Wholesale payment systems: Modernisation of the liability framework

Abstract

Wholesale payment systems are potential targets for fraud and cyber attacks due to the scope of activity they cover, the high value of individual transactions and the trillions of dollars they move across the globe daily. These risks have increased due to the increasingly sophisticated methods malefactors are using in their attacks. While payment system operators are modernising their infrastructures in response to these threats, there is still work to be done. Payment system control and governance frameworks must be strengthened in accordance with guidance from regulators and marketplace best practices. There is also an urgent need to examine the liability frameworks under which payment systems operate as some may not be adequate to protect participants and owners from either businessas- usual or catastrophic losses, and participants may be expected to bear uncapped, unpredictable liability for losses. This paper suggests that all participants in the payments ecosystem should consider the strength of their resources to cover potential losses, adopt guidance on endpoint security provided by the regulatory community, and engage in a collaborative effort to ensure that appropriate incentives exist for all parties to maintain enhanced defences against fraud and cyber attack, thereby better supporting financial stability.