Srejber: Vulnerabilities in the modern payment system
Introduction
An extremely large amount of payments are made in any modern economy. In Sweden, the turnover in our payment system amounts to around SEK 1,290 billion a day (broken down into securities trading SEK 500 billion, card and credit transfers SEK 30 billion, foreign exchange trading SEK 390 billion, interbank payments SEK 350 billion and cash payments SEK 10 billion). Thus, in around two days the turnover corresponds to the value of the entire Swedish GDP in one year. It is therefore no surprise that we consider it important to examine possible vulnerabilities in the system and how we can reduce them.
One of the more obvious examples of the vulnerability of the system is the many cash transport robberies in recent years, where large amounts of cash have been stolen. However, cash is only one of many ways that payments can be made and cash transports comprise a small part of the infrastructure required to ensure the payment flows in Sweden run smoothly. While a tiny fraction of the payments is made by cash, the remainder is made electronically. However, as we know, computers also have their weaknesses. This became apparent in 2000, when both the Riksbank’s system for large-value payments, RIX, and Nordbanken’s internal computer system suffered short-term problems at different points in time. These conventional crises could turn into a financial crisis in the payment system, which is a subject in itself. However, my speech today is limited to conventional vulnerabilities.
RIX links together the banks and certain other financial agents so that they can quickly and simply make payments to one another, and it has a turnover of around SEK 500 billion a day. The problem with the Riksbank’s RIX system meant that a number of payments had been erroneously made several times over. This double entry meant that the banks had incorrect balances on their accounts in RIX, which created problems at the end of the day, as banks with a negative balance must borrow money overnight from those with a positive balance. This in turn entailed a disturbance in the functioning of the very important money market, that is, the market where the banks borrow money in the short term. When the error was detected the contingency routines were implemented, which meant that payments could be made without being entered more than once. The problem was due to an error in the communications system that links the banks to RIX. It took a total of five days to find the fault and implement a new solution.
Nordbanken’s problems meant, amongst other things, that it was impossible to compile the bank’s normal background data for customer payments. Outwardly this was noticeable in that customers experienced problems using Nordbanken’s bank cards and through delayed payments. However, it was possible to limit the damage since the system functioned from time to time and the contingency communications system was working. The problems were partly due to faulty software in the system. The problems began between Christmas and New Year 2000 and were not entirely resolved until 3 days into the new year.
Afterwards, we can note that the consequences of these two problems were slight and that the existing contingency routines were sufficient to limit them. However, both examples show how important it is to have preparations that enable operations to continue, despite various types of disruption. The cost of creating an entirely resilient system must at the same time be balanced against the cost of having a slightly less resilient system and instead having good contingency routines that can be implemented when problems arise. I will return to the work on creating resilience in the system. Firstly, I shall describe how the financial infrastructure functions in practice and the importance of crisis recovery planning.
The functions of the payment system
To provide an idea of the extent and complexity of the payment system, I will give you a concrete example. The Swedish Social Insurance Administration pays out billions of kronor every month in pensions. In theory, it would seem like a fairly simple process for them to send money to Ingrid, aged 93. However, if we describe the entire chain, from the Swedish Social Insurance Administration beginning the payment process until Ingrid actually has the money in her hand, there is a fairly substantial amount of infrastructure, infrastructure communications and payment flows required. In addition to the basic infrastructure of electricity, telecommunications and post, the computer systems at the Swedish National Debt Office, the banks, the Riksbank and the Bankgirocentralen are used to implement ordinary, simple pension payments.
In order for Ingrid the pensioner to receive her pension, the social insurance office sends a payment order to the Swedish National Debt Office and one to the banks the Swedish Social Insurance Administration uses to execute its payments. It is the Swedish National Debt Office’s job, in its role as bank to the central government, to pay pension money to a number of banks as instructed by the social insurance offices. These banks in turn distribute money to the pensioners’ accounts in their own banks, if the pensioners have bank accounts there. For those pensioners who have accounts in banks other than those with which the Swedish Social Insurance Administration has an agreement, the money is forwarded to these banks through Bankgirocentralen. The pensioners who do not have a bank account at all are instead given a payment slip that can be redeemed at any bank or at Svensk Kassaservice.
