Professional Documents
Culture Documents
1.1 Potential customers cannot When initially registering for mobile Know Your Customer (KYC)/Customer Due
access mobile payment services financial services (MFS), the inability Diligence (CDD) guidelines to be set
due to inability to prove his/her of the account provider or its agents commensurate with the risk of the
identity. to adequately verify the identity and service.
personal information of applicants Subject to regulatory approval and
may block approval or access to verification of implementation.
mobile payment services.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
1.National ID system: Universality removes potential for X X X
Authorities issue universal IDs, which are used exclusion of those desiring service.
for access to financial services Burden on national authorities to
institute universal ID program may be
unaffordable or beyond the existing
infrastructure's legal, technical or political
capacity to enforce.
3. Regulated KYC Requirements which leave Each institution can interpret the
implementation to institutions requirements, which may allow various
combinations of identification. Banks can
set risk- based tiers to ensure access.
Each individual bank must establish a
policy that meets regulatory requirement.
Reliance on existing forms of
identification keeps cost low, but
difference in policies across institutions
creates some risk
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
1.2 Existing customer cannot access Verifying identity and personal Transaction size and KYC/CDD levels
mobile payment services due to information to protect customers commensurate with the user's ability to
inability to prove his/her when using mobile payment services self identify through PIN, photo attached
identity. may block access if the customer is to the account, national ID or biometric ID
not able to adequately prove his/her system.
identity. Easily accessible process for replacing lost
SIM or PIN.
Subject to regulatory approval and
verification of implementation.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
4. No regulatory KYC requirements Each institution will determine
requirements for account opening based on
their perception of risk. Lack of regulatory
requirement should keep barriers to access
low.
Lack of requirement opens cross-
organization risk for criminal activity.
1. Restrict access to mobile financial services Requiring that agents repeat the same X X X
to those who can meet the same KYC KYC requirements at the transaction level
requirement as account opening that are required at account opening is not
practical. It would place an enormous time
requirement on agents, and should not be
necessary if the account opening procedure
is implemented. (This would be the
equivalent of requiring a photo ID check at
the ATM.)
Regulatory authorities would not be able
to effectively police such a requirement.
2. Ensure that appropriate risk based service Strict KYC requirement for agent
access requirements are established at transactions will create inconveniences for
account opening customers and create more bureaucracy for
agents.
Expecting agents to conduct this due
diligence for transactions of existing
customers, especially during busy times is
impractical.
Risk-based allowances ensure customers
still have some access even without full
KYC; yet the limits protect against fraud.
(Option
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
1.3 Customer’s identity is stolen and The risk of stolen identity can have Protect service users against results of
used to open a mobile payment multiple ramifications, including: identity theft
account fraudulently. Customer’s identity could be used Subject to regulatory approval and
to access other services verification of implementation.
Customer is held accountable for
fraudulent transactions made in
his/her name
Customer is unable to access mobile
services because an account using
his/her name/identity has already
been established fraudulently.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
enables customers who have lost their ID to
maintain some access)
Lower requirements for small, or low
risk, transactions reduce regulatory burden
for agents
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
ID may be required, such as birth
certificates or passports where
available.
2. Account providers provide an effective Requiring a rapid alert system to advise
process for alerting users of unusual activity, users that their accounts may be
and blocking accounts when notified of compromised and block procedure to stop
fraudulent activity. fraudulent activity once recognized is a
simple and pragmatic way to deal with
stolen identity.
The procedure can be easily validated by
regulators.
3. Develop of best practices for enhancement KYC mechanisms, which could include
of fraud detection systems. point-based multiple ID requirement, limits
Provider reports suspicious or fraudulent potential for fraudulent account opening.
activity to central authorities (Central Reporting helps target systemic fraud,
Bank/Financial Intelligence Unit or FIU). thus reducing risk.
Enforcement mechanisms for reported
illicit activity may not exist or may be
weak. Creating or enhancing such
mechanisms will require investment.
Bank Model
Hybrid Model
# Risk Description Objective(s)
1.4 Customer’s account security If a customer’s account credentials, Account providers maintain a rapid
credentials and / or account account information and transaction account block process for customers if
information and transaction history are not adequately protected, customer/MNO believes the account has
history are improperly released the customer’s account can be been compromised.
(e.g., PIN biometrics, and stolen illegally accessed to steal funds or to Development of best practices for
phone/subscriber identity process illicit activities. enhancement of fraud detection systems.
module [SIM]). Customers may also be subject to MNOs mitigate risk of unauthorized/
identity theft or blackmail. inappropriate access to customer
Some models, particularly the hybrid, transaction data.
may share customer data as a means To mitigate the risk of customer account
to mitigate fraud by enabling a clear credentials, information, and transaction
audit trail of the financial history being compromised, implement
transaction. best practices for data security
maintenance, including data sharing
between service providers and other
business entities.
Subject to regulatory review and
verification of implementation.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
5. No regulatory KYC/CDD requirements or Lack of KYC/CDD requirements open
provider-based consumer protection against financial system to fraud risk, whether
fraudulent account opening. through ID theft or ID fraud.
Lack of protection represents a potential
cost for consumers and thus a barrier to
entry.
2. Provider led controls instituted to mitigate Institutional policies reduce likelihood for
the likelihood of unauthorized release or theft improper release.
of customer information. Lack of standard requirements for all
institutions allows for criminal targeting of
institutions with weaker policies.
Institutional programs will impose a cost
on providers; however, lack of a regulatory
requirement allows institutions to
determine the level of mitigation.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
1.5 Customer is unable to efficiently Customers are not able to resolve MNOs provide an efficient dispute
dispute a transaction or account disputes with an account provider and resolution process.
charge. recourse to a government body or Clear, published service standards to
regulatory authority to arbitrate minimize the cause of disputes.
disputes is weak or non-existent. Regulatory domain able to define
Note: The dispute requiring consumer protection for error resolution,
resolution could be a transaction that in terms of responsibilities, time frames,
is initiated by a customer on the and liabilities.
customer’s phone, as well as a Subject to regulatory review and
transaction that an agent makes on verification of implementation.
behalf of a customer who does not
have his/her own phone.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
notify customers impacted by breach, Plan services, resulting in hardship for funds
could include procedures to block transactions recipients until problem resolved.
on all impacted accounts and to issue new Quick action can limit operational,
credentials to customers. systemic, and reputation risk.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
1.6 Customer is charged Agent may overcharge or have a side Account providers use clear contracts that
unauthorized fees by agent. transaction fee that is not authorized fully disclose all fees to be charged,
that they impose on the consumer. tailored for various customer situations,
Customers may not understand the including different languages and
complexity of the contract signed, illiteracy (i.e. pictogram-based
making it possible for him/her to face contracts).
additional fees/services without being Service charges clearly posted at each
aware agent's location. Disclosures reasonably
comprehendible to all
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
animosity
Association may not have capacity to
support, or the budget to develop, this
function.
1. Regulatory authority requires full disclosure Full disclosure of all fees limits potential X X X
of all fees in account agreement. for consumer exploitation by providers.
Regulators may lack the capacity/budget
to monitor and enforce the requirement,
especially considering the abuse is more
likely to happen at the agent level than the
corporate level.
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
of it. The lack of clarity of contract customer groups (i.e. major language
could be further exacerbated by disclosures and potentially pictograms)
language barriers or illiteracy. Subject to regulatory review and
Additional government charges, such verification of implementation.
as VAT, may complicate the
disclosure of true costs and tariffs.
1.7 Customer cannot access cash Insufficient numbers/availability of Providers responsible for market coverage
from mobile money account due mobile money and/or bank No unreasonable regulatory constraints on
to lack of agent availability. correspondent agents in a given expansion of agent networks
geography results in consumers not
being able to access cash or incurring
excessive travel costs and
inconvenience.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
2. Account providers required to ensure fee Account provider disclosure mitigates
structure is posted in all service locations in a potential for consumer exploitation,
format understandable to the broad Account providers may have difficulty
population. (i.e. major language disclosures ensuring reasonable compliance throughout
and potentially pictograms) their agent network.
