In Focus Security Implications of the Global Financial Crisis Advantage - CA Digest _NEW_ 1… · 09.03.2011 · Threats to the Bottom Line During times of financial hardship, companies

Citadel Advantage

CA Digest

PAYMENTS NEWS YOU CAN USE Biweekly Digest of Payments & Related Information from around the World

No: 166 Date: 11th March 2009

In Focus

Security Implications of the Global Financial Crisis

By Fred Burton and Scott Stewart

As anyone with a stock portfolio knows, it is a rough time for the markets. With many portfolios down 50 percent or more, this large loss of equity and wealth has been very difficult on individuals and corporations. The problems, of course, have not been confined to the stock markets. With property values plunging and variable-rate mortgages ballooning, many homeowners are also caught in a bad situation — the number of homeowners behind in their mortgage payments has been increasing and the number of foreclosures has grown. Unemployment is also an issue. According to the Bureau of Labor Statistics, in January 2009 there were 2,227 mass layoff actions in the United States involving 237,902 workers.

Significantly, the financial crisis is not just restricted to the United States — it is a global event that is also having a severe impact on economies in Europe, Asia and the developing world. Things are tough all over, and this financial strain will create some large security problems for corporations and governments.

Threats to the Bottom Line

During times of financial hardship, companies often have to make cuts like the aforementioned layoffs. When companies plan cuts, they often focus on eliminating those corporate functions that do not appear to be contributing to the company’s profitability. And one of the first functions cut during tough times often is corporate security. A security department typically has a pretty substantial budget (it costs a lot for all those guards, access-control devices, cameras and alarms), and security is usually viewed as detracting from, rather than contributing to, the company’s bottom line. The “fat” security budget is seen as an easy place to quickly reduce costs in an effort to balance the profit-and-loss statement.

Citadel Advantage

Biweekly Digest of Payments & Related Information from around the World

Contact us at [email protected] or visit us at www.citadeladvantage.com

- 2 -

This view of security is due to a number of factors. First, it must be recognized that there are certainly some security programs that are indeed bloated and ill-conceived that have consumed far too many corporate resources for the results they produce. Furthermore, there is a long tradition of corporate security directors who are not good communicators and who do not take the effort to educate upper management about ways their programs contribute to corporate goals. However, even when a security director has an effective program and is a good communicator, it can be very difficult to quantify the losses that the corporation did not suffer due to the presence of effective security measures. The lack of losses and incidents due to a robust security program can be interpreted by some to mean that there is no threat to guard against. Indeed, effective security can make it appear that there is no need for security, a paradox we have also seen in the historical pattern of U.S. government security funding — a pattern that has resulted in a number of disastrous attacks against U.S. embassies.

In times of economic hardship, the relentless focus on operating expenses and even corporate cutbacks can lead to definite security challenges. As we discussed last November, one of these problems is workplace violence, but during times when people are hurting financially, issues such as employee theft, fraud and product theft by non-employees must also be carefully monitored.

However, while the theft of a tractor-trailer full of computers or flat screen televisions can quickly get someone’s attention, there is a far more subtle, and no less dangerous, threat lurking just under the surface. That threat is espionage — both corporate and state-sponsored.

The Human-Intelligence Process

Espionage is always a problem corporations must face. Competitors, criminals and even foreign governments often seek ways to gather proprietary information from companies, sometimes to boost their own operational capacities (e.g., to apply critical or emerging technologies to their weapons programs) and sometimes to sell on the open market.

Once a company has been identified as having the information sought, the first thing the human-intelligence practitioner will do is look for weak links in the targeted company’s operations. If the required information is readily available, there is no need to undertake a time-intensive and costly operation to retrieve it. Indeed, it is shocking to see the amount of sensitive and critical information that is openly available on the Internet and in research libraries, or that is freely given out at technical conferences.

When open source collection efforts fail, more invasive measures must be employed. Sometimes the required information can be obtained via technical surveillance. A faulty information technology system, for example, can expose the company’s secrets via remote electronic intrusion conducted from a continent away. Other times, information can be obtained by eavesdropping on telephone calls made by corporate leaders or by using other technical surveillance measures.

Citadel Advantage



- 3 -

However, technical surveillance has its limitations, and sometimes critical information must be obtained through human intelligence, which means obtaining the required data from an employee working within the targeted company. Due to human nature, human-intelligence practitioners use the same time-tested principles in the recruitment of corporate sources that they use when recruiting sources in the government sector. (The risks associated with obtaining unclassified proprietary information from private companies are often far less than those associated with obtaining classified information from government agencies or national research laboratories.)

The first step in the human-intelligence process is called spotting. This is when the human-intelligence practitioner attempts to identify those workers who have access to the required information. Then the practitioner conducts a thorough examination of the backgrounds and situations of the employees who have that access in an effort to determine which employee is most vulnerable to exploitation. Employees who are in dire need of extra cash to maintain extravagant lifestyles or to support drinking, drug or gambling habits, or those who are hiding extramarital affairs or other secrets that can be used for blackmail, make prime candidates. A background check might also reveal that a certain worker is angry with his or her employer over issues of salary or placement in the company. There also are employees who disagree ideologically with the product their company makes or the process the company uses to produce it. Finally, there are the employees whose egos are so big that they might be willing to risk committing industrial espionage just to prove they can get away with it. Robert Hanssen, an ex-FBI special agent accused of selling secrets to Russia, was motivated by the belief that he was above the system and could commit espionage without being caught.

Of the four major motivations for committing espionage — money, ideology, compromise and ego (known to security officials as MICE) — money has proven to be the No. 1 motivation, though two or more motivations can be used to turn an employee. More often than not, simple bribery is sufficient to obtain the desired information, especially if the employee is living beyond his or her means for one reason or another. Outside agents looking to turn an employee can also use blackmail (“compromise” in the MICE acronym). Demanding proprietary information in exchange for not exposing a personal secret, for instance, is a cost-effective approach that also allows the agent to return again and again to the same source. This method is a bit riskier, however, since it can cause more resentment than other means and make the source more likely to rebel. However, sexual entrapment and blackmail is still widely used as a recruitment tactic, one that has been used with great success in recent years by the Chinese government against targets such as Japanese and Taiwanese government officials, FBI special agents — and foreign businessmen.

Emphasizing the ‘M’

Once the practitioner has identified the weakest link, decided on the approach to take and made a specific plan on how to proceed, the next step in the human-intelligence process is to actually approach the employee and “pitch” him or her. This step is often a gradual effort to establish a relationship of trust between the practitioner and the employee, and contact can begin gradually with requests for small, seemingly harmless bits of information such as internal phone numbers. In this approach, known as the “little hook,” the employee is offered “gifts” in exchange for

Citadel Advantage



- 4 -

these favors. The requests gradually become greater in scope until the targeted information is obtained. Other times, the pitch is far more blatant and the human-intelligence practitioner does not take the time to establish a relationship or gradually recruit the target. Instead the practitioner makes a flat-out cash offer for the required goods or shows the target the evidence that will be used for blackmail.