The Swedish National Debt Office makes the payment of pension funds by temporarily, over the day, using its credit with the Riksbank. This debt must be repaid before the end of the day as the Riksbank may not finance government expenditure. The Debt Office therefore borrows money on the money market towards the end of the day. This money is deposited in the Swedish National Debt Office’s account with the Riksbank, through the RIX system, which sets the Debt Office’s account to zero before the end of the evening.
Bank A, which is the final instance to pay out Ingrid's pension, will require cash, which in turn is ordered from the Riksbank. The payment for the cash is made by Bank A withdrawing money from its account with the Riksbank via the RIX system. After this, Bank A can collect money from a cash depot with the aid of a cash-in-transit firm, which distributes cash to the banks/ATMs and to Svensk Kassaservice.
It is only after all these stages that Ingrid can collect her pension in cash from a bank, Svensk Kassaservice, rural postman or through a debit card in a supermarket. These payments of cash in themselves generate a new flow of information through the same and other infrastructures.
This example, which is very simplified, and not in any way exhaustive, shows that complex planning, infrastructure and timing of the payment flows and information flows is necessary to make even simple and foreseeable payments.
In this example the payment orders and money flow between the Riksbank’s RIX system, Bankgirocentralen, the banks and the Swedish National Debt Office. These agents, together with VPC AB (the Swedish central securities depository) and the Stockholm Stock Exchange, account for the central parts of the payment system. Payment information is sent between the participants through the SWIFT communications system. The Riksbank’s RIX system is the central point on which most payments and payment methods are dependant. This applies to cash payments, card payments, credit transfers, interbank loans, payments of transactions in securities and foreign exchange, etcetera.
What I have just described is part of the central financial infrastructure about which most people know very little and see very little – it just exists and is expected to work. The banks are responsible for a large part of the infrastructure that meets the general public, for instance, through ATMs. In recent years, however, the general public has also become part of the infrastructure in that our own private computers can communicate with the banks' Internet banks.
The importance of crisis recovery planning
Today it is a matter of course for us to have access to different types of payment services. It is therefore easy for us to forget how complex and time-demanding it would actually be if we were suddenly forced to make cash payments directly to all those we need to pay money. Personally, I have many suppliers that I would need to visit at the end of every month to pay my bills. I would need to go to Fortum to pay for electricity network charges and gas, and to travel to Kiruna to pay the TV and radio licence just to give two examples. Moreover, if it was not possible to use cash, I would need to work somewhere that provided my salary in a form that my suppliers would accept as payment. These ideas may seem alien to us, but in many countries the majority of all payments are made in cash. It can also be the case that confidence in money in the economy collapses to such an extent that bartering is almost the only thing that works. This happened, for example, in Argentina a couple of years ago.
The economy is thus dependant on the payment system functioning efficiently to maintain welfare and growth. Without an efficient payment system the economy would collapse. Of course, it is not possible to quantify the total contribution of the current payment system to the economy in a meaningful way. However, Nils Lundgren presents an intellectual experiment in his article “The financial sector’s economic significance”. In this, the Swedish payment system of the 1990s is replaced by the way things worked in Sweden in the 1950s. The experiment shows that the extra work this would require from the Swedish people corresponds to a labour cost of 7 per cent of GDP a year, which is around SEK 190 billion a year.
What I want to illustrate is that it is important to protect the entirety, so that we can continue using the services that are so important to the Swedish economy, all the way down to the individual level. This is where the Riksbank, together with other authorities and organisations, comes into the picture. We work on preparations to create resilience and contingency solutions, which is called business continuity planning by those who work with these issues. The planning with regard to what to do when problems arise is called crisis recovery planning. This entails using contingency routines to maintain the capacity to make payments, which does not necessarily mean that the function needs to be maintained in all parts of the payment system. It may be a good idea to have contingency solutions that are entirely independent of the regular system.
Given the important function of the payment system in society, priority must be given to investment in building up resilience and managing crises. However, at the same time, these investments must be constantly balanced against the aim that the system should have the functions that are in demand and it should be cost-efficient to society. For instance, the aim for the Riksbank's business continuity and crisis recovery planning is that it should be at a level that provides a sufficiently stable system, but still be cost efficient.
Several authorities and private companies own and have responsibility for the payment system infrastructure. These different agents may have different opinions as to what level is most appropriate for business continuity and crisis recovery planning.
