What are the risks of digital payments?

As the availability and popularity of digital financial services (DFS) grows in an increasing number of developing countries, policy and decision makers seeking to implement smart and proportionate financial regulation are urged to identify and assess the risk associated with these services. As with any innovation, there are bound to be unforeseen issues; the opening of millions of new digital payment accounts conjures, for instance, fears of system hacks and network failure that create uneasiness and uncertainty in the minds of regulators, authorities and institutions whose responsibility it is to balance the security and stability of the financial system with the policy objective of financial inclusion.

The DFS ecosystem presents a series of novelties that are altering the dynamics, mechanisms and perceptions typical of brick-and-mortar financial systems. New types of products, new distribution models (i.e., agent networks) and channels (i.e., mobile phones), atypical providers (such as Mobile Network Operators, or MNOs) and customers with distinctive needs and circumstances (the poor) require innovative regulatory approaches and solutions.

With this in mind, the Financial Services for the Poor team conducted original, extensive research to inform a new report launching today: Assessing Risk in Digital Payments. The main goal was to identify the primary types and sources of risk inherent to digital financial services, particularly mobile payments; determine whether these risks are unique to that context; and identify the stakeholders (consumers, providers and/or the system at large) most exposed to these risks.

Old Risks, New Context

Our initial findings indicate the risks carried by DFS are not fundamentally different from those associated with traditional banking services. These are, after all, mostly digital and mobile already: direct deposit, online commerce, mobile apps, credit cards saved on file and automatically charged for subscription services, NFC transactions, etc. The risks germane to these systems and procedures are similar in nature to those affecting mobile payments systems in developing countries.

Though this may sound like a fairly simple or “underwhelming” finding for such a complex study, its implications should not be underestimated. Too often, when approaching a nascent sector such as this, a lack of proper understanding results in stringent and costly requirements that end up undermining the business model and jeopardizing its chances of success and profitability. A proper understanding, therefore, allows us to conceive and apply requirements that steer without stifling.

While we found that the risks associated with mobile payments are not new overall, we recognize they may be new to the specific players assuming them in this context. For instance, if it’s an MNO providing the platform for a mobile payment system, it will be managing some risks (such as agent liquidity) more familiar to banks. If it’s a bank providing services, on the other hand, it will be taking on some risks (such as disparate networks of individual agents and kiosks) more familiar to telecoms.

Digital financial systems are still very much emerging, but regulators and the private sector can rely on key insights and precedents set by others in the field in order to help them prepare for the new risks they will be taking on. Banks and telecoms, in other words, can learn from each other to manage risks new to them but familiar to the other. Going forward, the cross-application of solutions and lessons learned will be a crucial component of conversations among governments and institutions establishing and regulating mobile payment systems as they expand to more people in more countries.

“Noise” at the User Level

The report assesses three categories of risk: operational risks, solvency/liquidity risks and risks associated with more advanced financial services (e.g., lending and insurance products). And our research revealed that the greatest risks, both in terms of likelihood and severity, are operational: money sent to the wrong account because of user error (on the part of either a customer or provider), services threatened by infrastructural shutdown, system hacks, etc. And of these,  the everyday contingencies at the level of the end user should not be underestimated.

There is a great deal of “noise” at this end of the system: users may forget their PINs; agents may perform small acts of abuse without detection, such as inflating a surcharge and pocketing the excess; agents may also become targets of theft, as they accumulate and must deliver a day’s or week’s worth of cash deposits made by customers to banks each day. In the landscape of mobile payment systems, this is the area of greatest randomness and uncertainty, and while regulating it will be difficult, it is where we should focus in order to provide stable, secure services to the billions who need it.

The Road Ahead

The profit margins to provide payment services to 2.5 billion unbanked people will be razor thin, and providers will rightly take care with how they design their systems and manage the associated risks. With this report, we hope to further the perspectives and conversations shaping these new systems. And by cataloguing the risks and outlining an approach to managing them, we are helping to create a stronger foundation for a world in which digital financial services operate with stability, integrity and security, both for users and for providers.

This article is published in collaboration with Impatient Optimists. Publication does not imply endorsement of views by the World Economic Forum.

To keep up with the Agenda subscribe to our weekly newsletter.

Author: Jason Lamb is Deputy Director, Financial Services for the Poor at Bill & Melinda Gates Foundation. Sacha Polverini is Senior Program Officer at Bill and Melinda Gates Foundation

Image: A hand is silhouetted in front of a computer screen in this picture illustration taken in Berlin. REUTERS/Pawel Kopczynski