I write this column a month into my tenure as CEO of AusPayNet. As I said to our staff and Board, I’m both humbled and excited to have the opportunity to lead them – an incredibly skilled group of people – but also to provide leadership to our members and our industry.
I’m fortunate to start as CEO at a time where AusPayNet has a very clear strategy and is delivering against it. Our three strategic objectives – leadership in collaboration, promote innovation, and effective self-regulation – remain a highly relevant frame for my current priorities.
Leadership in collaboration
The Reserve Bank of Australia (RBA) and the Australian Payments Council (APC) recently launched their consultation on ISO 20022 Migration for the Australian Payments System, which aims to reach agreement on key strategic decisions on a project to adopt and migrate to the ISO 20022 messaging standard. As part of this consultation, AusPayNet will consider how it can potentially assist the payments industry in coordinating this migration.
This consultation also links to the one done recently by the APC, which has helpfully identified some common themes and potential focus areas for future strategic consideration. I should note that supporting the APC remains a key focus of ours, especially in its important work on digital identity.
One other area we will be focusing on is payment system resilience. We’re keen to explore what role we can play to help the industry on resilience through self-regulation but also through data/benchmarking.
In this, and other aspects of collaboration, it is important to acknowledge the breadth of our network. We now have 130 members, including new digital banks such as Volt and Xinja, and large tech industry players such as Google. Our wider network includes relationships with both fintech and media, both of which I’m keen to personally invest time in, the latter so that AusPayNet helps inform the debate on payments issues.
A key focus of ours will be on emerging technology. We spent some time at our last Board meeting considering artificial intelligence, and will use this as a test case for analysing the self-regulatory, policy, and security implications of emerging technologies. Other technologies that we will analyse will include biometrics, QR codes (where interestingly, we are now starting to see implementations in Australia despite the high penetration of contactless), in-app payments (where I note, for example, Instagram’s recent announcement of its checkout feature) and voice.
This links to our work on standards: standards development needs to ensure that standards maintain threshold principles such as security, interoperability and accessibility. However, it also needs to ensure that it promotes innovation. In my mind, there is a lot that payments can learn – in terms of speed and collaboration – from the development of open data standards globally, as I emphasised at a recent PCI Board of Advisors meeting, based in part on my experience on the Advisory Committee to Australia’s Data Standards Body.
We have already completed the first phase of the review of our Issuers and Acquirers Community (IAC) code set, which usefully clarified its applicability to all card payments in Australia. The next phase, in Q2 2019, will incorporate our (card-not-present) CNP Fraud Mitigation Framework into the IAC code set. As an aside, I’m delighted with the way industry has come together to help AusPayNet develop that framework: CNP fraud remains a key issue – it is 85% of Australian card fraud, with around $250 million lining fraudsters’ pockets last year at the expense of legitimate Australian businesses. But it is an issue that we now have a clear, credible way forward on.
One other area of effective self-regulation that I’m personally excited about is our regulator and policy engagement: we have an excellent relationship with our co-regulator in the payments space, the RBA, and I’m keen to build my own relationships with other regulators and policy makers, including government.
In terms of other priorities in the immediate future, an obvious one is replacing my old role as COO. That process is well under way and I look forward to introducing you to our new COO – who will have carriage of our member engagement function and of our management committees, among other responsibilities – shortly. I am also prioritising our work on formalising our own corporate culture, specifically our cultural values. Once that is complete, not only will AusPayNet have a clear strategy but also a clear set of values against which we can continue to deliver.
On 28 March, we welcomed some 70 participants to our session on Combatting Financial Fraud in Australia. This was our first member event for 2019 and we were delighted to have fraud specialists from our Fraud in Banking Forum, which was holding its quarterly meeting in Sydney, participate in the session.
The morning kicked-off with a panel discussion on current fraud trends in Australia led by Lynda McMillan (Chair, Fraud in Banking Forum) and featuring David Pegley (AFCX), Michelle White (Westpac) and Matt Craft (NSW Police).
The panel was followed by presentations from special guests David Lacey (IDCARE) on identity theft, and Connor Dilleen (Joint Cyber Security Centre) on how the Government is responding to cyber-crime. Participants also heard from AusPayNet’s Melissa Gauci and Nick Cliff on our industry CNP Fraud Mitigation Framework and the Australian Payments Council’s digital ID trust framework.
Following the presentations, participants had the opportunity to network with members of the Fraud in Banking Forum including state and federal law enforcement and fraud experts from financial institutions.
For more information on our member events, please contact firstname.lastname@example.org.
We previously reported that CNP fraud now represents approximately 85% of all card fraud on Australian-issued cards. In the 2017/2018 financial year, this cost the e-commerce industry $478 million.