Account providers required to discipline or
expel consistently non-compliant agents.
1. Regulatory authority mandates minimal Requirement raises the cost for account X X X
geographic coverage as part of financial providers so that the service may not be
access/inclusion interests. profitable. Also, the requirement raises
barriers to entry for smaller players.
Account providers may agree to
collaborate in areas where population
density does not justify multiple service
access points.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
1.8 Agent unwilling to perform The agent may be unwilling to Adoption of payment services best
transaction for customer. perform a transaction because of practices including optimization of agent
liquidity management concerns. and super-agent compensation models for
Agent may wish to conserve cash by cash distribution, cash pick up, and
restricting large transactions deposits.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
3. Regulatory authority requires disclosure of Customer expectations are set at account
agent network coverage in service-level opening.
agreements (SLAs) Cost of compliance is low for providers
and the cost of oversight is minimal.
Agent network will expand with market
demand.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
to more profitably service a larger Standards for agents barring
number of smaller transactions. discriminatory practices, with regulatory
Agent is unwilling to serve customer review and verification of compliance.
due to discrimination (race, tribe,
religion, sex, etc).
Agent is instructed by super agent not
to perform transactions during
specific hours of the day due to cash
pickup and deposit burdens.
1.9 Customer cannot access cash Customer cannot perform cash- out Account providers are responsible to
Refer to from mobile money account due transaction because the agent does customers for providing cash-out services
4.7 to lack of agent liquidity not have sufficient cash on hand to in a timely manner, including contingency
perform the transaction. plans to deal with liquidity crises,
Agent may be experiencing unusually Subject to regulatory review and
high cash-out requests due to special verification of implementation.
events, including public events,
public disturbances, or loss of public
confidence.
Super agents providing physical cash
distribution to individual agents are
not able to manage cash stocks
effectively.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
consumer protection oversight;
Discrimination complaints are the task
of other agencies
2. Regulatory authority provides oversight to Regulatory authority may lack the
ensure agents and other service providers capacity to perform this role with sufficient
perform transactions in compliance with credibility to deter abuse.
account agreements.
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
1.10 Customer cannot access cash Customer cannot receive cash from Customer’s responsibilities and process for
from mobile money account due agent or perform cash-out transaction regaining access to cash spelled out in
to lack of personal access. during regular “business hours” due to contracts and in account provider’s
one of the following situations: operating procedures.
Customer has exhausted his/her Simple remedies to each situation spelled
pre-paid minutes. out and available to users.
Customer’s cell phone battery is
dead.
Customer has lost his/her cell
phone.
1.11 Customer cannot access cash Customer cannot receive cash from Providers are responsible to customers for
from mobile money account due agent or perform cash-out transaction providing cash-out services in a timely
to lack of system availability. during regular “business hours” manner.
because of one of the following Account providers post realistic access
situations: standards and area coverage to ensure
Cell phone service is not available appropriate client service expectations.
in that location. Subject to regulatory review and
The account provider is verification of compliance.
experiencing a temporary
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
optimize service for consumers. amount of time.
Forecasting and management capabilities
are similar for ATM and Branch cash
forecasting/ management.
Market forces will improve liquidity
management over time as providers keep
reliable agents, take on some agent
responsibilities, or partner with other
institutions as agents of last resort.
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
system outage.
A record of complaints may indicate
questionable business practices, or a
lack of complaints could mean there
is no established avenue for consumer
remediation. Unscrupulous businesses
or business may change names and
locations to hide complaint histories
once the business ceases operations.
1.12 Lack of network interoperability Closed loop networks with no No protectionist barriers to transfer funds
Refer to prevents consumer from capability to transfer funds between between systems.
5.13 transacting with desired party. account holders of different account Intra- account provider transfers
providers’ payment networks due to conducted within the account provider’s
lack of interoperability. Among system.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
be practical. (Whether the regulatory
authority in this situation is financial or
telecommunication is debatable.)
3. Regulatory authority monitors system Any new market entrant is likely to take
availability service levels. time to fully roll out its service,
Significant complaint levels could impact particularly if competition is entrenched.
license extension. Failure to do so within a reasonable time
could lead to failure of the service,
resulting in the regulator having to ensure
an orderly withdrawal.
Regulatory capacity to monitor system
availability may be limited.
Lack of a regulatory requirement keeps
barriers to entry low, relative to this issue.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
providers or their non- participation Inter-account provider transfers
on a national payment platform block conducted through a national switch,
payments outside of the account either directly or through correspondent
provider's network. The first player clearing accounts, without unreasonable
to enter the market can gain usage fees or penalties.
monopoly power, limiting
competition, but can help justify
initial market entry into virgin
markets.
1.13 Customer loses balance due to Trustee impaired: Should the trustee Trust funds holding the value of items in
failure of a bank holding trust fail or become insolvent, trust transit are legally segregated from the
fund, or a similar situation accounts that are not legally trustee's own assets in bankruptcy.
where trust fund is segregated from the general pool of Trust accounts are divisible (to spread
compromised. bank assets available to satisfy risk) and transferable (in case of failure of
creditors may be pulled into the the trustee to perform).
bankruptcy process, with access Management and investment of trust funds
blocked. regulated similarly to insurance
The trust account may be
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
a new technology through keeping new
entrants out.
Consumers might benefit as there would
be no network limitations on sending
mobile money.
Account providers might be forced to
compete on cost, products, and service,
rather than size of network.
Limits first mover advantage, potentially
discouraging initial market entry.
1. Law / Regulation relating to bank failure or Requires trust law - normal in common X X X X X
insolvency segregates assets held in trust law systems but typically difficult in
accounts from the general pool of assets of a statute law systems.
trustee in the bankruptcy process. Requires a court system that both
understands trust law and is empowered
to enforce it.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
technically segregated, but no rapid company loss reserves to limit risk of
procedure for transferring funds held impairment of value.
in trust to another trustee may exist,
preventing access to the funds
1.14 Pooled deposits within a trust Trust impaired: Trust funds deposited Trust funds holding the value of items in
account can create a funding by the trustee in an account with the transit are legally segregated from the
concentration risk which would trustee bank or other banks are trustee's own assets in bankruptcy.
not protect individual customers pooled deposits that may be Trust accounts are divisible (to spread
if trust is impaired. significant compared to the size of risk) and transferable (in case of failure of
the bank, representing a funding the trustee to perform).
concentration risk, and may not be Trust fund investment policy to provide
fully protected under bank liquidity for cash-out needs and to protect
closing/insolvency/ deposit insurance against impairment of value.
rules.
Even if available, deposit insurance
is at the account level, and if the
trust account is
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
Transferability of the trust to another institutions thus reducing the exposure of
trustee in case of non-performance or failure providers. Holding across multiple
of the trustee. institutions will create a bit more
Investment guidelines for trust funds that complexity for payment providers in
limit risk concentrations for funds not invested managing several bank relationships.
in marketable or short maturity government Monitoring and enforcement of trust
securities. account diversification should be possible
Clear segregation of trust funds covering through periodic reporting.
customer funds from the operating funds of
the account provider.
Periodic regulatory verification of the
adequacy of trust funds
1. Law / Regulation relating to bank failure or Requires trust law - normal in common X X X X X
insolvency segregates assets held in trust law systems but typically difficult in statute
accounts from the general pool of assets of a law systems.
trustee in the bankruptcy process. Requires a court system that both
understands trust law and is empowered to
enforce it.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
viewed as a single account, rather
than many, the cap would be
insignificant compared to the size of
the trust account.
The value of trust funds invested in
other financial instruments or
institutions may be impaired by a
decline in market value of the
investments.
Significant and unusual outflows
could present the trust with liquidity
difficulties if investments cannot be
unwound.