In the current economic environment, with many 401(k) plans now more like 201(k)s, stock options severely underwater and homeowners facing foreclosure, cold hard cash — the M in MICE — is an even more attractive approach. In fact, with employees seeing their investment accounts decline dramatically, and perhaps even facing the possibility of home foreclosure, it is not at all unreasonable to anticipate that companies and foreigners will face a windfall of walk-in sources who will volunteer to sell critical information — and in such a buyer’s market, information can often be bought at fire-sale prices. Employees attempting to sell proprietary information are somewhat common; one of the most publicized examples of this in recent years was the disgruntled Coca-Cola Co. employee who was arrested in July 2006 after attempting to sell Coke’s recipe to rival soft drink company Pepsi.

Mass layoffs also complicate the equation, especially when some of the employees being laid off have access to critical information. If measures are not taken to ensure that the information is protected, the information could easily find itself in the hands of competing companies or even foreign intelligence services.

Not Just a Corporate Concern

The current financial crisis — and vulnerability to espionage — is not just confined to the private sector. There are many federal government employees in the United States who have watched their investments in the stock-based funds of the government’s Thrift Savings Plan wither on the vine over the past two years, and judging from the performance of foreign stock exchanges, the investments of employees in other governments have followed suit. Additionally, government employees tend to live in places with very expensive real estate, like Washington, London, Paris and Tokyo. This means that a foreign intelligence officer armed only with a briefcase full of dollars, euros or yen can make a substantial amount of money. With many corporate security departments being cut to the bone, many internal security services focused on the counterterrorism mission and many law enforcement agencies chasing white-collar criminals, it is a good time to be in the intelligence business.

One day we will look back on this time through a counterintelligence lens and see that, although it was a time of bear stock markets, it was a tremendous bull market for practitioners of human intelligence.

This report is republished with the kind permission of STRATFOR Golbal Intelligence. Please visit their website at www.stratfor.com

Citadel Advantage



- 5 -

Training Course: OPERATIONAL RISK in 2009

11th & 12th May 2009, Central London, UK

Changing Role and Risk Management Lessons from the 2008 Crisis...

WHY this Workshop?

Because the field of risk management is undergoing a review of measurement and management approaches and frameworks.

Because it focuses on actual events of 2007-08 and presents a comprehensive

brief on how mis-management and poor decision making in operational risk fuelled the subsequent credit and liquidity crisis.

The past bull market years have been characterised by an outburst of new and exotic

quantitative risk management methods. As the dust settles following the re-shuffling of

financial markets worldwide, it has become clear that moving forward, a more qualitative focus to the management of operational risk is...

For additional information please click on the links below

Read more...

Request a Brochure

Registration

Your Trainer: Richard Barr, Director & Principal Associate, Citadel Advantage

Citadel Advantage



- 6 -

Westpac pulls out of Second Life Australia's Westpac has pulled its presence in Second Life and ditched a number of high profile Web 2.0 pilots in response to poor user uptake and changing business conditions. Westpac worked with IBM to set up a presence in Second Life in November 2007 for employee induction purposes. Speaking at the Future Exploration Network's Enterprise 2.0 conference in Sydney, the bank's former chief technology officer and now general manager of application development, David Backley, said that the although the application had proved useful, maintenance and investment costs had proven too expensive and the project had stalled when a key sponsor left the bank. "Failures can become expensive," Backley told the conference. "We do massive systems rollouts and we expect huge paybacks." For some projects, says Backley, the bank was ahead of its time. An early foray into blogging was shelved as risk-averse bank management and staff shunned the technology. "Parts of the organization were too scared to put comments in because they didn't know what the consequences were," he told delegates. Other experimental projects - such as the introduction of desktop video-conferencing - failed because of internal re-organization and the introduction of more efficient workflow processes. Backley says big organizations such as banks need to be able to move faster when a project takes off, and quickly pull the rug from others if they fail to get traction.

The Financial Crisis

JPMorgan to cut 12,000 jobs as it begins WaMu integration JPMorgan Chase is to eliminate 12,000 jobs as it integrates the retail banking operations of failed Seattle-based thrift Washington Mutual. The scale of the cuts was announced at a presentation to investors. The US bank is targeting net savings of $2 billion by the end of the year, including $1.3

billion from employee reductions and $1.4 billion in marketing, technology and real estate spending. An additional $750 million will be re-invested in the combined business to bump up sales, facilities and marketing. JPMorgan says it will close 300 branches by the end of the first quarter and a further 92 between the third and fourth quarter.

Citadel Advantage



- 7 -

The bank has also given further details of its two-year technology integration plan. The IT element will entail 672 technology conversions, three data centre conversions representing 4200

servers, and the introduction of 31,800 new workstations in branches.

UPCOMING CITADEL ADVANTAGE TRAINING COURSES FOR 2009

Please click on the Details box for full course details

OUR COURSES OFFER THE IDEAL SOLUTION TO YOUR OPERATIONS &

RISK TRAINING NEEDS

Dates Course Place Sponsor Details/Links 30 – 31

March

2009

OPERATIONS RISK MANAGEMENT - BEYOND COMPLIANCE: A VALUE ADDED INCENTIVE

Athens Citadel Advantage

For a course brochure e-mail us at [email protected] Please put BC-ATHENS in the subject line

4 - 5 May

2009

RISK MANAGEMENT LESSONS FROM THE 2008 CRISIS – THE CHANGING FACE OF OPERATIONAL RISK

Johannesburg Citadel Advantage

See course details on the main page of the CA Digest OR

Visit our Public Course Schedule at http://www.citadeladvantage.com/schedule.htm

6 May

2009

DOMESTIC PAYMENTS ORIENTATION WORKSHOP


See course details on the main page of the CA Digest OR Visit our Public Course Schedule


7 - 8 May

2009

E-BANKING IN EMERGING MARKETS – GROWING YOUR BUSINESS OPPORTUNITIES


See course details on the main page of the CA Digest OR Visit our Public Course Schedule


Citadel Advantage



- 8 -

Dates Course Place Sponsor Details/Links 11 – 12

May 2009

OPERATIONAL RISK IN 2009 – CHANGING ROLE & RISK MANAGEMENT LESSONS FROM THE 2008 CRISIS

London Franc & Edge Training

To request a brochure send a blank e-mail to [email protected] Please put “Send me Brochure Training Course: Operational Risk 11-12 May09” in the subject line

