E LAW - MURDOCH UNIVERSITY ELECTRONIC JOURNAL OF LAW ISSN 1321-8247 Volume 11 Number 3 (September 2004) Copyright E Law and author ftp://law.murdoch.edu.au/pub/elaw-issues/v11n3/bollen113.txt http://www.murdoch.edu.au/elaw/issues/v11n3/bollen113.html ________________________________________________________________________ Regulation of Payment Facilities Rhys Bollen ASIC Contents * Introduction * Risks associated with payment facilities o Systemic stability o Credit risk o Efficiency risk (competition protection) o Customer protection + Mis-purchasing (or mis-selling) + Inequality of power + Product failure + Transactional failure * The case(s) for regulation o Systemic stability regulation o Prudential regulation o Efficiency regulation (competition protection) o Customer protection + Disclosure + Minimum standards * Existing regulation o Australia o United Kingdom o United States * Possible future regulatory models o Tools o Models + Unitary regime + Two-tiered + Three tiered + Scaled approach * Conclusions * Notes Author's Note: The views expressed in this article (including any errors or omissions) are entirely those of the author, and not of his employer. Introduction 1. In the previous article, 'The Development and Legal Nature of Payment Facilities',[1] I looked at the history and development of payment facilities. Consideration of early payment systems, such as goldsmith's or banker's receipts, through to modern electronic payment systems, showed that almost all payment systems operate through the circulation of debt obligations or "entitlements to be paid currency, usually by a financial institution".[2] 2. The economy continues to be heavily reliant on payment facilities for its efficient operation.[3] Without payment facilities, the economy would not be able to function efficiently. For these reasons, commentators and governments have taken a keen interest in the operation of payment facilities.[4] This second article focuses on the risks associated with payment facilities, the case for their regulation and consideration of possible regulatory models. 3. An understanding of the legal nature of payment facilities is vital to designing an appropriate regulatory regime.[5] Indeed, "examination of the underlying features of electronic money is essential to understanding the need for its regulation".[6] As we will find, the difficulties in conceptualising some payment facilities translate into difficulties "constructing a regulatory framework suitable to [them]".[7] To this end, a review of the legal nature of payment facilities is contained in the earlier article.[8] 4. The first section of this article considers in detail the main risks associated with payment facilities. This will cover the risks associated with well-established payment schemes such as cheques and those associated with new electronic payment facilities. An understanding of the inherent risks in these facilities (and the risks latent in the payments system overall) is vital to a discussion of the case for regulating these facilities. 5. The second section of this article examines the case(s) for regulation of payment facilities. This will discuss the risks associated with payment facilities considered previously and whether regulation is warranted to address those risks. It will also discuss the regulation of payment facilities from a simplified cost-benefit perspective. 6. The third part of this article will examine how payment facilities are currently regulated in a number of developed countries. It will examine the current regulation of payment facilities in Australia, the United Kingdom and the United States. 7. The fourth part of this article will consider possible models for the regulation of payment facilities. It considers four possible regulatory models involving the key elements of disclosure, minimum standards, prudential regulation, and conduct and disclosure licensing. It also discusses supervision of the interbank payment system and a basic fair play regime. Further, a possible preferred regulatory model will be suggested as a contribution to future debate. Risks associated with payment facilities 8. This section will examine the four key regulatory risks arising from payment facilities. They are systemic stability, credit risk, efficiency risk and customer protection.[9] Systemic stability 9. The wider economy depends on the continuing viability of the payments system. It is vital as it enables money to be lent and repaid, goods and services to be purchased, labour to be hired and capital to be invested.[10] 10. Each element of the payments system is heavily interdependent. As we saw in the previous article, almost all modern payment systems operate through the circulation of debt obligations.[11] While at the 'higher' levels in the system, these may be obligations owed by disparate financial intermediaries, at the lower levels of the system these obligations are owed by and between authorised deposit-taking institutions (ADIs), and fundamentally by the Reserve Bank of Australia (RBA). The payments system[12] relies on the ADIs being able to reliably and consistently make payments between each other as and when needed. This relies on the continued availability of the RBA's Exchange Settlement Account system.[13] 11. The payments system is dependent on the continued viability of the base level, interbank payment system. The overall system is therefore exposed to the risk that the interbank system could be disrupted or otherwise become unavailable for a period of time. This is part of the systemic stability risk inherent in the payments system.[14] 12. Both partial and full unavailability of the interbank payment system is problematic. The economy has come to rely on instantaneous communications networks and rapid payment systems. Most electronic payment systems provide for clearing and settlement within 24 hours of the payment instruction being given by the payer.[15] 13. Should the interbank payment system be unavailable even for 24 hours, parts of the economy would slow down. Should it be unavailable for a whole week, significant disruption to commerce would result. 14. These systemic risks have two main sources: functional and credit. The credit risks are considered below under the heading 'credit risk'. The functional risks are those associated with the infrastructure of the interbank payment system failing to some extent. 15. The interbank payment system is reliant on technology and communications systems, as well as numerous human actors. As such, there are a number of ways in which the infrastructure of the interbank payment system could be disrupted. Examples include a major terrorist incident impacting on the computer processing installations or communications network, and a major strike of staff running the interbank payment system. Due to the importance of the interbank payment system, the participants have identified these risks to the infrastructure and redundancy measures have been designed. For example, the risk of a bombing incapacitating major communications networks is addressed as part of the government's critical infrastructure program.[16] Credit risk 16. Each client of a financial intermediary is exposed to the risk of the intermediary becoming insolvent and being unable to honour the promises it previously made. This is a risk borne by clients of all financial intermediaries, including banks, credit unions, payment facility issuers, fund managers and insurance companies. 17. This financial or credit risk has a number of elements. One is the direct risk of loss of funds held in some manner by the intermediary. For example, the direct risk to the holder of a prepaid payment facility is the risk of being unable to spend or withdraw any unused balance at the time of insolvency of the intermediary operating the facility ("issuer"). One commentator described this as, the most basic problem raised by stored value card systems: the separation of the actual cash that the consumer has committed to the stored value card (by paying the issuer or by having the issuer deduct that amount from her account) from the value stored on the magnetic stripe or computer chip in the card itself.[17] The quantum of this can be easily measured - being the sum of the balances of all of the intermediary's clients at that time. 18. A second but closely related element is the risk of non-performance resulting from insolvency. For example, a client of an insurance company is exposed to the risk that their policy will become valueless (and they will have no insurance protection) should the insurer become insolvent. 19. Credit risk is a real concern for new electronic payment facilities as well as traditional banking products.[18] As early as 1997 Budnitz reported, "Despite the recent vintage of the SVC [stored value card] industry, major problems already have occurred. ... several issuers of SVCs have gone out of business after selling tens of thousands of worthless SVCs".[19] One result of such insolvency is that consumers "may not be able to collect the value remaining on the card ... In addition, merchants who have not been paid by the issuer may demand [another] payment from consumers for purchases made with the SVC."[20] Consumers' ability to protect themselves from these risks (ie by making rational choices between intermediaries based on likely credit risk) is very limited.[21] 20. There is anassociated contagion risk with the insolvency or potential insolvency of a financial intermediary.[22] The previous article explained how payment facilities only operate successfully where payers and payees are willing to assume that value is being passed by use of the facility and that the financial intermediary will be able to honour their obligations under the facility.[23] Public confidence in the payment system is fundamental - otherwise users will be unwilling to rely on the intangible promises underlying the payments system.[24] There is a risk that the failure of one payment intermediary will result in a significant loss of confidence in intermediaries generally.[25] This risk is most pronounced in relation to large and economically significant intermediaries such as banks. Hence, intensive prudential regulation is applied to most modern banking systems.[26] 21. Each major player in the payments system is heavily dependent on each other major player. As we saw in the previous article, major financial intermediaries have massive numbers of transactions between each other each day, some of which they settle on a deferred basis via the interbank payment system.[27] Should one intermediary be unable to pay its debts when they fell due, each other intermediary would be exposed to substantial loss.[28] Another aspect of contagion risk is therefore the risk that the inability of one financial intermediary to pay its debts to other intermediaries could result in financial hardship (and in the worst case, insolvency) for those other intermediaries as well.