28
Examination of witness
David Geale.
Q364 The Chair: Welcome to today’s meeting, which is the eighteenth oral evidence session as part of the committee’s inquiry into the FCA and PRA’s secondary competitiveness and growth objective. Thank you to you, David Geale, for attending.
A list of the interests of members relevant to the inquiry is available online. The session is open to the public, is broadcast live, and is subsequently accessible via the parliamentary website. A verbatim transcript will be taken of the evidence and will be put on the parliamentary website. A few days after this session you will be sent a copy of the transcript to check it for accuracy; it would be helpful if you could advise us of any corrections as quickly as possible. If after this evidence session you wish to apply, clarify or amplify any points made during your evidence or have any additional points to make, you are welcome to submit supplementary written evidence to us.
I apologise for the hoarseness of my voice, but many of us Members were up until 1 am working in the House of Lords; the House of Commons went down at 4.30 pm. So, Mr Geale, would you like to make an opening statement?
David Geale: Yes, and if I may, my surname is pronounced “Jeel”, so thank you. First, thank you for inviting me to give evidence on behalf of the Payment Systems Regulator, or the PSR, to this inquiry. While the PSR is not at the centre of the inquiry, I do very much recognise that our role and our recent work have been featured in the evidence of a number of other parties and I welcome the opportunity to discuss that.
As the committee will be aware, the PSR is the UK’s economic regulator of payment systems and we are set up as an independent subsidiary of the Financial Conduct Authority by its own board and statutory objectives. We are unique among financial regulators in having a primary statutory objective to promote innovation, and that flows through everything that we do. That sits alongside our other statutory objectives: to promote competition and the interests of businesses and consumers as users of payment systems. Under these objectives we strive to achieve thriving, world-leading payment systems where competition and innovation deliver accessible, convenient, secure, trusted and value-for-money services that meet the needs of people and businesses.
In recent years we have made a number of major interventions, including taking significant steps to reduce authorised push payment fraud: first through the rollout of confirmation of payee to cover 99% of transactions under the faster payment system, and secondly through our APP, or authorised push payment fraud reimbursement policy, which is aimed at protecting consumers but also, importantly, increasing incentives on firms to act. That all helps to build trust in UK payments.
We have also carried out market studies into the card-acquiring market and, more recently, into cross-border interchange fees and scheme and processing fees. The resultant remedies, some which we are still consulting on, are aimed at improving competition for the benefit of many UK small businesses. We have also used our supervisory and enforcement powers to close down cartels in the prepaid cards market and to levy significant fines where appropriate.
We recognise, of course, that there is always more that we can do. We welcome the National Payments Vision in providing further clarity of roles, and we are absolutely committed to playing our part alongside the Bank of England, the FCA and the Treasury, in ensuring co-ordination and collaboration across regulators.
Finally, as an economic regulator it is worth noting that we do differ from the FCA and the PRA. For example, we do not authorise firms and we do not have a large rulebook. In other ways we are similar. So, we scan the market, we look for what is happening out there, we analyse that, we develop policies aimed at improving markets in line with our statutory objectives, and we supervise and enforce our requirements.
We very much welcome the clarity and challenge provided through the National Payments Vision, but also our joint remit letter with the FCA, and we take on board the challenge in the Prime Minister’s growth letter. These tally with our recently published mid-strategy review, in which we said that we would complete the important work we have started, in particular our variable recurring payments for open banking and our card reviews. With the Bank of England, we will carry out a review of the funding and governance for Pay.UK, while driving forward work to upgrade faster payments, looking at the longer-term infrastructure needs and developing new innovation capabilities within the PSR to support businesses. While we are doing that, we will work ever closer with our regulatory partners, challenging ourselves, as a learning organisation, to be as efficient and effective as possible in doing so. I look forward to our discussion.
The Chair: Mr Geale, I apologise for mispronouncing your name.
David Geale: Not at all.
Q365 The Chair: You used the word independent to describe your organisation. So, on my reading of the Financial Services (Banking Reform) Act 2013 which set up the PSR, the Bank of England, the PRA and the Financial Conduct Authority all have the power to overrule any decision of the PSR to exercise any of its powers, subject to certain conditions. The FCA also selects the managing director of the entire board of the PSR, and the PSR staff are all employees of the Financial Conduct Authority. Does this not simply confirm the views which were set out by multiple witnesses in evidence to the committee that there is an unnecessary proliferation of regulatory bodies overseeing financial and payment services in the UK, and the PSR’s functions might reasonably be subsumed into one of the various bodies that retains the power to overrule it?
David Geale: I would address that in three parts. So, the technical answer is that the regulatory structure is, of course, a matter for the Government and we will work with that. The PSR was set up in legislation as an economic regulator specifically for payment systems: plugging a gap that would otherwise exist between the role of the FCA and the Bank of England. The FCA does not regulate payment systems.
We look at competition, innovation and the protection of users, and there are designated payment systems that we oversee. No other body can take on that role without legislation to do so and, as I say, it would require government intervention to fully enact some change. Then the second part is the work. So, as a small regulator it is easy to target what we do and say, “Actually, we are 180 people who are employees of the FCA”, I understand that. We do have our own independent board making our own decisions.
The Chair: When you say an independent board, it is appointed by the regulator, by the FCA?
David Geale: The FCA approves the appointments, that is correct.
The Chair: So how is it independent, then?
David Geale: Because we take independent decisions.
The Chair: I see.
David Geale: I used to sit on the board as a single FCA executive, our chair also sits on the board of the FCA. The other members are—
The Chair: But it has independent members?
David Geale: That is correct, yes. My view on the work is, no matter the sign above the door, the work that we do is important and needs to continue. We have made important steps in authorised push payment fraud that were bespoke changes to the PSR. We have carried out the card reviews, which again is work that has been carried out by the PSR on designated payment systems for card providers. And, working with the Bank of England, we are looking at Pay.UK reform. Again, the FCA does not have the powers to do that currently—that can, of course, be changed by the Government—but it is important that that role exists to supervise payment systems and to enforce and develop policy around that.
The other thing I would say is that we are already taking steps to improve co-ordination: there has been the creation of an executive director for payments spanning the FCA and the PSR, which is a role I am currently filling on an interim basis: so, executive director for payments within the FCA but also managing director of the PSR. That brings a certain join-up that is already bearing fruit. Open banking would be a good example where, under the previous structures, we would hold a joint meeting and have to take two different sets of decisions through two different boards. Now we can do that through one person making the decision, which is making things much quicker and more effective. We have also joined up with the Bank of England and the Treasury through the Payments Vision Delivery Committee, and our own board challenges us to be more efficient.
The Chair: I am sure you have read the evidence that we have received, which suggests that the fact that there is overlap between the FCA, the CMA and the Bank of England on payments infrastructure has duplicated compliance costs and delayed delivery of reform, such as open banking. I am still finding it difficult to understand why integrating it into the FCA as part of one organisation would not address these issues?
David Geale: First, I do not think it is a simple step to just integrate within the FCA, for the legislative reasons that I have mentioned; that would need to follow legislation.