The Riksbank’s tasks
The Riksbank’s role with regard to business continuity and crisis recovery planning can be divided into two areas. One of these concerns our role in mediating cash and payments and the other is our role of overseeing financial stability. With regard to the first role, the Riksbank issues banknotes and coins. We are also responsible for the system that makes large-value payments between the banks and for lending money intraday so that these payments can be made. The business continuity and crisis recovery planning for cash management is aimed at security for values and personnel and also reliability of supply. With regard to the RIX system, the business continuity and crisis recovery planning are aimed at being able to continue activities despite problems. It is also a question of maintaining a capacity to trace and remedy faults.
The ultimate purpose of the Riksbank’s role as overseer of financial stability is to prevent both conventional and financial crises in the financial system. In concrete terms, the work entails following developments in the financial sector in the short term, primarily in the major banks, and working with structural changes, crisis management and regulation.
An important part of the Riksbank’s work in this field concerns cooperation with other authorities and companies in the financial sector.
The importance of cooperation between authorities and private agents
There is considerable common interest in creating resilience in the financial sector, which is based on the agents’ dependence on one another. The entire system is dependent on the general public having confidence in the payment system as a whole. Cooperation between the agents in the financial markets is necessary to find joint solutions and to be able to benefit from economies of scale. Moreover, it is important to ensure joint basic conditions, such as access to electricity, telecommunications, fuel and water.
The Riksbank has actively conducted discussions in various contexts for some years now to disseminate information on how the payment system functions and how individual agents’ attitudes to business continuity and crisis recovery planning affect the system as a whole. These discussions have mainly been conducted in three contexts. One of them is the cooperation for economic security (SOES), which is called together by the Swedish Emergency Management Agency and where the participants include the Riksbank, Finansinspektionen (the Swedish Financial Supervisory Authority), the Swedish Social Insurance Administration and the National Labour Market Board. Another is the financial sector’s private-public sector cooperation body (FSPOS) that is called together by Finansinspektionen and consists of representatives of the Riksbank, Finansinspektionen, the Swedish Bankers’ Association, independent savings banks, securities companies and insurance companies. The third discussion forum I would like to mention is the reference group for the payment system called together by the Riksbank and consisting of representatives from VPC AB, Bankgirocentralen, Stockholm Stock Exchange, the major banks and the Swedish Bankers’ Association.
Part of the work in these working groups has entailed charting the flows and the infrastructure of the payment system. The charting process began as an internal project at the Riksbank, with a general review of the payment system’s basic conditions, agents and services. This has since functioned as a basis for discussion and as reference material for other working groups to make a more in-depth survey of some representative payment services. One example is the flow chart of the Swedish Social Insurance Administration's pension payments that I have spoken of today. Other payments that have been charted are credit transfers and payments for securities.
The general conclusion reached by most participants in these discussions is that each organisation has a responsibility for supplying its services in accordance with the agreements it has with its customers. This responsibility includes solving crises internally and cooperating with those the organisation is dependent on to be able to supply their services. The discussions have also increased awareness that everyone in the chain must have a reasonable level of business continuity and crisis recovery planning and that cooperation may be necessary to safeguard common interests.
It has not yet been decided how these discussions will continue. One possibility could be to discuss the consequences of part of the infrastructure being temporarily out of order, and how the negative effects of this could be limited. The focus on consequences means that it would be possible for the business continuity and crisis recovery planning to manage a large percentage of possible crisis scenarios.
Summary
A payment system with effective resilience to shocks is of critical importance to the economy and to society. However, the resilience of the payment system depends on investments from individual agents, which each have their own objectives rather than those of the economy as a whole. This makes it important for the Riksbank to participate and work to ensure that the resilience of the payment system as a whole remains on a reasonable level with regard to the social economy.
There is some gain for the commercial organisations to have a good resilience to shocks as recurring disruptions at one agent will lead to customers changing to a different agent. This also means that it is rational to invest in cooperation with those on whom the agent is dependent to supply its service.
One can reason in a similar manner with regard to the resilience of the system as a whole. The advantages of an improvement in the resilience of the payment system will benefit everyone, but to achieve a sufficiently strong resilience it is necessary to cooperate. Here the Riksbank and other authorities have an important task in explaining and acting as catalysts for cooperation.