[29] Efficiency risk (competition protection) 22. From an economics perspective, the payments system is not frictionless, nor would one reasonably expect it to be.[30] Within a free market context, service providers need to cover their costs and will charge users of their scheme.[31] They will also naturally seek to make a profit on their service - the amount will depend on the level of competitiveness of the industry. Even with a perfectly competitive industry a normal level of profit is expected to compensate the owners or investors for their investment.[32] 23. Concerns about payments system efficiency have long been a part of the regulatory concern in this area. For example, it was considered in some detail in the 1997 Financial System (Wallis) Inquiry.[33] In practice the payments system will always have some inefficiency. The efficiency risk here is that an inefficient or overpriced payment system may cost the economy an excessive amount to move money around the system. There is also the possibility that the system is of inconsistent efficiency. Either way, there is likely to be a misallocation of resources, especially if the inefficiency is institutionalised due to lack of competition.[34] 24. There is fundamental information asymmetry with many consumer products and services, and payment facilities are no exception.[35] Without freely available information about the price and features of available products, there is a real risk that the market for payment facilities will not be fully competitive.[36] Such lack of competition, particularly price competition, is likely to result in a lack of competitive downward pressure on prices and as a result higher prices than a competitive market would be expected to establish. This is a risk that exists for all financial services, not exclusively payment facilities.[37] 25. Effective competition on price and quality requires meaningful and comparable product disclosure.[38] It is unreasonable to expect consumers to rationally choose between competing products without adequate information about their prices and features. For example, "without information, consumers cannot assess accurately the benefits and disadvantages of using SVCs rather than other systems".[39] As service providers do not necessarily have an incentive to provide adequate disclosure about their product (especially its risks and shortcomings, and its price), disclosure may need to be mandated.[40] As will be seen later, this is a common occurrence in the financial services sector due to the inherent information asymmetry experienced there. 26. In the long-term, efficient participants in the market have little to fear from disclosure and competition. However, there can be a lack of incentive to be the 'first-mover' to disclose price and other sensitive matters.[41] 27. Minimum fair play rules are also important. They include prohibitions on misleading, deceptive, unconscionable and harassing conduct. Such rules discourage unfair and abusive marketing behaviour, which maximises the potential for real competition on the basis of the products' actual features and benefits. Customer protection 28. As the heading suggests, the following section focuses on risks inherent in payment facilities for individual customers (as opposed to the economy-wide risks discussed above). While this group of risks are more acute for consumers, they each apply to some extent to business customers as well. The four major types of customer risk associated with payment facilities are mis-purchasing (or mis-selling), inequality of bargaining power, product failure and transactional failure. Mis-purchasing (or mis-selling) 29. As discussed, there is fundamental information asymmetry in many areas of financial services, including payment facilities. Customers cannot be expected to make wise decisions without being provided with adequate disclosure about the products they are choosing between.[42] Without such disclosure there is a real risk of poor purchasing decisions. Decisions based on inadequate information are by definition more likely to result in sub-optimal choices and therefore the risk of misallocation of resources.[43] 30. Particularly in the US, newer payment facilities like stored value cards tend to be marketed to less sophisticated and poorer consumers.[44] This group of consumers tends to have little or no contact with existing banking products. More so than in Australia, there is a significant group of the US population without a conventional banking product (eg a cheque account) - often referred to as the 'unbanked'.[45] For example, SVCs have become the first non-cash payment systems encountered by many freshmen who enrol in a growing number of universities that have implemented smart card applications. In addition, many SVCs are available to people who do not have bank accounts. This may make SVCs attractive to low-income consumers, who often are unbanked."[46] This group tends to be less educated and experienced in financial matters. 31. Customers' making significantly sub-optimal choices between competing products is generally not in society's best interests.[47] It results in customers not obtaining the product that best meets their needs and the misallocation of resources away from those businesses who would have been able to meet customers' needs towards those who are able to attract the most customers through other means. 32. Newer and more complex products carry a greater risk of confusion and difficulty in making rational purchasing decisions. "Even well-informed and more sophisticated consumers can be confused by SVCs."[48] Intangible and abstract products also tend to carry a greater risk of mis-purchasing. With products like securities and insurance, it is generally accepted that mandatory product disclosure is needed to ensure consumers have adequate information on which they are able to rely in making purchasing decisions. In the author's view, the same is generally true for payment facilities.[49] 33. Adequate disclosure is also important to enable consumers to use a product effectively once purchased. "They also will allow the consumer to understand better his rights and obligations, as well as how to protect himself when problems arise."[50] Inequality of power 34. There is a fundamental power imbalance with many consumer products. The service provider is generally in a much stronger bargaining position due to their superior knowledge and resources. Many consumer products, including payment facilities, involve little or no effective bargaining between the parties about terms and conditions.[51] Instead, the products are usually provided on the basis of a standard, non-negotiable set of terms and conditions - a contract of adhesion.[52] There is a real risk that the terms and conditions will be objectively, or at least subjectively, unfair. That is, they will not embody a balancing of the competing interests of two equals; they will be materially biased towards one party (the financial intermediary). 35. Here we have an example of potential market failure. Left to itself, experience shows that the market will sometimes misallocate liabilities and may not provide a balanced bargain between consumers and businesses. The extent to which this is detrimental to the economy as a whole will depend on the extent to which the provider passes on any costs savings from this liability allocation on to the client in the form of cheaper prices. Full freedom of contract can result in a legally effective[53] but unfair bargain. This is true even where adequate disclosure is given; disclosure alone is not a complete solution. Where almost all service providers are offering a biased set of terms and conditions, disclosure alone is not a full solution (i.e., where there are no alternative products available). 36. This has been consumers' experience with some financial products in the past. Most relevantly for our purposes, it was consumers' experience with the initial phases of electronic funds transfer products. In Australia and overseas, terms and conditions governing such products were almost always heavily biased towards the intermediary, with almost all liabilities borne by the consumer.[54] From an economics perspective, the consumer is not necessarily best placed to bear the burden of all of these liabilities.[55] There is also doubt about whether such one-sided terms and conditions are actually "effective at law".[56] For political and other reasons, most jurisdictions have limited the parties' full freedom of contract and set minimum standards to which service providers must adhere.[57] These tend to be in the area of liability allocation and product quality. Budnitz argues that the US' limitation of consumer liability for payment facilities reflects its "acknowledgement that credit and debit cards are inherently risky payment devices".[58] 37. One topic that commentators agree that consumer payment facility terms and conditions need to address (whether the parties subjectively wish to or not) is liability allocation.[59] Various things can and do go wrong with all payment facilities, including mistaken payments, unauthorised payments, system malfunction and fraud.[60] Possible losses (liabilities) arising from these events need to be allocated between the parties to each payment scheme (payers, payees and intermediaries).[61] Allocation will be governed by the parties' bargaining power, capacity to bear the respective loss, and also society's acceptance of completely free allocation. Many countries have removed from the parties their complete freedom to allocate liabilities between themselves as they choose - instead they have mandated that the liability of the consumer be capped in certain cases. For example, consumer liability in Australia for unauthorised funds transfer transactions is generally limited to $150.[62] 38. There are a number of other matters that commentators argue should be minimum standards and in general set out in consumer payment facility contracts. A number of these are discussed in more detail below and include payment finality and discharge,[63] ongoing disclosure (receipts, periodic statements and notice of changes)[64] and dispute resolution procedures.[65] 39. One key aspect of a payment facility is whether or not use of the facility results in final discharge of payment.[66] This is also described as payment finality or non-refutability.[67] Some commentators argue that effective discharge of payment should be a minimum standard for all payment facilities.[68] Customers have a reasonable expectation that use of their payment facility will result in effective payment - that their payment obligation to the payee is discharged once the payment facility is used.