1.15 Customer loses balance due to If the financial services provider or Prevent co-mingling of account provider
bank/provider not maintaining a bank holding the trust fund does not company operating funds and customer
1:1 coverage requirement in the maintain a balance equal to the total funds in transit.
payment account trust fund. value of all payments in transit, the The sum of the lower of cost or market
customer may not be able to recover value of trust funds in account provider
his/her funds if the service were to trust accounts must at least fully cover
be terminated. the value of all transfer items in transit or
The risk is particularly severe if the funds stored in mobile phone accounts
account provider is experiencing that are defined as funds paid in by
operating losses or cash flow strains customers into payment accounts and not
due to network expansion or other yet withdrawn.
operating or investment costs and Subject to regulatory supervision (this is
may see client funds in transit as a probably the dominant systemic risk
source of operating funding. issue).
1.16 Consumers may respond to social Increasing the ease with which funds Public awareness of the risks of over
pressures by drawing may be transferred to indebtedness.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
not invested in marketable or short maturity account diversification should be possible
government securities. through periodic reporting.
Clear segregation of trust funds covering Excessive risk concentrations in a trust
customer funds from the operating funds of fund could heighten systemic vulnerability
the account provider. should a loss of public confidence in the
Periodic regulatory verification of the account provider result in disintermediation
adequacy of trust funds with consequent demand to liquidate
investments by the trust.
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
on credit lines to fund family members may increase social Lender policies and procedures that
payments, risking over pressures for such transfers, possibly protect against over indebtedness.
indebtedness. leading remitters to tap credit lines This is a general (not cell phone specific)
to supplement payments. This may consumer protection and portfolio quality
increase the risk of remitters issue that should be already under
increasing their debts to regulatory oversight, although may not be
unsustainable levels. in place in many countries.
1.17 Customer’s family is unable to If account providers have not Escheatment guidelines to mimic the
access account funds if the established escheatment guidelines guidelines for demand deposits accounts.
customer dies. for customer mobile payment Subject to regulatory oversight and
accounts in case of death, customer’s verification of compliance.
families will be unable to access the
balances and the account will remain
dormant on the provider’s system.
1.18 The beneficial owner(s) of Single accounts opened in the name Responsibility for any transaction passing
stored value and transactional of a group or a member of a group for through a mobile account clearly defined.
accounts (e.g., mobile money) shared usage. For example an
cannot be determined by individual within a village establishes
authorities in the event of illicit an account to be used to receive
account remittances
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
accounts. Financial institutions will reject
regulators limiting how credit facilities can
be used on a situational basis.
2. Regulatory authority may provide general Requires support from the on-site
consumer protection guidelines for over examination of regulated institutions’
indebtedness, but otherwise take no action lending policies and procedures, as a
normal part of market supervision.
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
activity when group accounts are for anyone in the village, or a village
used based solidarity or small group
lending program jointly opens a
mobile money account, making
regular deposits with an intention to
“share out” funds to individual group
members as micro-loans.
As the account is associated with
multiple individuals, authorities have
difficulty identifying specific actor
when illicit activity occurs.
Use of shared accounts is not
permitted under FATF due to
AML/CFT concerns, since such
accounts effectively permit
anonymity of most of the beneficial
owners of the account.
The FATF framework generally
requires the beneficial owner(s) of an
account to be known to the financial
institution so using one person to
send/receive money on behalf of a
community is not permitted.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
policy and investigation when criminal
activity is suspected – implies
enforcement costs
2. Law / Regulation limits group registration Corporate restriction limits flexibility for
for transactional accounts to corporate micro-finance group accounts.
entities; enforced by account provider and or The law cannot prevent group use of
regulatory authorities accounts – individual associated with the
SIM bears responsibility for any issues.
Enforcement will focus on provider policy
and investigation when criminal activity is
suspected – implies enforcement costs.
Bank Model
Hybrid Model
# Risk Description Objective(s)
1.19 Government decides to tax Governments in need of revenues may Keep the marginal transaction cost to a
transactions to raise funds see the high transaction volume minimum.
increasing the marginal cost of mobile payment system as an
each transaction. opportunity. If governments decide
to institute a transaction tax on
mobile payment system transactions,
they would raise the marginal cost of
each transaction to consumers (as
account providers would pass this cost
along), thus pricing out many of the
consumers that the system most
benefits. The high adoption rate of
mobile payments in most
communities, and the benefits for
expanding access to financial
services, are driven largely by the low
cost.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
transaction will depend on collaboration
by the SIM card holder whose account
was used.
1. Government imposes a transaction tax Any transaction tax will reduce volume of X
the system. The consumers that leave the
system will be the poorest, as they are the
most price-sensitive. Thus, any transaction
tax would be viewed by the public as anti-
poor.
A transaction tax would complicate
operations and accounting for account
providers.
Some funds would inevitably be raised;
but offset by the negative societal impact
of decreased usage.
2. Government does not impose a transaction Mobile payment adoption rate, and
tax. expanded access to financial services, not
inhibited by taxation.
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
2.1 Merchants are unable to easily Merchants accepting mobile money Merchants able to cash out as needed for
convert mobile money into cash, may not be able to rely on regular, liquidity management.
limiting their flexibility to run flexible, and consistent methods to
their business / store. exchange electronic money into cash
or use electronic money to trade with
their suppliers. If they take in mobile
money, but their suppliers do not
accept mobile money, their ability to
restock efficiently may be limited.
Merchants may refuse to accept
mobile money in payment for goods
and services if their ability to cash
out is limited.
2.2 Merchant could be restricted by Merchants locked into exclusivity Balanced exclusivity agreements that
a contract with an account agreements may be precluded from facilitate market entry economies of scale
provider from accepting offering their clients better and/or yet prevent unreasonable restrictions on
payments for or from another less costly services from other competition.
account provider. account providers.
Exclusivity agreements may provide
economic justification for market
entry of the first provider, but then
may perpetuate a monopoly.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
1. Regulatory authority requires account Such regulation likely unenforceable, X X
providers to maintain an “agent of last resort” since cannot dictate the composition of
within specific geographic areas to ensure account providers’ networks or related
liquidity for consumers. contracts.
It is in the interest of account providers
to provide an efficient agent network to
ensure market penetration, regulatory
intervention is likely unnecessary.
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
2. Regulatory authority requires Requirement of interoperability would
interoperability of payment networks (through lessen the inconvenience of any exclusivity
inter-provider links or switch) agreements with merchants as they would
still be able to make a purchase, though a
fee may be involved.
Requirement of interoperability would
raise the cost for new entrants.
Bank Model
Hybrid Model
# Risk Description Objective(s)
3.1 Agent is unable to easily Agents that voluntarily or Cash out procedures are covered in the
liquidate e-money inventory involuntarily lose their agent status agency agreement.
when the agency relationship is must be able to convert their e- Contractual disputes between account
terminated. money inventory to cash or deposit in provider and agents subject to court
a bank account. resolution.
3.2 Agent receives cash from client Agent receives funds from a service Effectively constrain diversion of
but fails to user but misdirects funds
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
1. Regulatory authority requires providers to Requirement mitigates agent liquidity X X X X X X
facilitate agent cash-out upon termination. risk in case of termination.
Requirement removes a potential barrier
for entry of new agents, if they are
uncertain of the market or the account
provider.
Enforcement may be limited to review of
agent agreement templates.
2. Provider sets contractual agent termination Provisions set expectation for agents
provisions with guidance from the regulatory upon contract initiation. (Provisions should
authority. enable liquidation within a timely manner.)
If provisions do not ensure a timely
liquidation, this may constitute a barrier to
entry for new agents.
1. Require that service users receive, and Public confidence issue - in the account X X X
know they have a right to receive, clear provider's interest to ensure
X
X
MNO Model
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
provide/transfer the e-money to the agent's own benefit. This funds.
situation could arise in one of two
ways:
The consumer could be an existing
customer without their phone with
them, so they would not receive the
transaction confirmation while with
the agent.
