Wholesale CBDC (central bank digital currency) of the Eurosystem: all information at a glance

The ECB (European Central Bank) has been exploring the possibilities of distributed ledger technology (DLT) and its use in payments since the year 2017. If a central bank issues a digital currency on a DLT basis, this is referred to as a central bank digital currency (CBDC). In addition to retail CBDC (rCBDC) for private customers, various wholesale CBDC solutions (wCBDC) for high-value payments between financial institutions in the euro area are being considered, which are presented in this article.

At the end of 2022 the ECB and the users of the Eurosystem  discussed possible new  requirements for the future infrastructure. Most stakeholders expect a significant increase in DLT solutions in the wCBDC sector over the next 5-10 years. To mitigate dependence on private providers for programmable payments and ensure greater control over the solutions, the ECB has chosen to explore in-house alternatives. The result of this initial research were three possible solutions: the first solution from the Deutsche Bundesbank, the second from the Banca d'Italia and the third from the Banque de France. All three solutions are now available for testing, as it was uncertain which one will meet the markets requirements best. If the timeline is compared with the one of the TARGET2 consolidation, the speed from the idea to the implementation is remarkable. 

In the following, the three solution concepts of the ECB's New Technologies for Wholesale Settlement – Contact Group (NTW-CG) are presented and the advantages and disadvantages explained. The NTW-CG describes itself as a sounding board and supports the Eurosystem in organisational and directional decisions. Market participants from various financial institutions, stakeholders and central banks are represented in the NTW-CG. The solutions offered focus on use cases such as delivery vs. payment (DvP), i.e. delivery against payment in the securities environment, and payment vs. payment (PvP), for example for different currencies in the cross-border payments environment. The ECB focusses on those solutions that are classified as interoperability types. The euro payment ("cash leg" – money side) is to be processed within the Eurosystem, while the asset chains ("asset leg" – securities side) and foreign currencies ("foreign currency leg" – foreign currency side) are to be located outside the Eurosystem and handle the securities transactions. 

The Deutsche Bundesbank's trigger solution, the Banca d'Italia's TIPS hash link and the Banque de France's DL3S DLT are based on interoperability, as otherwise strict requirements for the control of central bank money and, if necessary, additional standards for the integration of the solution would have to be defined.

All three ECB solutions are based on the current TARGET2 consolidation standards and can be tested independently of each other. However, a certain specification of the T2 messages could prove to be advantageous during testing. Participation in the "experiments" (test system) and "trials" (productive operation) is voluntary. 

The trigger solution of the Deutsche Bundesbank – an account-based CBDC 

The Deutsche Bundesbank's trigger solution is based on a kind of bridge between the existing T2 infrastructure and external DLT platforms. Two components are provided by this solution: an interoperability adapter and a DLT-based trigger chain. The trigger chain requires no specific technical  developments or adaptation on the asset chains (which are developed and operated externally). Tokenised assets are issued and traded on the asset chain. The solution has  already been tested successfully in 2021, with the former TARGET2 system. 

A DvP transaction is triggered in the asset chain and the payment instruction is transferred to the Bundesbank's trigger solution via a smart contract (HTLC – hashed timelock contract). The trigger solution forwards  the transaction  to RTGS in an ISO 20022 message via ESMIG. The notification on successful bookings in RTGS are forwarded to the asset chain via the trigger chain. The transaction is then finalised on the asset chain. The HTLC is completed . Market participants can  add additional smart contracts to the trigger chain. 

Figure 1: Schematic figure of the trigger solution

Banca d'Italia's TIPS hash link solution – an account-based CBDC 

Banca d'Italia's solution envisages a TIPS-like platform that communicates with users via an API gateway. The Banca d'Italia's TIPS hash link and the Deutsche Bundesbank's solution do not require wallets, as it is an account-based CBDC, unlike the Banque de France's solution. 

On the market DLT (equivalent to the asset chain), a smart contract (HLC – hash link contract) locks the asset and forwards the payment transaction via an API gateway. The confirmation of a payment in central bank money in the T2 services results in the delivery of the asset or a foreign currency on the market DLT. The hash link contract (HLC) has a similar role to the hashed timelock contract (HTLC) used in the Bundesbank's solution. 

Figure 2: Schematic figure of the TIPS hash link

The Banque de France's full DLT solution – a token-based CBDC

The Banque de France's proposal envisages the development of a DLT (DL3S) on which the central bank can create tokenised euros. The result is therefore not an account-based but a token-based CBDC.  The settlement of assets with a market DLT is as follows. 

  1. A smart contract (HTLC) on a market DLT locks the asset and forwards the payment transaction to the DL3S DLT via an interoperability mechanism.    
  2. The cash leg is processed in the DL3S DLT. 
  3. The HTLC is responsible for finalising the delivery of the cash leg (in the form of cash tokens (wCBDC)) on the DL3S DLT and releases the asset on the market DLT. 

The Banque de France's full DLT interoperability model includes the holding of foreign currencies as part of its  token-based approach. Bank customers need a cash wallet (sub-wallet) at their bank. The bank therefore not only holds and transfers its own cash tokens but also those of its customers. While the bank manages the cash wallets of its customers, its own wallets are managed by the central bank´s node (network node/connection point). If the national central bank does not have its own node, the bank can use the node of the Banque de France. Banks are responsible for creating HTLCs on an "all-or-none" basis. Liquidity transfers between RTGS and DLT are easily possible. 

Figure 3: Schematic figure of the DL3S DLT

Summary

The three solutions mentioned are intended to be primarily evaluated from anoperational, a business and a technical perspective , even though most details are not yet known. In connection with the established timetable, areas such as settlement performance, efficiency, security, and reliability have already been defined as topics that are to be examined in more detail. These topics were further broken down into objectives, based on which remaining issues have been identified. An open issue is, for example, to what extent Instant Settlement will be a central component of the future infrastructure (TIPS is unaffected by this question) or whether 'Atomic Settlement' is sufficient. In this context, atomic refers to the settlement process either completing entirely and successfully or failing completely.

The timeline

There is not much time left to take part in the 1st wave of tests. To take part in the "experiments" and "trials", users must register via the public "Call for Interest" and take part in the testing activities. Initially, the start of the “Call for Interest” was planned for November, now the start date seems to be postponed to December 2023. The testing activities should  ensure i.e. the technical connection. The first test phase is scheduled for December 2023 and a second test phase is scheduled for July 2024. Deadlines for the "Call for Interest" are in January 2024 for the 1st wave and April 2024 for the 2nd wave. November 2024 also marks the end of the "experiments" and "trials" for users who wish to take advantage of the second onboarding window. 

Active participation in the tests, coupled with a detailed examination of the designs, allows for proactive involvement in shaping a solution. The described trials and experiments are intended to approach the defined goals. Regular reporting will document the results. Therefore, it remains to be seen which solution will ultimately prevail and how the precise implementation will unfold.

Authors: Viktoria Liehmann, Philipp Uhinck

Alternative authorisation concepts for EBICS – complementary signature classes & co.

What authorisation options does EBICS offer today?

The EBICS specification regulates the type and process of authorisation for payment submissions. For this purpose, various parameters are specified that allow different authorisation models to be defined.

But is all this enough to comprehensively cover market requirements? Apparently not, because only recently, with EBICS 3.0.2, the optionally usable complementary signature classes X and Y were specified for a new authorisation model. This extension comes with new EBICS schemes. Do new wishes and requirements in this field necessarily have to be accompanied by changes to the EBICS specification? 

Not really, because there is another way. As is known, the basic structure in EBICS is formed by the signature classes T, E, A and B with different values and the option of choosing the number of required electronic signatures. In combination with signature class T, authorisations can even be instructed outside EBICS. With the electronic distributed signature (EDS) functions, it is also possible to decouple transport and authorisation.