[69] Product failure 40. Not only is there a concern that the features of the payment facility will not be adequately disclosed, or that the bargain represented by the product will be manifestly unfair. There is also the risk that the facility will not perform as promised: product failure. Adequate disclosure obviously assists here; at least the promise is known and the financial intermediary's performance can be judged against this. 41. Adequate disclosure is not a complete solution however. Customers have a reasonable expectation that the facility will perform as promised. With intangible products, prior evaluation of the product can be difficult. Therefore customers depend to some extent on representations made about the product by the intermediary or others[70] being truthful and predictions having at least reasonable grounds.[71] 42. Contract law provides some protection. Terms and conditions of payment facilities tend to be contractually binding, so that customers will have a legally enforceable set of rights. However, the representations made about the facility do not necessarily correspond to the formal terms and conditions. 43. There are a number of reasons why a payment facility may not perform as promised. As discussed earlier, one basic possibility is that the financial intermediary becomes insolvent. Other reasons include failure of the systems and procedures of the financial intermediary or misbehaviour by the intermediary or their employees and agents. Modern payment facilities rely heavily on technological infrastructure. For example, with a stored value card, there is a possibility that the card will malfunction. It has been reported that the president of one smart card manufacturer estimated that "one of every thousand smart cards does not work properly."[72] 44. A final type of customer concern that will be discussed here is the financial intermediary unilaterally changing the terms and conditions of the facility. Minor changes are of course normal, and most terms and conditions reserve to the intermediary the right to make changes. It is important that material changes are notified to the client a reasonable time in advance of the change taking effect. For example, "it would be unreasonable for issuers not to inform consumers of an increase in fees."[73] More seriously, however, there is the risk that the facility provider will attempt to make fundamental changes to the terms and conditions as they apply to existing clients. This can result in the consumer ending up with a facility materially different to that which they purchased, and without their agreement.[74] Consumers should be made aware when they purchase the payment facility that the financial intermediary might change the terms and conditions unilaterally.[75] Transactional failure 45. The fourth main customer risk area with payment facilities is transactional failure. There is a risk that the facility will as a whole function properly, but that in particular transactions the payment will not take place as intended (eg the wrong amount, wrong payee, wrong time) or that unauthorised payments will take place. 46. Unauthorised, mistaken and fraudulent payments are a regular enough occurrence in conventional payment facilities.[76] For this reason, the rules governing credit cards, debit cards and cheques already cover mistaken payments in some detail. Rules governing new payment facilities need to address mistaken payments.[77] This is a subset of the liability allocation issue described earlier. 47. Due to the fundamental inequality of bargaining power and resources, self-help is difficult here for customers. The loss from any individual mistaken or unauthorised payment is likely to be small or moderate, so that expensive litigation is not a viable solution.[78] However, the loss may be burdensome to individual clients. For example, some payment facilities encourage consumers to deposit their whole salary into the facility. A mistaken payment can take weeks to resolve (including refunds), leaving the consumer without money they cannot really spare. Consumer confidence is closely connected with effective dispute resolution: "If consumers are confident that the disputes that arise will be resolved effectively and efficiently, they will have increased confidence in using online banking".[79] 48. Records to show or disprove a mistaken or unauthorised payment are likely to predominantly be in the possession of the financial intermediary, such that resolving errors is likely to be difficult without a cooperative financial intermediary. Even these records may be inadequate. This is particularly an issue with offline products using smart cards where balance and transaction records are not necessarily kept other than on the smart card. 49. Even if records are kept, customers will not necessarily have access to them. Without access to at least the minimum records (eg receipts, account statements and balances) it will be difficult for customers to identify mistaken or unauthorised payments. Some payment facility providers will provide this information as of right. There is a general need for this information so that all customers can minimise the impact of transactional failure.[80] Budnitz argues, "consumers should be entitled to receive upon request their account balances and a transaction history of at least two months free or at a nominal charge".[81] 50. Finally, due to the generally low-moderate loss from each transaction and the possibility that individual consumers will not be motivated enough to report each error, systematic problems may take time to identify and remedy. This is especially likely where receipts and periodic statements are not provided. Hence, it is in the intermediary and customer's interest that transactional reports are provided. The case(s) for regulation 51. Most commentators accept that some form of regulation of payment facilities is warranted.[82] Regulation is seen as a way of encouraging adoption of payment facilities, particularly amongst consumers.[83] Payment facilities, particularly new electronic ones, "need to be encouraged by regulations that will facilitate acceptance by consumers and merchants and enable [these] systems to compete with existing retail payments systems".[84] Indeed, some commentators argue newer payment facilities need regulation to "make them competitive with other payments systems".[85] Systemic stability regulation 52. Most commentators accept that regulation at the systemic stability level is warranted.[86] Due to the importance of the continued viability of the interbank payment system, in most developed countries it is monitored and supervised by a central bank. 53. While there is undoubtedly material cost involved in a regulatory regime at the systemic stability level and the likelihood of a major system failure is low, the results of failure would be catastrophic. While it is hard to measure the cost of major system failure, one assumes it would be very costly.[87] As a result, intervention is probably warranted. The cost of avoiding a major system failure (such as the collapse of the interbank payment system) is justified by the need to avoid such failure.[88] 54. In these days of tension and fear over heightened actual or imagined terrorism risks, national security policy dictates additional protection of critical infrastructure. The payments system, particular the interbank payment system, is considered part of this. This is another argument in favour of the regulation of the systemically important interbank payment system. Prudential regulation 55. Credit risk can have a significant impact at a micro-level. Substantial personal funds could be lost as a result of insolvency of a financial intermediary. While the economy is not likely to incur major disruption as a result of the insolvency of small financial intermediary, insolvency of a major intermediary can have material impact on the economy as a whole.[89] This justifies at least some form of prudential regulation of financial intermediaries of a moderate or large economic significance. Put simply, "laws ... are needed to ensure the financial soundness of issuers".[90] 56. Perhaps more importantly, the risk of contagion - one failure causing further insolvency amongst financial intermediaries - justifies regulatory intervention. Contagion is a risk both directly in terms of mutual obligations and in terms of consumer confidence.[91] Due to the major level of interdependence in the payments system, it is worth taking steps to minimise the risk of failure of a moderate or large financial intermediary. This form of regulation, prudential regulation, is justifiable on a cost benefit basis for larger financial intermediaries involved in the payments system. 57. The argument for costly prudential regulation of small participants in the payments system, or providers of very small schemes, is more finely balanced.[92] On the one hand, as described above the contagion risk means that the failure of even smaller institutions can affect all other intermediaries. And as, in economic terms, it is clear that the money received by the issuer of an electronic purse is a bank deposit. ... Therefore, in economic terms, the reasons which led public authorities to reserve deposit-taking to a specific category of institutions should also apply to the issuers of electronic purses.[93] 58. On the other hand, prudential regulation can at best only reduce the likelihood of a financial failure, and the cost involved vis-à-vis small institutions may not always be justified. To impose full prudential regulation on payment facilities may be, in effect, "restricting [their] issuance to deposit-taking institutions".[94] Efficiency regulation (competition protection) 59. All transactions (other than cash transactions) in the economy depend on a payment facility of one sort or other. As discussed earlier, the payment system is not frictionless. Financial intermediaries providing payment services charge a price for their services. Should the price be above that which equilibrium in an efficient market could be expected to establish, there is a risk of misallocation and wastage of societies' scarce resources.[95] For example, assume payment facility providers charged an average fee of 1% of the underlying transaction. Should the equilibrium price be closer to 0.9%, this difference of 0.1% could across the economy amount to hundreds of millions of dollars on an annual basis.[96] This is money that society as a whole may wish to spend on other socially important endeavours. 60. Therefore, any intervention of lesser cost than the potential savings from increased competition can be justified on a cost-benefit basis. Many measures to increase competition discussed in this paper are clearly justified, such as mandatory product disclosure (price and features).[97] Other measures that are clearly justified are fair play regulations (e.g., prohibitions on misleading or deceptive conduct).[98] 61. More invasive regulation, such as to identify and where possible reduce barriers to entry, may also be justified.