Elements of duplication have certainly existed, and that is something that we are very much targeting and that was challenged to us under the National Payments Vision. As I said, we were running the Joint Regulatory Oversight Committee for Open Banking, co-chaired by the FCA and the PSR, and we now have that under single leadership. We can do that under the existing frameworks and structures. When we look at oversight of Pay.UK, the Bank of England is focused on resilience and the PSR is focused on competition and innovation, so the two dovetail together. If there were to be a change in regulatory structure, there would need to be a change in objectives for the individual regulators to make that work effectively.
The Chair: So you acknowledge that there has been duplication and unnecessary delay as a result?
David Geale: We all wish JROC had worked more efficiently towards the latter end. It was a product of its time and it made good progress at the beginning; the time was right to bring it under single leadership. We would accept that potentially making decisions through one person has to be more efficient than having a dual reporting line whereby you have to make decisions in two separate organisations.
Q366 Lord Sharkey: In your reply to the Prime Minister’s letter you said that supporting innovation will be a key pillar in your strategy, and you noted that you will consider key technological developments as part of that. Can you share some examples of what these technologies might be, give us some concrete examples, and say how they will contribute to growth and competitiveness?
David Geale: Certainly. The first thing I would say is there is quite a lot that can be harnessed through open banking and developing that: the infrastructure exists, it is building on that to build the models to let that take off. It already has over 11 million users and there is real potential there.
Within that the use of data and the harnessing of things such as artificial intelligence to use data more effectively to try to prevent fraud can be absolutely critical. Then we look at developments such as digital ID, which may not be directly within our remit but can be an enabler of other services and actually help other things such as open banking, for example. We are seeing an increasing use of digital wallets and, together with the FCA, we have carried out a call for input, looking at what the opportunities on digital wallets are, and we are considering the next steps on that.
Lord Sharkey: Your strategy also says that you will consider establishing an innovation pathway. Can you tell us a little more about innovation pathways, including what they are, what they do, and why you think they might be helpful?
David Geale: Of course, and I would draw on my own experience of working within the FCA. As you may know, I was seconded from the FCA around the set-up of the FCA’s innovation hub and what we at the time called Project Innovate. First, regulators do not necessarily drive innovation, it is firms that come up with the ideas and what regulators need to do is create the conditions and the encouragement for innovation to take hold.
In order to do that, an innovation team needs to be prepared to listen, understand and see what the outcomes are. Where the outcomes look to be positive, they should look to safely remove any blockages. An innovation pathway is broadly giving people a single point of contact to come to within the regulator; so they are not going to a supervisor or a policy person because they are going to somebody who is dedicated to looking at how we can take good ideas and help to develop them from a regulatory perspective. Those people should listen and seek to engage; we can convene other parties where necessary and seek to harness positive outcomes.
Q367 Lord Hollick: You are at the heart of fraud which, according to the Economist magazine, was £500 billion worldwide last year. What steps can you take to tackle fraud? It would appear, certainly from the lengthy coverage in the Economist, that it really starts with befriending, usually by an AI person—ie, nonperson—which then entraps a member of the public to enter into a relationship, using the payment system to rob them.
What steps can you take to intervene in that? What steps can you take, and are you taking, to use AI to identify potentially fraudulent programming? Educating the public is obviously an important part of this, but at the end of the day, is there anything in the payment systems that you can do to reduce this rapidly growing fraud on the public?
David Geale: Authorised push payment fraud is the key area that the PSR is looking at. I would place that within the broader fraud landscape, where the FCA has been named under the National Payments Vision as the lead regulator on fraud. But the part that the PSR plays is really around working with the banks, the faster payment system and payment providers to try to reduce fraud in the first instance and equally to make sure that customers do not lose out.
The first thing that we did was actually set up confirmation of payee, where we challenged and worked with the industry to do that. If you log on to your banking provider or through internet banking and you seek to make a payment to someone else, you will see if the name the account belongs to matches the person you are intending to pay, and it asks you to think again if those names do not match. That is a step that has been rolled out in over 99% of users of faster payments, and it is a first point of saying to the customer, “Hold on, something is perhaps not quite right here, do you want to check again that this is the person you are paying?” From personal experience I have seen that work, where I was about to pay someone and it came up with a different name. So it makes you pause, stop and check, and that is step number one.
The important thing that we introduced last year was our APP reimbursement rules. These do two things. First, where a customer has been scammed through the sort of engagement that you talk about, for example, it ensures that the victim can go to their bank and be reimbursed for that in all but a few circumstances, such as where the customer has been grossly negligent, ie ignoring multiple warnings from their bank.
We have also introduced a 50% requirement for the fraudsters’ bank to pay, which increases the incentives on firms to prevent fraud. So, if you were defrauded through this sort of scam, you would go to your bank and make a complaint. They would give you all the money back and then, working with Pay.UK behind the scenes, they would seek partial reimbursement for themselves from the fraudsters’ bank. So, the incentive for banks and payment institutions not to bank fraudsters is significantly impacted, and what we have seen as a result is firms upping their game in terms of fraud prevention through the use of tools such as AI and so on.
Lord Hollick: Are you looking to banks to do the verification under what you have just described? Is it possible for the system itself to become smarter and to identify that it is Mickey Mouse at the end of the line, rather than a company that they should be transacting with, or one that is authorised? Is there a process you can develop which actually helps to identify whether the receiver is in fact a fraudulent entity?
David Geale: As the data gets better and better, this is exactly the sort of thing that needs to happen. So, as I say, it needs a whole-ecosystem approach. As we stand today, I would suggest that banks and payment firms are better placed to spot some of these frauds than individual customers. They can give warnings and, if they have significant concern, can actually pause payments as well. This is an important change that was brought in by the Government, and the FCA issued further guidance.
We have also carried out some work looking at which banks and payment providers are most prevalent in terms of receiving fraudulent payments; who is providing banking facilities to the fraudsters. And, working with the FCA and other organisations, we can look to them to up their game and do some more around prevention.
We have done two other things: we have investigated and published information on the origination point of scams. What we see is that actually, within APP fraud, where it is originating through social media, 58% of that is coming through Meta platforms, for example. So again, there is a point of challenge that can be followed up by working together with law enforcement, which we do. Over time, as the data gets better, what you would hope is that these people would be excluded from the faster payment system and/or de-banked.
Lord Hollick: Presumably, you gather data which identifies the location, or the banks, that are particularly involved in receiving money. What steps do you take when you have identified a country or a number of banks that are very much involved in receiving money on behalf of these fraudsters? What steps can you take to then ensure that there is a red light on every transaction that is about payment to those countries or those banks?
David Geale: I would separate the two, but first it is important to say that it is not just banks, it is also e-money firms, payment firms, people providing banking services. The first thing we have done is publish that information and, where we have looked at the number of frauds per million transactions, we have published that as a table; that is available to other payment institutions, the public and law enforcement. We share that information with law enforcement and, working with the FCA, which is of course the regulator of firms—as I say, the PSR is not—we share that so that the FCA can follow up with individual firms, looking at their fraud controls. So there are a number of steps, including finding and publishing the data, sharing it with other agencies and follow-up by other agencies where appropriate. We follow-up with Pay.UK which runs the faster payment system to see where the firms are breaching their rules, and, again, it can take action against them.
