Dean Fiveash’s Post

Online Payment and Bank Card Security Solution Compliant with Decision 2345/QD-NHNN At the press conference on the deployment of the banking industry tasks in 2024, Mr. Pham Anh Tuan, Head of the Payment Department of the State Bank of Vietnam, shared many impressive numbers. As of the end of 2023, non-cash payments in Vietnam reached about 11 billion transactions, an increase of nearly 50% compared to 2022. The total transaction value reached over 200 million trillion VND. In addition, the online account opening has been implemented since the end of March 2021. Up to now, nearly 27 million payment accounts and 12.9 million cards are active and issued through the eKYC electronic identification method. Therefore, on December 18, 2023, the State Bank of Vietnam issued Decision No. 2345/QD-NHNN on the implementation of security and safety solutions in online payments and bank card payments. Decision No. 2345/QD-NHNN will take effect from July 1, 2024 Credit institutions, foreign bank branches, and payment intermediary service providers need to complete the solutions and implementation before July 1, 2024, to comply with the verification of corresponding transaction types. For individual customers, high-value transactions and interbank transactions to foreign countries require verification with biometric signs that have been checked and ensured. Specifically, a domestic bank transfer transaction, depositing more than 10 million VND into an e-wallet, or the total value of money transfer transactions and payments exceeding 20 million VND in a day must be verified by biometrics. Customer verification is important to ensure the detection of signs of forgery, fraud, and increase the trustworthiness of online transactions. Some popular biometric methods currently used are face recognition, finger vein recognition, palm recognition, fingerprint recognition, iris recognition, voice recognition, etc. To meet the requirements of Decision No. 2345/QD-NHNN, banks, financial institutions, and payment intermediaries need to build a biometric database that is cross-checked with the data in the Chip-based ID card of customers issued by the Police. For new customers, financial institutions and banks need to collect biometric information in two steps: face verification and matching with the data from the Ministry of Public Security. For existing customers, it is necessary to urgently check the completeness of the data, promptly update and clean up customer data to prevent fraud risks. At the same time, biometric verification solutions must be easy to use, easy to integrate on devices such as mobile phones, computers, or at counters, to ensure convenience for customers. FPT AI eKYC meets the need for biometric verification in electronic transactions Currently, identification solutions integrated directly into the digital product and service ecosystem of banks play an important role in automatic customer verification. Particularly, FPT AI Facematch, a facial...

“Abolishing Non-Primary Bank Accounts: A Step Towards Financial Security” https://ift.tt/FMaKCOp Protecting Both Banks and Customers SHB Bank has recently announced that in accordance with Circular No. 17/2024/TT-NHNN regulating the opening and usage of payment accounts and Circular No. 18/2024/TT-NHNN on bank card activities, from January 1, 2025, the bank will temporarily halt payment transactions and withdrawals from payment accounts and cards for customers with expired or invalid personal documents. Concurrently, customers will only be able to perform withdrawal and electronic payment transactions on their payment accounts and cards after successfully matching their biometric information from the citizen identity card with a chip/identity card and the biometric data of the account holder/cardholder with the data stored in the database of the Ministry of Public Security. People will not be able to perform electronic transactions without providing the required biometric information. This is an improvement over the previous regulation, which required biometric information for transfers exceeding VND 10 million per transaction or VND 20 million per day, or bill payments exceeding VND 100 million, as per Decision 2345 of the State Bank of Vietnam, which came into effect on July 1, 2024. The new circular also aims to prevent the use of fake documents and eliminate non-primary accounts, reducing the risk of unauthorized access. “These new regulations on biometric implementation are an effective way to enhance security and protect users, giving both banks and customers peace of mind when conducting financial transactions with the right people, avoiding risks for both parties,” emphasized the representative from SHB. SHB is not alone in this endeavor; several other banks, including Nam A Bank, VPBank, and TPBank, have also informed their customers about updating personal documents and biometric information. Techcombank has announced a temporary halt on transactions for non-primary accounts from January 1, 2025, in compliance with Circular No. 17 of the State Bank of Vietnam on opening and using payment accounts. Customers will be unable to perform electronic transactions without providing the required biometric information. Techcombank recommends that users promptly update their information using the citizen identity card with a chip on the Techcombank Mobile application or by visiting the bank’s branches directly. At the recent workshop “Hanoi – Smart City and Open Banking Ecosystem,” Vice Governor of the State Bank of Vietnam, Pham Tien Dung, requested that bank leaders expedite the update of data information on bank accounts. According to the Vice Governor, the banking industry has set a goal for January 1, 2025, to ensure that all bank account data is alive and fully matched with the citizen identity card with a chip. This helps eliminate and reduce the practice of renting or lending bank accounts, contributing to the prevention of...