[99] At the least, one can assume steps to identify methods of removing barriers and measuring their cost are justified. Whether removal is in fact justified will depend on the circumstances. Customer protection Disclosure 62. As discussed above, product disclosure is probably justified on a cost-benefit basis.[100] This includes disclosure of the facility's price (initial and ongoing), features and risks.[101] The US Federal Reserve Board in its consideration of whether mandatory product disclosure was justified for stored value cards stated, "providing initial disclosures probably would not impose significant compliance costs".[102] Market forces alone are unlikely to produce a satisfactory level of product disclosure.[103] 63. Ongoing disclosure is also probably warranted on a cost-benefit basis.[104] Providing notice of changes to terms and conditions, receipts, periodic statements and balances will involve some cost to financial intermediaries. However, this is information often exclusively in the possession of the intermediary and it would be inefficient to leave it to consumers to discover themselves.[105] Notice of changes to terms and conditions is needed to ensure that consumers continue to know their rights and responsibilities under the product, and to ensure they have the opportunity to dispose of the product if for some reason the intermediary changes the terms in a manner materially adverse to the consumer. 64. Notices of changes to terms and conditions are difficult for some payment facilities.[106] For example, with some highly transferable smart card products the issuer may not know who is the holder of the product at all times. One option is to "prohibit issuers from changing terms unless they provide notice. ... Prohibiting issuers from changing terms unless they notify consumers of the changes leads to a sensible allocation of cost between the issuer and the consumer."[107] Broadly circulating notice such as in a daily newspaper is presumably possible even for highly transferable products. However, the effectiveness of such notice is debatable. 65. For those products for which direct (personal) notice of changes of terms is practically possible, mandating this practice will generally be justifiable on a cost-benefit basis. And as a matter of contract law, presumably notice of some kind would be needed anyway. For those products where direct notice of changes of terms is not practicable it is arguable that changes of terms and conditions should generally not be permitted.[108] 66. Similar issues arise for periodic statements and transaction histories.[109] For some products, sending a periodic statement to the client is difficult and even impracticable (eg highly transferable 'stored value' smart cards).[110] However, in most cases, the provision of transaction history on request (eg via an ATM, phone or internet facility) will be practically possible.[111] As Hughes argues, "consumers should be able to obtain records and histories of their transactions to the full extent that the payment provider is capable of providing them".[112] Minimum standards 67. One can certainly argue that ideally "certain practices should be mandated to prevent [payment] systems from operating in an unfair manner."[113] As discussed earlier, inequalities in bargaining power mean that consumers are unlikely to be able to demand completely fair terms for some payment facilities. To the extent that minimum standards impose costs on financial intermediaries (by requiring them to implement features or processes they would not have otherwise adopted), prices may rise as a result. Therefore, minimum standards should be used sparingly and only in relation to particularly important issues.[114] In other cases, one can probably argue adequate disclosure is a more appropriate response on a cost-benefit basis. 68. For example, instead of mandating that payment facilities must provide for final discharge, financial intermediaries could be required to disclose at least initially whether use of the payment facility results in final discharge of payment. This is likely to be a less costly intervention than requiring finality of discharge in all cases and, as long as the disclosure is prominent (and consumers appreciate the importance of the issue),[115] consumers should be in a position to choose whether or not the product is suitable for them. "Certainty about the degree of finality, whether great or small, is an essential element of established payment systems".[116] 69. One minimum standard most commentators seem to agree on is the need for non-court error or dispute resolution processes.[117] The availability of such processes is probably justified on inequality of bargaining power arguments. An added justification is that such processes help to identify systemic problems to the benefit of all involved by making it more likely consumers will actually notify the intermediary of errors. Indeed, "without minimum error resolution procedures and corresponding accountability, the integrity of SVCs as a payment mechanism will be compromised severely".[118] In some jurisdictions, only licensed entities may issue or distribute payment facilities. Conduct and disclosure licensing may or may not be linked to prudential regulation. Licensing regimes can involve some minimum entry standards (eg competency, systems and capital) and ongoing standards (eg supervision, responsibility for agents and employees, record keeping and regular external audits).[119] Licensing can also provide the relevant regulator with a greater capacity to supervise intermediaries and respond in a timely manner to problems. 70. Both licensing and registration is costly - licensing more so. Registration at its simplest level can merely involve each financial intermediary identifying itself to the relevant regulator before commencing business. This enables the regulator to keep an accurate register of all current payment facility operators for its and the public's use.[120] Some form of licensing or registration is probably justified for moderate and large financial intermediaries. As with prudential regulation, the argument for costly licensing of small participants in the payments system, or providers of ultra small-scale schemes, is more finely balanced. On balance, registration is probably justified even for small financial intermediaries in the payments system. Existing regulation Australia 71. The existing regulatory regime for payment facilities in Australia is fragmented.[121] The forms of regulation include legislation, case law and industry codes. The regulatory roles are spread between a number of state and federal agencies. 72. The Australian Securities and Investments Commission (ASIC) has two main roles in relation to payment facilities under two pieces of legislation. Under the Corporations Act 2001, ASIC licenses issuers and distributors of 'non-cash payment facilities'. These are defined as facilities through which a person makes (or causes to be made) non-cash payments.[122] Non-cash payments are helpfully defined as payments made by means other than the circulation of currency.[123] According to ASIC, examples of payment facilities caught by this regime are "cheque accounts, travellers cheques, stored value cards, electronic cash, direct debit services, funds transfer services and electronic bill payment services. Depending on the circumstances, gift vouchers, telegraphic transfers or loyalty schemes may also be non-cash payments."[124] 73. The Corporations Act also imposes a conduct and disclosure regime on those who issue or distribute non-cash payment facilities.[125] For example, licensed issuers or distributors are obliged to train and supervise their representatives, take responsibility for losses caused by their representatives, maintain records and ensure their accounts are audited annually, and ensure any personal advice they give is based on reasonable grounds. Mandatory product disclosure applies to issuers[126] of non-cash payment facilities. This disclosure must be contained in a Product Disclosure Statement (PDS) and must include (inter alia) information about the product's cost, key features, risks and any dispute resolution processes.[127] 74. ASIC also supervises minimum consumer standards set out in the Australian Securities and Investments Commission Act 2001.[128] For example, the Act implies into any such consumer financial services contract (including a payment facility contract) a warranty that the service will be provided with due care and skill and that the service will be fit for its purpose.[129] The Act also prohibits providers of financial services from engaging in misleading, deceptive, unconscionable or harassing conduct.[130] 75. Finally, ASIC supervises a number of financial sector industry codes of conduct.[131] They include the Banking Code of Conduct and the Electronic Funds Transfer Code of Conduct. These codes require subscriber intermediaries to abide by rules governing disclosure, dispute resolution, capping of consumer liability for unauthorised transactions, privacy and mistaken payments. While the codes are technically voluntary most major deposit-taking institutions have agreed to be bound by them in their dealings with consumers.[132] 76. Prudential supervision is divided between the Reserve Bank of Australia (RBA) and the Australian Prudential Regulation Authority (APRA). The payments system as a whole is supervised by the RBA at a systemic stability and efficiency level. The RBA is also a prudential regulator for 'purchased payment facilities'.[133] Purchased payment facilities are broadly[134] defined as: a facility (other than cash) in relation to which the following conditions are satisfied: (a) the facility is purchased by a person from another person; and (b) the facility is able to be used as a means of making payments up to the amount that, from time to time, is available for use under the conditions applying to the facility; and (c) those payments are to be made by the provider of the facility or by a person acting under an arrangement with the provider (rather than by the user of the facility).[135] *The RBA has the power to intervene in relation to systemic efficiency and has done so recently in its intervention in credit card interchange rates.[136] As described in the previous article, the RBA as central bank maintains the Exchange Settlement Accounts through which the interbank payment system operates.[137] *Deposit-taking institutions are supervised by APRA, including operators of those purchased payment facilities available for use on a wide basis and where the outstanding value can be redeemed for cash.[138] The precise overlap between the RBA and APRA's prudential supervision of payment facilities is unclear and having two prudential regulators is unnecessarily complicated.[139] Which regulator has supervisory responsibility for a given facility depends on the extent to which the purchased payment facility is available for use on a wide basis and whether the outstanding value can be redeemed for cash.