Amazon bank no, Amazon neo-bank maybe

A while back, the Wall Street Journal ran a story about Amazon being in talks with major banks, including JP Morgan, about building what the Journal referred to as a “checking-account-like” product. This set off a storm of speculation about Amazon moving into the banking business, despite the obvious fact that you don’t need to be a bank to offer such a product.

One of the main reasons for the speculation growing was that consumers seem warm to the idea. Almost half of US consumers surveyed said that were “open” to the idea of Amazon as the provider of their primary bank account (according to LendEDU) which may seem surprising but I think is a reflection on consumer experiences of Amazon in practice. Yesterday I ordered some bottles of sparkling water and some bottles of Coke from Amazon, this morning they showed up. From the time I hit the “buy” button on Amazon I never gave the transactions a moment’s thought. It just works. Some commentators therefore began talking about Amazon becoming a bank. Any why not? They’ve become a book shop! I went into the Amazon store in Austin, Texas, just to buy a physical book from them because I could!

 Amazon

I don’t think they will, though. Why don’t I think Amazon will be a bank? Because, as was said in The Street, “I don’t think Amazon wants to be a bank in the way that JPMorgan is a bank”. Amazon just does not make money the way that banks make money. Look at their existing partnership with Bank of America to lend money to merchants. Amazon don’t care about making some small margin from interest payments, they care about helping merchants to increase Amazon’s overall sales.

If Amazon is going to distribute financial services but not be a bank, then what will it be? I think it’s time for another review of terminology and I’ve got a couple of suggestions. Let’s standardise this way: a “neo-bank” is something that looks like bank, but isn’t (eg, my Simple account when I first got it and before they were taken over by BBVA, which is an actual bank), whereas a “near-bank” is something that performs a function traditionally associated with banks but isn’t a bank and doesn’t look like a bank (eg, Transferwise). In this framework, Amazon would probably become a Neo-bank.

The neo-bank is not a new idea, by the way. In 1997, I wrote, with Consult Hyperion colleague Mike Young, an article for Internet Research (Volume 7, Number 2, p.120-128) called “Financial Services and the Internet”. In that article we wrote about the potential for the new technology to assemble a banking service depending on the customers’ needs explaining how the new infrastructure would allow customers to build their own financial services “with the underlying best-of-breed products originating from a wide range of suppliers” which the manufacturers of financial services (eg, banks) would “retreat to a small range of products that build on core competencies, but supplied to a global market”. Amazon is precisely the kind of organisation that can take these products (eg, unsecured personal credit) to that market.

In Europe, there is nothing that the banks can do to stop Amazon from becoming a neo-bank. PSD2 means that bank customers will give Amazon permission to access their bank accounts, at which point Amazon will become the interface between the customer and financial services. I’ve no reason to doubt Amazon’s potential for success if they go down this route. Time for some thought experiment scenario planning…

So…

If Amazon were to provide something that looks like a checking account but is actually a prepaid account of some kind (as my Simple account was), would people use it? I think the answer to this is a resounding yes, especially if Amazon offer the usual array of discounts or cashback to go with it. They have plenty of margin to trade for data. Look at their credit card that gives you 5% back at Whole Foods, for example. If Starbucks can sit on a a billion (plus) in float just from people buying coffee, imagine the float that Amazon could sit on from people buying… well, everything.

So…

If people begin holding $$$ in Amazon float that gives them a 2% discount on stuff instead of holding $$$ in a bank account that gives them a 0.2% interest rate, funds will begin to drain away from demand deposits pretty damn quickly. Now imagine how quickly that might happen in Europe, where Amazon can use PSD2 to get direct access to customer bank accounts in order to instruct credit transfers to load to Amazon accounts automatically, something like their US Amazon Cash service but using modern electronic instant payments transistors and laser beams instead of Federal Reserve bills. It could be seriously big business.