Web Link http://www.francedge.com/index.php?id=50#74

22 – 23

June 2009

RISK MANAGEMENT LESSONS FROM THE 2008 CRISIS & THE CHANGING FACE OF OPERATIONAL RISK

New York

City

Citadel Advantage

Details coming soon

25 – 26

June 2009

RISK MANAGEMENT LESSONS FROM THE 2008 CRISIS & THE CHANGING FACE OF OPERATIONAL RISK

San Francisco Citadel Advantage

Details coming soon

17 - 18

August

2009

MONEY MOVES – A QUICK GUIDE TO SWIFT


Details coming soon

19 - 20

August

2009

MANAGING OPERATIONS RISK IN FOREIGN EXCHANGE ACTIVITY


Details coming soon

14 – 15

September

2009

MANAGING OPERATIONS RISK IN FOREIGN EXCHANGE ACTIVITY

London Franc & Edge Training

Details coming soon

16 - 17

November

2009

MANAGING LIQUIDITY IN A REAL TIME & DYNAMIC PAYMENTS ENVIRONMENT


Details coming soon

18, 19 &

20

November

2009

OPERATIONS RISK MANAGEMENT - BEYOND COMPLIANCE: A VALUE ADDED INCENTIVE


Details coming soon

Citadel Advantage



- 9 -

Bulgaria

Hacker sentenced to four-and-a-half years A Bulgarian man known colloquially as The Hacker, has been given a four-and-a-half year jail sentence for masterminding a criminal gang that milked millions of dollars from US credit card accounts. A court in the Black Sea city of Varna convicted the man after he pleaded guilty to charges of founding an organized crime group for money laundering, financial fraud and extortion. In a statement, the court says: "Issa Mehmed, nicknamed 'The Hacker' ... has carried out dozens of financial operations, linked with draining bank cards, mainly owned by US citizens in different US banks." The crimes were conducted over a five year period until January 2008, when Mehmed and four accomplices were arrested. The four other members of the gang received varying sentences.

International

Researchers crack e-banking card readers

Researchers from Cambridge University say they have found "numerous weaknesses" in the security of one-time-password generating card readers used for authentication in online banking.

Saar Drimer, Steven Murdoch, and Ross Anderson claim to have reverse engineered the secret Chip Authentication Progamme (CAP) protocol and found several security vulnerabilities in the UK variant of readers and smart cards.

The researchers published their paper, Optimised to Fail: Card readers for online banking, today at the Financial Cryptography 2009 conference.

The paper says the basic principle behind CAP - a trusted user interface and secure cryptographic microprocessor - is sound.

However design errors such as reusing authentication tokens, overloading data semantics, and failing to ensure fresh responses, are putting customers at risk.

In February, the researchers demonstrated that unencrypted card details can be stolen by "tapping" PIN entry devices (PEDs). They found flaws in the Ingenico i3300 and Dione Xtreme PEDs - both of which are certified by APACS and Visa - that can enable fraudsters to access unencrypted PINs and account numbers.

The paper points out that, as with the move from signature to PIN for authorizing point-of-sale transactions, the move to CAP for online banking shifts liability for losses from banks to customers.

Barclays, which along with NatWest was tested by the researchers, outlined plans last year to extend the use of Gemalto handheld chip and PIN devices after reporting zero fraud among the first million users.

Operations Risk

Citadel Advantage



- 10 -

To read the full paper go to http://www.cl.cam.ac.uk/~sjm217/papers/fc09optimised.pdf

Japan

UBS blames erroneous three trillion yen trade on 'system error' Swiss bank UBS has confirmed that a "system error" was responsible for the entry of an erroneous trade for three trillion yen at the Tokyo Stock Exchange on Tuesday. UBS said that its Japanese unit mistakenly ordered $30.9 billion of Capcom Co. convertible bonds, 100,000 times more than it intended, because of an internal system error. The trade on the Tokyo Stock Exchange's ToSTNeT system was quickly spotted and canceled at no cost to UBS, and trading in Capcom coupons suspended while the deal was reversed. In 2005 a 'fat-finger' error by a Mizuho Securities dealer caused pandemonium on the Tokyo Stock Exchange when 610,000 shares in recruiting company J-Com were put up for sale at one yen each, instead of one share for Y610,000. The brokerage was forced to buy back the shares from market investors at a massive loss after the TSE dealing system failed to respond to an order to cancel the trade. The incident, among others, led to the resignation of TSE chief Takuo Tsurushima and an overhaul of the Exchange's error-prone trading infrastructure.

United Kingdom

Two found guilty in £229 million Sumitomo spyware fraud case A Soho sex shop owner and self-proclaimed knight of the realm have been found guilty for their role in a conspiracy to steal £229 million

from Sumitomo Mitsui Bank in a hi-tech software scam. "Lord" Hugh Rodley, 61, who bought his title, was convicted of conspiracy charges dating back to 2004. Soho sex shop owner David Nash, 47, from Durrington, West Sussex, was also convicted at Snaresbrook Crown Court. The court heard how spyware was installed on computers at Sumitomo Mitsui bank with the help of an insider, who unlocked the doors at night to let the conspirators and their cohorts place keylogging software on user PCs. The gang then gained access to user names and passwords relating to the holdings of major companies, including Toshiba International, Nomura Asset Management and Sumitomo Chemical UK. They made several attempts to electronically transfer up to £12.5m at a time around the world, but were foiled by "field logging errors". The security guard, Kevin O'Donoghue, and hackers, Jan Van Osselaer and Gilles Poelvoorde, both from Belgium, have already admitted their roles in the conspiracy. Rodley, who lived in a Tudor mansion in Tewkesbury, Gloucestershire, was found guilty of conspiracy to defraud and conspiracy to transfer criminal property. Nash was cleared of the first charge but convicted of the second. The court was adjourned to await sentencing. A third defendant, Swedish national Inger Malmros, 58, was cleared of both counts.

United States

Citi duped into $27 million wire transfer fraud A Nigerian man has been accused of duping Citibank into wiring $27 million in funds from the central Bank of Ethiopia to accounts controlled by fraudsters in Japan, South Korea, Australia, China, Cyprus and the United States.

