A library of snippets
xxx
Consumer acceptance and use of online and digital banking alternatives has increased since the coronavirus crisis began. New research indicates that the long-term beneficiaries of this trend will be the largest financial institutions that had already committed to digital transformation.
From Big Banks Benefiting Most From COVID-19 Digital Shifts.
xxx
Between March 2020 and April 2022, American rapscallions made off with (latest estimate) $46 billion in fraudulent unemployment insurance claims by filing claims in more than one state (in one case, 29 states paid unemployment benefits to the same person), using the Social Security numbers of dead people, claiming on behalf of prison inmates and so on. This is on top of the money stolen from the Paycheck Protection Program and the Economic Injury Disaster Loan program. In these schemes the government trusted businesses to self-certify that they met key requirements, with predictable results including a Postal Service employee getting an $82,900 loan for a business called “U.S. Postal Services” and an enterprising individual who got 10 loans for 10 nonexistent bathroom-renovation businesses (using the email address of a burrito shop.)
Testifying before Congress earlier this year, a Labor Department expert said that there could have been “at least” $163 billion in wrongly paid unemployment benefits as well as “significant” benefits obtained by malicious actors. A watchdog found that $58 billion the Economic Injury Disaster Loan program had been paid to companies that shared the same addresses, phone numbers, bank accounts or other data as other applicants, which ought to have been a red flag, to say the least. The losses are eye-watering and are an order of magnitude higher than what would have been the cost of putting in place a functional digital identity system for individuals and for businesses.
xxx
Testifying at a little-noticed congressional hearing this spring, a top watchdog for the Labor Department estimated there could have been “at least” $163 billion in unemployment-related “overpayments,” a projection that includes wrongly paid sums as well as “significant” benefits obtained by malicious actors.
xxx
xxx
Vinath Oudomsine bought a $57,000 Pokémon card after receiving a pandemic loan from the Small Business Administration for a nonexistent business.Credit…U.S. Attorney’s Office for the Southern District of Georgia
Vinath Oudomsine bought the Pokémon card in January 2021, after receiving a loan from the Small Business Administration for a nonexistent business. He pleaded guilty in October to defrauding the loan program, leaving the U.S. government responsible for selling the card.
From Prosecutors Struggle to Catch Up to a Tidal Wave of Pandemic Fraud – The New York Times.
xxx
xxx
No financial data was accessed and no passwords, nor any images of any customers’ documents were stolen in the cyberattack, said Bayer Rosmarin. What Optus believes to have been accessed at this point includes names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses, ID document numbers such as driver’s licence or passport numbers.
From A third of Australian population likely affected in Optus cyberattack | CSO Online.
No financial data was stolen. Phew. Thank goodness the fraudsters only have name, date of birth, phone numbers, email addresses, addresses and “ID document numbers” because I doubt they’ll be able to get up much mischief with those.
The key question to ask, as indeed it was asked by my good friend Victoria Richardson (COO of Meeco), is why Optus had all of this personal data in the first place. I can understand why Optus might need to know whether I am over 18 or not, but not why it needs to know my date of birth. I can understand why Optus might need to know whether I am Australian or not, but not why it needs to know my passport number. I can understand why Optus might need to know whether I’m a real person or not, but not why it needs my driving licence.
President Biden’s March 2022 Executive Order on “Ensuring Responsible Development of Digital Assets” was, as the Financial Times said at the time, short on policy detail. Similarly, crypto billionaire Sam Bankman-Fried said that “I don’t think it moves the needle that much”. There order called for a commitment to “reinforce US leadership in the global financial system” through means including “the responsible development of payment innovations and digital assets” and so on, but it also included an order for the Director of the Office of Science and Technology Policy (OSTP) and the Chief Technology Officer (CTO) of the United States submit a report on central bank digital currency (CBDC) to the President.
This report on the “Technical Evaluation For A U.S. Central Bank Digital Currency System” has just been published by the OSTP and it makes interesting reading for those of us who think that digital currency is on the way although. The report (spoiler alert) doesn’t make any recommendations as to what a U.S. CBDC should be, it merely sets out some choices and their likely impact on architecture. Which, in my opinion, is a good thing since we are some way away from having stakeholders agree what the final set of requirements, goals and constraints should be.
There’s a lot in it. The report looks at the design choices for a U.S. CBDC to see how these choices would impact policy objectives and considers the feasibility of building a minimum viable product (MVP) based on those design choices. It also looks a how a CBDC might impact government processes (looking at issues such as welfare, privacy and security), an aspect I found particularly interesting given some of my own early work in this area.