Ledgers and innovation in banking

I was flicking through the New Scientist magazine from 29th November 1956 when I came across a very interesting article on the digitisation of banking, a subject of great current interest. The article has a very useful diagram for those of us who wonder how exactly it is that banks manage customers’ accounts using computers.

How things work at banks

I don’t know which bank this is, probably TSB, but in any case it is what the article says about digitisation that I found interesting. Apparently, it’s all to do with something called “ledger management”. The article gives a helpful example, explaining how “when a bank clerk first accepts a cheque, he prints on it with something like a typewriter a note of the amount in magnetic ink, all subsequent operations—sorting, listing and entering in ledgers—can be done without human assistance”.

Reading further on, I discovered that you can have different kinds of ledgers that work in different ways. The author notes that this is only one way of “ledgering automatically” and that the “choice of a system depends on how far was is prepared to go: whether automatic book-keeping is to be done only at head office, whether in this case the accounting for all the branches, or whether branches will have their own equipment or to be grouped around sub-centres”. The same centralisation versus decentralisation of ledgers argument continues to this day.

The article continues by noting that banks do not seem to be making as much of this interesting new technology as they might and that “what may prove to be more serious is the determination to cling to time-honoured procedures”. Well, yes indeed. This is just what Anthony Jenkins meant when he said that banks had yet to be disrupted by new technology (shortly before he was fired as Barclays CEO). And if you think those “time-honoured procedures” are fading, you’re dead wrong, since 95 percent of ATM transactions still pass through COBOL programs, 80 percent of in-person transactions rely on them, and over 40 percent of banks still use COBOL as the foundation of their systems.

There’s no point using blockchain, or any other shared ledger technology, to implement these existing processes. The way forward, in banking at least, is to use the new technology to implement new ways of doing businesses. There’s a good argument for thinking that the central co-ordination mechanism for these new ways of doing business might well be trust. Speaking at Davos, way back in 2015, Marc Benioff (the CEO of Salesforce) said that “Trust is a serious problem, we have to get to a new level of transparency – only through radical transparency will we get to radical new levels of trust.”

I could not agree more. I think he is absolutely spot on. This is why I have been focusing on the use of new technologies (and specifically biometrics, blockchains and bots) to create a different kind of financial services infrastructure. I spoke about this earlier in the year and the Digital Jersey Annual Review [YouTube, 24 minutes] and have pushed a similar message out to a number of different audiences since then.

When I talk about radical transparency, I don’t mean it as a vague slogan. I come from the tech side of things, so I interpret it to mean specific technological changes. This is the environment of what I have taken to calling “the glass bank” for short because it is an infrastructure of radical transparency. It is a platform for financial markets that exhibits ambient accountability using translucent transactions with trading built on reputation and regtech. This is an infrastructure that reduces the overall cost of the financial markets that sit on it, thus benefiting the economy as a whole. We finally have chance to build something that looks different to the vision of a bank shown above, so let’s not use all of our amazing new technologies just to simulate what he had back in 1956.

Banks and digital IDs*

In CapGemini’s “Top 10 Trends in Retail Banking 2018”, they highlight “banks leveraging digital IDs beyond authentication” as their third most important trend. As it happens, I was talking about this earlier in the week in Trondheim at Betalingsformidling 2018, where I was asked to give a talk about the open banking era and the potential responses from incumbent banks.

Trondheim 2018

Photo: Betalingsformidling 2018 / Wil Lee-Wright Photography.

Now, I suppose that to a great many of you this really won’t be any surprise, since anybody who thinks about the mechanics of commerce in a connected age must already have come to the conclusion that digital identity is core to the new economy. That’s a superficial and almost trivial point to make, but it masks great complexity because choices that are being made right now about how digital identity is going to work in the future will have a profound impact on the shape and nature of all of society.