In terms of other countries, that is a separate part of the system where again, between law enforcement and the banks, they would look at a list of higher-risk transactions. I would expect the payment institution to be imposing more controls around that. So if they see payments going to areas that are of more concern, and they have worries about a transaction, I would expect them to warn their customers that there is a higher likelihood of it being a fraud. If the bank continues to have significant concerns, it can actually pause that payment for up to four days on suspicion of fraud to actually work with the customer to ensure it is genuine.
Lord Hollick: Is that a long enough period to actually investigate the probity at the other end of the transaction?
David Geale: With the sophistication of tools and systems that are out there at the present time, there is a lot that can be done in four days. The banks can actually stop the payment as well if they have very serious concerns.
Lord Sharkey: How do you get the money back? These banks in foreign jurisdictions, the receiving banks, are they supposed to pay 50%?
David Geale: We cannot impose that on banks in foreign jurisdictions, we can only impose that on firms using the faster payment system for a transaction.
Lord Vaux of Harrowden: The truth is, most of this goes through a UK bank first and then gets bounced out overseas. The vast majority of fraud goes through UK banks.
Lord Sharkey: So in fact most of it is actually out of the jurisdiction?
Lord Vaux of Harrowden: At the second stage; once it is bounced out, it is very hard to get back.
The Chair: Do you have a question, Lord Vaux?
Q368 Lord Vaux of Harrowden: I do, just on the APP thing. I campaigned quite strongly that the CRM needed to be tightened up, the old voluntary scheme, because it was applied so inconsistently across the piece.
But when our fraud committee recommended around the reimbursement model, we were actually quite cautious about the blanket approach to reimbursement that has been applied, because we were worried that it creates potential moral hazard, it reduces the incentive for individuals to take responsibility for their own situation, and it puts liability on the banks even when the banks have done, frankly, everything they reasonably could do: they have warned the victim, potentially more than once, but they are still on the hook. And so it creates potentially perverse incentives for the victim: you potentially create new forms of fraud where you get collusion between two parties where money is transferred and party A then says, “I have been defrauded”, and gets the money back from the bank.
But you also create incentives for the banks to start saying, “If I’m going to have to pay anyway, I’m going to start thinking about whether I am prepared to provide banking services to people who we see as more vulnerable to being defrauded”. I just wonder, do you have the balance right with what has become effectively a blanket reimbursement scheme, rather than one that leaves some level of responsibility and duty of care on the victim themselves?
David Geale: Moral hazard is something that we were very alive to in introducing the policy. We did look at a number of things, such as whether we could scale it to certain customers and could we think about certain types of transactions, certain payment providers? That gets too complicated and leaves customers in essentially the very difficult position of trying to work out what cover and protection they have; there is a benefit to simplicity.
The steps that we have taken are, first, there is a voluntary excess that banks can apply for the first £100. So the customer can be liable for the first £100 of any scam. Payment firms do not have to apply that, some have chosen not to, some have chosen to do so. Secondly, there is a limit of £85,000 on the amount of the repayment that is mandatorily required. The customer can still complain about anything above that to their bank and go to the ombudsman, who will decide whether the bank took reasonable steps or not.
But there is also the consumer standard of caution, where a customer has ignored repeated warnings and effectively been unreasonable in terms of saying, “No, I’m ignoring all that, you have told me it is a fraud, I know it is a fraud, I hear what you’re saying, you’ve told me multiple times. You’ve given me some quite detailed and specific reasoning, I’m going to go ahead anyway”. Then the bank can refuse to make that reimbursement. If the customer is unhappy with that, they can go to the Financial Ombudsman, who will decide whether the bank has been reasonable in applying that standard or not. That standard does not apply to vulnerable customers, nor does the £100 excess. What I would say is that we are committed to carrying out an independent review of the policy as a whole, which will include looking at whether we have that balance right and what the implication is of moral hazard. What we have seen so far—
The Chair: Just before you go on, when you said that standard does not apply to vulnerable customers, what did you mean?
David Geale: Sorry, so banks cannot apply a £100 excess, nor can they apply the consumer standard of caution to vulnerable customers.
The Chair: What is the definition of a vulnerable customer, in this case?
David Geale: For simplicity it is mirroring the FCA’s vulnerable customer definition. So basically it is somebody who, through the circumstances that they find themselves in, could be more susceptible to being taken advantage of, in particular if the bank has not followed the right steps.
Lord Vaux of Harrowden: Are we seeing any evidence at all of banks starting to be more cautious about whom they take on as customers, so not taking on people who they think might be more at risk of fraud?
David Geale: I would say it is early days for the policy as it has only been in effect since October, and I have not heard that as a challenge at present. When we looked under the FCA, banks were already tightening up their controls around the customers they take on and making sure they have proper verification, but that is something we will look at through the review.
Lord Vaux of Harrowden: It is not so much for verification, but the fact that—to stereotype slightly—an elderly person might be more at risk of fraud. Although actually it is often younger people who are more at risk of fraud. But do we have an increased incentive to banks not to provide banking services to people they think might be more at risk, is there any evidence of that happening?
David Geale: My apologies, I was looking at it the other way around in terms of banking fraudsters, which we do not want to do. I would say the controls around banking fraudsters are certainly going up, and that is a good thing.
To your point, though: no, I have not seen any evidence to suggest that banks are removing services from vulnerable customers. There are a variety of services that can be used, including things such as through PaymentsFirst, prepayment cards, basic bank accounts through banks and so on, so I would certainly say that there is a lot that can be done with that. We have not seen any evidence of concerns there, but we will pick that up through our independent review.
Q369 The Chair: Just on that point, relying on my memory, we had evidence from Santander, which said that a number of banks—I cannot remember whether theirs was—had set up these sorts of spell-breaking kinds of groups for people who had gone on to dating sites and other things on the internet. The evidence given to the committee was that the bank would say to the customer “You should not send this person that you think is madly in love with you £3,000, as we know that they are a fraudster”. But the customer would persist with doing that and then the bank had to compensate them. You now seem to be implying that that would not be the case, but the evidence we had was that it was the case. Is that not bonkers?
David Geale: What I am saying is that there are controls in place that allow the bank to assess their treatment of the customer. First, there is the consumer standard of caution. So if the customer has been negligent in terms of their approach and they have ignored repeated quite specific warnings—
The Chair: You have now used the word “repeated”.
David Geale: What I am saying is that a general warning to be careful who you pay is not enough. If you log on to your bank account and it says, “Be careful who you pay”, that would not be a specific warning relative to an individual transaction.
The Chair: But we were told that they were saying to the customer, “This person whom you think is madly in love with you”, and they have set up specific groups which they call by various names—this is not the only bank that does this, according to the evidence we have received—but they still have to send the money and then compensate the person, having had that conversation. Now that seems to me to be madness.