Citadel Advantage



- 11 -

The 37-year old, Paul Amos, appeared before a judge in New York recently where he pleaded not guilty to conspiracy to commit bank fraud and wire fraud. The FBI says Amos was indicted "in connection with an elaborate, internationally coordinated scheme to gain access to, or "take over," an account at Citibank in Manhattan belonging to the National Bank of Ethiopia". The indictment alleges that Amos furnished Citibank with bogus documents authorizing the US bank to accept wire transfer instructions from NBE by facsimile, and included a list of five senior NBE officials who could be contacted by telephone to confirm details of any fax instructions received. However, the telephone contact numbers supplied to Citi did not belong to actual NBE officials in Ethiopia, but instead were Nigeria, South Africa and United Kingdom mobile telephone numbers used by co-conspirators. The gang then authorized two dozen wire transfers, totaling approximately $27 million to various accounts controlled by the fraudsters. The fraud was only uncovered after several banks where the conspirators held accounts returned money to Citibank, saying they had been unable to process the transactions. The New York Judge hearing the case ordered the detention of Amos pending a further hearing. If convicted, he faces a maximum sentence of 30 years' imprisonment. Citi re-issues cards following merchant breach Citigroup has started sending replacement credit cards to customers whose accounts may have been compromised in the massive Heartland Payment Systems breach according to reports.

The new cards were mailed with a notice labeled 'Important Security Message' that explains the "account number may have been illegally obtained as a result of a merchant database compromise and could be at risk for unauthorized use". Citi - which has more than 150 million credit card accounts worldwide - has not confirmed the merchant database involved and has declined to reveal the total number of payment cards re-issued. Hundreds of banks across the US have said their customers were involved in the Heartland breach. While some have begun to issue replacement cards, others have said they are monitoring their systems for unusual activity to detect fraud. Police made their first arrests in the case last week, when three Florida-based men were apprehended after using stolen credit card numbers to make fraudulent purchases at local Wal-Mart stores. The men are alleged to have been using the purloined numbers to electronically encode Visa Gift Cards which were then used to make fraudulent purchases at local businesses. Meanwhile, rumors are circulating of another breach at an unknown payments processor. MasterCard and Visa are believed to have been circulating warnings to members banks about the attack, which is understood to have mirrored the Heartland break-in, where fraudsters planted malware on the company's servers to sniff out account numbers, PAN, and expiration dates. A statement issued by the Community Bankers Association of Illinois says: "Visa announced that an unnamed processor recently reported that it discovered a data breach. The processors name has been withheld pending completion of the forensic investigation"

Citadel Advantage



- 12 -

Securities and Exchange Commission revamping its processes Securities and Exchange Commission is revamping its process for reviewing whistleblower complaints and enforcement tips Securities and Exchange Commission (SEC) Chairman Mary L. Schapiro has announced that the agency is moving to improve the handling of whistleblower complaints and enforcement tips in order to better protect investors. The SEC has enlisted the services of the Center for Enterprise Modernization, a federally funded research and development center operated by The MITRE Corporation, to begin immediately working with the SEC to conduct a comprehensive review of internal procedures used to evaluate tips, complaints, and referrals. The agency is seeking to establish a more centralized process that will more effectively identify valuable leads for potential enforcement action as well as areas of high risk for compliance examinations. “As we continue to reinvigorate our enforcement efforts as an agency, it’s vitally important that we move very aggressively to improve staff’s use of tips and complaints from investors and whistleblowers,” said Chairman Schapiro. “This comprehensive review will help us identify and improve areas within the agency where gaps or lack of communication may cause breakdowns that prevent us from ensuring swift and vigorous enforcement.” The SEC typically receives hundreds of thousands of tips and complaints per year from investors and the general public as well as from those the SEC regulates, including broker-dealers, investment advisers, and public companies. These communications come through a variety of means, including Web forms, e-mail, phone calls, mail, messengers, and faxes. Tips and complaints can come into several different divisions and offices within the SEC’s Washington, D.C., headquarters, and each of the SEC’s 11 regional offices around the country. The SEC also receives referrals from

self-regulatory organizations (SROs), other government agencies, and foreign regulators. The SEC’s review will scrutinize the agency’s processes for receiving, tracking, analyzing, and acting upon the tips, complaints, and referrals from these outside sources. The goal of the review is to improve the efficiency, effectiveness, and overall management of how the agency addresses tips, complaints, and referrals, and how SEC staff utilizes the information received to protect investors. The Center for Enterprise Modernization of The MITRE Corporation will help the SEC identify ways to improve the quality and efficiency of the agency’s current procedures, and to recommend potential technology solutions that can assist the SEC staff in more effectively managing and utilizing tips, complaints, and referrals. The MITRE Corporation (www.mitre.org) is a not-for-profit organization that provides systems engineering, research and development, and information technology support to the government. Securities and Exchange Commission warns investors on government imposters The US Securities and Exchange Commission (SEC) says con-artists have been impersonating its staff to trick investors and broker-dealer firms into handing over private information and money. The regulator is warning investors and financial services firms to be on guard following a number of cases which have seen fraudsters trick people in the US and abroad into providing access to brokerage accounts and even sending money and other assets to the imposters. Other cases have seen unknown con-artists impersonating SEC examiners to gather confidential information from broker-dealers and investment advisers. Imposters have contacted firms by telephone, identified themselves as members of the SEC staff and demanded immediate access to the firm's

Citadel Advantage



- 13 -

records, sometimes claiming to be conducting an "emergency" examination. The SEC says it never makes or endorses investment offers or participates in money transfers. Nor does it send e-mails asking for detailed personal information or financial information such as PIN numbers. "Investors should be especially wary, in these turbulent times, of any unsolicited investment offer, and should always verify the credentials of the individuals making the offer," said Kristin Kaepplein, director, office of investor education and advocacy, SEC. "If contacted by someone claiming to represent the Securities and Exchange Commission and vouching for investments, it's a scam. The SEC never endorses or participates in investment offers." Cashless ATM scam gang indicted A US federal grand jury has returned an indictment against four men accused of tricking hundreds of victims into investing around $8 million in a bogus 'cashless ATM' business. The 90-count indictment alleges that between March 2003 and January 2005, the operators of Mac Investments - Jeff Teitelbaum, Maria Gonzalez, Christopher Livanos, and William Hoberg - tricked over 300 investors into handing over money for the cashless ATMs. The machines issue paper receipts that can be redeemed for cash at the business where they are located. The defendants marketed them for around $1,500 a piece, claiming investors could expect revenues of $1 to $2 per transaction.

They told victims that MAC would maintain the machines and administer the payment of revenues generated. According to the indictment, most victims purchased numerous machines, which were to be placed at undisclosed retail locations, such as casinos and fast food restaurants. But in January 2005 the operations of MAC came to an abrupt halt and investors were unable to contact or locate the firm's purported employees or the ATMs. According to the indictment, the ensuing investigation revealed MAC neither acquired nor placed any cashless ATM machines in retail locations. The earnings statements mailed to victims and posted on the Web site were fictitious. "Distributions made to victim investors of purported earnings, were nothing more than partial returns of other victim investor funds, in the manner of a Ponzi scheme. Newly acquired funds were partially disbursed to victim investors as a way to continue the fraud and entice additional investments," says a statement. The men face charges of conspiracy, wire and mail fraud and transactional money laundering. Livanos has been arrested whilst Gonzalez and Hoberg have received summonses and will be arraigned on the charges on 11 March. Teitelbaum remains at large.

