Regulating Mobile Banking And Payments - Balancing Innovation And Security


For anyone involved in mobile banking and payments, keeping an effective grasp on regulatory risk, while engaging with a rapidly changing market place, is often challenging. In its first dedicated review of these issues, the Financial Conduct Authority has set out the key regulatory areas for attention (Mobile Banking and Payments - Supporting an Innovative and Secure Market).

The review spans the whole range of banking and payments services accessible via mobile phones, tablets and other handheld devices and builds on the issues flagged by the FCA in its 2013 Risk Outlook as featured in our briefing Technology risk in financial services - the road ahead under the FCA

In addressing the topic, the FCA emphasises the need for businesses to consider consumer requirements at each stage of product development. Understanding the risks to consumers and taking appropriate measures to address these effectively are also highlighted as an important overarching requirement, supported by tests on the robustness of technology infrastructure and stress testing of the products.

The FCA highlights that, while many of the risks it identified have not created significant problems to date, they have the potential to do so. Thus, the review can be seen as a cautionary note for the sector about addressing these risks - it provides a context for the regulator to take action in future if it identifies significant shortcomings.

Key points of regulatory focus

Fraud - given that mobile banking and payments may present different challenges from those in other channels such as internet banking, the FCA is concerned to see that firms have a clear strategy for identifying and mitigating the risk of fraud and detecting and addressing any fraud which arises. Security - security underpins the trust on which mobile banking/payments rely, so it will always be a vital component. Among the key expectations here are appropriate methods for preventing and detecting malware and viruses and, equally importantly, providing clear security information to consumers. Outsourcing - since most, if not all, mobile banking and payments services rely to some degree on outsourced services, the FCA is concerned to see that firms can monitor the service delivery end-to-end and can readily identify who is responsible for problems or financial loss which arise. Consumer awareness - as many mobile banking and payment services are relatively new and potentially less fully understood by...

To continue reading