The consumer may not be a customer
but requests that the agent sends
money to an existing customer, so
does not receive independent phone
confirmation of the transaction.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
confirmation that funds have been received that clients are not defrauded.
and where they have been directed. This may Police may need training on dealing with
include a paper receipt, if the customer does complaints of abuse.
not have a phone, or if the individual is not a Agents require protection from spurious
customer. claims of non-receipt.
2. Require that service users receive, and Public confidence issue - in the account
know they have a right to receive, clear provider's interest to ensure that clients are
confirmation that funds have been received not defrauded.
and where they have been directed. This may Police may need training on dealing with
include a paper receipt, if the customer does complaints of abuse.
not have a phone, but would not apply to non- Agents require protection from spurious
customers requesting ‘informal remittance’ claims of non-receipt.
service from an agent, (i.e. when the service Non-customers receive no more
is not formally offered by the provider). protection in this situation, than if they
asked any user on the network to provide
the same service.
4. Raise public awareness that users should Reduces the need for potentially costly
have their cell phone available to ensure and unenforceable rules to ensure agents
receipt of transaction confirmations. are crediting the proper accounts.
Bank Model
Hybrid Model
# Risk Description Objective(s)
3.3 Agent is robbed. Agents that hold both cash and e- Agent responsibility for cash security
money face a risk of robbery. The risk should be clearly outlined in the contract
may be heightened if the volume of with the account provider.
cash/e-money required follows a If the payment system is e-money, cash
predictable remittance cycle, is owned by its bearer so cash security is
requiring a higher than normal cash the responsibility of the bearer agent.
on hand position. If the agent is deposit-collecting, the
Agent may be forced to transfer all or cash in the till may be the customers’, in
part of its e-money inventory to the which case greater security measures may
robber or other party. be necessary.
However, agents that are also
merchants may find that accepting e-
money as payment for goods and
services sold reduces the need of cash
on hand, and the risk of robbery.
3.4 Agent threatened with individual Agent unable to perform cash out Market access issue between account
Refer to customer demands or potentially transactions due to KYC/CDD policies, provider and its customers, impacting the
1.9 larger group protests due to insufficient cash on hand to meet account provider's market reputation.
inability to perform cash-out occasional heightened demand, Only becomes a regulatory issue if
transactions. and/or system/network outages. customers cannot reasonably retrieve
For example, the account provider’s their funds through other agents.
system may be down, preventing Otherwise, police/public orders issue.
KYC/CDD and transaction verification.
Customer may have lost ID, pin code
or phone; an updated account
provider policy may prevent agent
from resetting pin without sufficient
credentials,
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
the money, or not process the
transaction.
2. Provider informally agrees to make the Agents will not view theft as a barrier to
agent whole based on sufficient evidence of entry, as they will bear the theft losses.
robbery. Creates moral hazard that may encourage
thefts.
3. No account provider or regulatory action - Agents bear liability for theft losses.
local police matter Agent liability may create a barrier to
entry.
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
thus excluding the cash-out
transaction.
3.5 Agent takes in cash that proves Counterfeiter manufactures false Responsibility for accepting counterfeit
Refer to to be counterfeit. notes to pass through agent and to currency for transfers the same as for sale
5.17 integrate into the money supply. of goods - with the agent.
Agent training on counterfeits, and other
illicit financial instruments, to be
modeled on bank teller training and
provided commensurate to the perceived
risk.
Account provider training program for
agents subject to regulatory
assistance/verification.
3.6 Agent pays out cash that proves Agent may pay out counterfeit Passing counterfeit currency, whether as
Refer to to be counterfeit. currency received from customers cash outs to e-payments or as change on
5.18 without realizing it is counterfeit. trade purchases, is a criminal issue for the
Agent may use cash-out payments to police, not a regulatory issue.
distribute counterfeit currency. However, account providers should
provide agent training on
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
Agents may "get rid of" counterfeit counterfeits, as for 3.4.
currency they realize they have taken
in by passing it on.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
2. Regulatory authorities to provide an Financial incentives can increase
incentive, or reward, system for reporting and cooperation of agent network in identifying
retrieving counterfeit currency, possibly and pursuing counterfeiters.
including cash payments. Regulatory authority requires budget to
support incentive program.
Financial rewards may encourage agents
to collaborate with counterfeiters;
however, authorities will monitor agents
more closely that consistently turn in
counterfeits for reward.
4. Regulatory authority or account provider Reward could provide the incentive for
could reward agents for identifying identification and the disincentive for
counterfeit currency or providing information passing the currency along.
on counterfeiters. Agents with frequent identification would
need monitoring to ensure they were not
involved in a counterfeit scheme.
Cost/capacity to implement such a
scheme would need to be evaluated.
Bank Model
Hybrid Model
# Risk Description Objective(s)
3.7 Provision of credit to agents by Network models allow super Liquidity needs of account providers
non-bank actors. agents/master agents to extend should be balanced with consumer
liquidity in the form of e-money protection for agents so that extension of
directly to agents, possibly with credit does not become a vicious cycle.
limited or no controls or oversight.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
preventing counterfeit cash distribution.
Burdening account providers with
probably unenforceable counterfeit note
regulation could reduce the incentives for
market entry.
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
4.1 Provider employee manipulates An insider with access to financial Account providers responsible for their
Refer to agent credit allowances, agent systems manipulates balances for own internal security as a cost of doing
7.10 e-money balances, or customer his/her own financial gain. business. Not a regulatory issue unless a)
and 7.11 e- money balances for financial defalcations threaten the financial
gain. viability of the service, possibly providing
a systemic impact, or b) service
providers’ customers are impacted, in
which case the regulator has a consumer
protection interest.
4.2 Provider fails to adequately Agents acting on behalf of an account Account provider agent selection, training
select, train and supervise provider can damage the account and supervision policies and procedures
agents and super agents. provider's business reputation, both are acceptable to the regulator, subject
with the public and with the regulator to verification of compliance.
if they act improperly. However, this is primarily a business
management issue rather than a
regulatory issue unless agent performance
problems become flagrant. Regulator may
mandate
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
2. Regulatory authority requires providers to Insurance will mitigate the risk of X X X X X X
Obtain fraud insurance to protect against providers and the financial system against
insider threats and significant fraud risks.
Maintain 1:1 e-money reserve requirement Legal system must have the authority to
in trust account. arrest and prosecute those who committed
Depending on the liability loss, enlist law the fraud.
enforcement. Fraud insurance may not be available or
may price providers out of entrance into
the market
1. Regulatory authority trains and licenses Training and licensing can help to ensure X X
agents to ensure capacity. a base capacity among agents.
Regulatory ownership or training licensing
is high cost and requires capacity that the
regulator is unlikely to have.
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
KYC/CDD as a component of sound
AML/CFT programs.
4.3 Account provider or provider’s Depending on the division of Account providers complying with such
agent does not meet required responsibilities, some AML procedures regulatory oversight as provided in law
regulatory could be carried out and regulation, including
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
KYC/CDD guidelines. Training, compliance network, and thus a stronger, more stable
monitoring, and registration of agents is mobile payment system.
required by account provider. The agent may not have sufficient
training, resources or motivation to follow
prescribed guidelines without threat of
penalty or termination of agent relationship
for non- compliance.
Regularity verification of training
program is low cost and requires low
capacity.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
responsibilities for AML. by agents. Agents are generally not effective suspicious transaction reporting.
employees of the account provider Predictable and enforceable penalties for
and thus are related only through non-compliance sufficient to motivate
contractual arrangements. If roles routine compliance.
are not clearly stipulated and
enforced, compliance can be
difficult.
4.4 Trust fund is inadequately The account provider fails to Trust funds are regulated and supervised
funded. adequately fund the trust account, similar to insurance reserve accounts to
possibly through ensure adequate coverage of trust
A breakdown in the funding process liabilities.
or
Intentional diversion of funds
received in transit to cover the
provider’s operating costs.
