Long reads

Why Pay.UK sees ISO 20022 as the ‘internet of payments’

Paige McNamee

Paige McNamee

Senior Reporter, Finextra

Following the publication of technical materials for organisations implementing ISO 20022, Finextra Research spoke with Pay.UK’s director of standards, James Whittle, to contextualise the need for this new financial messaging standard, and how it fits into the wider New Payments Architecture (NPA) picture.

Pay.UK, the recognised operator and standards body for the UK’s retail interbank payment systems is tasked with the delivery of the NPA programme. The NPA involves a revamp of the country’s interbank payments plumbing to replace in the first instance the UK’s current Faster Payment (FPS) interbank system with a new clearing and settlement infrastructure, which is to be based entirely on the data-rich messaging standard of ISO 20022.

Alongside the Bank of England, the Payment Systems Regulator (PSR) is monitoring Pay.UK’s work throughout the development of the NPA. A consultation into the delivery and regulation of the NPA was launched by the PSR in February this year, and centred on finding appropriate measures to de-risk the NPA programme due to the perceived level of risk highlighted by both Pay.UK and the industry.

Pay.UK responded with public submissions to the Regulator detailing its analysis around areas of concern (namely around procurement), and just this week the Regulator determined that it would narrow the scope of the delivery contract for the NPA as a consequence of the level of risk.

The PSR announced that Pay.UK must, as a minimum, buy services needed to support single-push payments - which will allow most Faster Payment transactions to migrate to the NPA - and may buy additional services and system functionality only if the PSR does not object. The obligation on Pay.UK to carry out a competitive procurement will remain, and the PSR says that Pay.UK can discharge this obligation by continuing the current competitive procurement or starting a new one.

"A direct award is not the right way forward," stated the regulator. "We continue to have concerns about whether Pay.UK would have enough commercial leverage to secure good outcomes that support our regulatory objectives in a direct award. Moreover, Pay.UK’s analysis suggests this option would not be materially quicker than continuing the current competitive procurement."

Assuming bureaucracy doesn’t hamper efforts, Pay.UK appears to be making strides with its NPA transformation plans. Rather than digging-in to technicalities, Whittle first paints the big picture.

“To get really clear about the future of standards, which I think is often misunderstood as deeply technical, (though it’s technical to a degree) it all comes down to outcomes. If we put it in the context of the Internet, the Internet runs on infrastructure and standards. In the same way the internet transformed all our lives, I think we’re on the same journey with retail payments. I think about this transformation as the internet of payments, because it's all about our new services that can be powered by payments, and powered by data.”

While this optimism is easy to become accustomed to, the reality is that the transition to ISO 20022 is no easy feat. He explains that Bacs and FPS can trace their heritage back to the 1960s insofar as computing constraints, which means that (without losing ambition), it is naturally going to be a multi-year journey with real challenges.

“Payments power the economy, and data is changing our lives. I don't think it's unreasonable to expect the introduction of enhanced data in payments to make it a more competitive space. I'm pretty ambitious that it isn't just about making payments work better for banks and participants connected to the infrastructure, it's actually about creating better outcomes for everybody who relies on payments and depends on them, at both ends of that payment journey.”

With great power, comes great responsibility

Whittle acknowledges that this transition naturally involves a fundamental change to the entire interbank payments system across the UK, and because payments start and end with the user, it is essential that Pay.UK prioritises user outcomes to unlock true value for their ultimate boss: the UK citizen.

“Pay.UK is a designated Payment System Operator (PSO) - to give it its grandiose term – but what that really means is that we're regulated by part of the Bank of England, and the PSR, to operate our critical national infrastructure.

“Yet, the more we think about payments and data going out between banks and right out to end users, the further we move away from just being a PSO running the payment rails, and the more we start to think about what standards need to work in that end-to-end space.”

This is a complex situation to grapple with even for Pay.UK, given the sheer number and diversity of entities that connect to the central infrastructure: “It's multi-dimensional and we have to try and work on how we align interests to get things happening.”

Being effective across the entire payments ecosystem is vital, and in order to be effective, it must be resilient.

As a PSO, the FCA’s operational resilience requirements also fall on Pay.UK, and while resilience is a core part of its day-to-day operations, Whittle adds that they are currently in the middle of a large project to meet the upcoming regulatory deadlines.

“It is a big piece of work, it's the core of what we're here to do - to make sure the lights stay on for everyone because obviously if payments don't flow, there will be some pretty serious consequences.”

While the introduction of anything new to critical infrastructure tends to give a chill to the risk-averse, Whittle argues that the introduction of ISO 20022 will in fact work to create better outcomes in terms of long-term robustness and resilience, which will ultimately drive value-add to Pay.UK and its participants.

“If we really think about innovation and service in competition terms, it's actually in the broader ecosystem. If you think about the clearing and settlement utility, the more people that can get access to it, the easier it is to access, the more robust it is, the more resilient it is, the more you can allow people to do value adding things which is really driven by data and standards on top of that. It equates to better outcomes for powering the next generation of services.”

