Digital Transactions Authoritative, insightful and timely information for payments professionals
There has now been a year of pandemic, but also of regulation, litigation, and malfeasance in the payments business. What’s going on, and has anything really changed?
Like everyone else in the “Time of Covid,” the people of payments woke up just about every day last year wondering what new surprise was in store for that day. Commerce was in chaos, streets were deserted, everything had moved online.
Somehow, most of the industry seemed to make it through 2020 largely unscathed—even newly resilient in spots (such as the buy now, pay later boomlet).
But that’s when an otherwise unremarkable news item came through the ether at the outset of this year: Federal investigators from three agencies were probing business card sales practices by American Express Co. Why that, why now, amidst so many other concerns?
That’s when, thinking back over the previous year, it became clear that an eclectic but steadily accumulating assortment of regulatory actions scrutinizing the payments industry appeared to be under way—a trend that now looms large for the year ahead. In the throes of a pandemic, has the payments industry suddenly become a target for concerted regulatory accountability?
Persistent Impediments
Probably the most telling (and surprising) manifestation of this trend was the Department of Justice’s antitrust suit filed in November against Visa’s proposed acquisition of premier account aggregator Plaid. The acquisition, the DoJ said, would forestall competition in payments with bank accounts rather than cards.
Never mind that investment analysts were skeptical about Visa’s commitment to the $5.3 billion acquisition bid, which was about double Plaid’s already frothy valuation of $2.7 billion, especially when the deal provided for an unusually long period before closing.
Why pay so much for what was basically a standard account aggregator, when big Visa-issuing banks like TD and PNC were contesting the way Plaid acquired and interacted with their accounts, and better technologies (such as AppBrilliance) had emerged since the merger announcement?
That was for the DoJ to explain in its complaint, which stated: “On January 13, 2020, Visa agreed to acquire Plaid in part to eliminate this existential risk and protect its monopoly in online debit.” Visa offered approximately $5.3 billion for Plaid, “an unprecedented revenue multiple of over 50x” and the second-largest acquisition in Visa’s history.
Recognizing that the deal “does not hunt on financial grounds,” Visa’s chief executive justified the extraordinary purchase price for Plaid as a “strategic, not financial” move because “[o]ur US debit business i[s] critical and we must always do what it takes to protect this business.” Still, said the DoJ in its complaint, monopolists cannot have “free reign to squash nascent, albeit unproven, competitors at will.”
Visa feared that Plaid’s innovative potential—on its own or in partnership with another company—would threaten Visa’s debit business, the complaint alleged: “…Visa’s proposed acquisition of Plaid would forestall this competition, allowing Visa to maintain its monopoly position and supra-competitive prices for online debit. Visa’s proposed acquisition of Plaid also would eliminate a disruptive and innovative competitor.”
Visa viewed Plaid as a “threat … across multiple vectors of our business, including … as a potential payment network,” the complaint continued
The law-enforcement agency noted that a Visa executive compared Plaid to a “volcano” whose capabilities were just “the tip showing above the water”, and what lay beneath was a massive opportunity, but a threat to Visa.
But the DoJ had no qualms, apparently, about Mastercard buying Finicity—a similar company to Plaid. Could it be that the DoJ, which merchants continually sought out over the years to help address their grievances over monopolistic pricing and rules in the existing card market, had decided to prevent that very thing from happening in the all-important emerging market for bank-account payments?
Or could it be that regulators were still thinking about debit card market competition? Could they have been reasoning in the context of the Federal Trade Commission’s launch in January 2020 of a formal inquiry into complaints from merchants about persistent impediments by the card networks to Durbin-mandated choice in debit card routing?
Merchants testified to more than a dozen ways card-network policies, programs, and practices inhibited merchants from using the only real competitive option in debit card payments they had—PIN and PINless debit. Debit card use has surged in the year of Covid.