Citadel Advantage



- 14 -

Australia NAB to explore commercialization of m-payments after trial shows strong consumer support National Australia Bank is looking at a commercial launch of contactless mobile payments after a three-month trial at Melbourne's Docklands "exceeded expectations" and indicated a strong consumer appetite for the technology. During the trial, consumers downloaded the NAB Visa credit card software application to their Telstra SIM remotely, and then used their mobile phone to purchase goods and services by waving the handset over a participating merchant's Visa payWave enabled reader. The costs of purchases were charged back to their NAB Visa credit card account. According to user feedback, 90% of trial participants were "very or extremely satisfied" with the contactless mobile phone payment system, while 95% said they were likely or extremely likely to use the technology in the future. More than three-quarters (78%) of participants said paying using a mobile phone was better than cash. Feedback from the merchants that took part in the trial was also positive, with participants reporting contactless mobile phone payments as a quicker, more efficient and convenient way to serve customers. Telstra enterprise & government group managing director David Thodey says convenience was the key appeal for participants:

"Overwhelmingly the trial participants told us that they saw genuine value in the ability to make smaller transactions, such as for coffees and papers, with a wave of the phone rather than fumbling for change." NAB regional general manager, consumer product solutions John Salamito adds: "Now we know that mobile payments can work successfully in a real environment, revealing a strong consumer and merchant demand for such services, we are looking at ways to launch this into the Australian market." The contactless mobile payments trial was recently selected for inclusion in the Finextra Innovation Showcase, which recognizes the most innovative global financial technology projects in the past 12 months.

Canada Block credit card companies from debit system: Retailers A leading business organization is calling on the Canadian Finance Minister Jim Flaherty to use "moral suasion" to block credit card companies from entering the debit market so shoppers are shielded from higher price tags. And if public pressure doesn't work, the Retail Council of Canada says Flaherty should exercise his power to regulate the payment system to protect retailers from seeing a "very substantial increase" in merchant costs, which would be passed on to consumers. Interac has already applied to the Competition Bureau to restructure from a low-cost non-profit

Payment, Settlement & Banking Systems

Citadel Advantage



- 15 -

organization to a for-profit operation in anticipation of Visa Canada and MasterCard's move into the debit market. Interac Association is a Canadian organization linking enterprises that have proprietary networks so that they may communicate with each other for the purpose of exchanging electronic financial transactions. "If government were to indicate that it was concerned about this, it was concerned about the cost this would impose on small businesses and on customers, I think the large banks would think very long and very hard before they bought in to the Visa and MasterCard model," said Peter Woolford, the retail council's vice-president of policy and research. "Moral suasion has a role, so Visa and MasterCard might continue to try and sell their product, but the banks might look at it and say, 'Do we really want to infuriate all of our customers in order to make some money when we're already making money on the product we use today?' "They might think twice before they say, 'We've got this great new product where we get to gouge you.'" The retail council estimates merchant fees could more than triple if banks sign up with the debit systems of Visa or MasterCard. Currently, Interac fees for retailers range from about three to seven cents per transaction, depending on the size of the retailer. The fee does not change if the total bill for the transaction is higher, as is the case with credit-card transaction fees set by credit-card companies and paid to the issuing banks. Tim Wilson, head of Visa Canada, declined to comment on whether a fight with MasterCard for clients would result in higher fees. He focused on the benefits, including expanded use of debit for online purchases and through mail and telephone orders. "We believe that competition will first and foremost drive innovation in the market. I would say that the current Interac business model with

almost zero fees is unsustainable over the long term." MasterCard Canada declined to be interviewed, but in a statement the credit-card company said it is already the largest processor of debt payments globally, and has recently begun work to expand acceptance of its network by Canadian merchants. The company said consumers will experience "competitively priced, technologically unparalleled and globally connected debit processing." The Canadian Federation of Independent Business isn't impressed by the early efforts. The CFIB's director of research Doug Bruce questioned whether two major players in the market would translate into competition and make for a fair fee structure. He also noted other jurisdictions have taken a regulatory approach to control fees charged to retailers for debit and credit-card services. "We feel there should be some oversight," he said, noting the central banks in the United States and Australia are "empowered to look at the debit system." This is the third time in as many years that Flaherty has been pressured to consider new regulations for the financial sector. In 2007, he complained about high bank fees charged at automated teller machines after the New Democrats called for a fee ban. After conferring with top bankers, he backed down. And earlier this year, Finance officials suggested the federal budget could include more regulation to rein in credit-card interest rates. Instead, Flaherty's budget outlined proposals to strengthen disclosure requirements to assist consumers to make "informed decisions" when using credit. Speaking in the House of Commons on Monday, Glenn Thibeault, consumers affairs critic for the NDP, blasted the government for its tepid approach to the file.

Citadel Advantage



- 16 -

"Mr. Speaker, more information about how we're being ripped off is one thing, but what Canadians really need is better legislation to protect them and small businesses. Will the minister commit to protecting Canadians against this gouging or is he going to rub salt in our wounds and only explain to us how it happens?" Flaherty was not in the House of Commons to respond. Parliamentary secretary Ted Menzies used the opportunity to chastise the NDP for failing to support the budget. Nancy Hughes Anthony, president of the Canadian Bankers Association, remains unsure about the government's plans for the financial sector. "We really still are not too clear about where the government wants to go on that, but obviously it's useful to have some kind of discussion. I think of the many things that are occupying the government right now, they haven't gotten around to talking to us about specifically what are the concerns and how can we have a conversation." The three opposition parties are calling on the Industry committee to hold hearings on the restructuring of the Interac and debit market.

India The MobileStore launches IVR-based m-payments service with Paymate Indian mobile phone retailer The MobileStore has partnered with mobile commerce company Paymate India to launch an interactive voice response (IVR)-based mobile payments service. The auto-IVR call-back service will allow The MobileStore customers to link their credit cards to their mobile phones in order to pay for their purchases via their mobile phones. On top of that, The MobileStore will also be able to sell GiftMate vouchers (Paymate’s pre-paid mobile voucher) and remote mobile top-up via Paymate’s auto-IVR call back service.

