmed into the system.
The blockchain is an irrefutable and unchangeable record of past transactions and as such serves to establish ownership and the right to transfer bitcoins. It also guards against a rightful owner spending bitcoins twice. A Bitcoin transaction is validated by consensus by a network of computers or nodes participating in the virtual currency system and not by a single centralised authority responsible for record keeping. The blockchain ensures the Bitcoin system is “permissionless”, requiring no central authority approval or decision, and therefore autonomous.
Distributed ledgers encompass a much broader definition. While a blockchain as originally envisaged by its creators works essentially within the Bitcoin system, distributed ledger architecture can support all types of systems. In financial services a distributed ledger system is likely to be permissioned and therefore less autonomous. It can be deployed with varying levels of control and flexibility.
Enhanced Risk Management Through Distributed Ledger Architecture
A fraud prevention system based on a distributed ledger approach with multiple databases working in sync can be deployed to combat fraudulent incidents of this type very effectively. Such a system would first, maintain a confidential record of past transactions for reference and verification but without disclosing transaction details to everyone in the system (unlike the blockchain where transactions are in the open). Second, the system would store and update authenticated credentials of legitimate and verified senders and receivers.
Individual banks and financial institutions today operate their internal risk management systems and consult common information on blacklists and sanctions. The responsibility of developing robust risk management controls is left to individual banks resulting in inconsistent approaches and widely varying quality of risk controls and procedures. A distributed system would be beneficial for everyone in the international marketplace not just the large banks but also the smaller banks who have less sophisticated risk management systems in place.
Often a bank’s systems will generate a high number of “false positives”, transactions rejected by the system as suspicious or fraudulent. But an overwhelming majority of such transactions are found only to be missing some information which is corrected before resubmission. Such a high percentage results in transaction monitoring staff to consider most alarms as harmless. A distributed ledger system could be maintained by the leading stakeholders such as the major central banks and large commercial banks. In the long term, it is debatable whether a central network entity such as SWIFT would be necessary in such a scenario. Indeed, with standardised ISO formats, the distributed system could work on its own or just skeleton staff with the help of the leading players.
Collaborative Hybrid Approaches
Central banks are rightly exploring hybrid systems where a single authority manages records maintained centrally but also encourages and helps maintain a wider distributed ledger system to ensure network security and integrity. Such a system could work on several levels – global, regional, and local or domestic, to enable centralised authorities in multiple jurisdictions to develop an additional layer of shared decentralised systems.
But while a made-for-purpose distributed ledger based international value transfer system would take some time to build and incur substantial costs, internal collusion and compromise of private digital keys means that no system in theory is immune to cleverly thought out cyberattacks. Still, a hybrid system will be able to identify fraud or money laundering transactions a lot quicker for more immediate remedial action.
A parting caveat: It is important to note that new technical approaches cannot absolve banks from deploying robust operational and risk management controls. Hackers often use tried and trusted but simple techniques for perpetrating fraud such as installing malware, disabling viewing or printing features, and simple observations, how people work and their weaknesses and choosing the right time to make a move lining up weekends and national holidays to their benefit.
Graphic credit: International Bankers Association of Japan
It is not the lack of ideas or profitability or hard work or the dedication or sacrifice of the owners but the cause most common to business failures is their inability to finance working capital needs. This may sound trivial but it is catastrophic to those who have experienced it. Businesses fail not because they don’t make enough money but because they fail to generate sufficient cash or “liquidity” to pay their creditors.
Mind the gap
A business must be able to pay its creditors’ invoices if it is to remain solvent. To do so, its customers in turn must pay their invoices on time. In some industries this timing difference between cash outflows and inflows (between paying supplier invoices and getting paid by customers) can be inordinately long. This is the dangerous funding gap that can swallow any business no matter how profitable. There are two parts to it.
Pre-sale gap: a business when it buys raw materials or stock from suppliers cannot immediately sell it (except in the case of some retail stores), but must first process or convert these inputs to finished goods (e.g., buying wood to sell furniture), sell the finished goods and raise invoices.
Post-sale gap: Profit recorded in the books is meaningless unless it is represented by cash in the bank. For cash sales this part of the funding gap is zero but for sales on credit, unfortunately business customers delay paying up for whatever reason. The bigger the customer, the greater the delaying power.
The failure of banks
Providing financing to bridge the funding gap is a traditional business for banks. But banks fall way short of understanding the full extent of the opportunity and lend only to well established and stable businesses that can offer sufficient collateral to cover their risk.