The basic construction kit for extended authorisation models in EBICS is thus available. 

Very diverse and heterogeneous requirements 

For example, the German Banking Industry Committee (DK) has specified a special form of an authorisation model with existing EBICS means for the use of the SDC procedure under EBICS. This takes into account the separation of transfers by a service provider and authorisation by the original customer using the existing EBICS options; there is another use case with the trustee model. In addition, there are always market requirements which can certainly be mapped without adjustments to the EBICS protocol. Such requirements concern, for example, authorisation sequences and the delegation of authorisations, but also authorisations in group assignments. These models can generally be implemented with existing EBICS means on the bank server or in the customer client.

Precisely because the variety of requirements is potentially large and in part very individual, and in order to avoid compatibility problems, it makes sense to implement these concepts outside the EBICS specification where possible. 

The solution to all problems

A versatile solution model is the group concept. EBICS users are divided into any groups on the bank server. The groups can also be customer-specific. The business transactions, signature classes and number of signature classes apply unchanged. For authorisation, it can be selected whether the final authorisation should only be carried out with users from different groups or only from one common group when using the concept. A group sequence for visibilities in the EDS query is also possible. The configured model can then be documented for the customer in the BPD sheet. This way, many authorisation models can be defined in an EBICS version-compatible and interoperable manner, including the complementary signature model. How about that?

Author: Michael Lembcke

One-Leg Out Instant Credit Transfer rulebook – the starting signal for cross-border instant payments

Real-time payments are already widely used in many parts of the world. In the SEPA area, instant payments have been available since 2017. A legislative initiative of the European Commission now also envisages making it obligatory first to receive real-time payments and then, a few months later, to send them. Real-time payments systems are also already in use in other regions. Brazil, India and Singapore, for example, have systems with high transaction numbers. However, there is still no possibility to transfer money across borders in real time. Cross-border transfers are often still associated with long execution times and non-transparent fees. That can change now.

Instant payments goes international
In the area of cross-border instant payments there are already many initiatives that want to enable international real-time payments. Examples are immediate cross-border payments (IXB), Nexus and SWIFT Go. The developments in the area are not by chance; international politics is also pushing for efficient and cost-effective cross-border payments. The G20 countries have set themselves the goal of making cross-border payments cheaper, faster and more transparent and have developed a roadmap for this. The European Commission is pursuing the strategic goal of strengthening the role of the euro in the international context – an important component here is also real-time payments.
The European Payments Council (EPC), as the interest group of European payment service providers, is also involved in the international discussions. The EPC manages the SEPA schemes and thus, since its introduction in 2017, also the SCT Inst scheme. With the One-Leg Out Instant Credit Transfer (OCT Inst) rulebook the EPC now goes one step further.

The One-Leg Out Instant Credit Transfer rulebook
In November 2023 the new OCT Inst rulebook will come into force. It provides rules and formats for real-time cross-border payments in euro – but concrete technologies for implementation still need to be developed. There is still no obligation for payment service providers to subscribe to the OCT Inst rulebook and offer this form of international real-time payments. The rulebook covers the following scenarios:

  • International instant payments: instant payments where one participating PSP is located in the SEPA area and one in the non-SEPA area and where at least the SEPA part of the transaction is denominated in euro. This includes, for example, euro payments to the USA.
  • Cross-currency instant payments within the SEPA area: instant payments within the SEPA area between euro and non-euro currencies (e.g. GBP, CHF).

To avoid confusion: For instant payments within the SEPA area in euro, the familiar SCT Inst scheme continues to apply; the OCT Inst rulebook does not apply here. The following table illustrates the scope of OCT Inst in contrast to SCT Inst and other schemes:


For participation in the OCT Inst scheme the rulebook provides for different roles. Financial service providers who decide to participate can individually decide which offer they want to provide on the basis of OCT Inst and then take on the corresponding roles. A financial service provider must at minimum take on the role of a SEPA-based payee's PSP. This means that the provider must be able to process incoming OCT Inst. In addition, a financial institution may decide to offer OCT Inst to its own outgoing customers. For this, it must also become a SEPA-based payer's PSP. Euro Leg Entry PSPs and Euro Leg Exit PSPs act as a link between the SEPA Euro Leg and other legs of the transaction. In addition, as an OCT Inst processor you can provide other services. The following overview illustrates the interaction of the different roles:


The advantages of OCT Inst as a procedure for international payments are obvious. End customers can benefit from more efficient payments procedures with higher STP rates. Financial institutions can win back business lost to other providers in cross-border payments or also open up new business models and associated revenue opportunities. Moreover, an OCT Inst payments procedure does not have to be implemented completely from scratch from the ground up – the format is based on the SCT Inst rulebook and is internationally compatible as it is based on CBPR+ and IP+.

The race is on – what should financial service providers do now?
Currently, there is still uncertainty about the implementation, although the possible launch date is only a few months away.  Moreover, the rulebook only regulates the SEPA side of the transaction. For the non-Euro Leg, corresponding specifications are required, which are outside the scope of the EPC.
The coupling of real-time payments systems is a promising approach to enable international instant payments. OCT Inst forms the basis for international real-time payments on the SEPA side.
Due to the lack of clarity and the voluntary nature of the scheme, most financial service providers are still taking a wait-and-see approach. However, every financial institution should address the strategic implications at an early stage and conduct an impact assessment.
  • What is my business model in international payments?
  • What offers do I have and what revenues are associated with them?
  • Which areas could be replaced by OCT Inst?
  • What services can I offer to open up new business areas?

In the future, cross-border instant payments will also become the standard in cross-border payments. It is still open who will benefit and who will be burdened by this. Financial service providers should set the strategic course to be on the right side. The race is on!

Author: Ann Kristin Mundt, Lukas Schlotfeldt

PSD3/PSR

The EU Commission recently published its proposals for Payment Services Directive 3 (PSD3), as a supplement to the previous PSD2. The proposals have implications for players in the payments sector and are controversially discussed. We would therefore like to briefly explain the most important points.

Regulation effective immediately

The PSD2 has been reviewed and the EU Commission has revised its contents. The result is a PSD3 and a PSR (Payment Service Regulation). While the PSD3 is a directive that the respective member states must transpose into national law, the PSR is "only" a regulation. It is effective immediately and does not require separate incorporation into the respective national laws.
Some of the contents of the PSD2 are migrated to the PSR. This should lead to a more uniform implementation within the EU. While there is additional room for interpretation in the case of a transposition into national laws, the same wording applies to all countries in the case of a regulation – with the restriction that this wording is also translated into 24 languages. The overall scope is nevertheless more limited.

No further accounts
The PSD3 as well as the PSR continue to be limited to payment accounts. The much discussed access to further accounts, such as savings accounts, was outsourced to another regulation (Regulation on a framework for financial data access, Open Finance).

Better sooner than later
PSD3, PSR and the Open Finance directive are available as proposal, i.e. draft. Following this draft by the EU Commission, the further legislative process will now take its course. The EU Parliament and the EU Council will be involved. A final draft is not expected until the end of 2023 at the earliest, more likely not until next year. With EU Parliament elections due in June 2024, publication could be further delayed. In addition, there is an implementation period of 18 months and for the directives also the transposition into national laws. The topic will therefore accompany our industry for some time to come. Irrespective of this, all those affected should already deal with the drafts and assess possible effects on their own business model.

It gets more extensive
While PSD3 takes care of payment service provider authorisation issues and their supervision, the requirements for the execution of payments are outsourced to the PSR. The latter is also twice as extensive in draft form as the PSD3 draft. At least going by the number of pages. 

The PSD3/PSR will be merged with the e-money regulation.
Payments made exclusively with cash are still not affected by this regulation.