[140] *State regulators and the Australian Competition and Consumer Commission have residual consumer protection oversight. Other consumer protections such as the Contracts Review Act 1980 (NSW) have some impact on the operation of payment facilities in Australia. United Kingdom *In contrast to the Australian and US approach, the European Commission has limited the issuing of "electronic money" to banking or similarly regulated institutions.[141] This is "due in large part to the general agreement among European policy analysts that issuing electronic currency is equivalent to taking bank deposits."[142] *As a result, issuers of electronic money in the United Kingdom need to hold an authorisation from the Financial Services Authority (FSA).[143] The FSA regime imposes conduct and disclosure obligations on issuers, as well a requiring minimum capital, product disclosure and dispute resolution processes.[144] United States *The existing regulatory regime for payment facilities in the United States is also fragmented. The forms of regulation include legislation, case law and industry codes. The regulatory roles are spread between a number of state and federal agencies. *US banking regulation is very much a state-by-state proposition. "Policy makers at the state level also have demonstrated reluctance to unduly restrict issuance rights of financial institutions."[145] As such, few have demanded that electronic payment facility issuers obtain a banking licence. The Federal Reserve Board and the Federal Deposit Insurance Commission have taken much interest in new payment facilities (eg smart cards and electronic cash), but in general have not required the issuers to hold a banking authorisation. "Addressing each of the three prerequisites for a deposit, the FDIC concluded that generally stored value cards do not qualify as deposits because the money is not held on behalf of a customer nor for a special purpose."[146] *The Federal Reserve Board and the Office of the Comptroller of Currency supervise an extensive conduct and disclosure regime.[147] For example, the Electronic Fund Transfer Act contains requirements for initial and ongoing disclosure, and record keeping and dispute resolution procedures.[148] Issuers are expected to disclose, amongst other things: how to use the card; where and how to reload the card; whether the funds in the card earn interest; where, how, and when the card can be redeemed; fees charged; the name of the issuer and its obligation to redeem; who has liability if a transaction is not properly consummated; what happens if the card is abandoned or expires ... whether payment for goods and services discharges the consumer's obligation or exposes the consumer to a claim by the seller if the issuer fails to honor its obligation to the seller; whether the issuer can change the terms and conditions of use of the card without notice to the consumer; clear disclosure of the expiration date; and whether the consumer is liable for a malfunctioning card.[149] Possible future regulatory models *This final section of this article explores some possible models for the regulation of payment facilities. It will consider the elements of any regulatory model (eg disclosure or licensing) as well as some possible models. *These models are generic and are intended only to stimulate further discussion. They do not address the circumstances of any one country alone, nor are they necessarily a comment on or suggested set of changes to any existing regime. Instead, they are a set of hypothetical models for discussion in relation to the regulation of payment facilities generally. *Each jurisdiction has a number of legal tools with which it may craft a regulatory regime. They include legislation, regulatory rules, case law, private law,[150] and industry codes. Most regulatory regimes involve a combination of these. *It is important that any regulatory regime be as neutral in its impact as possible. A regime that favours one business model over another, one technology over another and so forth is likely to distort the market's process of natural selection.[151] This will result in one group of products or issuers having a favoured status over others for reasons other than their ability to meet customers' needs. Rather, "regulation should be designed in a manner that will not impede further technological and marketing innovation".[152] As far as possible, the regulatory regime shouldn't favour one technology or business model over another. *One commentator noted, "as nature abhors a vacuum, so do regulators".[153] For obvious reasons, readers will appreciate this author's reluctance to comment on the most appropriate regulator(s) to supervise any hypothetical regime covering payment facilities. However, in the author's view, the presence of a regulator with supervision and enforcement powers is an important part of any effective regulatory regime for payment facilities. It is assumed that for each of the regulatory models discussed below, a regulatory agency of some sort would be involved. *Secondly, an efficiency or competition protection regime is generally accepted as justifiable and necessary for payment facilities. Product disclosure is discussed further below. Minimum fair play rules are also needed. As discussed above, they include prohibitions on misleading, deceptive, unconscionable and harassing conduct. It is assumed that for each of the regulatory models discussed below, a fair play regime of some sort would be involved. Thirdly, a systemic stability regime is generally accepted as justifiable and necessary for payment facilities. Systemic stability level oversight of at least the larger players in the payment system is a core element of a regulatory regime for payment facilities. This is often achieved by appointing the central bank as operator and supervisor of the interbank payment system. It is assumed that for each of the regulatory models discussed below, a systemic stability regime of some sort would be involved. Tools *Prudential oversight of at least the larger players in the payment system is one core element of a regulatory regime for payment facilities. This may be integrated with some form of conduct and disclosure licensing. Another core element is some minimum standards applying to consumer payment facilities. Initial and ongoing disclosures are further core elements of any regulatory regime for payment facilities. *The prudential element needs to provide for the minimisation of insolvency risk for financial intermediaries whose failure is likely to have a material impact on individual customers or the economy as a whole. This is true for intermediaries who provide a deposit-taking service, regardless of whether they are banks in the traditional sense. Intermediaries that accept the 'deposit' of funds on a large scale and promise to repay the money or make payments with it as the customer directs ought to be supervised prudentially. Prudential supervision tends to involve a combination of minimum capital or other financial resources together with mandatory risk management systems and controls. This can be implemented through a stand-alone licensing regime or as part of a wider conduct and disclosure licensing regime.[154] *There is a good argument for excluding from the prudential regime any intermediary with only a small-scale payment facility business. While any definition of 'small' is arbitrary, an example of where to draw the line is the $1 million exemption provided for by the RBA and €5 million by the FSA.[155] Regardless, intermediaries who participate in the interbank payment system (or any other 'core' payment system) should be regulated under a prudential type regime for systemic stability reasons. This is partly provided for by ensuring that the central bank or another government agency oversees the interbank payment system and its participants. *Broader conduct licensing is the next element in any hypothetical regulatory regime. This may be integrated with a prudential licensing regime - or the two licensing regimes may be separate. A conduct licensing regime will involve a regulatory agency conducting some kind of initial assessment of an entity before they commence a business of issuing or distributing payment facilities. It will also provide for an agency to supervise licensed intermediaries to ensure that they comply with (for example) their disclosure obligations and the minimum standards. *In the author's view, initial disclosure needs to cover the following ten matters: * the name and contact details of the issuer and any other person responsible for operating the facility; * how the facility works (e.g., how consumers can add to or withdraw from the facility's balance) and whether the facility expires[156] * whether the facility balance earns any type of return and whether it is insured, held in trust or otherwise protected (e.g., a bank guarantee); * the amount and nature of any fees or charges; * what to do if the facility's security is compromised (e.g., the access card is lost or stolen); * how errors and disputes are resolved (e.g., if there is a mistaken or unauthorised transaction); * how personal information about customers is treated; * whether and how the customer may obtain their balance and transaction history (e.g., a periodic statement); * whether payments made using the facility result in final discharge of the customer's debts to third parties; and * whether and how the issuer may change the terms and conditions of the facility. *In the author's view, these upfront[157] disclosures should be required for all consumer payment facilities (even small schemes)[158] and would be worth considering for non-consumer[159] facilities as well. "Disclosure regulation is at the core of any regulatory scheme to protect consumers as it enhances consumers' ability to assess financial products and make informed decisions."[160] Initial disclosure is the third element of a regulatory regime for payment facilities. *Four main types of ongoing disclosure are generally discussed. They are: notice of changes to terms and conditions, transaction receipts, periodic statements and balance information on demand. All four involve cost but, as discussed earlier, on balance they are probably justified. The manner of notice can also vary - for example notice of changes can be sent to clients by post, fax, or email; balance information can be provided with each transaction or via some kind of at call facility (eg at an ATM or via phone/internet facility). Some form of ongoing disclosure is the fourth element of any regulatory regime for payment facilities. *Minimum standards are the fifth core ingredient of any regulatory regime for payment facilities. Payment facilities should at least be obliged to have a dispute resolution process. To avoid frustrating such a process, intermediaries should be required to keep adequate records of transactions by their customers. The other core minimum standard that should be mandated is the implementation of a set of rules dealing with the allocation of liabilities for mistaken or unauthorised payments, or facility malfunctions[161] Ideally, the rules should represent an objectively fair bargain and limit the consumer's liabilities. However, this may be too onerous for some products. Mandatory liability allocation rules can also be characterised as a disclosure requirement rather than a substantive minimum standard, as at its most basic the requirement should be simply to disclose how losses will be allocated as and when certain problems occur.