Risk controls in general in large banks are skewed in favour of capital markets, where they take risks with securities and derivatives they don’t fully understand but hold back from lending to small businesses because they perceive this type of lending to be highly risky. To back up this frustrating contradiction they continuously complain about the impossibility of ascertaining the risks involved in lending to a small business without a credit history.
The problem here is that though banks and other traditional providers of working capital take too long to process loan applications and are unable to deviate from their traditional ways of credit assessing small business customers. In addition to reviewing past history they rely on the comfortable practice of securing collaterals. No alternative approaches, no workarounds, no lateral thinking.
Sensing the opportunity, some from outside the banking world are trying to crack the problem so that they can either make loans themselves or enable other lenders – including banks – to do so using innovative approaches to assess credit risk.
Companies such as OnDeck (ondeck.com) and Kabbage (kabbage.com) and CAN Capital (cancapital.com) have developed simple but effective policies and approaches. For example, to be considered for a loan – a business must be at least a year old with over $100K in revenues and the owner must have 500+ personal credit score. These lenders understand that the social and financial data available on the owner is crucial in ascertaining the risk profile of the business and not just its past history.
They will tell you that they look at hundreds of data points to assess a loan application something that banks don’t do. Kreditech (kreditech.com) a tech company based in Germany claims their technology “uses artificial intelligence and machine learning to process up to 20,000 data points per application” to enable precise credit checking of customers with thin files (little credit history). Kreditech offers its platform to lenders rather than advancing loans itself.
Markets don’t yet believe
While everyone likes the Fintech innovations and the jaw dropping 20,000 reference points for credit assessment the markets are not so enamoured by these technical advances and more focused on actual results and still sceptical.
Any bad news can be taken with a whole bag of salt leading the markets to believe that there could be something wrong about these unverifiable technical innovations and a few bad loans may be taken as a sign that the whole portfolio is a potential write-off. The markets punished Lending Club (lendingclub.com) recently when news of compliance irregularities on some of its loans came out resulting in the ouster of its founder and CEO. (Shares of other online lenders were also impacted by the news that institutional lenders are holding back and demanding higher returns for their money). At this early stage, institutional lenders / investors and the market as a whole are suffering from a form of controlled anxiety fearing that these alternative approaches may not stand the test of time and there could potentially be a credit catastrophe.
Digitisation is the difference
While risk assessment is the core engine of any lending business, pragmatic innovators are trying to focus on brining the whole lending process in to the twenty first century. The keys are full digitisation and speed of service. Two things that the banks have not been able to provide.
Innovative technology lenders are making the process fully online, easy and convenient for small businesses. OnDeck’s digital onboarding process is so smooth that Chase has partnered with it to use its technology in lending to small business.
Other innovators are digitising established financing channels. Buying invoices or factoring has been around for some time. Lenders “buy” invoices from businesses advancing them the money (for a fee – usually a percentage) saving the wait to get those invoices paid and the cost involved in pursuing customers to pay up. Now technology is helping automate and organise this process making it easier for companies to submit invoices directly from their accounting systems and for lenders to risk assess them accurately and quickly. FastPay (www.gofastpay.com), for example, enables its clients to upload their invoices directly to the company’s invoice portal from QuickBooks or other small business accounting platforms and provides a clear pricing structure for discounting the invoices. It is itself a small company and focuses on sectors that it is familiar with (such as media) – so that it is able to more accurately assess client risk and speed up the delivery process.
Getting it right
Lending is one of the oldest professions and the one of the most profitable. Risk is important but even with the plethora of digital data floating around us in real-time, the process of risk assessment is still a difficult one. Despite the claims of the new technology firms, the use of thousands of alternative data points represents an innovation that is still unproven. The key for online lenders is to target opportunity pools that have not been fully exploited (such as the small business sector) and make it easy, quick, and transparent for borrowers through full-process-digitisation while at the same time testing and building the toolset for more informed risk assessment.
Building Democracies on the Blockchain
Recently, a decentralised organisation on the Internet was able to attract $150 million, promising to undertake projects in a truly democratic and cooperative manner shortly before being hacked by someone who instead of disappearing with the loot is threatening to sue the victims of the attack.
Sounds bizarre? That’s because the ideas that gave birth to bitcoins and blockchains are taking off in new interesting directions but across almost all of them, there is one common theme – decentralisation.
Decentralisation has long been a hotly debated topic in the context of computer architecture and information management. Centralised systems are quicker and more easily scalable than distributed systems. A decision by a centrally located computer program is taken on its own whereas in decentralised systems, hundreds, even hundreds of thousands of computers may be involved. But decentralisation lends flexibility and a strong foundation in a world that is becoming increasingly connected.