David Geale: This is where I would say there are two things. First there is the ability of the bank to pause the payment, and if they have proof that it is a fraud then they can stop the payment. The second thing is the bank can apply the consumer standard of caution and say, “You have been appropriately warned, we are going to refuse the payment”, and then the customer can take that as a complaint to the Financial Ombudsman as an independent adjudicator if they wish, which will decide whether the bank acted appropriately.
The Chair: Of course, all that is cost, bureaucracy and hassle for the bank, is it not? For somebody who is acting in a way which most people would consider irresponsible?
David Geale: It is difficult to comment on individual cases. When you dig into the individual cases, quite often there is something that has not happened quite correctly: either the warnings that have been given have not been helpful or specific enough, or the bank has not taken as much action as it could. But that is why we have the consumer standard of caution: to basically say that, if the bank has done all it can, it can refuse the payment. If the customer is then unhappy with that, they can go to the independent ombudsman.
Lord Vaux of Harrowden: The question really is whether the consumer standard of caution is set at the right level, and whether the sort of gross negligence or whatever test is right. There are certainly arguments that it has perhaps been set too much in favour of the victim and not enough in favour of the bank, as it were. There is a balance, clearly, but whether that is set at the right level is open for debate.
David Geale: I would concede that was a very hotly debated point, the banks and the payment firms largely saying that it was set too high, and the customer groups saying that it should not exist at all. We sought to find a balance and a way through that. Again, we will look at the application of that through the independent review.
The Chair: Meanwhile, the internet providers who provide for these transactions escape scot-free. Lord Grabiner.
Q370 Lord Grabiner: Thank you, Lord Chairman. In answer to Lord Vaux and the Lord Chairman, you explained very clearly, if I may say so, the situation where somebody has been warned; and you said, “frequently warned”. I am not sure how many times you need to be warned that you are about to make a very bad mistake, but leave that aside. Do you have any statistical evidence, or any evidence at all—you may not have it here now, but we would be grateful to receive it—to show how frequently, if at all, the banks actually operate or exercise that power? In other words, cases where the banks have said, “We’re not going to reimburse you, the consumer, because actually you have been a fool and you have been adequately warned. For that reason we’re not going to do it”.
You also explained that a complaining consumer who does not like that outcome can go along to the ombudsman; do you have any information about the frequency of that mechanism being operated?
David Geale: The rules have been in place since 7 October, so please bear in mind this is still early days. The initial data, as at 6 January I think, suggested that in the region of 32,000 claims had been made and it was under 1% that had applied the consumer standard of caution and there would be a small handful that had gone to the ombudsman; I can give you the figures. Together with the FCA we are looking at the number of claims, the use of the consumer standard of caution and the use of the delay in payments being used by banks as well, but we do not have that data yet.
Lord Grabiner: If you could provide us with whatever you have, that would be very helpful. What do you personally think about the moral hazard point, that possibly the pendulum has gone too far?
David Geale: I believe that the banks and payment firms are in a much better place than customers to see a fraud coming. As an ex-banking and payment firm supervisor, I see a real mixed bag in terms of the controls that are put in place, and the warnings and information given to customers. Some do it extremely well, and others’ fraud controls can be minimal. That should never be an acceptable cost of doing business.
What we are seeking to do is change the incentives in the market, which is why we have gone for the 50:50 in the first instance; to say that the fraudsters’ bank should pay towards that as well. So we want to stop the fraudsters being banked because that prevention is better than cure. We have said that we would potentially look at flexing that over time, so if there is more opportunity to be more sophisticated in terms of who pays the customer back, we will look to that. But in terms of the data and the ability to do that, we are not there yet.
The controls that we have put in place around having an excess, again hotly debated—the consumer groups would prefer we did not have an excess at all, or the banks did not have the ability to apply one—is a helpful step around the moral hazard. It is important to have something such as the consumer standard of caution; the calibration of that is always up for debate, but it started in the right place.
Lord Hollick: You have explained that the data that you collect is very good at identifying fraudsters’ banks as well as their jurisdiction. When you have that data, what interventions do you make first with the bank and then the jurisdiction to flag that up? Would you go so far as warning the payers that this is highly likely to be a fraudulent transaction? What is the level of interaction with other regulators in other jurisdictions to actually reduce this activity?
David Geale: The first thing I would say is that we publish that data.
Lord Hollick: Is it published by the name of the bank?
David Geale: By name of the payment institution, which includes banks. I would say that it is more e-money firms that are top of the list, rather than banks. What you tend to find is that the larger banks have more money to invest in fraud prevention: it is not always perfect, but quite a lot has been invested. The payment firms tend to be a bit more of a mixed bag, but some do it incredibly well and have very sophisticated systems, others less so.
Lord Hollick: For those that do less so, is there any move to remove them from the payment system?
David Geale: The first step that we would take there is to work with the Financial Conduct Authority as the regulator of those firms, which would look at the controls that they have in place and seek to improve them. That has to be the first step, and we do that.
We do engage with overseas regulators; obviously we have no power over those overseas firms, but we share information and we work with the FCA as the lead regulator on fraud as part of its overall fraud strategy.
Lord Hill of Oareford: You said you have information that shows you that some institutions have much better systems in place to deal with fraud than others. Do you publish that information so that customers and everyone else can see who might be better at doing it than others, or is that just information that you hold?
David Geale: If I can clarify: what we collect and publish as the PSR is the number of transactions per million transactions either where there has been a victim, or where the fraudulent payment has been received. We, as the PSR, do not supervise individual payment firms or banks, so we would not necessarily know their controls.
You can make an assumption, but equally you have to recognise that quite often these payment firms will be banking people who have either chosen not to go to, or perhaps could not get facilities through, the mainstream banks. So there may be a riskier profile to those customers as well. But that is where the FCA comes in: to ensure that actually the controls that those firms have in place are appropriate. We do not publish information on individual firms and the standard of their controls.
Lord Vaux of Harrowden: The information you publish is a huge step forward and I was instrumental in trying to get that into FSMA when it happened. It actually produces some really quite interesting results.
The one thing you do not publish at the moment is where the fraud originates. You have mentioned Meta, for example, which is obviously a big part of it; are you intending to start publishing that sort of data?
David Geale: We have published it.
Lord Vaux of Harrowden: I have not seen it. When did you start?
David Geale: I cannot remember the date, it was the either back end of last year or beginning of this year, but it has been published.
Lord Vaux of Harrowden: Is that going to be part of the six-monthly reports you do on this, or is that a separate thing?
David Geale: We share that information with other regulators and through the fraud task force run by Lord Hanson. Part of the challenge is to bring big tech, social media and the telecommunications parties to the table. We do not regulate or have powers over them, but by shining the spotlight on that, we can hopefully drive some activity.
The Chair: Would you share that information with the committee?
David Geale: Of course.
The Chair: Thank you. Lord Lilley?
Lord Lilley: Thank you, Chairman. If the besotted individual’s bank knows that they are trying to send it to a fraudulent account, it can stop that. Why is that fraudulent account still in existence? Why does not it tell the other bank, or tell the regulator, “That account is fraudulent” and close it down?