A trustee’s fund investment strategy
fails to conserve the
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
requirements. with the account provider.
Implies regulatory review of account
provider’s due diligence process.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
fund’s value.
4.5 Agent fraud untraceable due to Lax or non-existent record keeping of Agents able to document their mobile
poor records. transactions by agents creates financial transactions.
challenges for account
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
regulators that do not have the staff to
review reports and monitor compliance.
3. Regulatory agency creates a new type of Not needed for bank account providers,
deposit insurance at the payment account since funds already on deposit in covered
holder level. bank accounts.
For cell-phone based account providers
with pooled trust funds, this would
substantially expand deposit insurance
beyond current global practices and dilute
the incentive for service users to open a
formal bank account.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
Refer to providers trying to research fraud Account providers able to support police
7.2, issues. Payment transactions may be investigation of complaints of fraud.
7.4, commingled with other merchant Regulatory involvement only in cases of
and 7.5 transactions, masking any systematic failure of account provider to
irregularities in the payment service. ensure its agent network operates within
reasonable bounds.
4.6 System availability not System users may be denied access to Account provider’s services reasonably
Refer maintained by account provider. their funds if the account provider is consistently available during normal
to 7.9 unable to consistently maintain business hours.
and 7.15 access to its services. Continuation of operating license
contingent on maintaining reasonable
service.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
to support account provider’s electronic complied with, particularly if fraud is
records for investigation purposes. involved.
Account provider’s electronic records
may be sufficient and more reliable.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
account providers to innovate to provide
the least cost solution.
Implies the regulator has, or can procure,
the technical expertise to validate account
providers' contingency plans.
3. Providers establish their own redundancy Redundancy and continuity planning will
requirements and disaster recovery to ensure mitigate the risk of failure in system
continued financial system access. availability and limit the duration when a
failure occurs.
Should be supported by documented
alternative access procedures in the event
of system failures for providers.
Lack of regulatory requirement will allow
each institution to define the extent of
their contingency planning,
MNO Model
Bank Model
Hybrid Model
# Risk Description Objective(s)
4.7 Agents are consistently out of Without effective cash forecasting Agents have sufficient cash on hand to
Refer to cash. mechanisms, agents may have support most cash-out requests.
1.9 difficulty managing their cash needs. Account providers support agents with
Cyclical or unexpected demands may cash management and forecasting.
complicate cash flow forecasting.
Agents may be too far removed from
a cash supply point to respond quickly
to an increase in cash demands.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
which may leave some less protected
than may be appropriate for a payment
system. However, it will also allow
individual institutions to innovate.
2. Providers forecast and manage liquidity of Enhances customer access to cash within
agent network to optimize service for a reasonable amount of time, improving
consumers. public perception of service.
Account providers may decide to hire
some agents as employees, as independent
agents in high-volume areas may not be
able to maintain
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
4.8 Agent contracted to multiple When an agent contracts with more Account providers to hold agents
account providers (i.e. a cell than one account provider with responsible for their individual
phone provider and a bank) with differing regulatory requirements, the contractual agreements, whether
different regulatory agent may confuse its responsibilities, exclusive or not.
requirements (e.g. KYC) does meet the lower regulatory burden
not meet its responsibilities for between the two, or not meet the
one or more. regulatory requirements for either.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
balances or deal with security issues.
Forecasting and management capabilities
are similar for ATM and Branch cash
forecasting/ management.
1. Regulatory authority prohibits agents from Restricting multiple agent relations may X X X X
representing multiple account providers. limit competition, particularly if the first
mover has locked in the most suitable
agents.
Agents may not achieve adequate
volumes to justify being a paying agent is
not able to link to multiple account
providers.
Difficult and expensive to monitor.
2. Providers do not permit agents to enter into Helps first mover justify market entry.
contractual obligations with other account
providers without prior
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
4.9 Individual poses as agent to If an individual poses as an agent for Consumers able to avoid fraud through
collect deposits or payments an account provider, they could spurious agents.
from unsuspecting customers. accept deposits or payments from
customers and pocket the funds. The
risk is likely higher in remote areas
where oversight is limited, and where
financial literacy is lower.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
consent. Limits subsequent competition by locking
in the most suitable agents.
May limit agent profitability below
breakeven point, limiting service
expansion.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
Most susceptible consumers, those who
are financially illiterate, will be the most
difficult to reach with an information
campaign.
3. Rely on the significant consumer protection During cash in, the agent will have to
built into the system through electronic have enough e-money available to initiate
receipts and account limits to mitigate fraud. the transaction and resulting confirmation
to the service user.
Transaction limits inhibit service users
from acting as informal agents.
Monitoring systems flag suspicious
behaviour, enabling the account provider to
shut down informal agents.
Bank Model
Hybrid Model
# Risk Description Objective(s)
5.1 Liability concentration risk Trust funds of a successful account Trustee banks limit the size of trust
Refer to caused by an expanding trust provider could become significant to accounts they manage to what is
7.12 account that may have a the point of representing a funding reasonably manageable for that
material impact on the trustee concentration risk for the trustee institution.
institution's balance sheet, bank - liquidity risk - should there be
particularly for those trust funds a sudden reduction in the volume of
on deposit with the trustee items in transit through the account
bank. provider's system.
This could be due to new
competition, changes in regulation,
account provider decision to diversify
its own risks, or civil disturbances
that cause a flight to cash.
5.2 The reputation of the financial The financial institution which holds Preserve the value of the trust funds
institution which holds the trust the trust fund for the account through prudent investment management,
account for the mobile financial provider takes on reputational risk. If subject to regulatory oversight (as for
account provider is damaged due the trust funds are invested in insurance company reserves)
to its mismanagement of the instruments that do not conserve The affiliation risk will be managed by the
trust account. their value, the liability coverage market. Banks should not enter into
provided by the trust assets may agreements with mobile financial account
become inadequate, potentially providers with which they have concerns.
leading to a crisis in confidence in the
service.
5.3 The reputation of the financial The financial institution which holds Preserve the value of the trust funds
institution which holds the trust the trust fund for the account through prudent investment management,
account for the mobile financial provider takes on reputational risk. If subject to regulatory oversight (as for
account provider is damaged due the account provider is poorly insurance company reserves)
to its association with an managed, the trustee’s affiliation The affiliation risk will be managed by
with an
International
Reputation
Systemi
Liquidit
Lega
Policy Options Policy Implications
y
c
l
1. Bank regulators limit risk concentrations as Concerns with managing risk
a normal part of their supervisory activities - concentrations may restrict bank interest in
this process should include funds held in trust, providing trust services.
so off- balance sheet unless held in deposit Trust funds need investment
accounts. opportunities that provide adequate
liquidity in case of rapid disintermediation.
2. Regulators evaluate reputational risk of Adverse selection may come into play -
major trust relationships. those banks most qualified to act as
trustees may be the most reluctant to take
on the risks of doing so.
X
Bank
Model
X
Hybrid Mode
# Risk Description Objective(s)
account provider whose payment institution that loses the public trust the market. Banks should not enter into
system is poorly run. could damage its own reputation. agreements with mobile financial account
providers with which they have concerns.
International
Reputation
Systemi
Liquidit
Lega
Policy Options Policy Implications
y
c
l
2. Regulators evaluate reputational risk of Adverse selection may come into play -
major trust relationships. those banks most qualified to act as
trustees may be the most reluctant to take
on the risks of doing so.
MNO Mode
Bank
Model
Hybrid Mode
Mobile Financial Services Risk Matrix: Payment Systems
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
1. Government ownership of the payment Interoperability creates benefits to X X X
switch effectively requiring any existing and consumers, as they can transfer to any
new account provider to connect to and use other consumer regardless of network.
the system for its payment services. If government perceives a profit
opportunity, rather than a public good,
monopolistic pricing of the transaction
could ensue.