In economics too, decentralisation has been and still is a key subject of discussion and dissension.
Birth of Bitcoin in Cyber-Liberty
The free market model, the one put forward originally as a theory by Adam Smith and then extended and recommended as the only path to growth through individual enterprise by the “Austrian” school of economics advocates a hands-off approach. An economy is propelled forward primarily by the driving force of individual self-interest and is kept from overheating by self-regulation.
The less interference from the centre the better.
Libertarianism, one could say is an extreme manifestation of the free market model in the sense that it advocates no central intervention at all and considers a government’s right to tax and send those to jail who do not pay as extortioniate and immoral. It puts forward a decentralised approach for doing nearly everything. Governments are redundant because Individuals are perfectly capable of organising themselves to do what is required.
The genesis of Bitcoin, as we know, lies deep in these libertarian ideals of zero central interference and concepts of cyber-liberty. Drawing inspiration from these, the creator of Bitcoin wrote the code for the system that issues a virtual currency, is independent of any central authority, and controls the supply (to keep inflation in check). Its value is entirely dependent on demand, and its integrity is protected through an open, decentralised, and verifiable record of transactions.
The idea and the cryptographic engineering are not remarkable or new but the timing was right. The financial crisis of the last decade demonstrated the inherent incompetence of several governments around the world who, in different ways, managed to mess up their economies and in the process, debase and devalue their currencies. People saw their savings and pensions deteriorate and livelihoods disappear. Bitcoin, though a nascent experimental digital project (and highly-risky) appeared in relative terms a reasonable alternative monetary channel and in some cases such as Cyprus, a better bet than money left on deposit with bankrupt banks. Secondly, it found relevance on digital marketplaces devoted to illegal commerce trafficking in drugs, armaments, and illicit paraphernalia as a unique and untraceable method of payment.
The Blockchain Backbone
Bitcoin, despite its dubious drivers of demand and universal dislike by governments, is still the defining innovation of our age prominent not in the context of being a medium of payment but as a concept that suggests all typs of enterprises, projects, businesses in the future, may organise themselves, design and deploy their processes and workflows in a decentralised manner as represented by Bitcoin’s underlying philosophy and its technical backbone called the blockchain.
A blockchain is a distributed digital record of validated transactions on a decentralised system like Bitcoin and in semi-accounting parlance it can be called a “distributed ledger”.
Many major banks and financial services organisations including central banks and a number of global IT companies, have declared that though the future of Bitcoin as an international mechanism of value exchange is far from certain, distributed ledger will re-shape the face of global finance. Much has been analysed and written about how the benefits of blockchains can be enjoyed in multiple spheres of international trade and finance.
Distributed ledger systems are ideal for open / connected networks and unlike, centralised systems, do not have a single point of failure.
So compelling is the attraction and novelty of the blockchain that major organisations are investing in understanding how it can be deployed to improve and simplify the existing systems for their own entities and even for entire industries. So far little breakthroughs have been achieved other than reports nearly every week of some big names throwing their proverbial hats into the ring and who, by the force of their past achievements, hope to build something remarkable and new. A collaborative effort called the Hyperledger project aims to develop cross-industry open standards for distributed ledgers and counts a number of technology companies as its members.
While these big names attempt to work out how to use the Blockchain to better their industries, someone hardly out of his teens has developed a system that can help any organisation operate in a decentralised manner. A system called Ethereum developed by Vitalik Buterin, a Russian born Canadian citizen who lives in Switzerland, and a Bitcoin guru, supplies the underlying libertarian foundation to everything that we may want to build and change how we link and interact with each other in the digital world.
To fund the idea, he has built a crypto-currency within the new platform, units of which are “pre-sold” to meet the costs of developing such a system. This currency is called “ether” and is used to pay transaction fees within the Ethereum system. Ether is already becoming more popular than Bitcoin. Neither, of course, is a serious currency. These and other crypto-currencies are more akin to commodities that carry very high risks and are used for payments mainly within their own eco-systems or in certain restricted contexts.
