Community

What're those services? If TPPs could flourish without PSD2 / Open Banking, why're they clamoring for regulation? Why don't they continue with the past situation?

"This is indeed a novel approach - we are not aware of any other case when new competitors in an industry have been obliged to rely on a specific API controlled by the incumbents," says a statement. 

Seriously? Can the European Fintech Alliance name a single industry - apart from finserv, that is - in which the incumbents are mandated by regulators to share their customer info with their competitors? Yes, Amazon with Overstock.com, anyone? Facebook with Twitter? There was so much hue and cry when WhatsApp wanted to share its user info with its own owner Facebook.

IMO, the European Fintech Alliance shouldn't look the gift horse in the mouth. 

Nice post. Is there really "anything in it" for banks in Open Banking? I keep hearing about the potential for banks to build ecosystems etc. but I haven't heard of many concrete benefits to banks from Open Banking. OTOH, there are many disadvantages of being forced to give away customer data to third parties. I wonder what'd happen if regulators forced the Amazons, Googles and the LinkedIns of the world to share their customer data with third parties, however "licensed" or empaneled they are.

Great post. Has helped greatly in my understanding of the anatomy of PNB fraud. 

Would be great if you could share your thoughts on what's the most common combination of systems and workflow used by other banks to prevent even a single instance of this fraud from happening, let alone multiple instances over several years?

AFAIK, human users initiate payment transactions on core or other payment processing systems, after which the message is untouched by human hands as it is submitted automatically by those systems to the SWIFT Gateway system, which then sends it out to the SWIFT network. But, even in that workflow, I'm guessing sysadmins can still input a payment directly on the SWIFT Gateway. Sounds easy. But if it were really so easy in actual practice, the sky would've fallen long ago. Any idea how banks have prevented that from happening over their 30+ years of usage of SWIFT?

@HiteshThakkar: Thanks a lot. 

@HiteshThakkar:

TY for your comment, which has helped elevate my understanding of the anatomy of the PNB scam a little bit. Would be great if you could share your thoughts on (1) How did this fraud go undetected for so many years? (2) What's the most common workflow used by other banks that'd prevent even a single instance of this fraud?

AFAIK, human users initiate payment transactions on core or other payment processing systems, after which the message is untouched by human hands as it is submitted automatically by those systems to the SWIFT Gateway system, which then sends it out to the SWIFT network. But, even in that workflow, I'm guessing sysadmins can still input a payment directly on the SWIFT Gateway. Any idea how a bank can prevent that from happening?

TY for your kind words @AnonFinextraMember.

On a side note, I must add Cash is the enemy to the list of counterproductive actions from the "War on Cash" Brigade that has pushed out the cashless / lesscash outcome further away.

To paraphrase Al Capone (a former Mafia Don), you can get a lot more done with cash and cashless than with cashless alone. 

Since I'm a payments tech professional, I have a vested interest in the growth of cashless / lesscash. However, IMO, silly, reality-defying and headline-bait posts like this are the enemy in the drive to achieve that outcome. I've shared some alternatives in How To Really Kill Cash.  

@DavidGodfrey: I don't know the exact figures but I can bet that the amount lost to criminal activity associated with electronic payments is 10X more than that associated with cash. If SWIFT is not an MOP, neither is cash - as someone who lived in India in November 2016, I only know too well how suddenly sovereign guarantees can be revoked. Besides, the point is moot: The PNB scam involved no cash and that's the real point - fraud can happen with any way you pay and not just when you pay with cash.

The currently unraveling $1.8B fraud at India's Punjab National Bank happened entirely via SWIFT, the mother of all electronic payment methods.