Access to payment accounts, but how?
The PSR addresses information requirements for payment services, permissible fees, access to payment systems, rules for account information services (AIS) and payment initiation services (PIS) and how they can be accessed. The interface requirements for third-party service providers have also been clearly specified. But here, too, there will be a more far-reaching Regulatory Technical Standard (RTS), as we know from PSD2.
For account information services, access to data should be significantly facilitated and thus the customer journey offered by them optimised. So far, this has often been very cumbersome in practice, as a variety of authorisation procedures and deadlines are mixed when consolidating payment accounts at different financial institutions. These service providers also often combine information from payment accounts (regulated by the PSD2) and other financial information such as savings accounts, custody accounts and credit accounts. This is where the new regulation on Open Finance comes into play, which is also available as a draft. Access to payment accounts should continue to be regulated in the PSD or, more specifically, in the PSR.

Account check
A major change is likely to be the IBAN/name check for all payments, as it is currently being discussed for instant payments. The aim is to combat fraud. As surveys have repeatedly show, many consumers assume that such matching already takes place today. However, the IBAN/name check is different from the account number/name check known before the SEPA introduction in Germany. At that time, the recipient institution checked whether the account number and name matched for incoming payments (but not all of them).

Out with the new
The PSD2 introduced the role of third-party providers. It was one of the biggest novelties and was intended to regulate services that had already emerged on the market unregulated. Account information services and payment initiation services exist in practice and provide services to consumers. The ominous third-party card issuer or "payment service provider issuing card-based payment instruments" was described in Article 65 of the PSD2. The market spent a long time speculating about which service this could be. Now the legislator has provided clarity and completely deleted the article on confirming the availability of a sum of money.

About regulation
The German Banking Industry Committee (GBIC) generally welcomes the EU's proposals on PSD3 and the associated goal of strengthening consumer protection and improving security in payments. However, the GBIC expresses concerns about the more extensive scope of information to be shared via the third-party service provider interface and the planned extension of liability rules. According to the GBIC, too far-reaching liability for payment service providers could lead to higher costs for consumers. In addition, there is a danger that smaller payment service providers will be overburdened by the additional liability and forced out of the market.

The PSD3 is the next step towards a more regulated payments landscape. It aims to improve security and consumer protection while maintaining innovation and competitiveness in the payments sector. It remains exciting to see how the discussion will develop and which regulations will ultimately be adopted.

Author: Swaantje Anneke Völkel

EBICS payment receipt in real time – utopia or reality!?

Payments with FTAM or EBICS have been characterised by contradictions for over 25 years. Eve-ry form of communication was a one-way street, there was always only a technical acknowledge-ment and you could only be sure that everything had really worked when you had manually down-loaded and read through the customer log with a time delay. A comparison for the process could be a postal letter sent in a non-transparent envelope with the receipt of the answer by postal letter in any envelope. Even though the transmission was of course much faster than the classic postal letter.

Well, time marches on, the need for an answer within seconds and, above all, a qualitatively meaningful answer is taken for granted today. EBICS must also slowly (finally!) meet this demand and offer new mechanisms.

However, the previous procedure of reciprocal transmission of the order and its response must not simply be ignored or even discarded. Existing process sequences in EBICS have their proven right to exist, especially when it comes to transmitting very large amounts of data, which even today require several minutes for complete processing. It is precisely this capability that is still the out-standing feature of EBICS.

In spite of everything, it must also be possible in the future in the EBICS protocol to be able to send smaller amounts of data faster and above all with an immediate business response.

To be able to consider these future requirements, the EBICS protocol was extended to include the EBICS real-time messages. In this, a second bidirectional communication channel is set up between the customer product and the EBICS bank server. In the current specification this chan-nel is initially only used for ad-hoc messages from the bank server to the customer product.

In the future, this now existing communication channel can also be used for submissions and in-stant business processing in the banking environment. This instant processing can then also gen-erate the necessary return messages and immediately – similar to the online banking – display a qualitative return message to the user.

Currently, this submission format is still being piloted with special EBICS systems and is not gener-ally established in the market.

However, much more important than the above future scenario is the generally available form of asynchronous return messages to customer systems and their users, i.e. the corporate customers, which has already been specified for two years. This EBICS real-time notification is documented in the specification "Real-time notification" and can be implemented by all manufacturers. It offers unique opportunities to inform customers, i.e. corporate customers, quickly and promptly about all kinds of changes to their various accounts.

With this new capability of the EBICS protocol it will be possible in future to send a real-time mes-sage via EBICS to the customer and the customer system already at the time of booking. The EBICS infrastructure will then provide an interface for this which can be integrated into corre-sponding booking systems or it will also be possible to use any other text-based messages from other banking systems and thus always provide corporate customers with new messages. De-pending on the performance of the customer systems, many new interesting forms of application can be realised.

For financial institutions which do not want such a close coupling between EBICS and their busi-ness applications or for which integration is too cost-intensive, another option will arouse interest.
EBICS bank servers – such as TRAVIC-Corporate – can send an immediate message to the cus-tomer system(s) assigned to the customer each time data is provided, signalling that new data, e.g. an incoming account notification, is available.

This form of notification will generate interest i.a. among customers, especially in the context of instant payments. In the future more and more – regulated – payments will be based on instant payments and thus be executed quickly. This means that the payment receipt by the corporate customer must also be indicated immediately so that the goods or services can be delivered or provided quickly.

EBICS real-time notifications are the most important element of an instant payments solution over the entire process.

These messages are also structured in such a way that customer systems – such as TRAVIC-Port – can derive actions from them internally. Automated downloads of the data provided by the fi-nancial institution become possible.

And if EBICS real-time notifications become more and more established in the market, the many "hopeful queries" from customers – 80 to 90 % of account statement queries from customers are answered with "no data" – will no longer take place. Customers will rely on this new mechanism. For the operators of EBICS bank servers this means that they only incur consumption costs when data is actually available. This is an important savings effect for financial institutions, which means that their server systems are allowed to be smaller and are actually much less frequented.

However, the whole scenario can only gain momentum if financial institutions start to offer this service; waiting for the customer product manufacturers will not work, as they always only incorpo-rate changes into their products if there are actually suppliers – i.e. EBICS bank servers.

My appeal to the EBICS banks: Start the new service to use the next generation of the EBICS protocol for yourself and, above all, for the benefit of your customers.

Author: Michael Schunk

Stablecoins blog post series – part 3: regulatory requirements

As already teased in our second blog post in the series on the topic of stablecoins, this final article will take a closer look at the regulatory aspects of stablecoins.

Fittingly, the European Union published the comprehensive MiCA regulation in the European Official Journal on 09 June 2023. It forms the European regulatory framework for crypto-based currencies and thus sets global standards for the regulation of crypto assets. While the desire for uniform regulation of cryptocurrencies in the US is growing, Europe is taking an unusual position as a driver of innovation, even though the regulation will not fully apply until 30 December 2024. It remains to be seen whether this set of rules will only be applied exclusively to the European market in the future or whether the US market, for example, will simply follow or adopt a similar set of rules.

What does the MiCA regulation bring?
First of all, the regulation is a clear signal to the market that the handling of crypto assets in the EU is not to be prohibited or prevented. Instead, a sensible legal framework will be established in which the individual market players can move more securely from now on.

The new regulations provide for new challenges exclusively for the providers of crypto services and the issuers of crypto securities. End customers will feel much less change in their daily actions. However, they clearly benefit from their strengthened rights and increased market transparency.