Or perhaps regulators were chastened by the clumsy, inefficient, and fraud-prone way Covid-relief payments and loans were handled in the spring—effectively diminishing the rare concurrence of Congress in doing something in the interests of the country.
Can it really take months for the government to figure out how to pay its citizens? Isn’t that something the banks should conceivably be in business to do? Or how to administer emergency relief loans to devastated small businesses, where banks had virtually no liability? Still, a large preponderance of the loans went to the bigger, established lending customers of the banks.
Shady Recesses
Whatever explains the current card payment environment, even stranger still, just two months after the DoJ complaint, Visa punted on the Plaid acquisition, citing the cost and hassle of fighting the DoJ while disavowing the antitrust claims.
Something very different is clearly going on, suggesting things will not be business-as-usual for the industry when the Covid pig finally works its way through the belly of the economy.
Maybe all this scrutiny was triggered by the blowup with Wirecard’s accounting scandal (which cascaded into early 2020). Wirecard had quickly built a global payment-processing business, mastering the vagaries of doing business in dozens of countries and managing the higher risk of many new businesses operating at the margins of the payment marketplace.
By so doing, the company became the darling of German regulatory agency BaFin as a home-grown fintech success and rival to U.S. payments high-fliers.
The accounting scandals at Wirecard underscored the ever-loose nature of the back-end of acquiring relationships—though at a scale rarely seen before. Obscure partnerships overseas, poorly audited transaction volumes, flows, and financial results, and head-in-sand scrutiny by BaFin all contributed to a “lost” $2 billion in funds and rippling bankruptcies.
When the facts came out about the fraud (which took some time, given defenses by the German authorities), Visa and Mastercard acted surprised, and promised to “rethink” their relationships with the company. (The networks continued to work with the remnants of the business, in order to minimize “disruption;” Adyen acquired a lot of the conventional business).
Perhaps the card networks figured the shady recesses of global acquiring of high-risk online transactions had finally been put under control three or four years ago when Visa and Mastercard tightened the reins on responsibility for fraud, chargebacks, and bad marketing practices by moving to the Payment Facilitator model.
PayFacs (otherwise known as Payment Service Providers, or PSPs, ISOs, ISVs, and others) bear full responsibility for all merchant-related issues, and are directly accountable to acquirers; that simplified acquirers’ vetting tasks and reduced their scope of scrutiny from millions of rapidly changing merchants to a couple of thousand PayFacs.
But after several years under the PayFac model, there’s been no appreciable change in online fraud or chargebacks (other than the increase that migrated from the point of sale in the wake of EMV adoption). Still, the move seems to have kept the lid on the online fraud and chargeback problem—for now.
Profound Implications
This historic standoff between harvesting ever-more transaction volumes vs. succumbing to effective regulation of what legally can be purchased with cards was exposed once again at the end of 2020 when the Montreal adult-content conglomerate that owns PornHub.com was revealed to have used credit cards to profit in sex trafficking and other abuses.
Visa and Mastercard did their “deer-in-the-headlights/who, me?” routine again (and PayPal resigned handling PornHub distributions of pay to participants)—as if no one knew there might be problems here.
Once again, the networks grudgingly relinquished a business stream that they had done for decades (as had happened with online gambling, questionable pharmaceuticals, and other sketchy direct-marketing and product-purchase venues).
Business-as-usual, you might say … but with regulators appearing to lean in to support fintech developments in 2020 (for example, Square offering virtual-currency conversion and becoming an industrial bank), this is no time for legacy payment players to sit on their hands.
The one surprise that might loom most heavily in 2021—a hoped-for year of recovery (if not restoration to pre-Covid normal)—is the accumulated spate of various law-enforcement actions rippling through the payments ecosystem now.
If regulators are prepared to get proactive—from mundane digging down into sales practices for commercial cards to eye-popping setting of the terms for future competition in the next, digital generation of payment—the ramifications of this trend figure to be profound.
— Steve Mott is principal at BetterBuyDesign, Stamford, Conn.