Of course, I don’t what identity is going to look like in the future any more than anybody else does (even if I do flatter myself that I’ve made some reasonably well-informed guesses on the topic) but I do think we ought to apply a kind of precautionary principle here. Since we don’t know how digital identity going to work, surely we should want it do develop under the auspices of institutions that society can constrain and influence. This is why I’m so convinced that banks should be the institutions to play the leading role as we evolve the tools, techniques and even the etiquette of a reputation economy.

An obvious first step, and one that has been apparent for many years, is to federate bank identity so that it can be used in multiple places. We have many years of experience now and have seen how schemes ranging from bank ID in the Nordics to Aadhar in India (and our own dear gov.verify) have performed in practice so we can make some informed decisions about how digital identity ought to work. We shouldn’t start from the technology, from blockchains and biometrics, and then work backwards to see what the technologists will allow us to have or what corporations will impose given the technological constraints of the day. Right now we should be discussing what society wants from a digital identities and then working out what the best way to implement them might be.

To do this, we need a model that can help banks, regulators, service providers and suppliers communicate and connect so that they can develop concepts and propositions to make some form of bank-centric, potentially cross-border, privacy-enhancing, secure “Financial ID” a reality.

3DID Basic Colour ID Taxnomy Picture

Let’s start with the basic “three domain identity” (3DID) model to create a straightforward framework for understanding and discussing digital identity. Now let’s look at a real example of bank doing some interesting work in this field. BBVA, for example, use this kind of model to map “real”, virtual and digital identities to identification, authentication and authorisation processes. BBVA describe the domains as follows (I’ve added my interpretation of what they mean with reference to a standard Public Key Cryprography, or PKC, implementation):

  • Identification: definition of the attributes that confirm, beyond any shadow of a doubt, that the user is who they say they are and not someone different pretending to be them. BBVA mean this in terms of Know-Your-Customer (KYC) of course, so what this means in practice is that the private key must be bound to the correct individual(s).

  • Authentication: verification through credentials that the user is the customer they say they are (username and password, OTP, digital certificates and others).  Obviously with PSD2 this means implementation of some form of 2FA to comply with the RTS on SCA.

  • Authorization: the financial service providers (TPP) with a license to operate must be given authorization by the customers before they can access their accounts. They need to have proof of consent, which can be obtained through access tokens. I would generalise this point away from banking, as per the CapGemini comments, to talk about tokens for access to a wider range of services than simply bank accounts.

Earlier this week I posted about digital identities (as opposed to digitised identities) and made the point that we are interested in electronic transactions, transactions that take place between virtual identities (that is, identities that exist only in the imagination of computers) we are primarily interested in the Authorisation Domain. I’ll come back to this in a moment, but for now let us assume that that Authentication Domain is essentially a solved problem and we don’t need to come back it in this discussion. My assumption is, that banks have strong authentication in place and that they use appropriate standards (eg, FIDO) so that they have device independence. In practical terms, in the world as it is now, this means that I can authenticate my bank Digital Identity (that is, I can demonstrate ownership of that private key) using any smartphone.

The problem then all comes to down standardisation and mutual recognition of credentials in the Authorisation Domain. Let’s take a simple example has been discussed many times recently: IS_OVER_18. Suppose I want to log on and join a Wine Club. The wine club needs to know that I am over 18, so it wants to see a virtual identity that includes the IS_OVER_18 credential (that is, an IS_OVER_18 attribute digitally-signed by someone that the Wine Club trusts – and by “trusts” I of course mean “can take legal action against and recover damages from if the credential is incorrect). The Wine Club would obviously trust banks, so this should be straightforward: provided that we have standardised the Virtual Identity (an X.509 certificate, for example, or an Evernym DID) and that we have standardised the attribute (let’s assume there is an XML dictionary somewhere that defines IS_OVER_18) and that can can recognise the digital signature from an organisation that is on our list of trusted organisations.