Here's another highlight from the digital banking special hosted by Salve Duplito and Ron Cruz on ANC's 𝑩𝒖𝒔𝒊𝒏𝒆𝒔𝒔 𝑶𝒖𝒕𝒍𝒐𝒐𝒌 last week. We discussed what regulators can do to help accelerate the adoption of digital financial services in the Philippines. The BSP has already taken several significant steps towards driving adoption, such as opening digital bank licenses, mandating QR and P2P interoperability, etc. However, the Philippines continues to lag in a few key areas.    Here's my "wish list" from the BSP and other regulators: 1️⃣  𝐀𝐏𝐈 𝐚𝐜𝐜𝐞𝐬𝐬 𝐭𝐨 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐧𝐚𝐭𝐢𝐨𝐧𝐚𝐥 𝐈𝐃  and associated biometrics will strengthen KYC and reduce fraud, with a huge knock-on effect of improved data quality in the bureaus. The BSP should then mandate the use of a national ID for any new bank account to ensure these benefits rapidly scale. GoTyme is currently piloting with PSA to connect to the national ID database, so I'm bullish that this will become a reality soon. 2️⃣  𝐒𝐭𝐫𝐞𝐧𝐠𝐭𝐡𝐞𝐧 𝐜𝐫𝐞𝐝𝐢𝐭 𝐛𝐮𝐫𝐞𝐚𝐮 𝐜𝐨𝐦𝐩𝐥𝐢𝐚𝐧𝐜𝐞 with heavier penalties for institutions who don't report or report poor quality, and consider price caps on bureau inquiries. Currently, the cost of a bureau inquiry in the Philippines is two times that of the US and other developed markets. 3️⃣  𝐌𝐚𝐧𝐝𝐚𝐭𝐞 𝐨𝐩𝐞𝐧 𝐟𝐢𝐧𝐚𝐧𝐜𝐞, since the large, incumbent financial institutions currently make it difficult for customers to share their financial data with other institutions, which could give them access to better-priced financial products (in particular, lower-cost credit). While we should all work towards an API-based data exchange, we need an interim solution (with security guard rails) before it's ready, as the API project will take 5+ years to implement.  4️⃣  𝐃𝐫𝐢𝐯𝐞 𝐝𝐨𝐰𝐧 𝐭𝐡𝐞 𝐜𝐨𝐬𝐭 𝐨𝐟 𝐭𝐡𝐞 𝐩𝐚𝐲𝐦𝐞𝐧𝐭 𝐜𝐥𝐞𝐚𝐫𝐢𝐧𝐠 𝐡𝐨𝐮𝐬𝐞 (Instapay). The BSP is rightfully putting P2P and P2M pricing pressure on all financial institutions, but unfortunately, the current cost structure is too expensive to sustain free transactions. Instapay is over 100 times more expensive than other markets that have successfully moved to free P2P.   5️⃣  𝐈𝐦𝐩𝐫𝐨𝐯𝐞 𝐚𝐧𝐭𝐢-𝐟𝐫𝐚𝐮𝐝 𝐢𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞, since one of the largest barriers to the further adoption of digital financial services remains fraud, with P2P Instapay as the most significant fraud vector. Unlike other markets, the Philippines does not have a shared fraud database or blacklist that all financial institutions can leverage. If this database were established, submission mandated, and integrated into the Instapay switch, we would see a dramatic reduction in fraud. If the regulator and industry get these five ingredients right, I believe we will see a massive uptick in customer adoption and significantly better end-customer pricing and value. Thoughts? Have I missed anything? Watch the full interview in the comments 👇

The Great Credit Card Freeze: Banks Warn of an Impending Transaction Standstill https://ift.tt/FMD5Uo7 A number of commercial banks have recently advised their customers to update their biometric authentication or identity documents by January 1, 2025, as per the State Bank’s regulations. According to Circulars 17/2024/TT-NHNN and 18/2024/TT-NHNN on the opening and use of payment accounts and bank card activities, bank account holders will be unable to perform online transactions such as cash withdrawals, money transfers, bill payments, and top-ups; as well as cash withdrawals/transfers at ATMs if they have not completed the biometric data verification and updated their identity documents or provided supplementary information to replace expired ones. VPBank has announced that from January 1, 2025, customers who have not completed biometric authentication will not be able to perform online transactions. For account holders who do not have biometric data or have expired identity documents, transactions will be halted if their information at the bank does not match the data held by the Ministry of Public Security. The bank is encouraging its customers to promptly update their identity documents and biometric data through its mobile application or at any of its branches and transaction offices nationwide. Banks are encouraging customers to update their biometric data and identity documents before the January 1, 2025 deadline to avoid disruptions in banking transactions. “We have just launched a gift program worth nearly VND 7 billion for customers who complete biometric verification and update their identity documents between November 7, 2024, and January 12, 2025,” said a VPBank representative. “By complying with the regulations, our customers will contribute to reducing risks and enhancing security when using our banking products and services.” Similarly, Nam A Bank has announced that from the beginning of 2025, it will temporarily suspend card transactions, payment transactions, and withdrawals from payment accounts if customers’ identity documents or proof of residence in Vietnam have expired or are no longer valid. For card transactions, cash withdrawals, and electronic payments, Nam A Bank will halt transactions if customers have not completed the verification of their identity documents and biometric data. Nguyen Lao Dong newspaper reporters have observed that several other banks, including Vietcombank, Sacombank, OCB, LPBank, Agribank, SHB, and ACB, have also communicated the new regulations and encouraged their customers to proactively update their identity documents, proof of residence in Vietnam, and biometric data. According to statistics from the State Bank, after July 1, 2024 (the effective date of Decision 2345/QD-NHNN on the implementation of security and safety measures for online and bank card payments), the number of fraud cases decreased by 50%, to 700 cases; and the number of accounts involved in fraudulent...

