Kathryn McCall, chief legal and compliance officer at Trustly, said that as 2023 gives way to 2024, there are a few simple truths governing payments.
With the continued emergence of different payments rails, technologies and demands by consumers to keep their data private and safe, while using that data to enable new use cases in financial services, she said, “Regulation’s increasing and not decreasing.”
Against that backdrop, there’s more uncertainty than ever surrounding what’s to come in the next few months. The Consumer Financial Protection Bureau (CFPB) has had its very constitutionality challenged — and yet is on track to weigh in on data privacy laws and data portability as open banking takes shape in the U.S., and questions have yet to be answered about who has access to individuals’ data. The introduction of real time payments has deepened the debate over liability in various fraud schemes. Buy now, pay later (BNPL) is gaining scrutiny here and in countries such as Australia.
Regulators, she said, are “catching up” with the key issues as so many of us go online to conduct commerce and transact on our phones. There’s a growing need to protect consumers from fraud, to step up account validation, and protect the integrity of financial networks.
Along with the confluence of technology and data access lies the question of broadening financial inclusion, said McCall. There are some state-level initiatives that would limit access to cash, and whether new payment offerings are taking in alternative data so that unbanked and underbanked populations have better financial products and services are in the offing.
For the firms and providers seeking to stay ahead of the regulatory curve, so to speak, the key is to be “adaptive — and be curious. That’s how you protect your organization,” she said. Consumers, understandably, are cautious about, and want to be informed about, the data that’s being collected about them. Forward thinking companies should be aware about what customers and social media are saying about them, both good and bad. In that way, these enterprises can start to fine-tune their products and services in ways that respond to that online feedback.
There’s an urgency to use technology to keep up with the ever-shifting regulatory landscape, said McCall. With providers such as Trustly, “having an automated system in place” that can track, and fulfill, requests to delete data, tackling compliance becomes significantly easier.
“One of the metrics that we track is ensuring that all of those requests for data deletion are answered within the timeframe allowed by the law,” she said by way of illustration. Technology also plays a critical role in complying with anti-money laundering, counter-terrorist financing rules and regulations.
Looking ahead, she said, mandates around data privacy will key development next year. “More states are going to get on the bandwagon of adopting rules and regulations. And my hope is that this will spur [regulations] at the federal level, because complying with the privacy laws of 50 different states is going to be hard.” And we’re likely to see more clarity on crypto trading and whether the digital holdings are in fact securities — a debate that has included the Securities and Exchange Commission (SEC) for the past couple of years. Look for more rules governing the use of biometrics, too, she predicted.