There is no incentive for a new
technology innovations since the
government requires all transactions to be
processed through the system
X
Bank Model
Hybrid Model
# Risk Description Objective(s)
7.1 Illicit financial activities enabled If the AML/CFT requirements do not Risk-based supervision and enforcement of
by weak KYC/CDD apply to mobile financial services, AML/CFT safeguards to enable authorities
requirements/enforcement. illicit actors could leverage the to focus on the highest priority risks.
mobile network for illicit means. If
the party providing the financial
service is held to these standards, but
its ability to comply/enforce them is
limited, the risk still remains. (The
ability to enforce AML/CFT among a
disparate agent population is a
critical element.)
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
1. Regulatory authority implements and Point-based AML/CFT system allows X X X X X
enforces a point –based (stepped based on flexibility for consumers with various forms
risk) AML/CFT system. of identification; however, limits risk by
embedding a standard due diligence
requirement industry- wide.
Regulatory authority to
implement/monitor/enforce can be costly,
considering that agents are the
implementers.
2. Account providers elect to have account Account providers can hedge risk by
opening conducted by employees rather than controlling account opening process.
agents, so as to maintain stricter AML/CFT Potential customers inconvenienced as
controls. account provider has limited footprint
relative to agent network.
Cost of building a network to support
would be costly.
X
Bank Model
Hybrid Model
# Risk Description Objective(s)
7.2 Identification of illicit financial Reporting of large or suspicious Risk-based supervision and enforcement of
Refer to activities hampered by transactions to appropriate AML/CFT safeguards to enable authorities
4.5, insufficient reporting authorities and/or the Financial to focus on the highest priority risks.
7.4, requirements. Intelligence Units (FIUs) provides
and 7.5 information on mobile financial
transactions that exceed or are
structured to avoid reporting
requirements, as well as on trends
and patterns of unusual mobile
financial activity.
7.3 Illicit financial activities As agents are a critical component of Risk-based supervision and enforcement of
Refer to facilitated by unlicensed/ the mobile payment network, may AML/CFT safeguards to enable authorities
4.2 unmonitored agent network. facilitate fraud or criminal activity to focus on the highest priority risks.
(e.g. if they do not comply with
AML/CFT requirements, customers
could conceivably set up accounts
under false identities).
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
AML/CFT. networks for illegitimate financial
purposes; illicit activity flourishes in
economically disadvantaged
regions/zones where provider
enforcement mechanisms are weak
1. Financial regulatory authority includes Standardized reporting, in line with X X X
mobile providers in AML/CFT reporting financial institutions, mitigates potential
requirements to appropriate authorities for illicit activities and facilitates
and/or the FIUs. Account providers file investigation.
Suspicious Transaction Reports (STR) for Reporting requirements impose a cost on
transactions meeting specified criteria. the account provider, which would be
2. STRs for all reporting entities indicate the reflected in usage fees.
channel used, including mobile. Account provider may not have the
technology to identify suspicious
transactions, resulting in a dump of all
transactions on the FIU.
FIU may not have the capacity or budget
to analyze reports for mobile sector.
3. Account providers are not included in STR Mobile financial services could be used to
reporting requirement. channel large quantities of small payments
in support of illicit activities.
1. Regulatory authority trains and licenses Training and licensing can help to ensure X X X X X
agents to ensure capacity. a base capacity among agents.
Regulatory ownership or training licensing
is high cost and requires capacity that the
regulator is unlikely to have.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.4 Inadequate transaction records Full transaction audit trails are Regulatory framework follows
Refer to impair investigation of fraud or essential to investigations to follow international standards for financial
4.5, criminal activity the money trail. Records retention records retention to mitigate risks, which
7.2, should permit reconstruction of sets 5 years to enable information
and 7.5 transaction details, including the requests from competent authorities.
identity of the transaction parties.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
fraud training program which incorporates network, and thus a stronger, more stable
AML/CFT guidelines. Training, compliance mobile payment system.
monitoring of, and registration of agents is Motivating agents o follow prescribed
required by account provider. guidelines may be challenging.
Implies regulatory support for and
verification of training program.
4. No required training or licensing process. Least direct costs for account providers
and regulators.
May result in indirect costs through use of
mobile financial services to support illicit
activities.
1. All service users required to maintain an Cell phone company role limited to X X X
individual bank account through which all messaging - actual transactions occur in the
transactions flow. bank.
Ensures that full transaction records exist
within the formal banking system.
Acceptable to users who already have
bank accounts, but represents a high cost
barrier to users who have
X
MNO Model
Bank Model
Hybrid Model
# Risk Description Objective(s)
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
no need for a full banking relationship.
Would substantially restrict expanding
access to financial services to the
unbanked.
Bank Model
Hybrid Model
# Risk Description Objective(s)
7.5 National regulators and/or law Investigative officials are unlikely to Risk based regulatory framework that
Refer to enforcement authorities unable have the human capacity to minimizes the role of the regulator while
4.5, to effectively investigate fraud effectively regulate the network of providing an enabling environment that
7.2, or criminal activity due to lack providers, agents, trust accounts and mitigates against risks to the customer,
and 7.4 of operational support systems customers necessary to mitigate the account provider network and the
and human capacity. known risks. If the regulatory financial system.
framework entailed Regulatory capacity sufficient to provide a
licensing/supervising agents, as well deterrent to illicit use of mobile financial
as providers and banks, the number of services through heightened risk of
regulators required for this activity discovery and prosecution.
would likely be well beyond that on
staff for the regulatory authorities.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
Records-CDRs) for a specified period following trace transactions within a payment
the completion of the transaction, failure of chain from one provider to another or
the account provider, and/or termination of reconstruct sender/receiver identities
customer relationship. in the prosecution of financial crimes.
1. Establish an FIU with sufficient resources to Would enable the country to comply with X X X X
credibly investigate suspicious transactions FATF guidelines and participation in the
and initiate prosecution of illicit activity. Egmont group.
Establish specialized investigative, Would extend activities already in
prosecutorial and judicial expertise within the principle required for banking and
legal system. insurance to mobile financial services.
Has cost implications - may require a fee
regime on account providers, which would
be passed on to users, reducing the
financial incentives to use mobile financial
services.
2. Establish a risk-based framework that shifts The regulatory authority can leverage the
the responsibility for monitoring compliance transactional level compliance efforts of
on behalf of the agent to the account the account provider by focusing on the
provider. control mechanisms and risk management
programs from a system level.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.6 National regulators and/or law In many country contexts, the Clearly defined centralized regulatory
enforcement authorities unable regulatory framework for mobile authority for mobile payment networks.
to effectively investigate fraud payment service provision has not Clearly defined authority to refer
or criminal activity due to lack been established. Thus, it is unclear breaches of public trust or illicit activities
of authority. whether the financial regulators have to law enforcement authorities for
the authority to oversee the payment prosecution.
network, or if it is the responsibility
of the telecommunications regulators,
or if anyone has the requisite
authority.
Jurisdictional concerns may be
exaggerated, since the service
functions are distinct. For instance,
in the United States, many grocery
stores provide access to financial
services (credit unions, etc) but their
core business is selling groceries.
Their financial activities are easily
overseen by financial authorities and
their core business is overseen by
state food safety regulators.
7.7 Account provider may fail to Mobile financial services are a Regulators to ensure account providers
institute appropriate dynamically growing market with monitor evolving new risks,
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
guidelines, potentially risking inclusion
in the list of non-compliant countries,
leading to restrictions of access to
international financial markets.
1. Empower through law/regulation either the Sole authority limits confusion regarding X X X
financial regulator or telecommunications investigative authority.
regulator as the sole regulatory authority over However, different issues may require
mobile payment system. different subject matter expertise which
may not be resident in the sole regulator.
Capacity/Budget of sole regulator may
need to be adjusted to accommodate
increased responsibility.
X
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
safeguards against newly new account providers, new services and institute appropriate risk mitigation.
emerging risks. and new vulnerabilities developing Regulators routinely disseminating
rapidly. Ensuring that information on warnings of new risks as these are
the risk factors is disseminated and identified.
understood, and appropriate
safeguards instituted, is a significant
challenge.