🚀 Account-to-Account Payments Soar: A2A payments bypass intermediaries for faster, more convenient, and less costly transactions, fueled by API technology and open banking. 🕵️♂️ Payment Fraud Explodes: Authorized push payment (APP) fraud, driven by online payments and real-time systems, surpasses card fraud and identity theft, necessitating stronger fraud prevention measures. 💰 Reducing Payment Costs is Key: High interest rates and compliance controls are increasing payment costs, driving the need for automation to reduce processing times and prevent fraud. 🏢 Corporates Drive for Efficiency: More companies are bringing payments operations in-house for greater control and efficiency gains, fueling growth in corporate treasury management systems. 🏦 Banking-as-a-Service Gains Momentum: Banks offer real-time payments capabilities through APIs, enabling them to become channel partners and resell payment solutions, driving wider adoption of BaaS. #PaymentFraud #Payments2024 #FraudPrevention #CorporatePayments #BaaS #CustomerExperience

🔴 RBI’s New Money Transfer Framework from Nov 1: What Changes for Consumers The Reserve Bank of India (RBI) has announced significant updates to its Domestic Money Transfer (DMT) framework, set to take effect from November 1, 2024. Here's a breakdown of what to expect. Key Changes in the Framework: 1. Enhanced Record-Keeping for Cash Pay-Outs: Remitting banks will now be required to maintain detailed records of beneficiaries' names and addresses for cash pay-outs. This measure aims to improve traceability and accountability in cash-based transactions. 2. Stringent KYC Requirements for Cash Pay-Ins: For cash pay-in services, banks and business correspondents must register remitters using a verified cell phone number and a self-certified ‘Officially Valid Document (OVD)’ as per the Master Direction – Know Your Customer (KYC) Direction 2016. This tightening of identity verification is intended to reduce the risk of fraud. 3. Additional Factor of Authentication (AFA): Every transaction by a remitter will require validation through an Additional Factor of Authentication (AFA). This added layer of security is designed to further protect transactions and ensure the legitimacy of the parties involved. 4. Compliance with Income Tax Act: Remitting banks must comply with provisions of the Income Tax Act, 1961, concerning cash deposits. The new framework includes incorporating remitter details in IMPS/NEFT transaction messages and specifying cash-based remittance transactions with an identifier. 5. Exclusion of Card-to-Card Transfers: The new guidelines will not cover card-to-card transfers, which will continue to be governed by existing regulations specific to such instruments. Since the introduction of the Domestic Money Transfer framework in 2011, there has been significant growth in banking outlets and advancements in payment systems. With the increasing ease of fulfilling KYC requirements and the rise of digital payment options, the RBI's latest changes reflect the need to adapt to these evolving dynamics. Expert insights: Yashwant Lodha, Co-founder of PayNearby, commented, “The new guidelines reaffirm the importance of Domestic Money Transfer, particularly for Bharat customers, and align with the RBI’s stance on stringent KYC requirements to prevent fraud. These updates are expected to enhance the overall customer experience and standardise practices across various touchpoints.” Ankit Ratan, Co-Founder & CEO at Signzy, added, “The RBI’s updates to the DMT framework introduce a robust identity verification process with the AFA requirement. This move is crucial in an era where technological advancements have expanded fund transfer options, and the integrity of transactions must be assured." Source: https://lnkd.in/dmiVcQa5 #MoneyTransfer #KYC #Banking #FinancialSecurity #DigitalPayments #Compliance