With PayMate, each transaction is secured with the buyer’s PIN authorization over an automatic IVR call back. The MobileStore has 1,300 stores in over 200 cities across India. Paymate India is the arm of Australian processor Paymate ClairMail clients see high adoption rates for 2-way alerts US provider of two-way mobile phone customer interaction services ClairMail claims that banks using its ClairMail System are experiencing high adoption and usage. The company says that some banks get over 90 percent of mobile banking consumers to sign up for and receive bank-defined and user-defined 2-way alerts. ClairMail suggests that in early deployments, banks saw over 50 percent of mobile banking users also signing up for alerts. In some recent cases, this percentage has climbed to more than 90 percent of consumers enrolling in mobile banking choosing to receive alerts. According to ClairMail, the majority of consumers are signing up for multiple alerts. The ClairMail System provides 2-way mobile banking and payment services on all mobile phones across all three user interface options, namely, messaging, mobile web and client applications. The ClairMail System incorporates the Event Engine which can process mobile banking transactions from a bank’s back-end systems and enable customer-defined 2-way actionable alerts. The ClairMail Event Engine sends alerts to consumers when balances get low, a check clears, a withdrawal exceeds a customer-defined dollar amount, a statement is available and as confirmation for deposits or withdrawals.

United States Payzone Benelux, Ingenico develop new mobile POS terminal Payzone Benelux (formerly Alphyra), part of the Payzone Group, has released a mobile POS device called ePoint 7910.

Citadel Advantage



- 17 -

The payment terminal has been developed in co-operation with French producer of POS terminals Ingenico. Through a certified GPRS connection, the terminal accepts payment cards with magnetic stripe and EMV-chip. The ePoint 7910 complies with the highest and most recent security demands. Payzone Group is a provider of electronic transaction services which has offices in over 20 countries.

Israel Regulator asks banks to detail capital adequacy calculations

The Bank of Israel Banking Supervision Department has asked the banks for detailed reports on the methods they use to calculate their capital adequacy. In a letter sent to the

BLOGS

Read our Principle Associates thoughts on current Payments & Risk Issues in their own

personal Blogs.

STANLEY

RICHARD

(click on their names to go straight to their Blogs)

Please feel free to join in on the debate too!

Your comments and views are more than welcome!

Basle II

Citadel Advantage



- 18 -

CEOs of the banks and credit card companies on Sunday, the Banking Supervision Department gave the banks until April 23 to respond. The questionnaire is part of the changeover to Basel II. The demand is aimed at obtaining "a thorough understanding with regard to the figures reported to the Banking Supervision Department about the capital adequacy calculations." The banks are required to fill out a detailed questionnaire, which will be sent to the Bank of Israel every quarter. The questionnaire is part of the changeover to Basel II - The New Basel Capital Accord of the Basel Committee on Banking Supervision and the effort to create uniform reporting rules and calculation methodologies by the banks. The first questionnaire will refer to the banks' 2008 results, and will be sent as part of their fourth quarter and full-year financial reports, which will be published in late March.

The banks will provide the following information, among other things:

• The names of the rating companies whose ratings the banks used to calculate their capital adequacy;

• The assumptions underpinning the classifications into exposure groups (credit to companies, securities, mortgages, deposits at foreign banks, etc.);

• The extent to which the bank applied credit risk reduction methodologies, such as the use of securities accounts;

• Whether use was made of figures inserted manually, and how manually inserted information was inserted into the computer system;

• How the bank takes into account guarantees provided by customers when calculating their conditional credit frameworks.

Financial fraud hit 7.5% of Americans in 2008 - Gartner Around 7.5% of US adults lost money to financial fraud last year, with a string of high profile data breaches the main cause, according to a survey from Gartner. The survey of nearly 5000 US adults shows 14% had their credit card data used, seven per cent their debit card, six per cent said a new account had been opened in their name, five per cent were the victims of money transfer fraud and four percent had cheques forged. A data breach was cited as the reason for the fraud by 19% of victims, with 16% blaming the theft of their wallet and 13% online scams such as phishing. Reported data breaches in the US during 2008 were up 47% on the previous year, to 656, of which 78 affected financial institutions, according to a recent study from the Identity Theft Resource Center (ITRC). A single breach at BNY Mellon Shareowner Services resulted in the loss of around 12.5 million records - including social security numbers, names and addresses - when a box containing unencrypted customer data tapes went missing in transit in February. In January Heartland Payment Systems revealed it has found malicious software in its processing system, potentially compromising the card data of millions of people.

Citadel Advantage



- 19 -

The Gartner survey also shows that just a third of victims report crimes to law enforcement and about five per cent contact the Federal Trade Commission. The reluctance to report identity theft related fraud may be contributing to poor conviction rates of less than 0.5%. Gartner says financial losses are highest in the case of new-account, credit card and brokerage fraud, with the average cost per incident totaling $1097, $929 and $900, respectively. Victims of brokerage, credit card and debit card account fraud find it easiest to recover their losses, receiving an average of 100%, 86% and 77% of the funds stolen, respectively. In contrast, victims of new-account fraud only recover 42% on average, for cheque forgery the figure is 48% and for checking or savings account fund transfer fraud, 54%. New-account fraud is also the most difficult from which to recover, with 35% of victims suffering further from a damaged credit rating, which can take years to restore. Gartner says that fraud victims are twice as likely to change their online banking behavior and suggests PayPal has received a "big boost" as customers concerned by security are flocking to the service. A relatively modest six per cent of all respondents say they changed banks as a result of security concerns but that number rises to 28% among victims of current and savings account transfer fraud. Avivah Litan, VP, distinguished analyst, Gartner, says: "Financial institutions that take security seriously will be rewarded with greater customer retention, which is a smart move when you consider that the cost of acquiring new customers is typically much higher than the cost of retaining existing ones."

Remittances

Bangladesh Clouds on remittance horizon Remittances have long been a principal element of the Bangladesh economy, but in the last two years, especially, with the sky-rocketing in the

price of essentials due to global commodity price rise, it has been the remittances sent back by overseas Bangladeshis that have kept the economy afloat and have made the difference for countless struggling families, especially rural ones.

Citadel Advantage



- 20 -

It is therefore critical that the government focus on remittance earnings as a bulwark of the economy, and also have in place contingency measures in case there is a significant downturn in remittance earnings, as statistics and analysts indicate may well be the case in the near future. Remittance earnings are still strong, but the rate of growth at which new job opportunities are being created is plummeting, to say nothing of the jobs that are now starting to be lost. Bangladesh has already started to see migrant workers returning due to job losses.