MiCA licences
Service providers who wish to offer various services in Europe in connection with crypto assets will need a MiCA licence in future. Depending on the service, separate requirements apply to the service provider. The services subject to authorisation under the MiCA regulation are:

  • Operation of a trading platform
  • Exchange of crypto assets for nominal currency or other crypto assets
  • Execution of orders for crypto assets for third parties
  • Consulting for crypto assets
  • Custody and management of crypto assets for third parties
  • Acceptance and transmission of orders for third parties
  • Placement of crypto assets

Many companies see crypto currencies as a particularly lucrative business. The granting of a corresponding licence by the supervisory authorities offers companies another possibility to participate in the financial market in addition to the ZAG licence and the banking licence.

Increased requirements for issuers
In addition, the MiCA regulation also imposes requirements on issuers of "other crypto assets" and "stablecoins".
Stablecoins are divided into e-money tokens and value-referenced tokens. The value stability of e-money tokens is always based on exactly one official currency. The value of a value-referenced token can in turn arise from the combination of different goods, rights or crypto assets.
Since stablecoins are the focus of our blog series, we will refer almost exclusively to stablecoins in the following.

Crypto whitepaper for all
All crypto assets that exceed a certain threshold in trading volume, for example, must publish a crypto whitepaper before they are issued for the first time. This is similar to a securities information sheet in a somewhat watered-down form. There, potential buyers will find information about the issuer as well as information about the underlying technology and the business purpose of the token. Companies are liable for damages for the information they publish in crypto whitepapers or marketing communications. The days of exorbitant promises of returns for questionable new coins should thus have come to an end.

Reserve assets and equity
To guarantee a stable coin, the issuer must hold the value of the token as reserve assets at a ratio of 1:1. This guarantees the token holders' right of withdrawal or claim at all times. Furthermore, the composition of these assets must be openly disclosed and must withstand liquidity requirements, whereby a portion of the assets may be invested in low-risk transactions. Equity is either 350,000 euros, 2 % of the average reserve assets or one quarter of the previous year's fixed overhead costs, whichever is the largest. The equity can be upgraded or downgraded by 20-40 % depending on the risk potential of the token or the industry.

Separation of assets
The MiCA regulation stands for a clear separation between assets of clients and those of a service provider or issuer. Whether it concerns the retention of client funds, client crypto assets or other client holdings, everything must be strictly separated from each other. The reserve assets of a stablecoin must also be strictly separated from the issuer's corporate assets and held per token issued. Thus, even in the event of a possible insolvency of the custodian, it should be guaranteed that the customers retain the claim to their assets.

Case study FTX
Examples such as the crash of FTX showed in the past the impact it can have on the whole market when issuers of large tokens misappropriate their customers' deposits. FTX had lent customers' deposits as collateral for speculative crypto trades to the related company called "Alameda". Again, as collateral for these lent deposits, they accepted the company's own FTT token. When this token lost its value and the house of cards collapsed, the investors' deposits could no longer be bought back, as a result of which they are still waiting for their invested assets today.

Significant stablecoins
So-called significant stablecoins also have a major impact on financial stability in the EU. According to the regulation, a coin is considered significant as soon as it meets three of the following criteria:

  • 10 million customers (natural persons or legal entities)
  • 5 billion market capitalisation (total value)
  • 1 billion reserve assets
  • 2.5 million trades per day or €500 million per day
  • Special interconnectedness with the financial system
  • Issuer is a gatekeeper according to regulation (EU) 2022/1925.
  • Issuer issues at least one additional stablecoin and provides at least one crypto service.

These are automatically subject to supervision by the EBA and are subject to further duties and requirements. This includes i.a. further requirements for the reserve assets and their liquidity, which are regularly tested with the help of liquidity stress tests.

Finally, it remains to be seen how the MiCA regulation will affect the trading of stablecoins. ESMA, with the support of the EBA, will publish further specifications on the technical implementation of the regulations in the next ten months – which means that there are still many developments to come.

Authors: Benjamin Schreck, Jan Gäth

Digital euro – the draft law paves the way for the future of payments in Europe

The European Commission has published a draft law on the introduction of a digital euro. The aim of this initiative is to meet the increasing demand for digital payments and the use of private digital payment methods.

The digital euro is understood as digital cash, a central bank digital currency for retail payments, which is to be issued by the ECB. Consumers should be able to use the digital euro for payments in retail and e-commerce.

Intermediaries play an important role in enabling users to access the digital euro. Acceptance points such as merchants, businesses and public authorities are to accept the digital euro in the euro area so that it can be used as a European means of payment.

Intermediaries are defined in the draft law as payment service providers and other companies that provide services related to the issuance, distribution, exchange and custody of the digital euro. This mainly concerns payment service providers, banks and financial institutions.

For intermediaries, the following implications and measures arise in connection with the digital euro:

  1. Improved payment infrastructure: the introduction of the digital euro promotes the development of digital means of payment. Intermediaries need to adapt their systems and processes to enable transactions with the digital euro. The integration of digital wallets into their services and the development of necessary interfaces are crucial here.
  2. Value-added services: the digital euro meets customers' expectations for a seamless and convenient digital payment experience. Financial institutions and businesses should offer user-friendly digital payment solutions, integrate the digital euro into their services and use innovative technologies such as mobile payments and digital wallets. Intermediaries should inform customers about the digital euro and support them in its use.
  3. Partnerships and collaborations: financial institutions and corporations can collaborate with FinTech companies, technology providers and payment service providers to leverage expertise and drive innovation in the digital euro ecosystem. Close cooperation with central banks and the ECB is also important to ensure coordinated implementation.
  4. Cost reduction and improved transparency: using the digital euro can reduce transaction costs for financial institutions and companies, especially for cross-border payments. The exact fee structure has yet to be determined. The digital euro also simplifies cross-border payments within the euro area and offers increased transparency.

When introducing the digital euro, intermediaries must observe relevant regulations and data protection requirements. Security and data protection measures must be reviewed and adapted to ensure the integrity and confidentiality of transactions.

An active role in the public discussion is important to add the perspectives and concerns of intermediaries.

The digital euro proposal offers an exciting opportunity for innovation and growth in the financial industry. By taking these action points into account, it can be ensured that the advantages of the digital euro are utilised and customers are supported in the best possible way.

We should use this opportunity – not only as payments industry players, but especially as future users – to actively participate in shaping the digital euro and to help shape the future of payments in Europe.

The draft law still has to be adopted by the European Parliament and the Council before the law can be passed and enter into force. The final decision on whether to introduce the digital euro lies with the ECB and is expected to be made at the end of the year.

From our point of view, the question is not whether the introduction will come, but when and within what framework that will be.

Source: Proposal on the introduction of a digital euro.

Author: Anja Kamping

The digital euro gets a rulebook

The ECB's two-year investigation phase on the digital euro will end this autumn. Subsequently, it will be decided whether and in what form the digital euro will be implemented. The ECB plans to organise the distribution of the digital euro through a scheme that will set rules and guidelines for its introduction and distribution. Earlier this year, the ECB established a Rulebook Development Group (RDG) to produce a first draft of a scheme rulebook. This first draft could be particularly interesting for commercial banks and payment service providers, as the ECB would like to process the distribution of the digital euro through them.

Composition and tasks of the RDG
The Rulebook Development Group's task is to create a preliminary scheme rulebook for a potential digital euro. It is composed of 22 experienced professionals from the private and public sectors. This includes 8 Eurosystem representatives and 14 representatives from various payment market stakeholder organisations, ensuring that the different perspectives and needs of all stakeholders are considered.

Contents of the rulebook
The rulebook provides a framework to which all intermediaries involved in the introduction and distribution of the digital euro are bound. It includes the following aspects:
  • Basic characteristics of the scheme
  • Functional and operational model
  • Compliance (adherence)
  • Technical requirements
  • Risk management
  • Scheme management

In developing the rulebook, the Research Development Group is guided by the design options endorsed by the Governing Council, which are explained in the so-called progress reports during the investigation phase. These are accessible via the ECB's website digital euro publications.