UK NATIONAL PAYMENTS VISION A lot has been happening in our sector since I was sat in the room with Treasury and The Payments Association over the summer, debating the future vision for UK payments. The Vision that's landed is full of promise. The 2-minute take: 🏗 (i) Trust, (ii) next-gen technologies, and (iii) choice, are the fundamental principles to underpin a principles based approach to activity under the Vision. ✉ New joint remit letter to the FCA and PSR, and separately to the BoE - gov’s top priority is to promote growth and international competitiveness / better manage the collective impact of regulators on firms. Regulators must respond to the letters, identifying the actions they will take. 🏛 New Payments Vision Delivery Committee, running for an initial 9-12 months, with greater government involvement - tasked with designing the approach on new regulatory initiatives, getting a grip on the New Payments Architecture project, and reform of Pay.UK. 💱 Open banking payments must be developed as a ubiquitous payment method, particularly for e-commerce, with a sustainable commercial model and consumer protections. JROC to be wound down and FCA will oversee the regulation of open banking and a new central body replacing OBL. FCA to look further at compensation where certain APIs are accessed at significant scale. 🛡 Consumer protections in A2A payments to be delivered by gov and FCA’s future work as the regulator for open banking. 🔐 Digital ID uses expected to be enabled by the Data (Use and Access) Bill. 📀 UK’s CBDC (the Digital Pound) - exploration to continue but no decision has been taken on implementing it. A decision to proceed would be accompanied by the introduction of primary legislation, ensuring full Parliamentary scrutiny by both Houses of Parliament. 🕵♀️ Fraud policy identified as a key area of regulatory congestion and overlap, and FCA will lead on reducing this. Gov will remove the prescriptive strong customer authentication requirements under the PSRs and FCA will set new rules, allowing for outcomes-based rulemaking. Gov thinks more focus should be on fraud prevention and will look to the regulators to understand the barriers to wider data sharing between sector participants and is calling on the technology and telco sectors for demonstrable action to reduce the scale of incidents and losses from fraud taking place on their platforms and networks, requesting updates on progress and action taken at the next Joint Fraud Taskforce in March 2025 and will continue to monitor the issue. 🔬Independent post-implementation review of the APP fraud reimbursement rules, after 12 months. Gov says the technology and telecommunications sectors must play a role in tackling authorised push payment fraud. ✅ Implementing the Vision - decisions relating to initiatives led by the regulators must be taken by them, but within the context of government’s priorities as set out in the Vision and having regard to the remit letters.