[162] Rules regarding finality of payments are another possible minimum standard.[163] Models Unitary regime *The simplest regime is a unitary one. It would apply the core elements of the regulatory regime to all players. By necessity it would involve some of the moderately costly regulatory elements being imposed on all operators (even though it may be excessive for some lower risk operations), but would mean the most costly elements would not be applied at all (even though justified for some larger operations). *The author's suggestion is that a unitary regime would probably involve the following elements: * conduct and disclosure licensing, but no prudential regulation; * initial product disclosure; * some ongoing disclosure - receipts, notice of changes of terms and conditions, and balance and transaction history information on request only; and * mandatory error resolution, record-keeping and liability allocation procedures. *In the author's view such a unitary model is unsatisfactory. Prudential regulation is clearly warranted for larger payment facilities and, as it is probably not realistic to apply to all payment facilities, this is an argument against a one-size-fits-all approach. At the same time, some of the requirements one would have to apply to very-small scale schemes under a unitary regime would probably be unduly onerous. For example, it is arguable that a positive licensing regime is excessive for very-small scale schemes. Two-tiered *A two-tiered regime allows for a more tailored regulatory approach. It requires a somewhat arbitrary distinction between smaller (lower impact) and larger (higher impact) schemes. Different jurisdictions use different boundaries, but the most practical and relevant here are probably either a monetary limit or a functional limit. Examples of a monetary limit would be to set the boundary at payment schemes with capped total balances of (say) $5,000,000 (all facilities issued by the intermediary). Possible functional limits would be to draw the line at facilities that can only be used for one-off transactions (eg gift vouchers), with a small group of payees (merchants) or for a small number of uses (eg a transit card or university card).[164] *A suggested regulatory regime for smaller (lower impact) and larger (higher impact) schemes (on a two-tiered model) would probably involve the elements in the table below. Table 1: Two-tiered model Smaller schemes (those with limited Larger schemes (the functionality and/or remaining products) capped balances) registration with a conduct and disclosure conduct, disclosure and regulator, but no prudential licensing prudential regulation initial product disclosure initial product disclosure some ongoing disclosure – ongoing disclosure – receipts, notice of receipts, notice of changes changes of terms and of terms and conditions, conditions, and balance periodic statements[165], and transaction history and balance information on on request only request mandatory error resolution, mandatory error resolution, record-keeping and record-keeping and liability liability allocation allocation procedures procedures *A two-tiered regime provides some basic flexibility within a simple model. This simplicity minimises the confusion amongst participants, including consumers. Complexity adds costs for industry (to understand and maintain their regulatory status) and can cause consumer confusion. As such, flexibility and tailoring needs to be balanced against simplicity and certainty. Three tiered *A three-tiered regime allows for a considerably tailored regulatory approach. Again, it requires somewhat arbitrary distinctions between smaller, moderate and larger schemes. Different jurisdictions use different boundaries, but the most practical and relevant here are again probably monetary and functional limits. Examples of a monetary limit would be to set the boundary between: (a) smaller (lower impact) and moderate (moderate impact) schemes at those with capped total balances of (say) $1,000,000 (all facilities issued by the intermediary); and (b) between moderate (moderate impact) and larger (higher impact) schemes at those with capped total balances of (say) $10,000,000 (all facilities issued by the intermediary). *Examples of functional limits would be to draw the line between smaller (lower impact) and moderate (moderate impact) schemes at those facilities that can only be used for one-off transactions (eg gift vouchers), with a small group of payees (merchants) or for a small number of uses (eg a transit card or university card).[166] *A suggested regulatory regime for smaller, moderate and larger schemes (on a three-tiered model) would probably involve the elements in the table below. Table 2: Three-tiered model Smaller schemes Moderate schemes (those with (those with a both limited capped functionality $10,000,000 Larger schemes and capped balance but (those remaining) $1,000,000 without the balance) limited functionality) registration with a conduct conduct and conduct, and disclosure disclosure disclosure and regulator, but licensing, but no prudential no prudential prudential licensing regulation regulation initial product initial product initial product disclosure disclosure disclosure ongoing some ongoing disclosure – ongoing disclosure disclosure – receipts, notice – receipts, notice notice of of changes of of changes of changes of terms and terms and terms and conditions, conditions, conditions, and periodic periodic balance on statements[167], statements[168], request only and balance on and balance on request request mandatory error mandatory error mandatory error resolution, resolution, resolution and record-keeping record-keeping and record-keeping and liability liability procedures allocation allocation procedures procedures *A three-tiered regime provides reasonable flexibility within a fairly simple model. A $1,000,000 capped scheme can be seen as a de minimis category - a category apparent in most comparable overseas regimes.[169] Whether the benefits of increased flexibility and tailoring are exceeded by the costs for industry (to understand and maintain their regulatory status) and any potential consumer confusion is unclear at this stage. On balance, this author tentatively suggests that a three-tiered model may be a useful position to take forward for further consideration. Additional analysis and research may be needed to come to a firmer view on this. However, hopefully identifying it as a potential approach will contribute to future debate and discussion. Scaled approach *A fourth possible regulatory model would be to consider each product class individually against each potential requirement. This would involve each class or sub-class of payment facility being considered in turn, and a decision made as to the appropriate regulatory regime. For example, one would take cheque accounts and consider which of the five regulatory elements are appropriate and the details of the relevant rules to apply (eg exactly which disclosures to require etc). Then one would take off-line smart cards and consider each regulatory element in turn, and so on. *The advantage of such an approach is that each type of product would have a highly tailored regulatory regime. It would minimise the risk of under- or over-regulating a product class. However, it is likely to result in far greater complexity, and may stifle innovation and product development. Revisions to existing products and the development of new products would be complicated due to questions about the applicable regulatory category for the revised or new product. Compliance costs are likely to be considerably higher under such a regime. *Regimes that develop over a long period of time tend to resemble this model. As each new product is developed, a set of regulatory rules is applied. Depending on the prevailing regulatory and economic models, new products may inherit a more intrusive or a more 'light-touch' regime. Over time, the risk is that the differences and inconsistencies between the regulatory regimes applying to the different groups of products become both more pronounced and harder to justify. On balance, this author suggests that a fully scaled regulatory regime for payment facilities is probably not ideal. Conclusions *The previous article, 'The Development and Legal Nature of Payment Facilities', looked at the history and development of payment facilities. An understanding of the legal nature of payment facilities is vital to designing an appropriate regulatory regime for what are often conceptually difficult products. As the economy continues to be heavily reliant on payment facilities for its efficient operation, commentators and governments have taken a keen interest in the operation of payment facilities. This article has examined the four key regulatory risks arising from payment facilities. They are: systemic stability, credit risk, efficiency risk and customer protection. *The case for regulating payment facilities was considered against each of these risks. On balance, it was shown that regulatory intervention is probably justified in relation to each of those risks. A simplified cost-benefit analysis for each form of intervention guided the regulatory models discussed in the final section of the paper. *The final section of the paper considered some possible regulatory models for payment facilities. This followed a brief discussion of the current regulatory regimes applying in Australia, the United Kingdom and the United States. *Four possible regulatory models were discussed. On balance, the author expressed a tentative preference for a three-tiered model. However, all four models are possible options and together will hopefully aid future debate and discussion. Hopefully the discussion in this article, and the regulatory models, will be a useful contribution to the future development of the regulation of payment facilities in Australia and abroad. Notes [1] Rhys Bollen, 'A review of the development and legal nature of payment facilities' ["Part 1"]. Available at . [2] Blay and Clark, Australian law of Financial Institutions, 2nd edition, Harcourt Brace, 1996 at para 9.01; Alan Tyree, "Regulating the payment system - part 3", ; Randall Sifers, "Regulating Electronic Money in Small-Value Payment Systems: Telecommunications Law as a Regulatory Model" (1997) 49 Federal Communications Law Journal 701 at 710-11; Tyree & Beatty, The