SPEAKER_01 0:00

Welcome to this episode of Fentcast with Jason and David. Let's jump right in to make some payments to make sense.

SPEAKER_00 0:22

Jason, you have been discussing the possibility of a podcast for some time, but why now? Hayden, it's actually twofold.

SPEAKER_01 0:29

I think the first reason is that a lot of people that we're talking to are asking the same questions in the payments industry, and I felt like a podcast was a great way to disseminate that information to the masses. Secondly, my already very limited social life has become non-existent with the coronavirus, so I find myself with extra time on my hands.

SPEAKER_00 0:52

There you go. Well, speaking of the coronavirus, we are practicing our social distancing by sitting on opposite ends of the studio just to be safe. Anyways, a little bit about me. I am a finance major in my sophomore year, so my knowledge of payments is pretty minimal. That's why Jason's gonna be the brain, and I'm gonna be the pretty face behind the mic. So, uh Jason, why don't you tell us a little bit about your background in payments industry?

SPEAKER_01 1:14

You know, Hayden, I think we're ultimately gonna have to let our listeners vote on who's got the pretty face. But I'll certainly take the title a brain. My payment experience is a little bit unique in that I've had the fortunate opportunity to play in just about every aspect of the supply chain. I started out with a cloud-based point of sale platform. We were an ISV and ultimately ended up serving as the chief technology officer of an acquirer where I was responsible for building out a full acquiring and ACH platform. And in my most recent years, have consulted for acquiring banks that either had their own acquiring program or wanted to launch one and needed help and guidance on setting it up, building it, staying compliant, and ultimately attracting the right payment partners for themselves.

SPEAKER_00 2:10

Well, Jason, I know we're going to enjoy this, but what do you hope our listeners get from this podcast series?

SPEAKER_01 2:15

I think the biggest thing is unless you're constantly ensconced in payment developments and technological updates, it's very easy to fall behind. Payments is such a vast category that covers everything from technology to security, compliance, risk, and probably my favorite topic, innovation. So I think this is a great medium to discuss some of the exciting things that are happening in the payments ecosystem and spread it to the masses.

SPEAKER_00 2:46

Awesome. Well, let's dig into our topics. Let's do it. Our first topic is the work-from-home hangover. Now, before you jump to any conclusions, this has absolutely nothing to do with drinking on the job.

SPEAKER_01 2:57

Next, we'll discuss the impact of the Finastra fallout. And for those of you not familiar with Finastra, it is not a nuclear power plant. And finally, is COVID the catalyst that contactless payments has been waiting for? Well, Hayden, after weeks of being stuck at home, I'm sure you're excited to be back in the office and get some time away from the significant other.

SPEAKER_00 3:17

Yeah, I'm super excited to get out of the house. And although our transition to a work-from-home environment was very seamless, it seems like so many companies struggled with the transition, especially their customer service departments. I personally was on hold for over an hour with my gym just to cancel my membership. Normally, this is a 10-minute interaction that ended up being a two-hour waiting game.

SPEAKER_01 3:36

Fortunately, a gym membership was one thing I didn't have to worry about. I don't know how long it's been since I've been to the gym, but it's a common theme, and I think it's very evident which companies actually took time on their business continuity and disaster recovery plans versus those that just did it as a formality. So many companies that I've reviewed as part of a PCI readiness assessment, their business continuity and disaster recovery policies. They're so focused on the technological aspects of the business and really miss key things like customer service departments and HR departments.

SPEAKER_00 4:11

Well, why do you think these companies leave critical business functions out of their continuity and disaster recovery plans?

SPEAKER_01 4:17

I think a lot of it has to do with security. Your technical staff are generally very well versed in security awareness and data security where customer service tends to be lacking.

SPEAKER_00 4:30

Aaron Powell Yeah, I know PCI compliance requires security awareness training, but it seems like so many organizations were scrambling to implement these protocols when this hit.

SPEAKER_01 4:39

And I think a lot of that is because a lot of businesses look at security awareness training as a requirement from PCI in more of a formality, right? They have to do it in order to be compliant, but the the level of effort that actually goes into training non-technical staff in security precautions is minimal. And I think this is the outcome. Barbara Corcoran, who's one of the uh my favorite sharks on the shark tank, um shortly after this happened, somebody actually hijacked her email and sent a spoof email to her assistant, and it ultimately ended up in $400,000 being wired to God knows where for a fake invoice. I think awareness, security awareness needs to be a priority and less of a formality.

SPEAKER_00 5:31

Well, in your professional opinion, how can the payment supply chain be better prepared for the unknown in the future? I think it really comes down to three things.

SPEAKER_01 5:39

Uh the first is somebody in the organization has to have a strong security awareness mindset. Uh they have to be passionate about it, right? If you're passionate about security and doing things the right way, it's easy to build programs and deploy them throughout the company. I think the second piece of it is on top of having the program, it's important to test these programs, right? Take your business continuity plans, take your security awareness plans, and actually test them with mock scenarios. What is the organization going to do in the case of an earthquake or a fire or a pandemic or uh you know who knows what other scenario, and make sure that the protocols that are in place are actually going to be sufficient in the the time of disaster. And I think lastly is automation, right? A lot of companies that are struggling with the migration to work from home, if they had better automation in, for example, your gym, right? If you could have gone online and suspended your membership for 90 days, it would have led to massively increased customer satisfaction and minimal impact to the business and the business's customers.