Importance of a scheme rulebook for the digital euro
A scheme rulebook creates uniform standards for the introduction and distribution of the digital euro, which can improve the interoperability and efficiency. It provides clarity and transparency to intermediaries and also to the users of the digital euro, which reduces misunderstandings and uncertainties during the implementation and strengthens trust in the digital euro. The design of the rulebook can also be crucial for a smooth introduction and distribution. To this end, flexible rules and a low level of bureaucracy are particularly important to enable an uncomplicated onboarding for all intermediaries.

Potential for innovative services
The rulebook also influences the development of additional and innovative services that can be offered with the digital euro. Depending on its design, the rulebook can be an important basis for commercial banks and licensed intermediaries to develop additional services beyond the original scope of application. In this respect, the inclusion of stakeholders from different sectors of the private sector raises hope. Innovative services could be decisive for the future success of the digital euro. This is because there is still a lack of clear unique selling points that distinguish the digital euro from existing payment instruments such as card payments with commercial bank money.

A decision on the introduction of the digital euro can only be made once a legal framework has been adopted at European level, which is unlikely to happen in the last six months of the investigation phase. In any case, important announcements can still be expected in this final phase. In order to prepare in the best possible way, it is advisable to deal with the topic intensively now and not just if the introduction is imminent. One thing is certain: PPI will continue to follow the developments on the digital euro with enthusiasm and will continue to keep you informed of the most important developments.

Author: Alois Brügge, Philipp Schröder

Instant payments on their way to becoming the "new normal" – the time is now!

In our latest whitepaper we show why financial institutions should see instant payments not just as a regulatory and technical challenge, but as a strategic opportunity. We outline the need for action for financial institutions to make instant payments a success story.
 
The way to the new normal
For a long time instant payments in the SEPA area were niche products, even though the technical prerequisites have been in place since 2017. Even a good five years later, the share of instant payments in total payment transactions is just 14 %. That is going to change now. Many factors suggest that instant payments are now becoming the "new normal", as envisaged by the Eurosystem Retail Payments Strategy. Instant payments can form the basis for new types of business models, which should give financial institutions economic incentives to promote instant payments. Added to this is the European Commission's push to make instant payments mandatory. This will cause the use of instant payments to skyrocket and accelerate its development.

How should financial institutions act now?
There is a need for action for all financial institutions, even if they have already introduced instant payments. On the plus side, there are also new opportunities!

Those who have not yet introduced instant payments should become instant-ready as soon as possible – there is no way around it. Here it is worth comparing different operating models. The processing of instant payments places particularly high demands on the performance and stability of the systems. Therefore, it may be worthwhile for many institutions to think about outsourcing in the form of a payments-as-a-service model, especially in the area of instant payments.

Financial institutions that have already introduced instant payments are faced with a strategically important decision: Does the institution only want to meet the minimum requirements in order to be able to process the expected higher volumes? Or does it recognise the fact that instant payments are at the core of payments of the future and set a strategic course to succeed in the "new normal"?

If the financial institution opts for the minimum solution, the requirements should not be underestimated here either. According to the EU proposal the financial institution must implement an IBAN name matching for the recipient, for which there is no European solution yet. It must also examine the impact on the business model if higher volumes can be expected to increase clearing costs but the income from instant payments decreases because the fees may no longer be higher than for classic SEPA credit transfers. We also strongly advise to check the system thoroughly in terms of scalability against the background of significantly higher volumes. The fraud prevention will be faced with new requirements as well, which financial institutions must prepare for as quickly as possible, for example by supplementing expert systems with AI approaches.

Financial institutions may also decide to view instant payments not just as a regulatory necessity but as an opportunity to put the account back at the centre of payments and recapture market share from non-banks. Now is the time to refine the investment in instant payments and generate new revenues with innovative additional services such as Request to Pay. In addition, instant payments are not only becoming the new normal in Europe but international payments are also moving towards real-time or at least near-time. The EPC rulebook for one-leg out instant credit transfers comes into force in November 2023, and promising initiatives such as IXB are waiting in the wings. Those who do not master SEPA instant will be left behind in international payments. In the area of instant payments a strategically focused approach promises considerable advantages in the form of regained market shares or even completely new business areas.

What should financial institutions do now? These and other questions are answered in the new whitepaper "Instant payments on the way to the new normal".

You can download the whitepaper here free of charge:
https://www.ppi.de/en/payments/sepa/instant-payments/whitepaper-instant-payments/

Author: Lukas Schlotfeldt

Stablecoins blog post series – part 2: challenges and possible solutions

In our first article in the series "Stablecoins" we looked at the background to the topic and showed why and by whom stablecoins are currently used and what advantages they offer. In the second part, we will look at some problems and possible solutions of the existing stablecoins.

Problems of existing approaches
Existing stablecoins face several problems, which we will address below.

High transaction costs
If a stablecoins transaction is to be carried out on the Ethereum blockchain, for example, the transaction fees depend on the current network load and the time the sender has to have the transaction confirmed. The costs can range from a few cents to several euros. Moreover, in addition to the actual stablecoins, the blockchain currency Ether is also needed to pay the transaction fees. In the case of Ethereum there is currently also the fact that the scalability is not yet given after the change of the consensus mechanism from proof-of-work to proof-of-stake. This will be addressed in future updates. Therefore, only a few transactions per second can currently be processed by the Ethereum blockchain.

Availability of centralised blockchains
Centralised blockchains such as the Binance Smart Chain (operated by the crypto exchange Binance) advertise low transaction fees. One disadvantage here is the necessary trust of users in the exchange Binance, which operates the blockchain. In the past, it happened more than once that the operator had to stop its own blockchain in times of crisis to fix problems. Basically, when a blockchain is stopped, users can no longer carry out any transactions and thus no longer have their assets at their disposal, which is equivalent to freezing the bank account or the entire payments.

Type of issuance of new coins
As already described in the first article, a distinction is made between algorithmic (decentralised) and collateralised (centralised) stablecoins. However, both methods have disadvantages in addition to the advantages mentioned.

The value collateral of central stablecoins is usually realised manually, i.e. the company issuing the stablecoin centrally controls the type and scope of the collateral.

The reserves of decentralised stablecoins are usually controlled algorithmically.

  • If the price falls due to selling pressure, the reserves are automatically increased (minting).
  • If the price rises due to high demand, the reserves are automatically lowered (burning).

Most algorithmic stablecoins are linked to cryptocurrencies whose supply is centrally controlled.

In the crypto scene, 'supply' refers to the number of coins issued on the market. Various cryptocurrencies provide for a limited number of coins for the supply (e.g. 21 million bitcoins for the currency Bitcoin). Stablecoins, on the other hand, do not have such a limit due to their different economic approach. If the exchange rate of a currency is to remain constant, the money supply must be flexible (e.g. Tether). If the money supply is fixed, the exchange rate of the currency will fluctuate (e.g. Bitcoin).

This type of collateral was the undoing of the TerraUSD stablecoin in May 2022. As selling pressure on the TerraUSD stablecoin increased, the cryptocurrency TerraLuna, which was deposited as collateral, had to be generated in large quantities to support the stablecoin's price. In the general crisis situation in May 2022, the additional minting of new coins put increasing pressure on the price of the reserve currency TerraLuna. This created a downward spiral that led to the complete loss of value of TerraUSD and TerraLuna.

This example shows very well the essential weakness of algorithmic stablecoins. If many users want to exit stablecoin at the same time, the downward spiral will be further exacerbated as additional reserve currency units are created in large quantities, leading to a total loss of value.