7.8 The ability to track/investigate Criminal elements can utilize the lack Minimum standard audit trail for
illicit transactions is made of standard processes in conducting SMS/USSD (Unstructured Support Service
difficult by the number of transactions, particularly in Data) transactions to enable investigation
financial intermediaries (e.g. commingled accounts and instances through account providers’ payment
agents, super agents, providers, where it is difficult to identify the transaction processing system consistent
banks managing the trust beneficial owner. This risk may be with international standards, with
accurate
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
risk for financial sector, including mobile to emerging risk, so they can develop
payment systems. mitigation strategies early.
Would benefit from integration into the
global FIU network.
FIU may not have the skills / capacity
necessary to analyze risks associated with
this new channel.
FIU may not have the budget to cover this
area.
2. Association of account providers monitors Emerging risk monitoring will help the
emerging risk for financial sector, including account providers be vigilant with regards
mobile payment systems. to emerging risk, so they can develop
mitigation strategies early.
Individual account providers generally
linked to international institutions
operating in multiple countries, allowing
for cross fertilization.
There may be no association at the
country level - but account providers linked
to the GSM Association.
X
Bank Model
Hybrid Model
# Risk Description Objective(s)
accounts); and as these various heightened with remote and non- and meaningful information that travels
actors are not vertically face-to-face transactions, particularly with each transaction.
integrated, the lack of in the cross-border context of some Contracts clearly identify the
transparency between them mobile financial service business responsibilities of each party in the
exacerbates the challenge for segments. transaction and provide clear channels for
regulators. sharing information.
7.9 Account provider suspends Temporary or permanent failure of a Contingency response policies and
Refer to operations or collapses, systemically important account procedures to ensure continuity of
4.6 and disrupting service. provider could trigger loss of public operations and rapid recovery in case of
7.15 confidence that could spread beyond failure.
the account provider, causing a
general crisis of confidence among
the public.
As communication networks are relied
upon for financial services,
performance risk becomes
concentrated in critical systems
whose failure for technical or business
reasons could impact a significant
portion of the population.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
financial services outside of the same account transactions.
providers or bank. Prohibits the expansion of low cost
mobile financial services and would inhibit
service innovation and outreach.
2. For cell phone based systems, regulator Implies an orderly liquidation process or
requires off-site storage of backup data in a transfer to an alternate account provider
format that would enable an orderly similar to that used for a failed financial
liquidation of the trust account(s) through institution.
repayment to system users.
For bank based systems based on individual
bank accounts, normal bank processes
required.
3. Providers establish their own redundancy Redundancy and continuity will mitigate
requirements and disaster recovery to ensure the risk of loss of system availability and
continued financial system access. limit the duration when a failure occurs.
Documented alternative access
procedures in the event of system failures
for providers.
Lack of regulatory requirement will
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.10 Account provider's employee sets Generally, when a customer sets up a Account providers ensure sufficient
Refer to up accounts on the system with prepaid mobile payment account, internal controls and monitoring of the
4.1 and balances not backed by receipt they make a deposit of real currency trust balances against the amount in
7.11 of currency and funding of the for an equivalent balance of mobile transit to discourage such defalcations
trust account(s). Such an act money. and rapidly identify them should they
would create a liability and However, an employee of the account occur.
related losses for the account provider with access to the backend Subject to regulatory oversight.
provider systems could set up fraudulent new
accounts that were not backed by
currency.
The employee could then either cash-
out or spend their mobile money,
depleting the trust funds, which could
go unnoticed without proper internal
safeguards.
Since e-money is backed by real
money deposited in the trust account
(or the capital of the account
provider, if deficient), creation of e-
money may increase the velocity of
money, but not the volume.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
allow each institution to define the
extent of their contingency plans,
which will leave some less protected
than may be appropriate for the
payment system. However, it will also
allow individual institutions to innovate.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.11 In economies where minutes are In some economies, mobile minutes The account provider's business model will
Refer to exchanged like currency, and have been used as a means of determine the extent of service discounts
4.1 and could be cashed-out for exchange. Generally, an account they wish to provide to their customers.
7.10 currency, distributor of airtime provider will provide mobile minutes Not a regulatory issue.
vouchers or distributor employee as a service for a specific price.
could increase the amount of However, an account provider could
airtime on the market. increase the number of minutes on
the market without compensation for
various reasons, such as extra minutes
to reward customer loyalty. The
effect would be to discount the price
of the cell phone company's service,
just as any other product discount
results in an increase in the product
or service provided without an
offsetting increase in revenue. If the
additional minutes are cashed out at
the original price, the cell phone
company is in effect paying its clients
a cash rebate.
7.12 Increasing reliance on mobile Rather than having funds dispersed Application of prudential guidelines on
Refer to financial services may result in a across the financial system, or outside risk concentrations/dependencies to
5.1 concentration of deposits in one of the financial system entirely, the account provider trust accounts.
or a few trustee financial uptake of mobile payment services Expansion of larger financial institutions
institutions, leading to will concentrate payment account down-market as the technology lowers
disintermediation from smaller funds in the trust funds held in only a transaction costs and service break even
institutions and reductions in few institutions. points.
access to finance from those The financial institutions where
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
system and will significantly damage
the reputation of the mobile system.
Bank Model
Hybrid Model
# Risk Description Objective(s)
institutions. some of these funds would have been
deposited will have fewer resources
with which to make loans.
The institutions holding these funds
could be restricted by regulations, or
their own credit policy decisions,
from using these funds for lending,
thus reducing the level of loan
funding available to the economy.
This could lead to consolidation
within the financial system resulting
from those institutions that are not
able to keep up with the technology
having increasing difficulty
competing.
However, the conversion of cash in
circulation to deposits in the trust
accounts would increase the
resources of the banking system as a
whole.
7.13 Single dominant player in a A single telecom company can Fair competition among providers on
Refer to closed-loop environment abuses dominate the market in the absence products/services.
1.12 market power (predatory of adequate competition. The first No unreasonable barriers to the flow of
pricing). player to enter the market can create funds between account providers.
a monopoly, which can potentially Predictable market entry for qualified
lead to anti- competitive pricing and applicants to ensure that the prospect of
restricted services/innovation. competition discourages predatory
pricing.
National and regional payment systems
able to transmit payments between
account providers and
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
ensure compliance.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
between countries.
7.14 Illicit actors conduct high Because of the speed of the payment Account providers flag and limit opening
volume transactions using process using a mobile multiple accounts based on
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
compete on cost, products, and service,
rather than size of network which could
represent a first mover advantage.
By reducing the first mover advantage,
could discourage potential first movers
from entering the market.
Bank Model
Hybrid Model
# Risk Description Objective(s)
multiple accounts, bypassing system, it is possible to make similar KYC/ CDD data. Subject to
monitoring systems before multiple transactions quickly, in a regulatory oversight.
regulators can step in. near real-time transaction
environment. With reasonable
preparation, large sums could be
transferred simultaneously using
multiple accounts.
7.15 Financial terrorists target Financial terrorists hack into mobile Mobile payment networks’ security
Refer to payment network to disrupt payment network to disrupt the requirements, including possible
4.6 and financial system. economy. The mobile payment redundancy, to be commensurate with the
7.9 network may be targeted, as the proportionate systemic importance of the
security is perceived as less than that account provider.
of the financial system.
Alternatively, terrorists may target
the data center of the account
provider to damage or destroy service
capacity.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
CDD data. the account provider can deter most illicit
activity.
Implies regulatory verification of account
provider systems, policies, procedures and
its capacity to comply.
2. Rely on account monitoring as another Multiple accounts of the same owner can
alternative to KYC. be identified via pattern identification
systems that recognize activity similarities
(e.g. several account all sending money to
the same place/agent/customer or e.g. an
unusual level of transactions from one
place to another in a given timeframe.)