The DAO – Decentralised Autonomous Organisations
A DAO is a decentralised and autonomous organisation that runs on the rules and instructions encoded in a computer program and helps people – even robots or machines – collaborate with each other. It runs on its own and needs no central manager, no trusted third party as is the case with most financial systems. It is based on the idea of the blockchain. The uses are vague at this stage but it could be used to complete peer-to-peer smart contracts. The management of a business can be translated in to a set of rights and obligations which can be managed through smart contracts =created and executed within autonomous DAO’s. Proposals can be made to initiate new projects and members of the DAO can vote on accepting or rejecting them in truly democratic fashion. Finance can be raised and members or “contractors” can be paid / rewarded in proportion to the work done to further the projects undertaken by the DAO.
Ethereum’s website boldly offers its users the know-how to “build a democracy on the blockchain.” An organisation that exists solely on the blockchain, therefore, would require no leadership, no CEO, no President, just allocation of responsibilities to individuals. But a bit of wordplay is involved here for the DAO of any kind needs an elected “curator” – a sort of a central administrator who can handle some key tasks such as paying contractors.
The DAO is Dead – Long Live the DAO!
While anyone can create a DAO, there is an organisation called “The” DAO built on the Ethereum platform which is “borne from immutable, unstoppable, and irrefutable code”, suggesting the virtual impossibility of compromise whatsoever. This new idea was so attractive that it was able to draw significant sums of money – $150m it is said from more than 11,000 enthusiasts. The DAO is programmed by the team that built smart locks which let people share things such as their cars, houses, and other property.
The DAO was about to consider projects proposed by its stakeholders when it experienced a hacking attack and the perpetrator was able to remove over 3.6 m ether (valued at roughly $55m) to a “child DAO” or a related similar organisation through a glitch in the computer code that allowed one transaction to take place many times. Even though the attacker never may be able to convert the siphoned-off funds into real cash, the rules or the underlying code of the DAO were not violated. The attacker who claims that the theft was in fact not a theft at all but his actions were within the rules plainly permitted by the program. Several remedies have been proposed by Buterin as well others but none address the situation completely. Critics are complaining that the DAO asked for funds (in what is called a crowdsale) too early and amassed too much before it was able to develop a robust and secure platform and may even have violated rules around raising funds and selling of securities.
A New World
One of the key promises of the Internet which we have seen manifested in many successful start-ups such as Uber, Airbnb, SoFi, and many others is that connectivity allows us to bypass the middleman and incumbents who have kept their industries closed to new entrants are being rendered irrelevant by these new upstarts with disruptive business models.
Ideas like the Bitcoin, Blockchain, and Ethereum may not reach mainstream popularity and The DAO may be mortally wounded because of the recent attacks but what they mean for all of us is that today we are at the very start of the digital age and discovering and experimenting with new tools of disintermediation and disruption that ultimately will help end-users bypass organisations that control large service industries by building their own cooperative ventures. We are still far from that ideal but if these tools become sophisticated and effective, they will help create competition and allow new players to succeed in tired, closed, and inefficient industries to the benefit of everyone.
Apps to apathy
Websites and point and click menus are designed for computer screens. Client-side applications, or Apps – small computer programs – are designed to run on smaller screens of handheld devices like phones and tablets. Navigation is undertaken using point and touch, finger flicks, scrolls, swipes, or other hand gestures. Good retailers have apps available for download at app stores making it easy for their customers to discover content, products, and services.
Retailers also optimize their websites for mobile devices but apps are preferred because they provide better data analytics, are faster and more secure, and for very small devices such as digital watches, apps are the only choice.
But good apps are expensive to build. Development, testing, ensuring seamless integration with a myriad of external systems that the app connects to to exchange data, the vast array of mobile devices and operating systems, fixing bugs, re-testing, obtaining approval of the all-powerful app stores – are some of the things that make the whole business of making high-grade apps a veritable headache for even the largest retailers.
For users, apps can be hard to find on their digital devices once they have installed one too many. Each app requires some small screen real estate and sooner or later, if you have avid app curiosity but a short memory and an even shorter attention span (like me), you are bound to have a screen-load of forgotten-but-never removed apps. App curiosity leads to downloads but leaves screens confused and cluttered. And what if an app is used regularly, it needs to be updated on a regular basis. The updated version is often hardly any better than the previous one.
To avoid clutter, users become reluctant to download new apps, particularly retailer apps, if they are not sure they will use the app again or if they are connected wirelessly to the app store. Studies show that most people use 3 to 5 apps on a regular basis. The rest are used occasionally or forgotten. One category of apps ranked right at the top in terms of popularity with users – relates to messaging apps.
Chat is clutter-less
People use messaging apps for sending and receiving short messages. Content such as pictures and videos, digital tokens, stickers, and vouchers can be embedded in a message. The “big four” messaging platforms: whatsapp, Viber, Facebook Messenger, and WeChat are household names the world over. Others like snapchat and Line are also extremely popular.
