Are We Getting Steak or Sizzle from Government Actions on Payments Competition?

Matt Janiga is currently the Director of Regulatory and Public Affairs at Trustly, where he manages a variety of product legal and regulatory issues for the U.S., Canadian and other Non-EU markets.  He’s spent the last ten years helping product teams bring innovative payment offerings to market at companies like Square, Stripe, Lithic and now Trustly.  In a prior life, Matt worked at a large community bank with a hockey-loving CEO, headquartered in Tyson’s Corner, Virginia.

Last month, CFPB Director Rohit Chopra discussed competition in payments with ETA CEO Jodie Kelly.  While Chopra’s high-signal, fast-speaking style left audience members with a hand cramp from all the note taking, the substance of his words were worth the pain.  Chopra summarized government efforts to encourage competition in the U.S. payments market, including the recent Visa antitrust suit and his belief that the Section 1033 rule will further enable pay-by-bank as an alternative to card networks.  

My day job is working on pay-by-bank adoption, and to me the speech was like a glorious serving of red meat.  But I’m also a realist who’s been building innovative payments companies for the last decade, and I’m worried about the chances that Chopra’s speech could turn out to be empty calories.  Past government initiatives on payment competition have failed to address key issues that enshrine payment cards at the top of consumers’ wallets.

As important as antitrust litigation and 1033 are, they are likely not enough. If policymakers truly want to encourage competition in payments, they should look to supplement their current efforts by addressing the following structural issues.

Modernize Arbitrary Lines Drawn Around Credit and Debit

About 20 years ago, a set of large merchants and the four-party payment networks entered into antitrust settlements that drew an arbitrary line between debit and credit.  Anything that required payment in fewer than 14 days had to henceforth be treated as a debit product, and anything with repayment required in more than 14 days could be treated as credit.

I personally suspect this line drawing was related to the Truth in Lending Act, which the Federal Reserve Board had interpreted as requiring 14-days advance notice of account statements for billing credit cards and other open-ended consumer finance plans.^[1]  This legislative and regulatory line drawing was itself rooted in the practice of mailing paper credit card statements and consumers mailing checks back to their banks.  

Another key and arbitrary line was drawn by the Federal Reserve Board when it published its regulations and interpretations to implement the Durbin Amendment’s dual network and interchange rate limitations.  Whether correct legislative interpretation or not — the Federal Reserve has interpreted Durbin to include decoupled debit products that pull funding from consumer accounts at large financial institutions.  The problem is that this causes key gatekeepers in banking and payments to look at anything that involves ACH debits as decoupled debit accounts subject to the Durbin Amendment, whether or not the consumer is receiving a traditional card product.  

Since these key legal decisions, we have had a schism develop with consumers and technology on one side and regulators on the other.  Think about how much consumer preferences and technology have shifted into digital and more real time capabilities with things like paperless statements, smart phones, stablecoins, Venmo, tap to pay and BNPL.  On the opposite side of the schism, regulators are firmly rooted in the past and continue to layer on regulations that increasingly anchor payments products to a credit vs. debit dichotomy that was invented 20 years ago and root us in antiquated practices like paper statements and mailed checks.^[2] 

The effect of these well-intentioned but outdated decisions puts a dead hand over consumer payments innovation.  Want to create a next-day or weekend-long payment device that debits an account at another institution?  Good luck!  Major payment networks have an army of gatekeepers that will decry your proposal as decoupled debit, and therefore unsupportable.  Want to try and shift the product into the credit space?  Then you have to figure out how to address payment collection risks while navigating the 14-day statement and 21-day collection and late fee requirements of TILA.  Things have become even more complicated because of the CFPB’s campaign to make everything — starting with new credit products like BNPL and non-credit products like EWA —  fit into the credit card rules of Section 1026 Subpart B of Regulation Z.  Seemingly all because pre-2024 policymakers were worried about things getting lost in the mail.

Addressing — or even modernizing — any of these arbitrary lines that divide debit and credit would give tools to those that want to build new products to compete with the existing oligopoly of large credit card issuers and the four major U.S. payment networks.

Apply the Reinvigorated Antitrust Efforts to Banking

Did you ever stop to think about how there’s a small group of CEOs that decides all the facets of your financial life?^[3]  The CEOs of banks like Chase and Capital One decide what credit card rewards you get, and what your interest rates are if you don’t pay.  The CEOs of Visa and Mastercard decide how you can pay with those cards, and what rates merchants need to hand over to stay in the networks.  

That control and interconnectedness weaves deeper into other aspects of your life.  The largest banks own The Clearinghouse, which operates a key part of our domestic ACH systems as well as the RTP faster payments network.  The Clearinghouse agreed to a variety of competition-preserving measures when developing the RTP network in exchange for the DOJ agreeing not to sue on antitrust grounds.^[4]  Competition regulators might want to keep an eye on how TCH’s promotion of new technologies like tokenized account numbers prevent bank customers from using FedNow.  That feels like the kind of anti-steering activity The Clearinghouse promised the DOJ it would refrain from as a condition of keeping RTP free from antitrust issues. 

Similar bank steering and gatekeeping seems to be occurring with other bank-owned utilities like EWS and Akoya, which reportedly have used their market positions to block fintechs or ask for pricing that other market participants are unable to extract.^[5]  These entities, who have their own CEOs but are owned and controlled by those same big bank CEOs, are in positions of power to decide how you as a consumer or small business owner can and cannot use your bank account.    

It’s fascinating to see the DOJ and FTC bring competition lawsuits against modern tech giants, all while the 100+ year-old banking industry continues to weave an ever-more-tangled web of ownership, partnerships and gatekeeping.  Policymakers might better promote payment competition by looking at the interconnectedness in banking and the effects it has on the payments market.  