Enables expanded access where national
ID systems may be weak.
2. Providers establish their own redundancy Redundancy and continuity will mitigate
requirements and disaster the risk of impaired system
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.16 Account provider fails / enters Mobile payment account providers, Mobile payment account providers’
insolvency limiting customer like other companies, may fail / enter insolvency procedures should mimic those
access to funds and potentially insolvency for a variety of reasons. of financial institutions.
destabilizing financial system. However, unlike normal companies, Established process for obtaining records
their service provision is a component of items in transit and enabling rapid cash
of the financial system and their out liquidation or transfer to another
insolvency can destabilize the account provider using the trust funds.
economy if not properly managed. Clear regulatory policies and procedures
to manage such events.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
recovery to ensure continued financial system availability and limit the duration when a
access. failure occurs.
Documented alternative data access and
recovery procedures in the event of system
failures for providers
Lack of regulatory requirement will allow
each institution to define the extent of its
contingency plans, which will leave some
less protected than may be appropriate for
the payment system. However, it will also
allow individual institutions to innovate.
2. Insolvency handled like any other business. Financial system stability would be at risk
depending on the size of the network.
Consumer protection for payment
account holders would be a significant issue
if the insolvency process did not protect
these
X
MNO Model
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.17 Counterfeit funds accepted by Agents will be targeted as an entry Agent training on counterfeits to be
Refer to an agent. point for counterfeiters to unload modeled on bank teller training and
3.5 money into the system. provided by account providers
Counterfeiters will perceive agents as commensurate to the perceived risk.
less knowledgeable than bank
employees, the security/monitoring
of agents to be less than banks, and
yet still have a high enough
transaction volume that they would
be difficult to identify.
7.18 Counterfeit funds distributed by Counterfeiters may try to recruit MNOs responsible for supervision of agents
Refer to an agent. agents into their networks to and collaborate with law enforcement
3.6 distribute counterfeit currency into authorities on investigation of counterfeit
the economy. currency to enable criminal prosecution of
agents.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
accounts differently from the general
assets of the account provider.
X
X
Bank Model
X
X
Hybrid Model
# Risk Description Objective(s)
7.19 Currency redenominated while When a country redenominates its Treat items in transit in the same was as
in transit. currency, often after a period of high deposits in the banking system are treated
inflation, service users should be paid in case of redenomination of the currency.
out in the new units, adjusted for the
redenomination.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
to support incentive program.
Financial rewards may encourage agents
to collaborate with counterfeiters;
however, authorities will monitor agents
more closely that consistently turn in
counterfeits for reward.
4. Regulatory authority or account provider Reward could provide the incentive for
could reward agents for identifying identification and the disincentive for
counterfeit currency or providing information passing the currency along.
on counterfeiters. Agents with frequent identification would
need monitoring to ensure they were not
involved in a counterfeit scheme.
Cost/capacity to implement such a
scheme would need to be evaluated.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
7.20 Regulator unreasonably blocks a The extraordinary success of some Enable all proven business models within a
particular service model. cell phone based systems have raised predictable legal and regulatory
concerns in other countries based on environment.
“loss of control” over uncertain risks
or resistance to competition with
exiting formal financial institutions.
7.21 Interest income on service users’ The trustee will invest the trust funds Ensure that the benefit of income
trust funds is improperly in interest bearing instruments, such generated by the trust funds is most
allocated to the detriment of as government securities or interest efficiently allocated back to the benefit
service users. bearing deposit or savings accounts of service users, based on the
with
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
confidence in the national currency.
May complicate the public education
process during redenomination by bunching
the impact for people who may be less
financially sophisticated.
1. Limit mobile financial services to bank Restricts usage to those who have reason X X X X
based models requiring users to pass all to have a full bank account, effectively
transactions over individual bank accounts excluding the poor.
Little or no developmental impact.
2. Allow both cell phone company and bank Opens access to financial services to the
based services. poor through low cost payment services
that do not require a full bank account –
significant developmental impact.
Acts as a catalyst for building confidence
in the financial system and in using formal
financial services rather than dependence
on cash.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
financial intermediaries. So either account provider's business model
the trustee, the account provider or
the service users will benefit from
this interest.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
adding to the cost of providing the service.
Complicates account reconciliation for
service users by adding transactions not
originated by service users.
Could encourage service users to leave
funds “on deposit” in lieu of opening a
formal savings account, reducing incentives
to move savings into the formal financial
sector.
2. Allocate some or all of the interest income Motivates trustees to provide the trustee
to the trustee to cover trustee fees for services.
managing the trust account. Eliminates pass back of trustee fees to
the account provider.
Implies monitoring by the account
provider to avoid over-charging by the
trustee.
May motivate trustee to reach for higher
yield, higher risk investments, implying a
need for regulatory oversight of
investments.
3. Allocate some or all of the interest income Augments the revenue stream for the
to the account provider as additional revenue. account provider, in principle enabling
lower direct service fees to service users.
Benefit will vary with market interest
rates.
MNO Model
Bank Model
Hybrid Model
# Risk Description Objective(s)
8.1 Heightened difficulty tracking Illicit financial activities, such as Regional harmonization of the legal and
and prosecuting illicit cross- money laundering and the financing regulatory framework for mobile financial
border transactions given the of terrorist activities, can be services,
new cross border payment facilitated (and more difficult to
capability with a national prevent) when cross- border
regulatory framework and transactions are allowed where
enforcement mechanism. different regulatory systems are in
place.
Incompatible regulation can prevent,
or make more complicated,
identifying suspicious transactions,
investigating the transactions, as well
as prosecuting and convicting those
involved in illicit transactions.
This risk applies to any cross border
payment system, not just those using
mobile financial services.
8.2 Small-scale traders face a theft Currently, in-country and regional Enable traders to use mobile payments to
risk due to their ‘cash & carry’ traders conduct a cash and carry settle trade transactions involving larger
business. business that relies on cash amounts than are appropriate for personal
settlement of trade transactions remittances to reduce the theft risk and
outside of any financial institution, bring these trade transactions into the
with no audit trails and with theft risk financial system.
to the traders. Enable the use of mobile payments for
cross-border transactions.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
1. Regulatory authority harmonizes mobile Harmonization with FATF standards X X X X
financial service definitions in the context of facilitates tracking and prosecution.
FATF Special Recommendation VII (SRVII) New requirement imposes a new cost on
within their own AML/CFT regimes. stakeholders
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
8.3 Cross-border payments through a Convenience and safety may Enable use of mobile financial services in
mobile financial service could be encourage cross-border traders to tap cross border trade transactions without
seen as bypassing a country’s into a neighboring country’s mobile unreasonable foreign exchange
foreign exchange restrictions. payment system to settle trade restrictions.
payments.
If both buyer and seller use the same
system, then the funds will remain in
the country hosting the buyer’s
system. The seller will either have to
buy goods or services using the e-
money from the system host country,
or cash out through an exchange
office
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
2. Regulatory authorities to allow for a Regulatory authorities enable traders and
separate user category for traders that allow businesses to use mobile payments through
for larger scale transactions. stepped user categories.
Implies higher level of KYC/CDD to
contain the risk of mobile system use for
ML/TF.
Risk of theft reduced by access to non-
cash, mobile channel.
1. Regulatory authorities prohibit foreign Cross border traders limited to using cash X X X X X
exchange conversion using mobile financial or a currency both buyer and seller can use.
services. May encourage use of a larger
neighboring country’s currency, as for cash
transactions, lowering acceptance of the
domestic currency.
X
Bank Model
X
Hybrid Model
# Risk Description Objective(s)
that can use the buyer’s currency of
origin.
If a foreign exchange conversion
facility is built into the service, then
transactions that otherwise would be
settled in cash move into electronic
form.
International
Operational
Reputation
Liquidity
Systemic
Legal
Policy Options Policy Implications
enable currency conversion.
Bank Model
Hybrid Model