There is a reason why Facebook paid stratospheric sums for the likes of WhatsAspp and Instagram or why the youthful founders of Snapchat spurned its multi-billion dollar advances because there is widespread agreement in the industry that messaging is the next omni-platform which will cater to all our digital needs including buying, selling, and paying for products and services.
Pavel Durov, creator of VK, which is Russia’s answer to FB boasting over 350 million users, after selling VK controversially, has now set up “Telegram”, which focuses on messaging. Its progress has ben phenomenal. From 100 thousand users in October 2013, it grew to 35M in 6 months and after a little over a year, 50M consumers. Today it claims 100 million active users with 350,000 signing up every day generating 15 billion messages daily. While many users prefer Telegram to other chats platforms because it offers better security, it has another distinct advantage. Telegram aims to be the new digital platform with a “bot store” (rather than an app store) where bots – small programs that automate remote tasks – can be bought to develop automated intelligent chat engines. The company, its platform, and its perspectives on security have attracted a lot of controversy. But it has also shown that automated messaging platforms that allow bots to interact with users and intelligently perform tasks for them, have deep relevance to how we will be performing everyday tasks, including digital commerce, in the future. For example, you don’t need to fire up the weather app to check the weather, you just ask the chat platform much like you ask a person. The language that the bot understands is the language in everyday use. Bots are not necessarily clever inventions based on artificial intelligence but programs that do a lot of routine stuff for us.
Bots for banking
Chat bots for commerce may one day be better for doing banking, searching for things to buy, and paying for them, or sending money from one place to another, tracking transactions, obtaining refunds, resolving complaints and settling disputes. Things that can take a lot of our time on a daily basis. What also helps is that a majority of the questions or tasks we do are about the same stuff. These bots may even be voice guided like Siri and Cortana. If you want to know what your bank balance is, all you need to do is just ask. If you want to find the most convenient route and the cheapest airfare from one place to another, just talk.
China, as usual, is years ahead. In this massive market, the consumer take-up of messaging apps is staggering. Users can text, make voice calls, do video chat, play games, order taxis, book hotels, book restaurants, send and receive money remotely, and and even make contactless payments – all through a conversational interface. Sceptics attribute this phenomenon to the way the Chinese language is written. People very quickly pick up images that represent words rather than spelling them out (and having auto correct convert them to something else). It is likely that in the future all several separate scenarios will exist and will be available to all so that we will be able to use a method of digital discovery that suits us.
Bots will be better
Those who have firm faith in robotics and artificial intelligence say that bots will one day become so good, that only humans trained in the task of “interviewing” bots will be able to tell if they are having a conversation with a human or a bot, in scenes similar to the 80’s movie the Blade Runner, is only a matter of time. But surely, automated, self-learning, intelligent bots will be far better than humans and available round the clock.
Close to customer
For Fintech stars that have reached or or are at the point of reaching the fabled Unicorn status – a billion-dollar valuation – continuous customer interaction is an absolute requisite in the minds of investors.
In the digital world, a business model that enables customers to interact and engage with customers on a daily basis, like Facebook or Google or whatsapp, is far more valuable in the eyes of the doyens of Silicon Valley, than one that demands only a one-off or occasional interaction, like an online insurance company which, barring any unfortunate events, is pretty much forgotten after the policy is sold till the time comes to renew it.
Banks have known this for a very long time. They offer current (or checking) accounts that yield little for their bottom lines but are the best tools for brand visibility and customer interaction. Customers check their balances often and log in to their accounts to make payments or download transactions. Mortgage loans, on the other hand, are profitable for banks but require little customer interaction after the contract is completed for the bank to sell the customer additional products and services.
So now, the Fintech stars want to take a leaf from the book of banks and offer customers financial services that keep them hooked. This, and the public ambitions of some of the high profile Fintech CEO’s, who believe they are fighting an epic battle with banks to disrupt, destroy and re-define the financial landscape of tomorrow, means that successful Fintech start-ups are spending significant sums of money to enhance their product sets and also going out to acquire firms that will help them do more for their customers.
Note that not all Fintech stars follow this approach. In a recent study by the Economist Intelligence Unit, the most important driver of competitive advantage for Fintech (cited by Fintech executives) was: “Focus on limited product set” – not quite the complete suite of financial products.