THE NEW UK PAYMENTS VISION Here is a brief summary, especially thinking about APP scams and Open Banking: VISION GOAL: A trusted, world-leading payments ecosystem delivered on next generation technology, where consumers and businesses have a choice of payment methods. The National Payments Vision also outlines THREE KEY PILLARS designed to guide future activity – innovation, competition and security. The (payment) regulatory framework must be clear, predictable and proportionate. The Prime Minister has been clear that regulation should support growth and unlock investment The UK government is establishing the Payments Vision Delivery Committee. The government has outlined its priorities for UK payments through a joint remit letter to the FCA and PSR. The key priorities highlighted in the payments remit letter are: 1) Enhancing coordination 2) Supporting the development of Open Banking and 3) Ensuring high standards of consumer protection 4) Driving an agile and flexible approach to delivering the UK’s retail payments infrastructure needs. The Bank of England, PRA, FCA and PSR will revise their existing MoU on cooperation in relation to the regulation of payment systems by Q2 2025. The Vision clarifies regulatory responsibilities for Open Banking, transitioning away from current arrangements to the FCA acting as the UK’s regulator in the future. PSR has committed to an independent post implementation review of the authorised push payment fraud reimbursement rules, after 12 months. The government considers that the effective delivery of the UK’s retail payments infrastructure now and through time requires a strong and effective payment systems operator. Establishing a sustainable ‘commercial model’ for Open Banking is critical for its development. Adequate consumer protection must be delivered for Open Banking payments, and the government intends to address this through the future framework. Fraud Prevention 1. The government agrees that more focus must be placed on fraud prevention. 2. The Online Safety Act 2023 imposes obligations on large technology platforms to prevent fraudulent content on their services or face substantial fines if they fail to do so. 3. There is also ongoing work from Ofcom with operators to prevent the misuse of telephone numbers by criminals, stem the tide of scam messages and address mobile spoofing. 4. The government is determined that the technology and telecommunications sectors must take further steps to tackle fraud. 5. The government has written to the technology and telecommunications sectors to call for demonstrable action to reduce the scale of incidents and losses from fraud taking place on their platforms and networks. The government will request updates on progress and action taken at the next Joint Fraud Taskforce in March 2025. https://lnkd.in/gDpbbbzZ

“Vietcombank Customers: Take Note of These Two Scenarios That Will Halt Online Money Transfers Starting January 1, 2025” https://ift.tt/zq2fJD1 According to Vietcombank, per the Law on Identity Documents 2023 (Law No. 26/2023/QH15), identity cards (including both 9-digit and 12-digit types) will remain valid for use in procedures and transactions until December 31, 2024. As per Circulars 17/2024/TT-NHNN and 18/2024/TT-NHNN issued by the State Bank of Vietnam, from January 1, 2025, account holders/cardholders will have their online transactions (fund transfers, bill payments, top-ups, etc.) and cash withdrawal/transfer transactions at ATMs temporarily suspended if: 1) Biometric information has not been updated; 2) New identity documents (identity card, passport, visa) have not been provided to replace expired ones. To ensure uninterrupted transactions, Vietcombank recommends that customers who have not yet updated their biometric information and/or provided their new identity card/passport with a chip (still valid) at the bank do so immediately via the VCB Digibank application. During the biometric information update process, customers will also be able to update their latest identity document information. Additionally, customers can visit any Vietcombank branch nationwide to update their biometric information and/or identity documents. Vietcombank also notes that customers only need to update their