David Geale: That is exactly why we have the incentive we have put in place around the fraudster’s bank having to pay towards the claim where the payment has gone ahead, so that they have some skin in the game and improve their controls. The other thing that needs to happen is the better data sharing that is being driven now to encourage the identification of fraudulent transactions. On one occurrence there is always a question of, “Is it a fraudster?”, or is it just that the individual bank’s controls have suggested it may be? We would absolutely expect the firm to take action if there was a repeated pattern.
Lord Lilley: Is there not an obligation to tell the police?
David Geale: When customers report that they have been scammed, one of the requirements we have put in place is that either they report it to the police themselves or they allow the bank to do so in order to be reimbursed.
Q371 Lord Eatwell: I want to broaden the discussion on financial crime. Every business needs an efficient payment system. One of the big businesses in London is financial crime, and it is obvious that criminals use your systems extensively. Is there more that we can do to stop this?
In the UK system, we seem to have areas where we just do not have enough control. For example—this is not to do with you—Companies House has very lax controls over beneficial ownership, which enables the establishment of bogus companies that are used for financial crime. I was particularly thinking about the increase in payments in cryptocurrency. One of the issues with cryptocurrency is, to really benefit from receiving it, you have to turn it into fiat currency, and that is the link where it feeds into you. What are you doing to look at exchange relationships between crypto and fiat currencies here in the UK, and indeed with other jurisdictions who are regulatory partners?
David Geale: The first thing I would say is that this sits more with the FCA than the PSR. The FCA is developing a policy regime for cryptocurrencies. Currently, it regulates broadly for anti-money laundering, but it is developing a wider regime that will look at all these aspects in terms of the controls that need to be put in place both around the crypto companies but also the warnings and controls that need to be put in place from a customer perspective. So it is not strictly a PSR issue as it stands; it is the FCA.
Lord Eatwell: I see. What other aspects of your payment systems—which you regulate on a purely economic basis without any authorisation, which means you basically do not care who is using it—could be developed or enhanced to tackle financial crime?
David Geale: I would not say we do not care who is using it; it is about whether we have controls or ability to act on that. We oversee Pay.UK. We also oversee the card schemes working together with the Bank of England, so we are very interested in the areas of controls that it puts in place, in particular around Pay.UK. We are doing some work on its governance and controls, and we supervise it as an entity.
For me, the key thing is data. It is about getting the data flowing properly around the system to enable action to be taken. We have seen some positive initiatives, including social media companies working with individual banks to try to identify fraudsters and make sure they do not get traction, but also passing that on to law enforcement to take action and try to get them out of the system completely. That sharing of data is critical. It does not happen on a consistent basis at the present.
Lord Eatwell: Do you issue SARs?
David Geale: We can, yes. Again, it would usually come through the FCA, in terms of being the firm regulator, but we would expect the institutions to do it.
Q372 Baroness Bowles of Berkhamsted: One of the things about innovation is that there are ever more ways to pay. I am thinking in particular of online shopping, which is now very big. Do you have any controls over how different payment options are presented?
Nowadays, on various sites you might only be able to pay by Shopify or Klarna and be offered instalments. It is very difficult to find how you can actually pay by direct debit, because it is hidden. You might gather I have suffered from this myself. You end up with loads of superfluous extra things that you have not been able to avoid. In particular, where they offer instalment payments, and that maybe encourages customers to overspend, who controls that?
David Geale: As the PSR, we do not have any control over what options to pay are offered by merchants. The FCA does not have powers over what options are offered by merchants either. Where regulated services are offered, you would expect that the options, the implications, the charges and so on are clear to customers before they go ahead. But we do not have control over retailers’ websites, for example.
Baroness Bowles of Berkhamsted: So, retailers can just channel you down purchase by one route; you do not have the option to always pay direct from your bank account?
David Geale: A retailer is not obliged to accept either Visa or Mastercard, direct online payments or cash. They have a choice over what they accept. It is not within our gift to make them do so. Working with the FCA, the PSR wants to promote and encourage the development of open banking, which would potentially give people more control when looking at things such as variable recurring payments, where you could set what payment comes out each month and when. We want to encourage the development of that, and we are doing a lot of work on that as an alternative for people.
Baroness Bowles of Berkhamsted: If you were asked to pay in a way that was somehow exploitative, where would you complain to?
David Geale: It depends on what we mean by exploitative. In the event that a regulated financial services company takes action or does something that is not in the customer’s best interest, or does not offer fair value and so on, then the customer can complain in the first instance to that payment service provider. If they are not satisfied with the response, they can go to the Financial Ombudsman Service. But again, if we or the FCA were seeing that on a wider basis, that area would be investigated and considered.
Baroness Bowles of Berkhamsted: If you are only given one payment option, is that not rather anticompetitive in this modern day and age?
David Geale: It is not within the gift of the regulators to require businesses to accept one payment method or another. Again, we cannot insist on businesses accepting cash or card. That is not within our gift. That would be a matter for social policy.
Baroness Bowles of Berkhamsted: So that would need legislation.
Q373 Lord Grabiner: We have received evidence to the effect that primary responsibility for setting risk appetite rests with the regulators. We have also been told that the Treasury frequently gives guidance and nudges to the regulator; those were the words that the Economic Secretary gave to us last week. In your experience, is that a fair assessment of how things work in practice?
David Geale: Our objectives are set out in legislation, so it is clear what we are required to consider. We have three objectives of competition and innovation as well as user experience or protection of users. We also have regard to sustainable growth. These things are already set out in the legislation that governs what we do, so it is clear from Parliament how we should consider risk.
There is no such thing as a no-risk choice, because either you tackle harm or you do not. If you do not do something to tackle it, you are potentially letting other forms of harm take place. So, any decision that we make is going to involve some form of risk or risk appetite, and we would do that within the framework of those objectives.
We would certainly take a steer from Government and Parliament in terms of what is the appropriate balance. It is a live debate under the growth agenda at present in terms of, if you go all out for growth, what does that mean for customer risk? We need to find an appropriate balance. I would come back to our statutory objectives of having that user need objective.
In terms of engagement with Treasury, of course it is our sponsoring department. We have regular engagement with the Treasury. I would expect to know and understand its views. I would expect it to be meeting with firms who express their own views to Treasury and indeed with consumer bodies who do the same, and we would discuss relevant policy with it. To my knowledge, we have not been steered in any particular direction.
Lord Grabiner: If you have a clean piece of paper and the appropriate power, would this be the structure that you would have adopted or would adopt? In particular, are there arguments for Government taking a stronger role, for example, with statutory direction in relation to risk appetite? I appreciate you are hidebound by the current statutory structure, but do you think that could be improved upon?
David Geale: Our objectives are clear. Whatever we do, there is potentially a trade-off between our objectives. Innovation in itself can be positive; it can equally be a risk.
Lord Grabiner: I am not suggesting that your objectives are not clear; I am asking whether you think perhaps Government should have more influence on those objectives on an ongoing basis and maybe take more responsibility away from the regulator. I do not know what you think about that.
