Pay.UK to Launch an 8 Week Consultation to Implement ISO 20022

In early February seeking particpants’ views, Pay.UK is set to launch an 8 week consultation on how best to implement ISO 20022.

The Association of Independent Risk & Fraud Advisors (AIRFA) is an active Pay.UK guarantor. We also wish to draw your attention to their planned consultation in February 2020, an opportunity for all stakeholders to provide feedback on a major industry development.

The Standards Authority at Pay.UK is responsible for setting and maintaining these standards in the UK payments industry. More detail on their role can be found at

As part of the New Payments Architecture, industry is adopting the global standard ISO 20022. It enables payments to carry more associated data. This will provide greater insights, form the basis of new services and deliver better outcomes for all stakeholders.

Pay.UK will launch an 8 week consultation in early February seeking particpants’ views on how best to implement ISO 20022. This will ensure key standards defined for clearing and settlement capabilities of the New Payments Architecture will benefit the widest possible community.

Pay.UK consultation documents will be published on their website at

Pay.UK expect the findings to be published in the second half of 2020.

Watch the Pay.UK website for further information. If you have specific questions please contact Pay.UK at

For more information visit

Kevin Smith is a Senior Payment Services & Risk Management Consultant & Industry Advisor at Riskskill and permanent member of AIRFA.

After Ban PayPal Halts Operation in Turkey

paypalIn a strange sequence of events, we read that Paypal has been unsuccessful in securing a payments processing license in Turkey. This means that it will not be able to send or receive money for Paypal customers in Turkey. Furthermore, existing payment funds will have to be paid back to Turkish bank accounts. This does not bode well for Paypal, other global payments systems or the cross-border processing of payments in Turkey and Europe overall.

Why is this? It seems that the BDDK (, i.e. the Turkish Banking Regulation and Supervision Agency introduced a law (June 2013) that required Paypal and others to base their IT systems in Turkey.

We all recognise the need and support for individual markets to protect themselves with appropriate controls, particularly in processing ‘sensitive data’, but requiring all operators to process and retain all data ‘locally’ in Turkey, seems overly reactive and more of a deliberate way of preventing international players from operating in the Turkish market. This will force ‘new’ international entrants to the market to take a more local presence in Turkey – both for governance and for where the IT systems are based. And what about other existing non-compliant entities?

It appears that Paypal have been very gallant and relatively quiet publicly about this situation in commentary since the decision; so it begs more questions:

a) With Turkey’s ambitions to join the EU (negotiations started in 2005), is this really going to help in the spirit of economic collaboration and delivering global commerce?

b) Turkish authorities have enough bigger challenges – so can they really want this to further hinder their campaign?

c) Who else will this impact? Will other and existing companies that are not complying with the same requirements be required to leave the country if they do not meet the requirements that IT systems be located in Turkey?

d) Did no one at Paypal see this coming?

e) Has no-one in the European monolith raised this as an issue with Turkish authorities and explained to them how far away from the spirit and intent of the EU marketplace this really is?

Kevin Smith, author of the news is Joint Chief Executive at AIRFA, and director of RiskSkill. He is highly experienced and independent payment services, risk management and compliance consultant. For more information visit website

Source: Banking

RBS Announces Trial of Cryptocurrency

Royal Bank of Scotland has just announces that it is trialling its own cryptocurrency – which of course, will resonate on the news-lines significantly.

But let’s stop and work out why they are doing this and why they are announcing this?


With around 1000 cryptocurrencies globally and with the market leading cryptocurrency being 100s times bigger than all the others, it seems like a strange thing to do from a marketing, sales, competitive basis. RBS have certainly not said that they intend in any way to ‘corner the market’ or to be a ‘world leader’ in this area – so this is not their motivation. So let’s not get hung up on this, or expect them to start sending you and me application forms any time soon.

Will RBS be creating a gateway for audited and trackable payments to its correspondence banks and across its own network? Maybe. However it is unlikely that it will be replacing its very lucrative payments transmission businesses, but there is an option for it to reduce the costs and increase the audibility of its own internal ‘group’ payments – as it has stated that the trial that it has been progressing with have involved its different banks within the group.

So if it is not going to sell me and you (as customers) a new payments service at lower costs, and it is not going to compete in the alternative currency markets, then we have to read this move by the RBS as follows:

We are a big bank and government run; but we want to demonstrate that we are forward-thinking and are reviewing seriously ALL the new and latest ideas and technologies.

Blockchain and Crypto-currency media gets a good reading and positive reactions from the public so we need to be announcing this to the world.

It is really just work that we are doing in our own laboratories within the RBS group. We are testing these things so that we understand all about them and can then work out where we can use them and where we can adopt them.

So, if this is the case, we can simply read this with interest and forget it; until RBS then follow this with a notification of how they are going to use it in the ‘real world’ – and then we can start to think harder.

In the meantime, it is worth noting that there are so many things that can be done with the Blockchain technology and so many great new business start-ups that are using the technology to evolve real-world business solutions that the banks that will survive in the next 10 years will be those that embrace the new, take the best of what is on-offer and move forward as if they are small agile businesses rather than the big banks that they are.

RBS are seemingly doing the right things in the market (or starting to do so), but this is nothing that we need to get excited about or worry about as consumers. Not just yet.

But this should worry all the banks that are not doing these things.

For further information, please contact Bill Trueman or Kevin Smith (eminent risk and fraud specialists) both are member of AIRFA.

Judges Pave Way for Banks in US to Sue Target over 2013 Data Breach

I read with interest that news in Finextra and elsewhere that the banks have been given the go-ahead to sue Target for $30m for the reissue costs associated with the data compromise in 2013. This puzzles me, as I then want to know how the figure of $1200 per card is calculated.

The cost of re-issue will be less than a tenth of that per card. How they can justify that size of loss based upon a reissue alone is not conceivable.

To read more visit here

Is EMV ‘A Colossal Waste of Time’ for Retailers?

Recently Bill Trueman, director of UKFraud and RiskSkill, a globally famous eminent risk and fraud specialist published a post about the effect of EMV on Retailers which many retailers are concerned of in USA. Below is that post…

Before saying “EMV Return on Investment Unlikely for Retailers” we should consider some points. The only thing that surprises me about this “glass half-empty and cracked” view is that we did not see it earlier. Surprise surprise, everything has a business case. Sometimes it is clearly positive, others more difficult.

EMV has always been in the more difficult bucket. It is an infrastructure change, not just a few tweaks. It should have been treated more seriously and realistically. Of course it comes down to how you measure this and what you want to prove. It is easy to prove a negative position. More challenging to demonstrate a closer to break-even or soft benefit. We have known about it coming for a long time.

Visit Here to Continue Reading…