Over the past 18 months, we have been working with organisations from every part of the e-commerce value chain to define an approach to reduce the level of CNP fraud in Australia. This industry consultation has provided us with valuable feedback from our members, merchants, regulatory bodies, payment gateways, schemes and payment service providers, and has culminated in the release of our industry CNP Fraud Mitigation Framework.
This framework is designed to reduce fraud in online, CNP channels and build customer trust while ensuring that online transactions continue to grow. It establishes authentication as best practice to mitigate CNP fraud and defines the minimum requirements for an issuer or merchant (or acquirer or payment gateway) to authenticate CNP transactions online.
The Framework will be enforced through inclusion in AusPayNet’s Issuers and Acquirers Community code set (rules). It will work by defining fraudulent transaction value and volume thresholds that all merchants and issuers must remain below. Breach of these thresholds will trigger obligations for relevant merchants or issuers to take action. Repeated breaches over a period of time could ultimately result in financial penalties for issuers or acquirers.
The Framework will be effective as of 1 July 2019. Issuers and acquirers will be required to submit the first quarterly reports to AusPayNet by 15 July 2019, covering the reporting period of April to June 2019.
For more information regarding the Framework, please email us
The pace of technology change increases each year and it’s important that we assess the likely impact at an industry wide level, to ensure the payments system continues to meet the needs of all users.
To enable early identification of any challenges or opportunities that may require an industry response, we are reshaping our Emerging Technologies Experts Group (ETEG). This group will focus on all technologies that impact the payments landscape, from QR codes to artificial intelligence. Previously the group focused more narrowly on blockchain standards, but is expanding its remit to provide a collaborative venue for members to consider the full range of relevant technologies.
The group will meet quarterly and will be run in a way that makes remote participation easy. Over time, we hope to hold the sessions outside Sydney also. We will hold the first session in mid-May, so please get in touch if you have suggested topics for inclusion, or you’d like to join the group.
We look forward to hearing from you: ETEG@auspaynet.com.au
Reviewing existing standards and developing new ones is an important part of our work to ensure the security of card payments and support innovation at point-of-sale.
Over the past months, our technical team has been heavily involved in Payments Card Industry Security Standards Council's (PCI SCC) work to introduce a security standard for accepting contactless payments at commercial of the shelf (COTS) devices e.g. tablets and mobile phones. PCI SCC has now released the Contactless Payments on COTS Standard to the Mobile Taskforce for RFC, which ends on 14 May, and is on track to publish the Standard by the end of 2019.
Other developments in the first quarter of 2019 include:
For more information on our standards development work please contact the compliance team.
At the Payments Community meeting in December 2018, the Australian Payments Council (APC) launched a consultation on the renewal of its strategic agenda. In January 2019, a consultation paper sought views from members of the public by the end of February.
The renewal of the strategic agenda comes three years after the publication of the Australian Payments Plan in December 2015. For the last three years, the Plan guided industry thinking in areas such as the changing payments mix, open data and digital identity.
The APC’s consultation paper, Payments in a Global, Digital World, outlined the international and domestic background to the evolution of Australia’s payments system. The paper sought feedback on potential areas for industry collaboration – including the decline of cash, systemic resilience, financial crime, payment interoperability and social inclusion. The APC is considering the feedback, with the intention of outlining a new strategic agenda, which will be published in the second half of this year.
We were pleased to welcome the following new members to AusPayNet during the first quarter of 2019, bringing our membership to 130:
We look forward to continuing to build our membership and working together with members to improve the Australian payments system. For further information on membership please contact us.
On 1 March 2019, Andy White officially took on the role of AusPayNet’s new Chief Executive Officer and Executive Director (see CEO’s Corner). Previously, Andy was our Chief Operating Officer with responsibilities spanning member services and engagement, IT, project management and compliance. Among other initiatives, Andy has led AusPayNet’s development of the CNP Fraud Mitigation Framework and the Open Loop Transport Payments Framework.
Andy replaces Dr Leila Fourie who resigned as CEO in December 2018. Further information on Andy White’s appointment is available here.
Recently, we made a submission to the Treasury consultation, Tackling the Black Economy: A Sharing Economy Reporting Regime.
The consultation arose out of the Final Report of the Black Economy Taskforce (BET), which was released in May 2018. The Final Report contained a number of recommendations for inquiries in other areas. For example, Treasury’s 2018 consultation on the introduction of an economy-wide cash payment limit of $10,000 also arose out of the BET inquiry.
The current consultation sought views on implementing a transaction-reporting regime for the sharing economy. It proposed two options for how this reporting regime could be implemented: by the sharing economy platforms themselves, and by financial institutions.
Our submission supported the overarching purpose and objective of tackling the black economy, and commented that reporting through sharing platforms would most effectively achieve the objectives outlined by Treasury.
Our response to the consultation paper was submitted on 22 February 2019.