New possibilities with Taro

Stablecoins based on the Bitcoin Lightning Network are a new idea. This is where Taro comes in. Taro (Taproot Asset Representation Overlay) is a protocol that can be used to create stablecoins on the Bitcoin network, in addition to other assets, and send them through the Lightning Network.

Taro assets are created in the Bitcoin blockchain in the form of hashed meta data. Since there is no limit to the amount of data that can be represented by a hash, one transaction on the blockchain can represent millions of transactions. Taro Nodes can recognise these assets represented by a hash. Besides Taro, there is also the RGB protocol, which pursues a similar goal.

As a result, stablecoins benefit not only from the low transaction fees in the Bitcoin Lightning Network (fractions of a cent) but also from the network effects of the Bitcoin network as the most widespread cryptocurrency and its uptime of 99.98 %. The Bitcoin network simultaneously ensures that Taro assets cannot be spent twice. Users would thus be able to carry out stablecoin transactions at a low cost and benefit from the value stability of the USD. Cross-border payments without KYC and financial institution are possible. People can access their money 24 hours a day without stopping the network.

The problem of the collateral for stablecoins remains. Both algorithmic and collateralised approaches have some problems, as discussed above.

The last part of our series will deal with the regulatory aspects for stablecoins. We invite you to also have a look at it.

Authors: Philipp Uhinck, Benjamin Schreck

The future of payments – a segment in constant flux

There is no doubt that payments as we know them today will change fundamentally. This change requires massive investments but also promises good returns.

The payments sector is undergoing irreversible further development. A clear sign of this is the advance of digital payment methods on the Italian market.

Several trends can be identified at the same time. These include automated payments, digitised commerce, PSD3, instant credit transfers (which should soon be standard), including for cross-border payments, RTP and the management of data flows using artificial intelligence, which will become possible with the move to the ISO 20022 payments standard.

In view of the constant development of the market, a change in strategy is likely in the coming years, which will result in a reorganisation of previous business plans.

Market players are often unprepared for a change of such magnitude, which requires investments as well as skills.

It is therefore not surprising that instead of a consolidation of platforms, an increasing fragmentation can be observed. This is probably due to the fact that the various domestic payment methods, other than the direct debit procedure RID (an Italian payment method based on a standing direct debit mandate, where the instructions given by a specific creditor are executed) which has now been replaced by SDD, such as ICI or MAV (a payment method by means of a payment notification containing the information required to reconcile the payment) and RiBA (a payment method where the creditor's claim to receive a payment is acknowledged) are outside the SEPA system.

While SCT procedures have undergone technological modernisation, many platforms in the commercial portfolio of the largest financial institutions are still in mainframes because they were developed according to the traditional Cobol/CICS/DB2 paradigms.

High-value payments are also in many cases located on the existing, and to that extent not yet abolished, credit transfer platforms; similar to more recent projects such as the TARGET2 consolidation and the evolution of cross-border payments from FIN messages to the MX standard, which take advantage of the converters. This further increases the fragmentation at the application and architecture level.

In such an environment, consolidating platforms within a payment hub can only have a positive impact on system operating costs, the amount of investments required for the development and, last but not least, the lead times for system releases subject to regulatory compliance.

The desired consolidation could also be promoted by the introduction of the new payments procedure Request to Pay within the SEPA scheme, which could be a natural evolution of national payment services such as RiBA and MAV. But we are not yet at that point. It remains to be seen how the Comitato Pagamenti Italia will position itself on this.

Authors: Federico Sajeva, Marinella Pistone, Alessia Giani

Directory service for Operational EPC Scheme Management

The use of application programming interfaces (API) has created new challenges related to the reachability between participants especially in the context of the SEPA Payment Account Access and the SEPA Request to Pay schemes. Participants must be confident that they are adhering to the scheme and are properly registered with the EPC:

  • On the “sending” side, a participant needs to know what the endpoint (URL) of the “receiving” participant is.
  • On the “receiving” side, a participant needs certainty that the sender (API caller, originating participant) is trusted.

Therefore, the role of OSM 1 is to operate a Directory Service for the EPC schemes and make more data available to participants: the URLs, or endpoints of scheme participants’ APIs, identification and authentication information, but also information on which function participants are performing or which functionalities they are offering, within a specific scheme.

Currently the EPC does not manage data and mechanisms ensuring reachability of participants among each other, i.e. how the participants are to find and connect to each other for the purpose of sending and receiving payments or related transactions. The responsibility for this routing function is left to operational entities such as CSMs (Clearing and Settlement Mechanisms, for the payment schemes) or other specialised entities (SPL, SRTP, etc.).

Requirements for the OSM state that data should be machine-readable (i.e., have a structured electronic format) and available as a single full data file including all participants’ data and changes made since the last update or via API calls (restricted to the scheme participants and their technical solution providers), allowing lookup of individual participant data and search values provided in the API request.

For security reasons, it is recommended to authenticate data requestors using client TLS/SSL certificates (PSD2 API certificates are compatible).

If the data is to be made available publicly as a file that can be  downloaded (without need for authentication by the requesting entity), this file has to be signed by the OSM with an electronic signature of at least AdES level (Advanced Electronic Signature). However, it is not required for the OSM to be linked to Certification Authorities (CA) or Qualified Trust Service Providers (QTSP) of the participants for automatic certificate data exchanges.

Data updates can be performed by participants, after authentication, via the GUI or via API calls, and must be fast (i.e. intraday), for instance in case of immediate removal/update of a participant upon request following a certificate revocation or another security issue that could lead to a certificate revocation.

Mandatory data

  • Identification and participation data from the EPC Register of Participants
    • Legal name
    • Address
    • Identifier for each scheme
    • Participation start date

  • Technical and additional data from the participants
    • API endpoints (URL)
    • API documentation endpoints (URL)
    • UID of the certificate(s) and the name of the authority that provided the certificate(s),
  • Optional feature(s) supported by the participants
  • Contact details to communicate about exceptional intraday update


Optional data

  • Commercial/trade name
  • Flag indicating the API endpoint type (direct route or proxy)
  • Flag indicating the API signature owner (scheme participant or proxy), etc.


Unique identifiers of scheme participants are the “key” values to obtain other information about the scheme participants/proxies (e.g. via API), and for authentication purposes.
TRAVIC-Payment-Client-API can help an OSM or a PSP (ASPSP or asset broker) to connect third-party providers. This API is a stateless Java library enabling a caller to communicate with a financial institution’s payments interface by providing business functions such as querying account information (AIS), balances, transaction data, and submitting payments (PIS) at third-party banks.


 

Author: Zaher Mahfouz

Source: EPC, TRAVIC-Payment-API

1 Operational Scheme Management

TARGET2 – The countdown has begun

In October 2022, the ECB announced the postponement of the T2/T2S consolidation by 4 months to 20 March 2023. It did not really come as a surprise to the banks, as it had already become clear in the weeks before that the new platform was not yet capable of what had been imagined. Resentment among the banks grew significantly. This was not only felt in the German market, but also at the European level. It was therefore not surprising that, in addition to Germany, the French national bank, another major player in the processing of TARGET2 payments, had indicated its status as "red" in readiness report query.

The signals from the other European countries were no better. Some central banks reported "green", but this was rather the exception. Since June, it had become apparent in the status reports that a go-live in November was being viewed increasingly critically. The main points of criticism were the test platform, which had been unstable for months, the unmanageable number of errors and defects, and the extremely time-consuming creation of master data in the Common Reference Data Management (CRDM). Particularly the large banks which act as co-managers for their indirect participants had to deal with a considerable amount of work here. The instability of the test platform was no help, and cost unnecessary effort. Another point was the installation of Go-Sign in the technical infrastructure of the banks, which is indispensable for the release procedure and ensures access to the new interfaces of the individual T2 services. This has also led to additional work for banks that had not been foreseen, especially in connection with distributed work environments (which have become more common due to Covid). By the end of 2022, individual banks were still struggling with this and had not been able to install and activate Go-Sign. Many have been able to use the newly found time to finalise these activities.

