Posted: 29 Sep. 2021 10 min. read

The payments industry has evolved. It’s time regulation did too.

The entry (and spectacular growth) of new payment services and technology providers has been nothing short of disruptive, driven by an era of consumer centricity. A future fit regulatory framework is now needed to drive further innovation and competition, while continuing to protect the interest of consumers and businesses.

A review of the regulatory architecture for the Australian payments industry has been long awaited. We in Australia (like other advanced economies) find ourselves in 2021 with a highly complex regulatory environment in the financial services industry. One that has been iteratively ‘added to’ over time, and which served (very well) an industry that has now significantly changed.

Since its release on 29 August 2021, Treasury’s Report on the Payments System Review (the ‘Report’) and its 15 recommendations have been well received. The review lead by Scott Farrell comes at a critical time for Australia. It follows significant growth and the associated increased complexity in the industry with a marked shift from payments ‘system’ to ‘ecosystem’ given the emergence of new technology, new providers and new business models.

Uplifting Strategy and Simplicity

The intent of the Review was to assess the appropriateness and effectiveness of the existing Australian regulatory architecture given technological advancements and changes in consumer behaviours, as well as provide recommendations to build a future fit payments system that is capable of supporting continued innovation for the benefit of both businesses and consumers.

The Report made the following key observations:

  • The current architecture is fragmented, conflicting, outdated, opaque, and unprepared to deal with future changes. There is limited leadership to drive strategic industry coordination. Regulators, industry participants and the government have been operating independently, with no shared vision or goal. Coordination is needed if we are to meet future challenges and to protect consumers and businesses from emerging risks within a rapidly growing ecosystem.
  • Regulatory burden and complexity are hampering innovation. The authorisation and licensing processes are overly complex and lack clarity. New entrants are feeling the resource burden of complex regulatory compliance processes, creating greater disparity across the payments industry. Regulators have long operated in siloes, leading to inconsistent requirements being prescribed to mitigate the same risks and inadequate coverage of emerging risks. In some instances, this has created an overly risk-averse culture at the expense of collaboration, competition and innovation.

To address the above, the Report recommends stronger leadership, driven by the Treasurer, to support a regulatory architecture for the industry that is clear, coordinated and efficient. It also underscores the need for a strategic plan co-designed by all key industry players.

“Who should be regulated?” is a critical question that needs to be addressed through a tailored regulatory framework that is centred on the nature of the activities or services offered by payment providers.

Additionally, the report highlights the need to streamline the authorisation and licensing processes through the introduction of a single, tiered payment licensing framework that is scalable and risk-based.

The four S’s of a robust regulatory architecture

Farrell’s Report identifies four key principles – Service, Strategy, Safety and Simplicity that should inform the design of the future state regulatory architecture. Under these principles. It should:

  • Serve the needs of consumers, businesses and governments for the payments system (Service);
  • Be ‘future-proofed’ and ensure the payment ecosystem is agile and responsive to emerging risks, while promoting competition and innovation (Strategy);
  • Protect consumers and businesses from new vulnerabilities and risks introduced by rapid digital advancements and growing interdependencies. Key considerations include fraud, data privacy, cyber and resilience (Safety); and
  • Be transparent, consistent and simple (Simplicity).
Together these principles will allow for a regulatory system that:
  • ensures the safety of payments, both from systemic and individual-level risks;
  • ensures the efficiency and effectiveness of payments; and
  • supports innovation.

The first of many steps

We are of the view that if implemented well, the recommended changes can, on the whole, deliver better outcomes for the industry. An uplift of the regulatory architecture needs to balance consumer protection with innovation and competition. This fine-tuning process is and will continue to be a key challenge as the industry moves faster than the regulatory system. Additionally, the effort and cultural shift needed to align incentives and define accountabilities across industry players should not be underestimated and will be critical to the success of the regulatory architecture.

Although the Report provides a much-needed regulatory blueprint, it paints a less detailed picture of cryptocurrency as part of the Australian payments ecosystem. Farrell outlines that “cryptocurrency do[es] not yet play a significant role” but recognises that an updated, flexible regulatory framework is needed once it reaches critical mass. With a growing proliferation of cryptocurrency, and the Reserve Bank of Australia now experimenting with a Central Bank Digital Currency, widespread adoption may be just around the corner. Now is the time to get ahead of the curve. If the Australian industry does not keep pace, we are at risk of falling behind other jurisdictions, and potentially losing some sovereignty of our financial services industry.

What’s next?

The Senate Select Committee on Australia as a Technology and Financial Centre is due to present its final Report by 30 October 2021.  The report will explore a range of opportunities and risks involved in growing Australia as a technology and financial centre. While we await its findings, one thing is clear – delaying uplift of the Australian payments regulatory architecture is not a viable option and doing so will only mean that we are outpaced by a rapidly evolving ecosystem.

The game has changed. It’s time to redefine the rules.

Get in touch

Caroline Brell

Caroline Brell

Partner, Risk Advisory

Caroline is a Partner in Deloitte’s Risk Advisory practice based in Sydney, Australia. She has over 18 years of experience consulting to clients across the financial services industry, specifically banking, wealth management, FinTech’s and the payments industry. Caroline has a strong understanding of the Australian regulatory landscape and best practice risk processes, advising her clients on how these can be enhanced to drive commercial outcomes. Caroline is passionate about delivering risk solutions that leverage technology to surface risks and compliance issues in a much more comprehensive and cost-effective way.

More about authors

Tarah Unn

Tarah Unn

Manager, Risk Advisory

Tarah is a Manager in Deloitte’s Risk Advisory practice in Sydney and has over 6 years of risk management experience across business resilience, regulatory risk and financial crime compliance. Tarah works with clients across both the public and private sector (including but not limited to banking, superannuation, energy, education and government), where she helps her clients navigate the regulatory landscape and delivers pragmatic, client-centric risk solutions.

Lisa Kahlen

Lisa Kahlen

Senior Analyst, Risk Advisory

Lisa is a Senior Analyst in Deloitte’s Risk Advisory practice based in Sydney, Australia focusing on clients across the financial services industry specifically banking, Payment Service Providers and FinTechs. Leveraging her passion for consumer data rights and regulation, Lisa helps her clients find the right balance between innovation, compliance, and risk management.