High flyers think differently though. Prominent Fintech stars believe that banking disruption must go deep and are following clear strategies to expand the services they offer. But, for all their success and ability to identify the right opportunities, the Fintech front-liners are pursuing one of the oldest ambitions that banks have nurtured over the years – to be a one-stop shop to customers.
The need to expand
Like other online lenders, Social Finance or SoFi in the United States has recently encountered funding problems and its focused business model with dependence on one product has given it a greater urgency to diversify. Starting off only a few years ago with student loans, it has now introduced wealth management, mortgages, and personal loans – business areas which SoFi believes will help it stay on on its trajectory for growth. All this while, Mike Cagney, CEO of SoFi, insists they are not a bank – but aim to be the most successful non-bank bank. On a more informal note he adds: “(Banks) they’re the dinosaurs and I’m the meteor.”
Online lending platforms like SoFi, Lending Club, and Prosper must source funds from institutional lenders of investors (usually by selling their loans to these institutions). These institutions are tightening the supply of funds or raising interest rates to make it more expensive. There is also a continuous worry with investors that online lenders like SoFi will not be able to weather future economic downturns as they do not have access to cheap source of funds as banks do from customer demand deposits. SoFi has set up an internal “hedge fund” to protect against future capital droughts (though it recently received a billion investment from Softbank).
SoFi competitor CommonBond is also pursuing this all encompassing strategy. The company is expanding its existing niche of student loans and wants to get into mortgages, credit cards, and wealth management services. David Klein, CEO of CommonBond has indicated, “It’s absolutely a life-cycle strategy.”
Max Levchin, CEO of checkout finance specialist, a member of the pioneering PayPal team that built PayPal, and another enfant terrible of the Fintech world, is equally boisterous crying out out that banks are ripping everyone off. His start-up “Affirm” offers funding alternatives at the point of checkout.
Checkout finance is founded on the wisdom of changing generational preferences. Market surveys have shown that especially in the United States, a majority (63%) of young people (or millennials in marketingspeak– those born after 1980)– prefer not to use credit cards. The reason for this shift is not clear except that some fundamental and underlying changes in customer preferences are taking place due to our familiarity with mobile devices and digital services. Look at the data from Uber and Lyft ridesharing. 57% of all rideshare passengers are in the 25-34 age bracket. Customers 45 and above represent only 7%. Young people change their service providers based on who has a better app.
Affirm has great promise and believes that checkout finance will gradually substitute existing forms of credit at the point of sale such as credit cards or traditional forms of store credit including instalment loans. Other firms offering checkout finance include Klarna and PayPal (PayPal Credit).
Affirm acquires Sweep
Affirm, like other specialists, is worried about being a one-trick pony. It downplays this to some extent by saying that over a third of its customers who have financed a purchase of under $250 come back as repeat customers. But the constant worry with Fintech specialists is that they may miss a trick because of their narrow field of activity.
What better way to connect with customers on a daily basis than through a slick personal financial management (PFM) app that lets customers check their bank balances, and calculate their net worth, every day of the week and some, every hour of the day.
Affirm announced it is acquiring Sweep, a small start-up, that developed a slick PFM app that Affirm thinks will help it progress on its way towards extended customer contact. The company is small with only half a dozen employees but Affirm will incorporate its technology to offer money management to its customers and potentially to offers loans to them based on their cash flow needs. A recent funding of $100 million Series D funding is helping drive Affirm towards its vision of continuous customer engagement and positioning itself to become a serious substitute for banking services.
Summary: Does a strategy of total banking disruption make sense?
Affirm’s strategy, like that of other online lenders, is to expand from its successful core product to other more interactive products. But in doing so, it overlooks the fact that the very reason it has done well so far is that it has not tried to be all things to all people but has focused on improving and enhancing a core product and tailoring it to meet user needs.
Rather than incorporating PFM features in its service offering, online lenders like Affirm which have successfully identified the need for financing at the point of checkout should identify other services that aim to capture more closely aligned opportunities that relate to its core competence: online lending.
One closely related opportunity for online consumer lenders is merchant lending, a growing industry in its own right. There are already a number of companies pursuing this area which has long been neglected because of the difficulty of evaluating the credit worthiness of businesses.
But companies such as American Express have long realised that small businesses require cash flow like Oxygen. Its outstanding merchant loans increased nearly 4 times over a short period of two years to 2015.
OnDeck, a merchant financing specialist, is now offering its technology to assist banks. It has partnered with Chase to offer loans to small business. The loans will be Chase branded but the technology to enable a fully digital experience (replacing the old loan process which used to take a month) will be OnDeck’s.