David Geale: I do not know that it is about taking responsibility away from the regulator. For me, it is about having the clarity of what the UK as a whole is seeking to deliver and the regulators’ part in that. It is equally about backing the regulators if we take decisions which reflect that desire but introduce risk in other areas. I come back to the point that there are various ways we could innovate.
I will give you an example that the FCA may have used. If you look at contactless payments, there is a limit that you can make up to £100 at the moment, which is imposed by the regulators. You could remove that. There is a risk that comes with that; there is also a removal of friction. If the desire is to make these things easier so they compete more freely with digital wallets, and that encourages removal of cost in the system, that is one thing; if on the other hand, in doing so you introduce more fraud into the system, the regulators have to be backed for taking that step. It is about the support for regulators in operating within that framework.
Lord Grabiner: I understand. I want to just press you a little. The argument is, if there were greater government involvement in the form of statutory direction—for example, about risk appetite—that might produce the result we are all concerned to try to achieve, namely less red tape at the regulatory end of the story. Do you agree with that, or do you think there is nothing in that point?
David Geale: The point is nuanced. The reason I say that is we have had initiatives in the past where one rule comes in, and two rules come out. You can end up focusing on the wrong thing rather than the right outcome. It is appropriate to have a balance of principle and detail, saving the detail and red tape, to use your words, for where it is really necessary to drive specific behaviour. There are certain things that would not happen unless it was required and written down. There is room for both.
Q374 Lord Hill of Oareford: I want to keep going on Lord Grabiner’s general direction, if that is all right. Do you feel you get sufficient clarity from the Government, from the Treasury, from Ministers? Your framework is set through legislation, as you said, but in terms of this difficult judgment about risk appetite, do you think you get clarity from the Government as to their expectation of you? Because it is not a fixed thing. If we had this conversation a year ago, I would hazard that the Government’s risk appetite felt different from how it feels today. Do you think that the means by which that is communicated to you are sufficiently clear, or do you think there are ways it could be improved?
David Geale: The National Payments Vision is clear and helpful in setting out what is expected of the PSR, the Bank of England and the FCA in their respective roles. The remit letter we received jointly with the FCA is clear and helpful. We have had the Prime Minister’s letter on growth, to which we have responded. We are due to meet with Ministers in due course, but we have not done so yet. In that circumstance, we have done what I feel is pragmatic and sensible, finding an appropriate balance of risk in terms of what we can achieve. This reflects the fact that we are a small regulator without a very big rule book. There are only so many levers we can pull with it because we have a narrow remit. Whether that is delivering what the Government wants, or whether we will be challenged further, I do not know yet. I would expect that ongoing dialogue to clarify that point. But as things stand, I very much welcome the National Payments Vision as giving us that steer of where to go.
Through the co-ordination mechanism that is the Payments Vision Delivery Committee of having ourselves, the Bank of England, the FCA and the Treasury together, there is a very clear mechanism for making sure that we are either all on the same page, or consciously not and doing something about it.
The Chair: Let us take a specific example. You talked earlier about there being an excess of £100 in fraud cases. You made the point that there had to be an incentive. Suppose you decided that it should be £500, and the result was that one of the tabloid newspapers runs a big campaign saying, “This is absolutely outrageous” and gives particular examples. Suppose inevitably there are a number of Members of the other place who start saying that your decision was absolutely ridiculous and this has caused all this harm and whatever. In thinking about what the number should be, you would not be human if you did not consider what happens when it all goes pear-shaped and the politicians pile in.
The same people argue that you have to tackle fraud and you ought to avoid some of the examples of collusion that the committee referred to earlier. Lord Grabiner’s question really is: do you not need a bit of direction and guidance from the Treasury, so that when the row starts you can say, “Well, we were asked by the Government to take this measure in order to do X, Y, Z”? Do you not feel a bit lonely and in a hopeless position where you are attacked from one side or the other?
David Geale: To be frank, that is part and parcel of being a regulator. I will use a slightly different example, if I may. With the introduction of the fraud rules, in particular around, first, the limit, and secondly, the deadline for implementation, we received significant input—that is what I will call it—from different stakeholders. You would have the payments industry saying either, “You shouldn’t do this” or, “You should have a very low limit”, and we would have the consumer groups saying, “You should have a very high limit or preferably no limit at all so that actually it’s unlimited”— so the opposite ends of the spectrum. We had to find a way through to what we felt was the most appropriate level to protect consumers. We also had to consider the impact on growth, innovation and UK businesses in terms of what that meant for payment firms. We were getting it from all sides, if you like, and we had to find a way through.
The Government legislated to require us to bring those rules into place, so I would expect them to support us at a point where people come back and say, “This hasn’t worked”. The principle of doing it was actually set out and required of us, so that is fine. We then make our own independent judgments within that.
The other thing we sought representations on was the deadline and whether things were ready to go ahead. In our assessment, they were, and that has been proven correct. I was aware, for example, that the Treasury was being heavily lobbied on whether firms were ready to go ahead. It shared that information with us, but it was very clear it was our decision on whether to go ahead or not. We took the decision to do so, and I stand by that.
The Chair: Where is the accountability?
David Geale: It is with us.
The Chair: But where is the accountability for your actions?
David Geale: It is with the PSR board. Sorry, I may have misunderstood the question. We were responsible for introducing the policy and for bringing it to go ahead. If that went wrong, I would expect us to be accountable to Parliament.
The Chair: Exactly, so if you are accountable to Parliament, would it not be helpful if the Government of the day had given some guidance on these matters to you?
David Geale: It was clear what we were required to do, and then there is scope for the regulators to act within that. If we are encouraged to take certain measures to improve growth, and we are clear that it involves taking certain risks—it is incumbent on us to be clear what those risks are—then I would absolutely expect Government to support us and not turn around in the event of problems and say, “It’s all the regulator’s fault”. But we need to make clear what those risks are in doing so.
Q375 Baroness Noakes: I want to pick up on the introduction of the four rules and in particular the limit, which you referred to a moment ago. For a very long period of time, you were proposing a limit which was considerably in excess of that which you finally went with. We have had a number of criticisms of regulators generally, and in particular the PSR, that you failed to take into account the fact that the financial services industry has some very big players, some medium-sized players, and a number of very small ones, and that what you were proposing had the capacity to wreck the viability, and certainly the investability, of those firms at the smaller end.
It was only after a very late change of heart, which did not look voluntary, that you came up with a figure that was easier to live with for those sectors. When you were doing that analysis—I am conscious that you personally were not in place at the time—why did you consistently stick with that higher limit, even though there was quite a lot of evidence that it was going to seriously harm the smaller end of the financial services providers?
David Geale: At the original point, we felt that was the appropriate limit. It was simple. It was linked to the Financial Ombudsman limit at the time, so if a customer went to the ombudsman, that was the potential amount they could claim up to. But we committed to look further at the data over the course of the following year and make adjustments if necessary. I appreciate the change came late, but we took the data that we had and found we could achieve the aims we set out to protect the vast majority of consumers by starting with a lower limit of £85,000.
Baroness Noakes: You would have had that data throughout.