Law of Payment Systems, Butterworths, Sydney, 2000 at 8, 39 [3] WS Weerasooria, Banking Law and the Financial System in Australia, 5th edition, Butterworths, 2000 at para 7.2 [4] See for example the Financial System Inquiry 1996 (whose final report is known as the Wallis Report). [5] Catherine Wilson "Banking On The Net: Extending Bank Regulation To Electronic Money And Beyond" (1997) 30 Creighton Law Review 671 at 690 [6] Catherine Wilson "Banking On The Net: Extending Bank Regulation To Electronic Money And Beyond" at 690 [7] Mark Budnitz "Stored value cards and the consumer: the need for regulation" (1997) 46 American University Law Review 102 [7] at 1054 [8] Rhys Bollen, 'A review of the development and legal nature of payment facilities'. Available at . [9] Elisabeth Wentworth, "Direct Debits, Consumer Protection and Payment System Regulation - Issues of Policy and Reform" (2002) 13 JBFLP 77 at 77; cf Jane Winn, "Symposium: Clash Of The Titans: Regulating The Competition Between Established And Emerging Electronic Payment Systems" (1999) 14 Berkeley Technology Law Journal 675 at 678 where the author breaks up the four risks as liquidity, finality, transaction risk and systemic risk and Tyree & Beatty, The Law of Payment Systems at 82 where the authors break up the risks into two main groups - systemic and consumer protection. [10] B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" (1997) 46 American University Law Review 1105; Jane Winn, "Symposium: Clash Of The Titans: Regulating The Competition Between Established And Emerging Electronic Payment Systems" at 678; David Oedel "The Electronic Future Of Cash: Article: Why Regulate Cybermoney?" (1997) 46 American University Law Review 1075 at 1101 [11] Rhys Bollen, 'A review of the development and legal nature of payment facilities'. Available at . [12] Used here in the 'economy-wide' sense [13] Rhys Bollen, 'A review of the development and legal nature of payment facilities'. Available at . [14] Alan Tyree, "Regulating the payment system - part 1" ; B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1127 [15] the person making the payment (or requesting that it be made) [16] see for example, National Security Australia, 'Information for owners and operators of critical infrastructure', ; The Hon Daryl Williams AM QC MP and Senator The Hon Richard Alston, 'Protecting Australia's Critical Infrastructure' Joint News Release, 29 November 2002 [17] Walter Effross "Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" (1997) 65 University of Missouri at Kansas City Law Review 319 at 371 [18] Simon L. Lelieveldt "The Electronic Future Of Cash: Essay: How To Regulate Electronic Cash: An Overview Of Regulatory Issues And Strategies" (1997) 46 American University Law Review 1163 at 1166-1167 [19] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1028, also at 1035; Gary Lorenz "The Electronic Future Of Cash: Essay: Electronic Stored Value Payment Systems, Market Position, And Regulatory Issues" (1997) 46 American University Law Review 1177 at 1186; Judith Rinearson "Regulation Of Electronic Stored Value Payment Products Issued By Non-Banks Under State 'Money Transmitter' Licensing Laws" (2002) 58 The Business Lawyer 317 at 323 [20] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1035, also at 1062 [21] Alan Tyree, "Regulating the payment system - part 1"; Alan Tyree, "Regulating the payment system - part 2", ; Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1062 [22] Alan Tyree, "Regulating the payment system - part 3", [23] Rhys Bollen, 'A review of the development and legal nature of payment facilities'Available at ; Sarah Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" (1999) 51 Administrative Law Review 809 at 811-12 [24] Elisabeth Wentworth, "Direct Debits, Consumer Protection and Payment System Regulation - Issues of Policy and Reform" (2002) 13 JBFLP 77; Sarah Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 810; Tyree & Beatty, The Law of Payment Systems at 114 [25] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1042, 1068, 1071-72 [26] eg Banking Act 1959 (Cth) [27] Tyree & Beatty, The Law of Payment Systems at 21 [28] Alan Tyree, Banking Law in Australia, 3rd edition, Butterworths, 1998 at para 1.4; Alan Tyree, "Regulating the payment system - part 1" [29] Alan Tyree, Banking Law in Australia, 3rd edition, Butterworths, 1998 at para 1.4; Alan Tyree, "Regulating the payment system - part 1"; Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1068 [30] Jane Winn, "Symposium: Clash Of The Titans: Regulating The Competition Between Established And Emerging Electronic Payment Systems" at 678 [31] or third parties willing to pay for others to use the scheme [32] David Lont, "A re-examination of unspecified operating expense disclosure requirements in New Zealand: Has FRS 9 made a difference?" Department of Accountancy and Business Law, University of Otago, at 13; Julie A. Caswell, "Consumer Choice Policy", University of Massachusetts at Amherst, at 2; Professor Bainbridge, "The fallout from Grasso? How about more worthless disclosure?", 24 September 2003, ; Australian Consumers' Association, "Submission to the Review of the Code of Banking Practice", July 2000, at 7 [33] Financial System Inquiry Final Report 1997, ; Elisabeth Wentworth, "Direct Debits, Consumer Protection and Payment System Regulation - Issues of Policy and Reform" at 79 [34] David Lont, "A re-examination of unspecified operating expense disclosure requirements in New Zealand: Has FRS 9 made a difference?" at 13; Julie Caswell, "Consumer Choice Policy" at 2; Professor Bainbridge, "The fallout from Grasso? How about more worthless disclosure?"; Australian Consumers' Association, "Submission to the Review of the Code of Banking Practice" at 7 [35] Australian Treasury, 'Financial Markets and Investment Products: Promoting competition, financial innovation and investment' (CLERP 6, 1st paper), 1997, at 104 [36] Harvard Law Review, "Consumer Protection And Payment Systems: Regulatory Policy For The Technological Era" (1985) 98 Harvard Law Review 1870 at 1883 [37] CLERP 6, 1st paper, at 104 [38] CLERP 6, 1st paper, at 104 [39] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1066 [40] B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1121; Walter Effross "Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 383 [41] ie where competitors are not doing the same [42] Harvard Law Review, "Consumer Protection And Payment Systems: Regulatory Policy For The Technological Era" at 1880 [43] David Lont, "A re-examination of unspecified operating expense disclosure requirements in New Zealand: Has FRS 9 made a difference?" at 13; Julie Caswell, "Consumer Choice Policy" at 2; Professor Bainbridge, "The fallout from Grasso? How about more worthless disclosure?"; Australian Consumers' Association, "Submission to the Review of the Code of Banking Practice" at 7 [44] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1029 [45] Catherine Wilson "Banking On The Net: Extending Bank Regulation To Electronic Money And Beyond" (1997) 30 Creighton L Rev 671 at 688 [46] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1036 [47] David Lont, "A re-examination of unspecified operating expense disclosure requirements in New Zealand: Has FRS 9 made a difference?" at 13; Julie Caswell, "Consumer Choice Policy" at 2; Professor Bainbridge, "The fallout from Grasso? How about more worthless disclosure?"; Australian Consumers' Association, "Submission to the Review of the Code of Banking Practice" at 7 [48] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1036-7 [49] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1043 [50] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1046 [51] Walter Effross "Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 376 [52] Carter and Harland, Contract Law in Australia, 2nd edition, Butterworths, 1991 at para 224 [53] usually at least - see below and Contracts Review Act 1980(NSW) [54] Alan Tyree, "Regulating the payment system - part 1"; Alan Tyree, "Regulating the payment system - part 2"; Alan Tyree, "20+ years of NZ and Australian banking law", August 2003, [55] Again, the extent to which this is detrimental to the economy as a whole will depend on the extent to which the provider passes on any costs savings from this liability allocation on to the client in the form of cheaper prices. [56] Alan Tyree, "Mistaken internet banking", March 2003, [57] Eg the Electronic Funds Transfer Code of Conduct (EFT Code) in Australia (available at ; Gregory Maggs "New Payment Devices And General Principles Of Payment Law" (1997) 72 Notre Dame Law Review 753 at 770; Ronald Mann "Regulating Internet Payment Intermediaries" (2004) 82 Texas Law Review 681 at 693 [58] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1051 [59] Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 824; Robert Stankey, "Internet Payment Systems: Legal Issues Facing Businesses, Consumers and Payment Service Providers" (1998) 6 CommLaw Conspectus 11 at 14-15; Clayton Gillette, "Rules, Standards, And Precautions In Payment Systems" (1996) 82 Virginia Law Review 181 at 184 [60] Banking and Financial Services Ombudsman, "Emerging issues in electronic banking dispute resolution" September 2003, at 3, 7; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 825; Ronald Mann "Regulating Internet Payment Intermediaries" (2004) 82 Tex. L. Rev. 681 at 695 [61] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1034 [62] EFT Code clause 5.5(c); Gregory Maggs "New Payment Devices And General Principles Of Payment Law" at 771-2 [63] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1066; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 825 [64] CLERP 6, 1st paper, p100; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 825-6 [65] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1071 [66] Sarah Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 824 [67] Randall Sifers, "Regulating Electronic Money in Small-Value Payment Systems: Telecommunications Law as a Regulatory Model" at 723 [68] or at least most [69] Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 825 [70] eg distributors [71] eg s769C of the Corporations Act provides that in the context of financial services, a representation about a future matter is taken to be misleading if not based on reasonable grounds [72] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1034-35; see also at 1065 [73] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1048 [74] Australian Competition and Consumer Commission, "Submission to the Senate Economics References Committee inquiry into the effectiveness of the Trade Practices Act 1974 in protecting small business", ; Paul Gillett, "Not the contract you started with", Choice Magazine, November 2002, [75] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1048; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 825 [76] Banking and Financial Services Ombudsman, "Emerging issues in electronic banking