But what does the postponement mean for the banks and for the ECB? The answer to this is ambiguous. Reactions in the market were mixed. The big financial institutions would have liked the go-live to take place as planned, even considering the likelihood of considerable complications. But they were prepared to put up with that. For other banks, a go-live would have ended in disaster, as it was foreseeable that the necessary activities could not be completed by the time of the go-live. Ultimately, however, concerns about the stability of the Eurosystem were decisive for the postponement. It is hard to imagine what would have happened if, for example, SEPA payments could no longer be processed because banks were unable to provide liquidity in time.

The ECB has been working fast to improve the points criticised by the banks and to eliminate the defects classified as critical with hotfixes. But for the banks, this meant that testing had to continue. Even banks that had already successfully completed the mandatory testing activities could not sit back and wait, but continued testing in their own interest. Unfortunately, it turned out that with the delivery of fixed defects, new errors had crept into the new version.

Nevertheless, it is clear that not all bugs and defects will be fixed by the time of the go-live. Financial institutions must therefore be prepared for the fact that not everything will work smoothly from the start and that workarounds will have to be used. But which bugs have been fixed and which have not? What workaround must be prepared for? This too, at least that is what the banks hope, will be communicated to them in good time by the ECB. Because this has been another point of criticism in recent months: lack of communication and transparency.

The Sword of Damocles hanging over everything was the go/no-go decision that was made on 22/02/23. Even though the signs had turned in the go direction, there was still no certainty that another postponement would not be needed. Since SWIFT had already clearly communicated beforehand that they did not want to postpone their own migration again, the situation would have arisen that SWIFT would have already migrated to ISO 20022 while TARGET2 would still have had to be supplied with MT messages. This mixed operation would have caused major problems for many banks, especially those that forward payments in their function as "intermediaries", as many implementations implicitly relied on a simultaneous conversion, and a separation would only have been possible with renewed effort.

In recent months, SWIFT has been working intensively on the handling of cut-off data, i.e. data truncation. SWIFT has developed corresponding recommendations and rules, but banks could well do without them. A compliance department in a financial institution is likely to break out in a sweat at the idea of truncated or even deleted data in a payment transaction. In times when regulation has increasing influence and impact on banks, this scenario is unthinkable. But unfortunately, the reality is that this is exactly what can happen, especially in the initial phase when all participants have to get used to the new situation.

The bottom line is that the T2/T2S consolidation has turned out to be as complex as was feared from the beginning. The number of banks that have to manage the migration is enormous and the most sensitive area of all, the Eurosystem, is affected. Nevertheless, there is reason to look forward to the changeover date with confidence. The last few months have given banks more faith again, as the measures introduced by the ECB have increased optimism. It is also important to bear in mind that the activities will not be completed with a go-live, but the banks will have to continue them immediately – the next release has already been announced by the Eurosystem for June. So there is no time for banks to take a breather – the pressure remains unchanged and the next issues are already around the corner.

Sabine Aigner
Thomas Ambühler

Instant payments coming to Switzerland as of 2024

Potius sero quam numquam
The translation of the above quote from Titus Livius, a Roman historian at the time of Emperor Augustus, is: "Better late than never.", which could also be said about the introduction of instant payments (IP) in Switzerland. As of next year, Swiss banks with a transaction volume of more than 500,000 incoming payments per year will be obliged to enable the receipt of instant payments in Swiss francs. From 2026, this regulation of the Swiss National Bank will apply to all participant banks in the national clearing system operated by SIX. What distinguishes the Swiss approach from SEPA instant payments? How could IP in Switzerland become the "new normal" like in the Netherlands? Is a scenario with low penetration like in Germany also likely in Switzerland? How are the Swiss banks currently proceeding? These are the questions that the following blog post will attempt to answer.

What differentiates IP Switzerland from SEPA instant payments?
In short: IP Switzerland is not compatible with SEPA instant payments. IP Switzerland aims to be able to settle payments in Swiss francs among participants in the national SIX clearing system in real time and around the clock for the launch in 2024. In order to not obstruct possible future interoperability in euro for the SEPA area, the majority of the standards and processes of SEPA instant payments were adopted. In contrast to the European model, the obligation to receive payments has existed in Switzerland since the beginning (initially for large and medium-sized banks, then for all banks). Analogous to the institutions in Europe, the technical challenges regarding the high availability of payments systems are also enormous in this country and are associated with large investments in the infrastructure. There is also widespread scepticism by banks as to whether IP will represent a business case for the institutions.

IP Switzerland like IP in the Netherlands or like IP in Germany?
Looking at IP offerings from the customer side, it is striking that there are huge differences in the spread of instant payments in Europe. This is what makes the forecast for the banks in Switzerland so difficult. On the one hand, they want to amortise at least part of the investments in the new infrastructures with a fee on IP payments, and on the other hand, they are aware that this is precisely what will prevent nationwide distribution among customers. Accordingly, new use cases are sought where all parties involved achieve a benefit. One possible approach is new account-to-account payment schemes (A2A payments) in commerce instead of the card schemes (debit and credit) widely used in Switzerland. From a retail perspective, as in the Netherlands, this is a promising option as lower transaction fees are expected. From the banks' point of view, this is a double-edged sword at first glance, as the existing card schemes are currently generating good revenues.

Implementation experiment: realisation in the community
In the context of instant payments in Switzerland, it is worth mentioning the procedure for implementing instant payments within a group of cantonal banks that compete with each other. At the beginning of 2022, the cantonal banks of St. Gallen, Thurgau, Aargau, Baselland, Lucerne and Solothurn formed a community to jointly implement the project. This is against the background that all banks have an almost identical system landscape, which must be adapted to the requirements of IP. Under the "construction management" of PPI Schweiz, in a first step, a conversion system analysis was carried out with the system suppliers involved, including the request of offer outlines. The aim was to achieve volume discounts for the group. Currently, the institutions are also working together for the implementation in order to save resources (their own and those of the suppliers). When it comes to the market offer, each bank is on its own again for the introduction in 2024; however, the development of the technical basis is not a differentiating factor from their point of view. Which is a novelty in the Swiss financial market.

Author: Carsten Miehling

Mandatory address transformation: getting through the address mess with AI

Anyone who has ever sent a letter abroad knows that address formats can sometimes differ significantly. While in Germany an address usually follows the scheme

Street – House number – Postal code – Place of residence,

in France, the house number is usually placed in front of the street name. Things get really complicated when, for example, instead of a neighbouring country, the letter is sent to Asia, where completely different structures are used. Or take the USA: the United States Postal Service requires more than 200 pages to describe how US addresses may look – which formats and abbreviations are permissible and which are not.

Financial institutions also address countless parties around the world in payment transactions every day. The reason for this is that for payments outside the European Economic Area (EEA), the payer's address must be given and the recipient should also be indicated for smooth processing. This serves to enable the necessary checks, for example with regard to money laundering and fraud prevention.

The enormous diversity of address formats worldwide was not a major factor up until now. Because addresses are specified in an unstructured manner. Within the payment file simple fields in which the address is supplied as free text, the address lines (AdrLine), are available for this purpose. Only the name must be specified separately.

SEPA 2.0 puts an end to this. Because in the future, address data must be delivered in a structured form – for all SEPA payment formats. The changes will come into force gradually as of November 2023. From November 2025 at the latest, address data for SEPA credit transfers may only be delivered in structured form. And the challenges are not purely European: Swift and other market infrastructures have the same deadline. For payments within the EEA, the provision of address data remains voluntary. However, if banks decide to provide it, this must also be done in a structured way.