David Geale: Well, we had some data throughout, but there were various things we had done along the way, including publishing information about the recipients of fraud, which sparked quite a lot of activity around fraud protection. We had a much richer set of data at the point where we made the decision to reduce the limit to £85,000, and at that point we found that we could protect 99% of consumers by volume and 90% by value. Therefore, we felt that was a more appropriate point to start.
It is fair to say we received a lot of representation. We did further work with the FCA in particular looking at the impact on firms, and because we felt we could achieve our aims with that lower limit and remove some of that risk, or reduce the risk of impact on business, at that point we set it at £85,000. Would I have preferred to do that earlier? Yes, it would have been simpler; it would have been better for everybody. We certainly take that on board, but I feel it was set in the right level, and we have said we will look at that again through the independent review at the end of this year.
Q376 Lord Grabiner: In answer to the questions that were raised by the Lord Chairman just a few minutes ago, you said a couple of times that you would expect the Government to support your decision. The assumption is that the regulator takes the regulatory decision, and the expectation is that the Government would support you. But that is only an expectation, is it not? On the current structure, there is no obligation on the Government to support you, is there?
David Geale: No, I guess not.
Lord Grabiner: I do not understand why you would not want to seek the comfort of more security and being able to say, “We have acted in the way we have because we have given effect to instruction or direction or guideline which has been very clearly laid down by Government, by Treasury”, whoever it may be. I do not understand why a regulator would not want to avail itself of that additional level of security in respect of its own decision making.
David Geale: My personal view is that is too blanket an approach. If you set regulators up to be independent, to do their own thinking, to work off their own initiative, to calibrate requirements under their own initiative, as a regulator you have to take responsibility for that. In an instance where a regulator is instructed by Government to do X, and the regulator thinks that is the wrong thing to do, then it is incumbent on us under our own objectives and legal frameworks to make very clear that we think it is the wrong thing to do. If we are “pushed” into doing it, then we would expect support under that sort of circumstance. But it is down to us to explore the risk we are taking, or is being taken, on behalf of the UK.
There has to be room for regulators to be independent; otherwise, you are making a very substantial change to the whole regulatory system—that regulators become a government department rather than something that is set up to work on their own initiative.
The Chair: Is there not a distinction between Governments not interfering in respect of decisions that are taken by the regulator in a particular case, which is clearly about regulatory independence, and Governments indicating to regulators how they expect them to behave in the interests of achieving their policy objectives of growth and competitiveness?
David Geale: That has been done through the growth and remit letters, which is to say that we should be mindful of the UK’s desire for growth. I do not think any of us would argue against growth being good for the UK.
The Chair: When you say, “It has been done”, you accept that it is appropriate for the Treasury and for Governments to do that?
David Geale: If we take the rest of the letter, it mentions without taking undue risk and thinking about the role of regulators within our statutory objectives. We still have to operate within that legal framework, but it is reasonable for the Government to say, “The priority for the UK is in this particular area”. That means we have to be mindful of that.
Q377 Lord Vaux of Harrowden: You have talked about growth and competitiveness quite often, but actually the PSR does not have a growth or competitiveness objective. You have an objective to promote competition and innovation. I am not sure how that works, given that you have the two hats: the FCA and the PSR. Should you have an aligned growth and competitiveness objective? How does that work with the two hats and the fact that you are a wholly owned subsidiary but with different objectives?
David Geale: We are run as an independent subsidiary. While I have only been in this role since June, I was on the PSR board for a few years before that as the FCA representative. We would report to the FCA board in terms of what we had done; we would not seek permission for what we were doing. The PSR board took its own decisions and continues to do so.
You are correct, we do not have a competitiveness objective, but we do have regard in regulatory principles to sustainable growth. My understanding is that when the framework for the PSR was set and the FCA was given the secondary competitiveness objective, it was considered to be duplicative with the existing objectives in regard to the PSR. Whether we have a secondary objective or not, I am not sure it changes much of what we do in any case because of the structure of our objectives and our regulatory principles and the fact that we are an economic regulator. I do not personally see any tension.
Lord Hill of Oareford: Sorry, I just want to nail that—would it not bother you therefore if, to the point Lord Vaux made, it was more rational to have exactly the same objectives with growth and competitiveness for the PSR under the FCA? Would it be a non-issue from your point of view if it was decided that it would be sensible to align the objectives?
David Geale: I should probably consult our board on adding new objectives. On a personal view, I do not think it would add anything, but I do not think it takes anything away to do so.
Baroness Donaghy: Pursuing that point, does your independence as a wholly owned subsidiary allow you to point out to the FCA when perhaps they are not pursuing their secondary duties, either through slow processes or unfortunate initiatives? Would that be included in your responsibility?
David Geale: I have not seen it act as formally as that because we have not had to. We work very closely with the FCA. As I mentioned, I am on secondment from the FCA; I also carry out a dual role as executive director for payments within the FCA as well as managing director of the PSR. While that is a joint role, our objectives are aligned even if they are not the same in terms of what we are trying to achieve. I have not had that come up as a particular problem. It is within the gift of the PSR board to report back to the FCA board if we felt we were not being supported in a particular area or we wanted more action in certain areas. It would then be within the gift of the PSR board to inform the FCA board of that. As I mentioned, our chair is on the FCA board, and I sit on the FCA executive committee at present.
Baroness Donaghy: Would that be about supporting the organisation that you represent as opposed to more general issues of competitiveness and growth that you might have spotted?
David Geale: We expect to share information on a regular basis, so again, it could be either. Under the legislation, the FCA is required to make sure the PSR has the resources to do its job. As was mentioned earlier, all PSR employees are FCA staff so, to me, that goes without saying.
Let me take an example. I would expect there to be a healthy debate between the FCA and the PSR if we were looking at fraud and felt that the steps we took were not followed up by the FCA. I would expect us to make that clear and to have a debate around it. It would then be within the FCA’s gift as to what they do with that, but I would certainly expect it to be raised.
Baroness Donaghy: Have there ever been any incidents where you have had to do that, even if they are confidential? Has that ever happened?
David Geale: Not to my knowledge, but when we looked at issues such as APP scams, we worked very closely with the FCA on the potential impact on FCA-regulated firms. We shared between the two organisations any data that was appropriate, and allowed to be shared, to make sure that we understood the impact.
Baroness Donaghy: You would be in the lead on that because of your knowledge and concentration on that area.
David Geale: At the time, the roles were separate, but it was joined up.
Baroness Donaghy: It is quite difficult to see the level of independence and what appears to be a very similar organisation. I am still struggling with that. Can I ask you about this independent review that you have referred to on a couple of answers? You mentioned consumer standard of caution; the other was the limit which Lady Noakes was talking about. Can you explain what is independent about the review, who is setting it up, and what the timetable is?