biometric information and valid identity documents at the bank once. When biometric information changes or identity documents expire, customers are required to provide updates. For foreign customers who do not possess an identity card/passport with a chip and are not included in the national population database, it is necessary to visit any Vietcombank branch with a valid passport and proof of residence to update biometric information and identity documents. You may also like “Vietcombank Customers: Two Scenarios That Will Affect Your Online Money Transfers” It’s imperative that you, as an account holder, take note of the following two requirements. Failure to do so will result in a temporary suspension of not just your online transactions (fund transfers, bill payments, top-ups, etc.) but also your ATM cash transfers/withdrawals. “Top Vietnamese Banks on a Hiring Spree in Q4: Agribank, Vietcombank, ACB, and Sacombank” In Q4 of 2024 and throughout the year, banks anticipate a positive outlook for employment. The Evolving Landscape of E-commerce: Can the Ministry of Industry and Trade Keep Up? The Ministry of Industry and Trade is committed to reviewing and refining its e-commerce legislation. It aims to introduce specific regulations governing cross-border e-commerce...

☢ Payment-related frauds are on the increase As per RBI's April 2024 data on Payment System Indicators, regulated entities such as banks, PPI issuers, and credit card issuers are losing around Rs. 400-Rs. 500 crores every month due to payment-related frauds (domestic payments only); This is a whopping sum considering that RBI is transitioning away from cash-based transactions to digital transactions in a big way. Illustratively, RBI plans to introduce new payment rails such as retail CBDCs. Key reasons for increasing fraud could: ✴ There are weaknesses around an integrated Identity Management approach for transaction monitoring, leading to increasing instances of frauds perpetuated using impersonation, spoofing and social engineering. For example, a KYC check may be done during onboarding a customer, but the identity of the customer may not be confirmed during the payment process. In effect, the identity of the transacting party may not be well established at the time of processing the transaction.   ✴ Other than a few leading banks, most banks have yet to modernize their core banking systems. Legacy core banking systems do not support integration requirements such as through APIs; this prevents modern transaction monitoring systems from integrating seamlessly in the monitoring journey.  For example, with the increasing adoption of retail payment rails like UPI, retail transactions are seeing a tremendous surge (During April’24, UPI transactions touched INR 13 trillion, by value). These transactions pass through the bank’s core banking systems as part of their journey. Unless they are modernized through an open architecture framework, it is not possible for transaction monitoring systems to seamlessly integrate and monitor such transactions.   ✴ Huge volumes of transactions make it impossible to monitor transactions manually; this necessitates the requirement of robust and state-of-the-art transaction monitoring systems. Most of the banks are still stuck with legacy systems that do not cater to the demands of newer forms of transaction rails.    ✴ Detection of anomalies during high transaction volumes is like finding a needle in a haystack. Machine Learning algorithms have been touted as a silver bullet to solve this problem. In reality, there is a lack of both clarity and expertise around the usage of ML techniques; most of the off-shelve models are either developed using data that is not representative of the transactions happening in the country or are a black box. There is little investment in the development of models and expertise, which is suited to the needs of the country. Unless transaction monitoring mechanisms in the country are strengthened, banks will continue to lose money and eventually the frauds not only increase the cost of doing transactions but also may reduce the faith of the common man who uses the digital channels to transact. #aml #fraud #transactionmonitoring #antifraud #antimoneylaundering