Uganda Business down as remittances fall Contrary to earlier perceptions that Uganda was cushioned from the effects of the global crunch, those depending on remittances from abroad are already feeling the squeeze. The World Bank says remittances from the Gulf Arab region, the lifeblood for millions in the developing world, could decline by 9% in nominal dollar terms this year, compared with a rise of 38% last year. Global remittance flows stood at $283b last year, up 7% from the year before. In the last budget, remittances from Ugandans working abroad were estimated at $1,392m in the financial year 2007/08 up from $646m in the financial year 2006/07. Jacinta Nakato, for the past five years has been relying on her son for up-keep and school fees. “Since January, even the calls are rare. My son says things are hard in the UK. He tells me to be more financially disciplined,” narrates Nakato, 56, in her modest Bombo homestead. She says he used to send 300 pound sterling (Sh1.2m) per month. But in January, he sent only sh500, 000. Salabed Branch manager, Nasser Batambuze, on William Street said, “Ugandans in the diaspora did not send back as much money as they used to between the Christmas season. Unfortunately,

the price of the US dollar and Pound Sterling rose in December, instead of falling as has been the trend.” Salabed stores in Old Kampala had used computers, bales of clothes/shoes, refrigerators and electronics dominating the items being sent back home. But the cargo manager, Hussein Juma, says what is being handled now was sent last year by ship and it will be in March when they would be able to tell whether shipping volumes have dropped. “However, the cargo delivered by air remains constant at 1.5 tons a month. And it peaks to between 2.5 tons and three tons. The stuff that comes by air is often wedding, graduation and other ceremonial items,” says Hussein. Meanwhile, trade with international financial institutions is being regarded with suspicion. Sanyu Hamida on Luwuum Street is advising her friends abroad to trade off the shares they bought on the stock exchange in 2007 because they have since plummeted to half the issue price. In town, Victoria Tavern, on Kampala Road, a popular hangout for Kyeyo returnees, has closed. A returnee, Zostin Tumusiime, author and investor in a stationary business in Kabalagala, closed business and opted to bounce back to journalism. Reliable sources in UK say there are Ugandans opting to return home as their earnings can no longer meet their needs. A freelance scribe, Jerry Mulumba, says unlike in the past, many applicants are put on a waiting list and sent away. He says since the cost of living is now too high, many Ugandans would be willingly to return home given the 3,000 pound sterling previously offered by the UK government, to any voluntary illegal immigrant going back home. However, UK-based lawyer, Magomu Mashate, says detention centers are overwhelmed with Ugandans apprehended for illegal stay. He said

Citadel Advantage



- 21 -

efforts to lure them to return home are futile as some of them do not have skills to market in the job market once they return. “Some are afraid of returning bare handed. They would rather languish in custody and tussle it out legally,” said Mashate. Meanwhile, in Dubai, Shalu, a 33-year-old Indian, paid 50,000 Indian rupees ($1,000) to an agency, which shipped him to a construction job in Dubai on what was to be a three-year contract. Last December, he was laid off after just one year. His company told him and about 250 other workers the work had dried up. As signs of a deep downturn in the Gulf states once-buoyant property market multiply, migrant workers who aren't forced to return are having problems sending money home, and their declining remittances may be a significant drag on the economies of most recipient countries in Africa and south Asia. A lavish trade and tourism hub in the United Arab Emirates, Dubai, is a prime destination for unskilled workers, many of whom spend hours on dusty construction sites, live in cramped desert labor camps and earn about 1,500 dirhams ($408.4) a month. There is no current official data on the number of migrants but Human Rights Watch estimates there are three million from India, Pakistan and Bangladesh in the Gulf Arab state, with the majority in the construction sector. The laborers, mostly from south Asia, swarm over building sites for landmarks such as the Burj Dubai, the tallest building in the world, and Dubai's seemingly endless high-rises. In return, the pay offers a better standard of living for families back home or a chance to put away savings. Workers in the Gulf Arab region sent 21% of total global remittances to south Asia last year, with their funds accounting for 63% of inflows to Bangladesh and 52% of funds to Pakistan. “There has been a fall in the number of migrant Indians employed abroad,” said

Anshuman Jaswal, an analyst at research firm Celent in Bangalore. He said remittances will remain depressed through 2009 and early 2010, putting pressure on the Indian economy and making it more difficult for it to achieve growth targets.

Zimbabwe Remittances saved the country from collapse The recent official sanctioning of foreign currency as legal tender in Zimbabwe to tackle hyperinflation is bringing into sharp relief how remittances have staved off the country's complete collapse. Before Robert Mugabe's government officially endorsed foreign currency, long queues would form outside banking halls to exchange foreign bank notes for Zimbabwean dollars, but since the use of foreign currency has been permitted the queues have shifted to commercial banks, where money transfers are processed. An executive at a commercial bank in the capital, Harare, who declined to be named, said that the bank had opened two additional counters specifically to deal with money transfers. "We would not have survived these harsh times had it not been for our son and daughter in England," Zodwa Nyathi, 58, of Cowdray Park, a working-class city suburb, said as she waited in a queue outside a commercial bank. Both her son and daughter pursued tertiary education and decided to remain in the UK after they had completed their studies. Foreign currency remittances from Zimbabweans living outside of the country - excluding hand-to-hand transfers - were expected to double in 2009 from an estimated US$361 million in 2008, according to projections by the International Fund for

Citadel Advantage



- 22 -

Agricultural Development, a UN agency dedicated to eradicating rural poverty. Other estimates have put all remittances from expatriates in Britain to Zimbabwe at about US$1 billion annually. "If this is true, it puts a new dimension on this issue - it shows that the actual Zimbabwe-origin population in the UK is much bigger than estimated, and that they are sending much more money home than we ever imagined," Eddie Cross, a prominent member of the Movement for Democratic Change (MDC) said. "This would explain where all the foreign currency that keeps this country going, is coming from; it explains why many more people are not actually dying from the present crisis in terms of hunger, malnutrition and neglect." This would explain where all the foreign currency that keeps this country going, is coming from; it explains why many more people are not actually dying from the present crisis in terms of hunger, malnutrition and neglect About seven million of Zimbabwe's official population of 12 million, or more than half the people, are receiving food aid, although this does not factor in the millions thought to have left the country in recent years.

Cross said the remittances explained the government policy of printing money, which fuelled hyperinflation and enabled the ruling ZANU-PF elite to access hard currency and fund their lifestyle. Zimbabwe's central bank estimated in 2008 that locals were spending an estimated US$950 million annually on basic commodities in neighboring states, a trend believed to have precipitated ZANU-PF's decision to dollarize after the local currency collapsed under the weight of hyperinflation, officially estimated in July 2008 at 231 million percent. Steve Hanke, professor of applied economics at the Johns Hopkins University, Baltimore, US, and hyperinflation specialist, estimated inflation in Zimbabwe at 89.7 sextillion percent in November 2008. It is thought that more than three million people - at least a quarter of the population - have left for neighboring states and further afield to Britain, the US and Australia, to escape 94 percent unemployment, hyperinflation and a humanitarian crisis at home.