Getting it right to truly meet ISO 20022’s potential

Toying with the analogies du jour of “turning a super tanker” and “flying a Wright brothers’ plane in a race with Branson’s rocket”, Whittle instead goes back to the simple telephone:

“It's a novel invention but it doesn't unlock its network good unless you can call someone, they can pick it up and you can have a chat.”

In the context of ISO 20022 where additional data is transferred alongside each payment, “I need to be comfortable (in fact, I probably need a guarantee) that that data is going to arrive with the payee beneficiary. If it doesn't, then I have not unlocked the network good. It would be like having a telephone and no one to call.”

In this context, Whittle believes that the challenge isn’t only about getting banks ready to receive new ways of working for clearing and settlement, but it’s about unlocking the power of that data – all the way through to the back offices, through to their customer interfaces and channels and out into the customer experience itself – “now that is a big transformation.”

The real-life use cases Whittle raises drive the point home. Government Banking Services (GBS), naturally the largest transacting customer of Pay.UK’s infrastructure (in terms of volumes), could see a monumental impact from the ISO 20022 transition.

If the sheer number of PAYE and National Insurance payments the GBS has to make daily are able to benefit from the enhanced data capabilities by, for instance, drastically reducing fraud and error rates, this could be a positive impact on the lives of millions.

Or, for a person receiving universal credit, understanding and building better visibility around entitlements through better access to data, not only allows people to self-help in a much more efficient manner, but works to improve independent control over their finances.  

Whittle also points to the untapped opportunity ISO 20022 holds for SMEs: “Any business needs to do fundamentally one thing when it receives a payment: you need to know what it's for, and who it came from. If that’s not possible that you haven't got the appropriate controls for an effective reconciliation process.”

“As SMEs make up over 90% of private sector businesses in the UK, and employ about 16.8 million people, if we can start to make payments flow better for SMEs, by removing the cost, friction and risk of how SMEs interact around payments, the benefits will be massive.”

Managing timelines and expectations

When the conversation turns toward the readiness of UK institutions to implement ISO 20022, Whittle does my job for me:

“Is everybody ready? No.

“Is everybody going to be ready all at the same time? No.

“Is there more that we can do to help reduce the cost and friction of being ready? Yes.

“Is it just about publishing standards? No.

“Is it important to preempt the things that every player will have to deal with, and try to help them by producing them ourselves (like standard reference implementations, or software codes that they may all have to introduce)? Yes.”

Without confirming delivery dates tied to the New Payments Architecture, Whittle recommends that we instead look to other industry deadlines to gauge a realistic timeline (which, he emphasises, will not be a cliff-edge date but “more like a gradual set of incremental enhancements where data is the key to unlocking the benefit of those enhancements.”).

“If you look at the journeys the Bank of England has described about turning on enhanced data, as they call it, 2024 is key. You look at Swift, 2025, the date at which MT is supposed to drop away and 20022 will be the format of choice then. So I think that we're in a journey where you can expect 2024/2025 to be a key period in the payments industry.

While Whittle recognises that financial institutions have been vocal about wanting further assistance from Pay.UK, he adds that banks must get to grips with their modernisation plans and look at where they are on their strategic journey.

“Banks cannot just look at this simply as a payment format. They must think about it as an entire end-to-end process which includes customer touchpoints. They must start thinking about how they can coexist old formats and old systems, alongside new ways of working – technology can help in this respect.”

“This isn’t just the UK journey, it’s a worldwide journey and as research shows, by 2025, 87% of all high value infrastructures will be ISO 20022 enabled. This means that in an international payments arena ISO 20022 will become the de facto format.”

He notes that many large institutions are well advanced in their ISO 20022 enabled journey, as they invested in it some time ago, now have the capabilities and are eager to begin seeing the benefits come to fruition.

“But not everyone is the same, and therefore, I think it's pretty reasonable to expect that not everyone will be fully ready at any one point in time.”

The best way to thinking about it the challenge is to ask whether you have extra data that you can't consume through your payment channel. Whittle points to certain “smart ways of working” that are developing, which mean that financial institutions don't necessarily have to begin with reengineering their entire back office.

Rounding out his analogies on a more celebratory note, Whittle explains: “If you look at what Swift is introducing with TPM, or what other providers like Volante are developing, they're creating solutions that not only allow you to accept that you can't get a pint’s worth of data into a half-pint pot (which is your payment interface), but help you find other ways to integrate that data (the rest of the pint) into your back office and to be able to leverage it to meet your obligations, some other conduct and other obligations towards your customer. And of course, it also means you are able to leverage it to drive commercial advantage."

Comments: (1)

Andrew Smith
Andrew Smith - RTGS & ClearBank - London 08 October, 2021, 16:27Be the first to give this comment the thumbs up 0 likes

ISO 20022 is nothing more than a great data dictionary and structured payload. It can not be seen as the "internet of payments" as it doesnt provide any form of network, connectivity or process.  

That being said, it has a key role to play in the interopability of payment systems and simplification of data transformation. Now, in doing this, other networks and companies can start to build "the internet of payments" because it is no longer lost in complex transformations of data. It economically can make sense and can viably be looked at....