David Geale: With any policy that we introduce, it is important to test its effectiveness and impact. Under the National Payments Vision, we committed to do that for APP scams—the authorised push payment fraud— and to that being an independently run review. We are setting up on that basis now, and I expect that to mean we set the scope and the parameters of what we want to look at, and then we ask an independent body, so get somebody from outside the regulatory family to come in and assess what has been the impact. I expect us to look at what has been the experience for customers, the impact on business, and look within the individual lines, so what has happened in terms of the application of the consumer standard of caution: have we got that calibration right? What has happened around the limit? Have we got that calibration right? Should it go up or down, or stay as it is? I would expect it to look at the policy in the round, test the effectiveness and the impact through a number of lenses.
Lord Vaux of Harrowden: Presumably, that would include the impact on the number of frauds and whether the incentives are actually working.
David Geale: It would. Sorry, I did not come back to you on timing. We said we would do it one year after implementation. It will start in October, but we are scoping it now.
Baroness Donaghy: “Outside the regulatory family” would mean nobody from FCA or PRA?
David Geale: It would mean we would pay an external company—a specialist consultancy or somebody—to come in and do it. I would expect us to set the scope, and obviously we will be involved, but it needs to be demonstrably independent because that is what we are committed to. I expect the findings to be their own.
Baroness Noakes: I have a quick question. You are currently interim director of the PSR and an interim director at the FCA. Is it intended that the positions will be made permanent on a double-hatted basis?
David Geale: Yes.
Baroness Noakes: Are you in effect saying the roles are so intertwined they are not worth separating?
David Geale: Let me take a step back. The role was created as that joint executive director only very recently. It is being advertised currently, so there will be an appointment in due course. The payments team within the FCA regulates payment firms and sets payments policies, doing things such as crypto policy, for example. The Payment Systems Regulator looks at a very different set of firms. These are designated payment systems operators such as faster payments, the card schemes and so on, and it carries out its role through an economic regulation lens. It is not a conduct regulator; it is an economic regulator.
The two roles may look the same, but they feel very different. As I say, whether it is separate or whether it is together, the key thing is that the work and the focus continue, and that you do not lose sight of one or the other. That is why the PSR was set up separately in the first place: to give that dedicated regulation of payment systems. Whatever happens in the future, that needs to remain.
Baroness Noakes: That could as easily be run within the FCA as within the PSR.
David Geale: It was deliberately set up separately to the FCA to give that focus. You can structure things in a regulatory sense in any one of a number of different ways. I would say the creation of that joint role is cutting through a lot of potential duplication. I am not sure you need the upheaval to achieve that.
Q378 Lord Vaux of Harrowden: You have an objective to promote competition and innovation within the payment industry. The row that seems to be brewing at the moment—judging by the number of emails I get on the subject, particularly from disruptor banks—is around your consultation on capping cross-border interchange fees, where some banks are making claims that it would stifle both innovation and competition. Could you give your side of the story there in terms of why you are looking at doing this, and your views on the claims that they are making around competition and innovation?
David Geale: Yes, of course. Pre Brexit, we saw fees charged of around 0.2% or 0.3%. Post Brexit, we see them at five times higher than that, and these are costs that are applied to UK merchants. That is what we seek to address. That is the finding that we had: there is potential harm to those merchants in the region of up to £200 million a year. We need to do a full piece of analysis in terms of what level a cap should be. We have concluded that a cap is necessary, and indeed there are agreements within Europe for capping those fees still at that original level. We have committed to do that full analysis, but that takes quite a significant amount of time. It is not a small exercise when you are doing something quite so large.
Currently, we are consulting on potential for an interim remedy. We have received a lot of feedback from that. We have issued an open consultation on what the position should be while we carry out that further piece. So, should we introduce a cap at the original level of 0.2% or 0.3%? Is there something in between? Or should we cap it at the rest-of-world rates from Europe at the moment, which are around 1.15% as a level?
We put that out to the market and sought evidence. Before we put that consultation out, we have not seen anything compelling as yet to say that services were being provided that would justify that increase in fees. People can come to us with arguments on that, and then we will make a decision, but we have issued a letter of consultation to enable that to happen. We will engage with the schemes, as we do, and engage with merchant bodies. We also have the British Retail Consortium suggesting we should have gone harder and faster on that. Again, it is a balance of trying to find a way through it, but we will also engage with European counterparts.
Lord Vaux of Harrowden: Are you are looking at the competition and innovation aspects of this as well?
David Geale: Yes. If one of the arguments made by the schemes in particular is that the increase in fees enables more innovation, then we are interested to see it. We have not seen any evidence to suggest that a shift in fees yet is justified.
Lord Sharkey: What justification was advanced for this absolutely massive increase in fees?
David Geale: There were suggestions around increases in services, things such as fraud controls and so on. We have not seen evidence to suggest that the level is justified. That is our finding; therefore we feel a cap is necessary. It may be the cap is not at the original level, and the schemes in particular will argue that the original level was too low, but that is where we have sought evidence from. We have asked people through our consultation to come back and tell us where, if we are going to cap it, the cap should be.
The Chair: When did this increase take effect? Was it immediately post Brexit?
David Geale: It was very soon after.[1]
The Chair: So, this has been going on for almost a decade then?
David Geale: It is certainly over a few years. First, having seen the issue, we carried out a significant review of the market. It is highly contentious as an area. We need to be sure of our ground and the evidence that we have.
The Chair: When do you think you will have reached a conclusion that protects people from being charged excessively?
David Geale: We have issued our final report and are consulting now on interim remedies while we carry out that longer piece. We have concluded that a cap is needed and we have made that public. We have to do a full merchant indifference test and various pieces of analysis to get to a persistent cap level. We are consulting and saying, “That’s too far out. Is there something we can do quicker which would be this year in terms of an interim cap to hold things while we get to that level?”
The Chair: So, something will happen this year?
David Geale: Yes, that is what we are consulting on.
Q379 Lord Smith of Kelvin: A number of representatives from industry have suggested to us that it would be helpful if staff from FCA, PRA and your own people had a practitioner’s background. Some have even suggested they would be happy to pay for this. What are your reflections on that? What are you doing to make sure you are bringing in practitioners’ views as you develop rules?
David Geale: I have been a regulator for over 20 years and have heard that on a regular basis. The first thing I would say is that we build our workforce and recruit from a wide range of disciplines. We recruit from industry and consultancy, where people have been involved in industry, even if in previous roles. We have lawyers and economists, and we need a balance of expertise across the piece. We seek regular training from industry bodies and commentators and look to upskill our own people, but it is about having that balance of skills across the piece. The other thing we do is employ senior advisers who are industry experts to come and work with us as a source of support and challenge for our own teams. We have people who are deep-rooted specialists within the payments industry.
We can draw on experts within the FCA team, and there are probably more than people give us credit for. We have an independent panel drawn from right across the payment sector, including merchant as well as industry representatives. On top of this, we engage regularly with trade bodies and consult on interventions we are going to make, which gives everybody a chance to comment, and we hold regular sessions with industry groups and others. In summary, I am confident that we have the right expertise, but it is a balance of different techniques.
The Chair: We have been going for an hour and a half. Thank you, Mr Geale, for coming along and answering our questions so directly. There are a number of points that have been raised where perhaps we could have some further information, and we will be in touch. Thank you very much indeed. That concludes this public session.