To be fair to Affirm, it has already identified some linked opportunities. It partnered with First Data to offer checkout loans to consumers at the POS in connection with First Data’s Clover merchant terminal suite. But Affirm, as well as other online lending firms, should resist the temptation to provide a full suite of financial services and avoid the old one-stop-shop vision that the diversity of the Internet has proved unattainable. Instead they should dig deeper for opportunities in lending – or specific areas within lending – developing technology and expertise that is truly next generation.
The real business of banking is lending
If you set aside investment banking or trading in securities and derivatives – businesses that many say have little or nothing to do with banking – the primary services that a bank offers (taking customer deposits, facilitating payments within a country or internationally, managing investments etc.) all support or reinforce in some way, the real business of banking which is lending.
The basic economic principle of lending is simple: a loan like any other asset in a business, must contribute to its profitability. Its contribution to profits and the risk of its loss (if not repaid), represent forces that tug in opposite directions which must be kept in balance if a lender is to survive and succeed.
The higher the probability of default, the more the asset must earn to cover that loss.
The brain of a lending business is its credit underwriting process – the analysis required to assess the probability of default of a particular loan. This remains essentially an art (of future divination) but one that is built on analytical and technical foundations. Credit bureaus and lenders use mathematical models and standardised credit scoring techniques that reflect a person’s profile, status, and past payment behaviour such as how promptly they settled their debts and if they ever missed any bill payments.
These models assemble available data from several sources to draw out cause-and-effect relationships that assess the returnability of a loan and offer a picture of a customer’s ability to repay in full and on time.
Online credit websites that digital lenders deploy are quite sophisticated with intuitive user interfaces so that borrowers fully understand the financial commitment they are entering into.
Even so, macro-economic conditions can deteriorate and negatively impact the quality of the loan portfolio especially where the lender is exposed to more risky sub-prime loans . People laid off from work, who have taken on too much debt can find themselves unable to repay. Lenders must find ways to recover the loss which they do by raising interest rates or charging additional fees or simply calling in the loan. Where there is a collateral pledged as in the case of mortgages, the lender’s exposure is reduced to the value of the collateral less disposal costs. Riskier still is open ended unsecured credit – credit card type of revolving credit – where the amount borrowed varies continuously and the risk faced by the lender also varies accordingly.
The new lenders
Non-bank lenders have been playing in this market for sometime now but new players are emerging regularly. These include most prominently companies such as Zopa in the UK, Lending Club, Prosper, SoFi, PayPal, and Affirm in the US, Klarna in Sweden and Europe – to name a few – that focus on lending to individuals and others such as OnDeck for loans to businesses.
On the burgeoning promise of big data, an army of new person-to-person lending “platforms” are waiting to get approval for online lending. In the UK alone, the Financial Conduct Authority (FCA) says that while only 8 firms are currently authorised, there are 86 awaiting a decision to be approved.
Some of the new lenders have developed their own risk assessment techniques which they claim more accurately reflect a borrower’s future ability to repay a loan rather than their situation at present and past payment profile which the traditional scoring techniques leverage. They claim to collect and include in their risk assessment tens of thousands of variables including data points from a customer’s digital footprint which is getting bigger and bigger by the day. This sounds a bit hyped and over-blown but digital footprint / social media presence can reveal a lot about a person’s lifestyle, needs, and financial stability.
But the conclusions drawn from digital media are as likely to be misleading as useful. New credit scoring techniques attempt to quantify certain non-quantifiable elements such as number of connection on Linkedin, places travelled on Trip Advisor or Facebook. Social media, useful as it may be for sleuthing around to get information on someone, is no indicator of one’s credit worthiness or their propensity to pay what they have borrowed.
But the new lenders are right about making certain assumptions when they look at someone’s future credit worthiness. It does not matter if a young graduate from a top class university has missed a few loan payments and is already laden with student debt, what matters is that his or her professional degree from a top class university is likely to lead to substantial income in the future.
Where the social media trail and data from digital media can help is in validating basic information about a person where none exists from the usual sources. Information provided by individuals with “thin files” – young people or those with insufficient records can be corroborated by what is available on social media.
Some of the new lenders are so devoted to be different that they do not use traditional tools at all. SoFi, a new lender privately valued at $4.5 billion have done away with traditional credit scores and now undertake the entire credit assessment process using their proprietary approaches. It is a unicorn valued privately at $4.5 billion and targets mainly students and young professionals in the United States differentiating itself by going the extra mile to meet the needs of this segment such as a friendly, efficient, and sympathetic approach to lending, suspending loan repayments, for example, if the borrower finds him or herself without a job and even help them find a new job. It considers lending as just one step in their grand plan of offering everything financial to their customers as well as other services which, they believe, have more to do with one’s financial status than we think: even online dating by matching SoFi customers with similar financial profiles. No joke.
