American Express (Amex) Australia has confirmed that unless the Consumer Data Right (CDR) is expanded to "write-access" under Open Banking in Australia, it would not launch its Amex Pay with Bank Transfer service in Australia.
"Given the challenges with NPP [New Payments Platform] access and lack of 'write access' under Australia's implementation of Open Banking, there is no clear path for Amex to launch this product in Australia," the company wrote in its submission to the Senate Select Committee on Financial Technology and Regulatory Technology.
Amex Pay with Bank Transfer service allows customers to make payments directly to merchants from their own bank accounts, without the need to be an American Express cardholder. It was launched in the United Kingdom under the country's implementation of Open Banking in the last three months of 2019.
However, in its submission, Amex said given that fintech firms only have "read-only" access to transactional data, unlike incumbents that have access to payments infrastructure and capabilities, fintechs would be "hamstrung as their value propositions will be diluted by comparison".
Amex has proposed for access to payments initiation to be opened so all banking institutions -- large or small -- are able to offer "full service" products and apps. It also suggested that write-access is enabled for CDR and under the New Payments Platform (NPP).
Amex also noted how while it's supportive of the need for privacy protections for consumers and absolute transparency, a balance needs to be reached to ensure that consumers do not see CDR as risky.
"The CDR should be a secure framework, with accessible protections for consumers and clear allocation of liability – steps should be taken to ensure consumers feel confident in using CDR through a public awareness campaign," it said.
Other challenges that Amex highlighted included the current structure and rollout of the NPP around access, maturity of NPP payments products, features, and pricing.
"The way the NPP is currently structured favours the major banks which risks lack of investment from smaller players and non-ADIs [authorised deposit-taking institutions]. This challenge needs to be considered by the Reserve Bank of Australia to ensure competition and to avoid conflicts of interest," Amex stated.
Meanwhile, AustCyber used its submission to highlight the lack of sophistication that exists around supporting entrepreneurs; risk capital, particularly for scale up companies; venture debt availability to emerging growth companies; and the lack of depth in product management capabilities and limitations.
The company also recommended for government to take into consideration cybersecurity risks within the fintech and regtech context when developing legislation and policies.
"It is important that Australian governments and regulators are mindful of the contextual nature of cyber risk as well as the pace at which technology is changing. Many parts of industry agree regulation is necessary and can be beneficial -- but the right balance and approaches are needed," the submission said.
AustCyber pointed to how there is an opportunity, for instance, for the government to develop legislation that can be encoded and made machine readable from the outset; experiment with conditional payments for vendors underpinned by distributed ledger technologies; and ensure that fintech companies are transparent to consumers about their methods to leverage or manipulate documented human cognitive biases.
Despite hearing concerns around the Bill's ambiguity, lax privacy, and rushed nature, the Senate Economics Legislation Committee has still decided to recommend its passage.
The committee will look into the current state of Australia's fintech and regtech industries, and investigate opportunities to promote 'effective and sustainable growth'.
The bank is concerned it could be placed at a competitive disadvantage to benefit other industry participants if Australia's open banking regime is expanded.
It has criticised the current approach as slow and says solutions are often ad hoc.
ASIC wants to see more adoption of regtech by Australia's financial sector
It claims there's "enormous potential" to use regtech to detect breaches and misconduct.