dispute resolution" at 3; Ronald Mann "Regulating Internet Payment Intermediaries" at 695 [77] Alan Tyree, "Mistaken internet banking"; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 825 [78] Alan Tyree, "Regulating the payment system - part 2"; Banking and Financial Services Ombudsman, "Emerging issues in electronic banking dispute resolution" at 7; Harvard Law Review, "Consumer Protection And Payment Systems: Regulatory Policy For The Technological Era" at 1879 [79] Banking and Financial Services Ombudsman, "Emerging issues in electronic banking dispute resolution" at 8 [80] Sarah Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 824, 825-6 [81] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1071 [82] As discussed later, the forms of regulation include legislation, case law and industry codes. [83] Timothy Ehrlich "To Regulate Or Not? Managing The Risks Of E-Money And Its Potential Application In Money Laundering Schemes" (1998) 11 Harvard Journal of Law & Technology 833 at 860; Tyree & Beatty, The Law of Payment Systems at 82 [84] Sarah Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 810 [85] Sarah Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 821 [86] Alan Tyree, "Regulating the payment system - part 1" [87] Jane Winn, "Symposium: Clash Of The Titans: Regulating The Competition Between Established And Emerging Electronic Payment Systems" at 680-81 [88] Jane Winn, "Symposium: Clash Of The Titans: Regulating The Competition Between Established And Emerging Electronic Payment Systems" at 681-82 [89] See for example the insolvency of HIH Insurance. [90] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1062 [91] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1072 [92] B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1114 [93] Randall Sifers, "Regulating Electronic Money in Small-Value Payment Systems: Telecommunications Law as a Regulatory Model" at 721 [94] B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1114; Ronald Mann "Regulating Internet Payment Intermediaries" at 707 [95] ACCC and RBA, 'Debit and Credit Card Schemes in Australia: A Study of Interchange Fees and Access', October 2000 ; Payment System Board, Annual Report 2003, [96] Based on 2003-2003 GDP of $740 billion, the annual cost could be around $740 million. See [97] Payment System Board, Annual Report 2003; [98] Louise Sylvan "Consumer regulation - How do we know it is effective?", Speech to the National Consumer Congress, Melbourne, 15 March 2004, ; Harvard Law Review, "Consumer Protection And Payment Systems: Regulatory Policy For The Technological Era" at 1888 [99] Payment System Board, Annual Report 2003 [100] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1037; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 823 [101] Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 824-6 [102] as quoted in Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1046; B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1121 [103] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1029 [104] Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 827 [105] CLERP 6, 1st paper, at 104 [106] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1048-9 [107] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1048-9. That is, costs saved by not recording the identity and contact details of the customer are balanced by the (opportunity) costs of not being able to change the terms and conditions as they apply to existing customer. [108] Broadly circulating notice such as in a daily newspaper is presumably possible even for highly transferable products. However, the effectiveness of such notice is debatable. [109] Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 826-7 [110] Ie cards where the only balance record is the one kept on the smart card [111] Walter Effross "Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 385; Gary Lorenz "The Electronic Future Of Cash: Essay: Electronic Stored Value Payment Systems, Market Position, And Regulatory Issues" at 1206 [112] Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 827 [113] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1071 [114] The EFT Code sets out a number of rules industry, consumers and regulators agreed upon as minimum standards. [115] Consumer financial literacy research suggests that care should be taken in assuming substantial consumer understanding of other than very basic financial products. [116] Jane Winn, "Symposium: Clash Of The Titans: Regulating The Competition Between Established And Emerging Electronic Payment Systems" at 679 [117] EFT Code, clauses 10 and 18; Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 824; Ronald Mann "Regulating Internet Payment Intermediaries" (2004) 82 Tex. L. Rev. 681 at 690; Harvard Law Review, "Consumer Protection And Payment Systems: Regulatory Policy For The Technological Era" at 1878 [118] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1053-54 [119] See for example the financial services licensing regime in Chapter 7 of the Corporations Act 2001 [120] This less costly form of licensing also involves a much lesser form of oversight by the regulator. For example, it generally doesn't involve any substantive examination of the entity before it commences operations (and so does not involve setting a minimum entry standard for the industry). However, it is arguable that the substantial fixed costs associated with obtaining a licence may make some very small payment schemes unviable. [121] Alan Tyree, "Regulating the payment system - part 2" - commenting particularly on consumer protection regulation [122] Corporations Act 2001, s763A [123] Corporations Act 2001, s763D [124] ASIC Frequently Asked Questions, QFS 120 "How are non-cash payment facilities regulated?" , September 2003. [125] Part 7.7, Corporations Act 2001 [126] This applies regardless of whether the issuer is licensed under the Corporations Act, but only applies where the product is issued or sold to retail clients as defined in the Act. [127] Part 7.9, Corporations Act 2001 [128] Elisabeth Wentworth, "Direct Debits, Consumer Protection and Payment System Regulation - Issues of Policy and Reform" at 79; Alan Tyree, "Regulating the payment system - part 2" [129] Alan Tyree, "Regulating the payment system - part 2" [130] ASIC Act 2001, sections 12CA, 12CB and 12DA [131] for more information, see [132] Alan Tyree, "Regulating the payment system - part 1" [133] Tyree & Beatty, The Law of Payment Systems at 25 [134] Alan Tyree, "Regulating the payment system - part 4", [135] section 9(1), Payment Systems (Regulation) Act 1998 [136] Payment System Board, Annual Report 2003; Elisabeth Wentworth, "Direct Debits, Consumer Protection and Payment System Regulation - Issues of Policy and Reform" at 81; Alan Tyree, "The Australian Payments System", [137] Rhys Bollen, 'A review of the development and legal nature of payment facilities'. Available at . [138] Banking Regulations 1966 [139] not to mention contrary to the initial Wallis Committee recommendations to bring financial sector prudential regulation under one agency, the new APRA. [140] Banking Regulations 1966; Alan Tyree, "The Australian Payments System" [141] Directive 2000/46/EC (18 September 2000) [142] B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1113 [143] FSA Handbook (February 2004 - ) [144] FSA Handbook (February 2004 - ) [145] B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1112 [146] Catherine Wilson "Banking On The Net: Extending Bank Regulation To Electronic Money And Beyond" at 695 [147] Office of the Comptroller of the Currency, "Stored Value Card Systems--Information for Bankers and Examiners", 9 October 1996 [148] Board of Governors of the Federal Reserve System, "Report to the Congress on the Application of the Electronic Fund Transfer Act to Electronic Stored-Value Products", March 1997 [149] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1069-71; also at 1065; see also Jane Hughes, "Regulation Of Electronic Commerce: A Case For Regulating Cyberpayments" at 824-6; Walter Effross "Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 340-41 [150] i.e., contractual arrangements [151] Simon L. Lelieveldt "The Electronic Future Of Cash: Essay: How To Regulate Electronic Cash: An Overview Of Regulatory Issues And Strategies" at 1166-1167; B Smith and R Wilson, "The Electronic Future Of Cash: Article: How Best To Guide The Evolution Of Electronic Currency Law" at 1127; Randall Sifers, "Regulating Electronic Money in Small-Value Payment Systems: Telecommunications Law as a Regulatory Model" at 727; Walter Effross "Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 361, 378 [152] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1029 [153] Judith Rinearson "Regulation Of Electronic Stored Value Payment Products Issued By Non-Banks Under State 'Money Transmitter' Licensing Laws" (2002) 58 Bus Law 317 at 321 [154] Compare the Australian twin peaks model (separate prudential and conduct/disclosure regulators) with the single regulator model in the United Kingdom [155] RBA, "Regulation Of Purchased Payment Facilities Under The Payment Systems (Regulation) Act 1998", 10 March 2004, ; FSA Handbook (February 2004 - ) [156] in whole or part [157] eg at point of sale [158] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1069 [159] ie business [160] Federal Treasury, "Financial Products, Service Providers and Markets Implementing" (CLERP 6, 2nd paper), 1999, para 4.2 'The importance of disclosure' [161] eg technology failure with the access card or smart card [162] It can be assumed that for all payment facilities, there will be some mistaken and unauthorised payments: Banking and Financial Services Ombudsman, "Emerging issues in electronic banking dispute resolution" at 3 [163] However, in the models below, finality of payment is addressed as a disclosure issue. Instead of imposing a particular finality rule, the proposed models would require that the extent to which use of the facility results in final payment must be disclosed. [164] Timothy Ehrlich "To Regulate Or Not? Managing The Risks Of E-Money And Its Potential Application In Money Laundering Schemes" at 841; Walter Effross " Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 331; Tyree & Beatty, The Law of Payment Systems at 17 [165] or transaction history on request, where periodic statements are not practically possible [166] Timothy Ehrlich "To Regulate Or Not? Managing The Risks Of E-Money And Its Potential Application In Money Laundering Schemes" at 841; Walter Effross " Putting The Cards Before The Purse?: Distinctions, Differences, And Dilemmas In The Regulation Of Stored Value Card Systems" at 331 [167] or transaction history on request, where periodic statements are not practically possible [168] or transaction history on request, where periodic statements are not practically possible [169] Mark Budnitz "Stored value cards and the consumer: the need for regulation" at 1043-44; FSA Handbook (February 2004 - )