As I pointed out in Trondheim, this is a way for banks to participate in transactions, providing a useful service that is unrelated to payments or transaction fees. I, of course, understand that this means it will take sector-wide progress in the Identification Domain, practical implementation in the Authentication Domain and some commitment and co-ordination to get a working set of services in the Authorisation Domain. My question is why haven’t banks taken on board what Cap Gemini said in their report (and I’ve been saying with exhausting repetition for more than a decade) to come together to create the standards and definitions to move forward?

Or, to put it another way, where is the MasterCard or Visa for identity (and is it MasterCard or Visa?).

To the Mooooooooon!

 

I’ll be testing my assumptions and asking these kinds of questions in Singapore at Money2020 Asia, by the way, as I’m chairing the session on Exploring Digital Identities on 15th March and welcoming some old and very well-informed friends – including Victoria Richardson from AusPayNet, Shamir Karkal from Omidyar, Teppo Pavlova from BBVA and Andy Tobin from Evernym – who will help me open up the topic for the audience. Do come along to “The Moon” at 11am and join us.

* Again.

Tough on bankers, tough on the causes of bankers

I posted before about a great financial crisis, industry collapse and bailouts. Not the banks of today, but the railways of the Victorian age .

When the Directors of these gigantic enterprises that dominated the economy went to see the Prime Minister in 1867 to ask for the nationalisation of the railway companies to stop them from collapsing (with dread consequences for the whole British economy) because they couldn’t pay back their loans or attract new capital, they didn’t get the Gordon Brown, investment banker advisers, suspension of competition law and the tea and sympathy of today. Benjamin Disraeli told them to get stuffed: he didn’t see why the public should bail out badly run businesses.

[From Bailing out | 15Mb: yet another blog from Dave Birch]

Good man. And there’s another lesson worth learning from that crisis. Last year I read a paper from Andrew Odlyzko called “The Collapse of Railway Mania, the development of capital markets, and Robert Lucas Nash, a forgotten pioneer of accounting and financial analysis”. It talks about how many of the modern accounting methods that take for granted arose during that period.

The moral of the tale, such as it is, is that letting the railways collapse not only led to a stronger railway industry but it also helped other industries as well, because it meant that new standards for accounting and reporting were put into place. The banking crisis has followed an entirely different trajectory, where public money has been used to put things back exactly as they were before. Somehow, we were persuaded that the banks are a special case, not subject to the same rules of business, a point echoed by the noted economist John Kay.

We need to stop thinking of financial services as a unique business whose problems are sui generis, and whose economic role is one of special privilege. The historic deal, which limited competition in banking in return for an expectation of prudent behaviour, has been abrogated by the actions of banks and bankers. Today, both consumer protection and macroeconomic stability will be best served by the policies to promote competition which are rightly favoured in other sectors of the economy.

[From John Kay – Should We Have ‘Narrow Banking’?]

Hear hear. And surely one of the central policies to promote competition should be that people who make catastrophically bad decisions should go out of business. Another one might be to adopt a more robust approach to banking activities that turn out not be to strictly congruent with the letter (or spirit) of the law.

A $2.6 billion financial fraud that has shaken the government of Iranian President Mahmoud Ahmadinejad saw the heads of three of the country’s banks ousted on Tuesday as lawmakers threaten to impeach the economy minister. The biggest fraud in the 32-year history of the Islamic Republic could result in the death penalty for anyone found guilty of it and has become part of an increasingly ugly split in the conservative elite that runs Iran.

[From UPDATE 1-Iran bank chiefs ousted in $2.6 bln fraud fallout | Reuters]

Tough on bankers, tough on the causes of bankers. It’s the only language they understand.

 

In the future, everyone will be famous for fifteen megabytes

Business banking

[Dave Birch] I see that Essex council has abandoned its plans to start its own bank to fund local businesses and the First Bank of Billericay, or whatever they were going to call it, will now never get off the drawing board. How this insane plan ever got to the drawing board in the first place is a complete mystery. Or, at least, it was until I read that the council spent £372,000 on management consultants

In the future, everyone will be famous for fifteen megabytes