Critics are sceptical here too. Alternative approaches to credit assessment do not lead to accuracy but have, in the past, been used to justify aggressive and even reckless lending to sub-prime consumer segments. This is the riskiest end of the market where it is easy to lend and recognise revenues in the books (and for lending managers to claim their performance bonuses). But the slightest economic downturn or rise in interest rates can trigger a delinquencies and loan portfolio deterioration as has happened in the past a number of times.
Analysts point to the worsening situation of some new lenders though at this stage these are just indications and not hard facts. Prosper and Lending Club – the original new lenders which began as person-to-person lenders but are now are also “marketplace” lenders – have raised their interest rates – which could be an indication something is perhaps awry or they expect delinquencies to come. But equally, it may just be that the cost of capital has gone up. These companies lend to individuals and then sell the loans on the market to institutional investors, who now account for nearly half of all loans made by Lending Club, who would otherwise take their business elsewhere in search for better returns. This leads to another point of significance. Marketplace lenders are becoming partners with banks rather than trying to replace them.
Actual delinquencies for Lending Club and Prosper have gone up in 2015 but only slightly. Industry observers such as Monja say that while there are no issues with these lenders’ “high grade” loans, investors should closely monitor their lower grade loans.
Checkout credit in shops is common in many countries where retailers offer customers the option to purchase something outright or to pay at a later stage (deferred payment), or pay slightly more to spread the purchase amount in affordable instalments over an agreed period of time.
In the digital domain, Klarna, a Swedish firm, has been successful in its home market and selected other European markets and is now making designs on the biggest credit market of them all, the United States. It started out by offering deferred payment or “invoicing” – the option to pay later (certain number of days after receiving goods ordered online). For peace of mind and in a market like Sweden where invoicing is common, Klarna has achieved remarkable success. When the due date for paying the invoice arrives, the customer can be further offered the option to pay in easy instalments.
Companies such as PayPal and the start-up founded by a PayPal veteran, Max Levchen, called Affirm offer checkout credit to assess the buyer’s credit worthiness online in near real time. 40% of Millennials in America do not have credit cards, says Levchen. These are the customers Affirm plans to target in order to offer digital checkout lending.
As I mentioned above, the business of instalment lending is nothing new. In Turkey banks offer instalment loans when customers use their credit cards to buy stuff in shops. In Brazil, instalment loans are very popular though the loans are offered by retailers not banks. But in the digital world, surprisingly, there are not many competitors.
The market is massive and the incumbents today who stand to be “disrupted” are not just credit card firms but also retailers who offer credit on things they sell. But the biggest challenge the digital disruptors face today is their own over confidence in their new underwriting techniques. Too much automation in the underwriting process, which should take into account hard data elements but also subjective factors which are difficult to quantify, may lead to odd and unfavourable results.
Interestingly also, these new lenders don’t want only to lend. They want to offer everything that a bank offers in the long term because, according to the, everything that a bank offers is sub-standard. “We’re going to build a bank that doesn’t suck,” says Max Levchin. Or here’s one from Mike Cagney, CEO of SoFi, “We actually are trying to change banking entirely. We are trying to displace what we think is a fundamentally broken system.” Marketing speak again? Or a common delusion of entrepreneurs successful in one area labouring under the misconception that their secret magic can make anything come alive.
It is possible that marketplace lenders like Lending Club may have found a more sustainable model than the likes of SoFi as they are open to all types of investors for sourcing funds they lend. But all are vulnerable to restricting regulatory events such as those in America where new lenders may have to comply with more onerous and restrictive state lending laws than federal laws under which they have so far operated. China has already seen a crisis in the person-to-person lending industry recently mainly because it was allowed to operate under the regulatory radar. This year Chinese authorities released regulations to curtail some of the dodgy practices of the new industry which has grown exponentially from 253 billion yuan in 2014 to 982 billion yuan in 2015.
Ultimately, however, many in the banking industry see clearly where all this is leading to. Whether pure disrupters such as SoFi or marketplace lenders such as Lending Club succeed, the new lenders will always be between the end customer and the supplier of funds. Does that mean banks will ultimately become invisible relegated to suppliers of funds and digital players will cover the all important connection with consumers remains to be seen.