What I found most interesting was the attempt to enumerate and clarify the high-level objectives since it is obvious that no worthwhile discussions about implementation can proceed until these objectives are in place. The OSTP sets out eight policy objectives:
All things considered, this is useful set of objectives to work with and while it is of course a significant amount of work to gather, refine and translate these objectives down into the specifications for the procurement and development of a population-scale CBDC, they certainly provide a useful framework to facility communication between stakeholder groups.
Christopher Waller, a member of the Board of Governors of the Federal Reserve System, said earlier this year he was sceptical that a Federal Reserve CBDC “would solve any major problem confronting the U.S. payment system”. He is right to say that there is no “burning platform” for a retail central bank digital currency in the United States, but that doesn’t mean that the system is a good as it could possibly be and serves consumers, businesses and government as best it can. Banks may well be content with the status quo — an illustrative reaction to the original executive order was the The Bank Policy Institute’s view that “CBDCs would pose considerable and unavoidable costs to the financial system and economy while producing few, if any, tangible benefits” — but the views of banks must of course be considered alongside the views of a much wider range of stakeholders.
It is true that the private sector can satisfy some of demands of the new economy without a CBDC. Appropriately-regulated private sector “stablecoins”, for example, could be used to satisfy the demands of the decentralised finance (“defi”) sector for money that can be algorithmically-traded for cryptographic assets. Having said that, it is not obvious that the long-term goals of such stablecoins would be congruent with wider public policy goals around money and payments. President Biden’s order included a mention of the potential for a US digital dollar “to foster greater access to the financial system” but when it comes to financial inclusion, I have to say that it is not at all clear to me how a CBDC could deliver greater access unless there is greater access to the digital wallets in which such currency might be stored. If these wallets can only be provided by banks, and the same customer due diligence (CDD) rules will apply as for bank accounts, then there won’t be any progress (hence my view that this is primarily a digital identity problem, not a digital money problem.)
This why that fifth objective, about financial inclusion, caught my eye. The Bank for International Settlements (BIS) published a good paper about the potential for CBDCs to improve inclusion earlier in the year, setting out that while CBDCs are not “magic bullet” in this regard, they are certainly a tool to promote financial inclusion if this objective is part of the architecture.The authors note that central banks are considering design options around promoting innovation in the two-tiered financial system (eg, allowing for non-bank payment service providers), facilitating enrolment and education (via simplified due diligence and electronic know your customer, fostering interoperability (both domestically and across borders) and offering a robust technology platform with, crucially in my view, offline payments.
The OSTP report defines offline transactions as exchanges of CBDC that occur when the exchanging parties can communicate with each other, but they cannot communicate with the transaction processor. In other words, offline transactions must be possible when there is no internet, no mobile signal and no electricity. That is, the transaction counterparties must be able to connect their devices directly via local interfaces. In which case one design choice set out in the OSTP report is to use trusted execution environments (TEEs) for individuals to verify to each other that they have the CBDC they claim to have, and to facilitate the transaction securely.
The choice to use some form of secure hardware in a CBDC has implications, since it means that inclusion will require access to this hardware, but I do not see this as the barrier it once was. After all, smartphone penetration in the U.S. is already
xxx
Ministers will be watching one case with particular attention: Tarek Namouz, a 42-year-old former pub landlord from London, appeared in court last month accused of sending thousands of pounds in bounce back loans to fund the terrorist group Islamic State in Syria. A case management hearing is scheduled for July.
From Covid fraud: how bounce back loans paid for cars, watches and even porn | Coronavirus | The Guardian.
xxx
xxx
The ease with which companies can be created is one problem. Companies House — the corporate registry for England and Wales — has no remit or resources to check information provided to it
From How Oxford Street was overrun by sweet shops | Financial Times.
xxx
xxx
Westminster City Councilsaid it was owed £7.9mn in overdue business rates from 30 sweet and souvenir shops in the area.
The delinquent sweet stores illustrate wider failings in the way the UK deals with fraud and tax evasion — from flaws in how companies are registered, to a disjointed enforcement process that also involves HM Revenue & Customs and insolvency firms.
“It’s a symptom of a deeper structural problem in the economy and society,” says Adam Hug, leader of Westminster Council. “Day in and day out millions of people coming to London see the real world impact of a lack of transparency and accountability.”
From How Oxford Street was overrun by sweet shops | Financial Times.
xxx
xxx
Leading fintech players including Plaid, Truelayer and Yapily have banded together to launch a not-for-profit trade association pushing open finance in the UK and EU.
PSD2 introduced open banking to Europe, giving consumers and businesses the right to access their payment accounts via third party providers.
Now, the Open Finance Association (OFA) is looking to bring the benefits of open banking to a broader array of financial products.
Backed by a host of leading fintechs, including GoCardless, Volt and Worldpay, the OFA has appointed Nilixa Devlukia, who has held senior roles at the FCA, Obie and EBA, as chair.
xxx
Snippings