Transforming Risk Management in the Payment Industry with ISO 20022

In this article, I am exploring the impact of ISO 20022 and 10 risk management takeaways from a pivotal speech given by Victoria Cleland, Chief Cashier and Director of Notes at the Bank of England.

Her address underscored the critical role of this global messaging standard in reshaping not only the technical infrastructure but also the risk management landscape across the industry.

The adoption of ISO 20022 and the related initiatives outlined in the speech have implications for risk management in the payment industry. They provide opportunities to enhance data-driven risk assessment, improve operational resilience, and strengthen compliance with industry standards and regulations.

ISO 20022 Enhanced Data for Risk Management

ISO 20022 enables the exchange of richer and more structured data. This can significantly aid in fraud detection and prevention, as well as improve automated processing. Having more information about transactions allows for more effective risk assessment and mitigation strategies.

Example: Leveraging Enriched Data for Fraud Prevention

Consider a scenario where a bank receives a payment message containing detailed information aboutthe parties involved, transaction purpose, and additional contextual data. In this case, the bank's risk management system, leveraging the enriched data, automatically flags a transaction involving a large sum being transferred from a relatively new account to an overseas account with a history of suspicious activities. The system's analysis, aided by Legal Entity Identifiers (LEIs) and purpose codes, quickly identifies the transaction as potentially fraudulent. This timely detection allows the bank to halt the transfer, preventing potential financial loss and safeguarding its reputation.

Improved Resilience and Cybersecurity

The renewed Real Time Gross Settlement (RTGS) service, with its increased technological resilience and cybersecurity measures, indicates a commitment to safeguarding the payment infrastructure. This is crucial in mitigating operational and cybersecurity risks.

Interoperability and Redundancy

Greater interoperability across payment systems provides opportunities for risk diversification. In the event of disruptions in one system, payments can be redirected to alternative systems, reducing single points of failure and enhancing overall resilience.

Straight Through Processing (STP)

ISO 20022's structured data format and improved interoperability can lead to higher levels of STP. This reduces manual intervention, which can be a source of operational risk, and streamlines payment processing.

Regulatory Compliance and Standards Adherence

The move to ISO 20022 is aligned with industry-wide efforts and regulatory mandates for standardisation and harmonisation in payments messaging. Adhering to these standards can help mitigate compliance and legal risks.

Fraud Prevention and Detection

The introduction of purpose codes and Legal Entity Identifiers in payments adds an additional layer of information that can be used to verify the legitimacy of transactions. This supports fraud prevention efforts.

Customer Due Diligence

The use of LEIs supports improved customer due diligence, contributing to better know-your-customer (KYC) practices. This is essential for mitigating risks related to money laundering and financial crimes.

Resolution Planning

Legal Entity Identifiers play a pivotal role in this process by providing unique codes for accurate identification of entities involved in transactions. LEIs enhance the efficiency of resolution planning through streamlined information gathering, comprehensive understanding of entity relationships, and facilitating swift decision-making, particularly in cross-border scenarios. Additionally, LEIs help mitigate systemic risks by ensuring authorities can take timely measures to stabilise the situation and protect the broader financial system. Compliance with LEI requirements also reduces the risk of regulatory penalties. Ultimately, LEIs serve as a foundational tool in the risk management efforts of regulatory authorities and financial institutions.

Vendor Risk Management

Technology vendors providing ISO 20022-native solutions must address compatibility challenges in varying technical environments and regulatory landscapes. Thorough vendor risk assessments are essential, encompassing factors like track record, financial stability, and adaptability to specific client needs. Effective risk management hinges on collaborative efforts between vendors and clients, ensuring seamless integration by addressing potential compatibility issues through tailored solutions and open communication channels.

Continuous System Upgrades and Adaptation

Financial institutions and corporates will need to invest in their systems to remain compliant with evolving ISO 20022 standards. This ongoing investment is necessary to ensure that systems can effectively handle the increased data and messaging requirements.

Summary of Victoria Cleland’s speech

Victoria Cleland's speech highlighted the pivotal role of ISO 20022 in revolutionising the payments landscape. By adopting this global messaging standard and working collaboratively, the industry can pave the way for a more efficient, resilient, and innovative payments ecosystem. Key takeaways:

The ISO 20022 Ideathon

Cleland announced the winners of the UK Finance-NatWest Bank's first-ever ISO 20022 Ideathon. The competition showcased a wide array of creative and diverse entries, highlighting the transformative potential of ISO 20022 across various domains, from fraud detection to ESG issues.

The Harvest Season Analogy

Cleland drew parallels between achieving a bountiful harvest and implementing ISO 20022. Just as a good harvest requires planning, the right tools, and favourable conditions, successful adoption of ISO 20022 demands careful preparation and understanding of how it will be used to adapt to changing demands in the payments landscape.

Renewal of Real Time Gross Settlement (RTGS) Service

The Bank of England's RTGS service, which settled an average of £775 billion in payments daily last year, is undergoing a multi-year transformational Renewal Programme. This aims to enhance resilience, accessibility, interoperability, and user functionality. A new core settlement engine will be introduced in the next year with increased technological resilience and cybersecurity.

Transition to ISO 20022

In June 2023, CHAPS, the UK's high-value payment system, successfully transitioned to ISO 20022. This facilitates the exchange of richer and more structured data, marking a significant advancement from the previous messaging standard rooted in 1970s technology.

Benefits of ISO 20022

The adoption of ISO 20022 brings immense benefits. It promotes wider interoperability, enhancing resilience in the payments ecosystem. It also supports straight through processing, resulting in faster and cost-effective payments, especially in complex cross-border chains.

Enhanced Structured Data

The ability to send and receive more data allows for quicker and more automated reconciliation, leading to faster end-to-end payments. The Bank will mandate the use of purpose codes and Legal Entity Identifiers (LEIs) for certain CHAPS payments from November 2024, followed by structured addresses and remittance information from November 2025.

Boosting Competition

ISO 20022 promotes competition in the industry by enabling technology vendors to offer products across different countries and currencies. It also allows for the flexibility to evolve with new services, such as synchronising payments between different ledgers.

Importance of Harmonisation

While ISO 20022 provides opportunities for global financial messaging, harmonisation in the data model is crucial for seamless cross-border payments. Efforts are being made to establish harmonised data requirements for cross-border ISO 20022 messages.

Role of Various Players

Achieving the full potential of ISO 20022 requires collaboration from a wide range of players, including financial market infrastructures, financial institutions, corporates, vendors, and ERP providers.

Transformational Potential of ISO 20022

Cleland emphasised that ISO 20022 should not be viewed merely as a regulatory requirement. If nurtured, it has the power to transform the payments ecosystem and unlock its greatest benefits.