This means: in future, every component of an address must be included in the designated field. The Payment Markets Practice Group lists a total of 14 characteristics that can be assigned to a postal address.

The example shown in the figure is simple. Because everyone in Germany knows that 9 is the house number and Wiesenweg is the street name. Converting this data into the new format takes only a few seconds – provided that the application has the corresponding option.

But even then, the transformation would be a massive undertaking. Because financial institutions are sitting on millions of address data records that have to be transformed. And such simple addresses are the exception. If one estimates the required activities, a simple calculation quickly yields an effort of up to 250,000 working hours for an average financial institution with 500,000 corporate customers. In addition, there is the expense of training to equip staff with the necessary expert knowledge of the worldwide address formats.

In view of the scope, efficient approaches to solutions are therefore required. Regular expressions are out of the question in this case. As shown above with the example of the USA, the possibilities of address data even within one country are manifold and do not follow a regular structure. In addition, countless test data would be necessary.

Another option is address data services, for example from Google. However, those are not only expensive, but also questionable from a data protection point of view. Moreover, such services are often limited to certain regions or even countries.

An application based on artificial intelligence (AI) can provide a remedy. This allows data to be automatically transferred into the necessary structure. The AI is able to recognise structures on the basis of predefined training data and to transfer these structures to further cases.

We at PPI are happy to help financial institutions prepare and implement the transformation of address data. This includes the selection and adaptation of the appropriate AI application as well as the choice of the necessary training and test data.

In the end, the institutions receive a powerful and reliable solution from which not only they themselves benefit. Because corporate customers will also have to supply address data in a structured form in the future. Financial institutions that take the necessary transformation off companies' hands can gain a tangible competitive advantage.

Author: Eng.D. Thomas Stuht, Product Manager at PPI

Survival in a time of change

Same same but different – in 2023, the abundance of challenges in payments remains equally enormous. What makes the situation even more difficult, however, is the impression that procrastination effects seem to be spreading on the bank side. Important issues are simply not being addressed. This applies both to the implementation of upcoming mandatory tasks and to the exploitation of business opportunities that arise.

The most underestimated mandatory task for 2023 is the implementation of the inconspicuous EU Directive 2020/284 "as regards introducing certain requirements for payment service providers". The directive on the prevention of fiscal fraud in cross-border e-commerce for goods and services requires payment service providers to report certain payment data. The details are quite complex: an additional, rather intricate reporting system with its own interfaces to the Federal Central Tax Office has to be set up. Data not previously available must be collected and reported: for example, the identifier of the payment recipient's location, such as the IBAN. If available, the address data and tax numbers of the payment recipient must be transmitted. The reporting obligation applies from 1 January 2024. The number of banks that have set up such projects is very limited to date. Considering that financial authorities are not exactly known for their sense of humour, this seems rather bold.

SWIFT requires structured data
Not quite as urgent, but similarly complex, is the SWIFT requirement to process only structured address data of customers in payments from November 2025. The regulation affects banks as well as end customers. It implements requirements of the leading industrialised countries to combat embargo violations, terrorist financing and money laundering. It is recommended to switch to using only the structured data as early as 2023. This will likely affect several million data records in Germany alone which are not available in this form. Banks should therefore already develop communication plans and technical implementation scenarios in the coming year – with AI support where applicable.

It is a sad but industry-accepted truth that 50 per cent of payments operating costs are for regulatory compliance and another 25 per cent for process and technical infrastructure maintenance and adaptations. It is therefore not surprising that financial institutions often lose sight of earnings potential and opportunities.

Request to Pay provides opportunities
For example, an offer that combines the still young standard Request to Pay with concrete use cases such as electronic invoices has enormous potential for banks. If banks were to offer their corporate customers the processing and handling of electronic invoices and the corresponding payment requests, they could reduce their costs – including the reconciliation of incoming payments – by around ten euros per invoice. In this context, banks could generate lucrative transaction fees, while at the same time further strengthening the business account as core of the customer relationship and, on top of that, make a significant contribution to sustainability.

The decisive success factor for corresponding services is cross-bank accessibility. It is therefore all the more gratifying that such infrastructures are already emerging in the market. It is expected that from 2026 onwards, only electronic invoices will be permitted throughout Europe anyway.

TARGET2 consolidation: "all hands on deck"
So much for the underestimated topics. Not underestimated are the preparations for the TARGET2 consolidation, which has been postponed to 20 March 2023, and the start of the SWIFT migration to the ISO 20022 format. This date should remain fixed, because another postponement of the TARGET2 consolidation would probably have the nasty consequence that TARGET2 and the SWIFT migration would diverge.

Mass payments will also be characterised by the implementation of new regulations in 2023, such as the EU regulation on the mandatory introduction of SEPA instant payments and the introduction of the latest ISO standard for all SEPA payment schemes. The latter will not only have an impact on the payment file and payments systems themselves, but will also affect peripheral systems like, for example, master data systems.

Fraud prevention for real-time credit transfers
The EU Commission's proposal for the mandatory introduction of SEPA real-time credit transfers presented at the end of October 2022 is currently the subject of in-depth discussions and lobbying. Among other things, there is intensive discussion on whether payment service providers must offer their customers a matching of account number and name. The background to the proposal is the finality of SEPA real-time credit transfers in seconds. This makes them vulnerable to fraud and is to be counteracted by the possibility of checking whether the IBAN in question really belongs to the payment recipient before the payment is sent out. Successfully combating fraud attempts is becoming a key factor in the success of instant payments.

The widespread establishment of real-time credit transfers does not only affect payment service providers who have not yet offered the instrument, but also the active players. The reason: since real-time credit transfers must not be more expensive than conventional transactions in the future, market participants expect their share of all transfers to rise from 10 to at least 30 to 40 per cent. This trend is promoted by the rising interest rate level, which rewards the holding of credit balances again. But if the number of transactions grows by at least a factor of three, all the payment service providers whose real-time infrastructure has so far been based on makeshift solutions will run into difficulties. A corresponding check is therefore urgently required.

In retail payments, the pan-European initiative EPI – with a meanwhile limited scope of services as an account-based P2P and e-commerce procedure – faces important fundamental decisions at the turn of the year 2022/23. This concerns, for example, the questions of whether the cooperative finance group will rejoin the EPI and whether and how the initiative as a whole will move forward.

New use cases for retail payments
The key service providers in the retail payments sector will continue to work on improving their capabilities in 2023. The issuers will, for example, further develop the girocard for e-commerce. Many payment service providers are working on supporting various omnichannel concepts, not least as a result of the Corona pandemic. The focus here is not only on the now generally known use cases such as click & collect, but also on

  • The use of online payment methods at the point of sale, such as buy now, pay later,
  • The support of franchising and cooperation models, for example cross-channel and cross-company returns, and
  • The evaluation of customer behaviour across the various touchpoints.


In October 2023, the ECB's analysis phase on the digital euro will end and the Governing Council will likely decide to start the realisation phase. Since the digital euro is currently being designed as a retail euro, various banks in Europe are already working in parallel on the introduction of so-called tokenised commercial bank money in 2023.

How can the financial institutions – in view of the shortage of skilled workers as well – cope with the enormous number of tasks? It will only work if the willingness to cooperate across banks increases, standard solutions become more widespread and outsourcing is also considered. There should also be a growing willingness to renew the foundations, if necessary, instead of continuing to build on existing legacy systems while ignoring the "technical debt".

Those are a lot of projects to cover already – and we have not even talked about the impact of the coming DORA regulation, accessibility regulations and the PSD3 looming on the horizon.

Author: Hubertus von Poser, Head of Consulting Payments, PPI AG