African Union African Union, Nigeria plan accord on Central Bank

The African Union will sign a memorandum of understanding this month with Nigeria on the establishment of a continental central bank. The institution will be based in the Nigerian capital, Abuja, African Union Commissioner for Economic Affairs Maxwell Mkwezalamba told

Central Banks

Citadel Advantage



- 23 -

reporters today in Nairobi, the Kenyan capital. As an intermediate step to the creation of the bank, the pan- African body will establish an African Monetary Institute within the next three years, he said at a meeting of African economists in the city. “We have agreed to work with the Association of African Central Bank Governors to set up a joint technical committee to look into the preparation of a joint strategy,” Mkwezalamba said. African economies plan to integrate in order to boost economic growth and development and reduce poverty. The continent has about 13 percent of the world’s population and accounts for only 1 percent of foreign direct investment, 1 percent of global domestic product and 2 percent of world trade, according to the African Union’s Web site.

The union will appoint a steering committee within a month to work on establishing the African Monetary Fund, which will be based in Cameroon. The Addis-Ababa based African Union also expects the minimum of 15 countries to ratify a protocol establishing an African Investment Bank by December, Mkwezalamba said. African heads of state approved the protocol during their last meeting in Addis Ababa last month, while the Union and Libya signed a memorandum of understanding last year under which the North African country will host the investment bank in its capital, Tripoli, Mkwezalamba said. “The investment bank will be a clearing house facilitating African trade,” he said.

United Kingdom

UK judges to get online fraud sentencing guidance

The UK's judges should be given a thorough grounding on the computer techniques used to steal bank account and card details, according to new recommendations from the Sentencing Guidelines Council (SGC).

In a draft guideline sent to Justice Secretary Jack Straw and the Justice Select Committee, the SGC says techniques such as phishing, vishing, pharming and the use of trojans should be treated as making articles for use in fraud.

This would mean sentencing should range between two and seven years for an "extensive and skilfully planned" fraud. For lesser cases the council recommends sentencing ranging from a community order to two years in custody.

Christopher Pitchford, council member, says: "Offenders are using ever more sophisticated ways to commit fraud and this guideline offers advice to sentencers on the use of computers and technology to create and disseminate articles for use in fraud."

"Fraud is not a victimless crime. Economic crime, including the bills for detection and

Legal Issues

Citadel Advantage



- 24 -

prosecution is a huge burden on the economy," adds Pitchford.

Fraud in the UK jumped nearly 16% in 2008, with 214,342 cases identified throughout the year as recession-hit Brits turned to crime "to make ends meet", according to Cifas.

The fraud prevention service says the rise is partly attributable to a massive 207% jump in facility takeover fraud - where a third party accesses an account, usually through phishing, telephone scams or the interception of cards and statements. The number of accounts taken over rose from 6272 in 2007 to 19,275 last year.

Jack Straw himself fell victim to cybercriminals last week. His e-mail account was hacked by scammers who sent messages to hundreds of contacts asking for money.

United States

Visa sued over alleged SMS alert patent infringement

Visa has been hit with a lawsuit for allegedly infringing a patent covering the notification and authorization of transactions via text messages sent to cardholders' mobile phones. The suit has

been filed by Miami-based Charge Notification Services Corporation (CNSC), which is run by card industry veterans Ivan Ochoa as CEO and COO Daniel Davila.

According to legal newswire Law360, the firm filed a suit last Thursday in the US District Court for the Southern District of Florida, claiming Visa had advertised a service that infringed several claims of the patent.

Back in August Visa revealed plans to pilot an automated alerting system that will notify cardholders of transaction activity via SMS text message and e-mail.

It partnered PNC Bank, SunTrust Bank, US Bank, Wachovia, and Wells Fargo in the US, along with Royal Bank of Canada, TD Bank Financial and Vancity in Canada, and said at the time that it began testing mobile notifications the previous year with an internal employee pilot.

Ochoa says the lawsuit comes after CNSC spent several months trying to work with Visa "with no results".

"As Visa continues to infringe on our patent, we really must take this legal action against them to protect our business," adds Davila.

Banks must wake up to payments challenge - Boston Consulting Group

Banks around the world must take forceful steps to protect their payments businesses or risk a further dent in their profits as the financial crisis continues, according to a new report by the Boston Consulting Group. The report, 'Weathering the Storm: Global Payments 2009', says that although payments businesses have proved to be reliable revenue generators - global payments revenues hit $805.1 billion in 2008, up from $654.3 billion in 2006, and are forecast to reach $1.4 trillion by 2016 - their momentum is slowing. The darkest cloud over the industry is the steady decline in average revenues per transaction. For banks, BCG estimates that these revenues will fall from $0.94 to $0.88 for domestic payments and from $9.33 to

Citadel Advantage



- 25 -

$7.50 for cross-border payments from 2008 through 2016. According to the report, a variety of factors are contributing to price erosion and margin pressure, including regulatory pressure, intensifying competition, and infrastructure investments. The net result is higher costs, but not necessarily higher revenues. Niclas Storz, a BCG partner and co-author of the report, says banks could address the business models for retail and corporate payments separately. "On the retail payments side, the key to success will be a lean, end-to-end business model aimed at achieving the highest possible level of efficiency," he says. "On the corporate side, the key will be end-to-end service excellence rather than focusing solely on efficiency." According to the report, banks in Europe should continue to avoid massive SEPA-related investments and policymakers should stop driving payments providers into unnecessary expenditures and focus instead on other initiatives - such as setting industry standards for electronic and mobile payment instruments and improving payments inefficiencies within specific countries through incentives. Large automated clearing-houses (ACHs) in Europe are also advised to wait until it is apparent whether full SEPA will actually be achieved before consolidating volumes onto one platform. ACHs should make strategic acquisitions in order to secure volume, says BCG, but should take a wait-and-see approach before carrying out full migration. In North America, the imminent challenge for payments providers is maintaining growth amid the credit crunch. The winners, the report says, will be those banks that capture a greater share of consumers' balance sheets through loyalty strategies that offer flexible rewards tied to overall relationships. In Latin America, the main challenges are migrating consumer payment preferences from cash to cards and encouraging the adoption of cards by both unbanked and under banked consumers. The payments opportunity in the Asia-Pacific region, as in Latin America, begins with the large number of financially excluded consumers - those who do not have bank accounts. Mobile phones can thus play a game-changing role in emerging Asia-Pacific markets for distributing financial services in general - and payments specifically, says BCG.

Documents

In Focus Security Implications of the Global Financial Crisis Advantage - CA Digest _NEW_ 1… · 09.03.2011 · Threats to the Bottom Line During times of financial hardship, companies