Tackle Barriers to Portability

There is healthy competition for card acceptance services in large part because of portability of card numbers.  Merchants are allowed to hold card numbers if they are compliant with industry data security standards known as PCI-DSS.  And it is common practice for merchants to control card tokenization and vaulting, allowing them to leverage multiple merchant processors at a time.  These practices put merchant acquirers under constant threat of losing business if they slip on service quality or price.

But new portability issues are brewing outside of the card space.  The CFPB can put an end to bank control of ACH and FedNow use by prohibiting tokenized account numbers in its Section 1033 rule.  Failure to do so threatens the portability of consumer payment numbers in the pay-by-bank market.  This is because the tokenized account numbers cannot run on alternative and government-run payment networks like FedNow.  Many of these tokenized numbers are also tied to the existence of a valid OAuth token, which itself is not currently portable across vendors.

Regulators, or industry standards bodies like FDX, should also tackle this issue of portability of open banking OAuth tokens.  Today, banks with open banking APIs will create an OAuth token and share it with the company accessing the banking data.  WIthout making OAuth tokens portable, data recipients are going to experience lock in effects with their open banking partners.  In this scenario, a large merchant may want to shift or split their business to a new data access company.  You might think these companies would be able to tell their open banking partner to migrate existing OAuth tokens to a second provider.  However, no such migration path currently exists.  This has the potential to drive new gatekeeping and tollbooth economics in the open banking space — the exact type of thing that Section 1033 is intended to prevent.

Treat Like Transactions Alike 

Policymakers also undercut their stated innovation objectives where they treat cards and other payment methods differently, with remittances providing a great example.

A consumer using a mobile phone app or website to send money to someone outside of the U.S. generally has the same product experience regardless of whether they use Remitly, MoneyGram, Western Union or another provider.  But the process of routing those funds is different whether the consumer chooses to fund the transaction with ACH or a payment card.

ACH transactions need to be coded with a special NACHA format known as IAT.  These IAT transactions require the money transmitter to send extra information to the bank processing the ACH transaction (called an “ODFI”), which in turn is also sent on to the bank receiving the ACH transaction request (the consumer’s bank, called the “RDFI”).  Under the hood, each bank — plus the money transmitter — is expected to conduct independent OFAC screening due to NACHA requirements and guidance letters from OFAC.  If either of the banks involved in the transaction think the transaction raises issues, they are supposed to halt the funds and wait until they have sufficient information to proceed.  This can add days and excess operational toil if you fund remittance transactions via ACH.

Do you know the back-end process with cards?  The banks involved don’t get any of that information or do any of that screening.  Instead, they just process the transaction.

There are good intentions behind all the screening for an ACH transaction.  After the September 11th attacks, OFAC identified that domestic banks were sometimes blind to who was involved in a cross-border transaction.^[6]  But somewhere along the way, ACH funding for outbound transactions run through highly-regulated and supervised money transmitters got swept up in the IAT requirements.  

The result of this is that it’s easier to make these transactions with cash and payment cards.  But both of these payment types present their own policy issues vis-a-vis ACH.  Cash provides anonymity for bad actors, so there’s less trail for national security officials to sniff out larger trends and risks.  Payment cards raise transaction costs for the money transmitter, which in turn need to be passed onto the consumer sender or their intended recipient.  

On the other hand, it's not clear what material national security risks or foreign policy objectives are achieved by holding up a consumer’s low-dollar, ACH-funded remittance transaction with three parties doing independent sanction screening.  So maybe it's time to re-examine things like IATs for outbound consumer remittances (specifically NACHA Scenario H) and treat like transactions alike.

* * * * *

Many of us eagerly await to see whether the outcomes of government efforts — be they antitrust lawsuits or the Section 1033 rule — are sizzle or steak when it comes to competition.  While we wait, I’d encourage Director Chopra and other policymakers to make sure they don’t forget about the other structural issues that keep challengers from competing in payments.  We’re rooting for steak, but also want the sides.

The opinions shared in this article are the author’s own and do not reflect the views of any organization they are affiliated with.

^[1]  This interpretation is discussed at 72 FR 32973, accessible at https://www.federalregister.gov/d/07-2656/p-298. Interplay between the CARD Act of 2009, existing regulation for credit cards and open ended plans is discussed at 76 FR 22950, accessible at https://www.federalregister.gov/d/2011-8843/p-22.

^[2]  A key example of this outdated credit vs. debit view can be found in the Federal Reserve’s interpretations of the Durbin Amendment. 

^[3]  It's not core to this point, but is worth noting that all of these CEOs are white men, with the exception of Citigroup CEO Jane Fraser.  As a mediocre, middle-age white male myself, I have no particular animus towards white male CEOs. But I do find the lack of diversity at our largest private sector financial institutions fascinating.  And as someone with two daughters, I wonder what this lack of diverse perspectives does to the decisions these privileged, homogenous executives and their institutions make. So I’m hoping for a future with a more diverse set of perspectives from the people who make the key decisions about how financial services work in the US. Until that day, it’s good to be a white male CEO in financial services. And Jane Fraser.

^[4]  DOJ’s letter telling TCH it won’t sue over RTP.

^[5]  You may have read about some of these activities in Jason Mikula’s Fintech Business Weekly Newsletter.  Alex Johnson has also documented some of these activities over the years.

^[6]  You can read some of OFAC’s correspondence to NACHA here.

Open Banker curates and shares policy perspectives in the evolving landscape of financial services for free.

If an idea matters, you’ll find it here. If you find an idea here, it matters. 

Interested in contributing to Open Banker? Send us an email at [email protected].