SPEAKER_00 6:53

Well, it looks like Finastra could have used this advice when it comes to data security and minimizing impact. No kidding.

SPEAKER_01 6:59

You want to talk about the perfect storm. Here we are in the middle of a global pandemic, and you've got London-based Finastra, the world's third largest financial services software provider, getting hacked. The impact was extraordinary. We don't know exactly what happened. There's rumors that it was a ransomware hack. But the point is, countless financial institutions around the world couldn't process their customers' wire transfers and ACH transfers. The fallout for banks that didn't have contingency plans in place was that they were left scrambling to try to figure out a backup solution in an already chaotic environment.

SPEAKER_00 7:39

But Jason, how could banks be better prepared for such a critical vendor being offline for such an extended period of time? Well, I think it's a two-fold answer, right?

SPEAKER_01 7:49

First, I think banks and the payment supply chain in general has to get better at asking tough questions. We've migrated to this climate where just because somebody has a PCI, a testation of compliance, or a SOC audit, it checks all the boxes from a critical vendor perspective. And the reality is, I think that if you're evaluating a vendor that that's going to be critical to your operations, you need to dig deeper, right? It needs to be more than just once a year you get their updated documentation. Have conversations with them on what their business continuity plan and disaster recovery strategies look like. How are they going to ensure continued operations in the time of a crisis? And I think those dialogues are missing. I think the second piece of it is regardless of how much faith you put into a critical vendor, you have to have process redundancy. There has to be a ready-to-go process so that in the event the unimaginable happens, your company doesn't suffer and you can continue to operate and you can continue to provide the services to your customers.

SPEAKER_00 9:03

You sound like you don't have any confidence that anything or anyone is safe.

SPEAKER_01 9:07

Well, Hayden, I think that's the point of this discussion, right? That's the mindset that you have to have if you're really going to be prepared for worst-case scenarios. If you're not planning for the worst and really analyzing the impact to your business when those worst-case scenarios could happen, then you're leaving gaps in your strategies and you're setting yourself up for a disaster. Critical vendors are just that.

SPEAKER_00 10:10

Jason, speaking of high touch, let's talk about something that nobody currently wants to touch, and that's cash, checks, and cards.

SPEAKER_01 10:16

Well, Hayden, I will be more than glad to take any of the cash you don't want to touch off your hands. But in all seriousness, it's it's really interesting. I have never seen more contactless payments happening than I have in the last few weeks. Every time I've wandered out to grab some groceries or food, everybody I see in line at the grocery stores, the pharmacies, they're all using contactless forms of payments now. It's really been interesting. I think this could be the start of the transition to us actually being a cashless society.

SPEAKER_00 10:51

Yeah, direct deposit seems now more important than ever with so many bank branches closed and people working from home. Absolutely.

SPEAKER_01 10:58

I think direct deposit is massively on the rise, especially with everybody working from home. And don't forget, a vast majority of the stimulus payments are going out via direct deposit. Just looking at Natcha's first quarter uh results that were recently released, there was a 7.1% increase, over 6.4 billion items processed through the ACH networks. Um 42% increase in same-day ACH payments. And I think a lot of that has to do with the fact that the cap on same day has just been increased to 100,000. A lot of people are saying that those numbers are gonna go down in the second quarter. I think with the the stimulus payments and the fact that nobody is getting or wants to get a paper check anymore, those numbers are actually gonna skyrocket.

SPEAKER_00 11:49

Do you honestly believe that COVID is gonna be the catalyst that contactless payments needed in the United States?

SPEAKER_01 11:56

I actually do. Um I think the the you know the big problem with contactless payments up until this point is there hasn't been a need for it, right? I've always had the philosophy that if it's not broken, don't fix it. And I don't know about you, but my credit card always swiped fine everywhere that I went. I agree with you there, Jason. So, you know, I I think until there's a an actual need for change and an opportunity to retrain customers, that the vast majority of the population isn't gonna be early adopters and just migrate to contactless. Like I said, I'm seeing more and more contactless payments happening every time I leave the house. And I think that trend is gonna continue. And I think with the the current pandemic that we're experiencing, it it is a valuable opportunity to retrain consumer behavior, and I think the outcome of it is that people are gonna get more and more comfortable with contactless. I think more and more people are setting up contactless payments on their uh smart enabled devices, and I think it's gonna it's gonna be the tipping point.

SPEAKER_00 13:06

Yeah, I'm really excited to see Apple and Google's updated contactless payment solution statistics in the coming months. All right, Jason, it's time to make payments make sense. Give me the takeaways.

SPEAKER_01 13:18

Well, Hayden, first, don't treat business continuity and disaster recovery as a formality. Embrace it. Banks, you need to inspect what you expect from your critical vendors. And lastly, if your payment solutions aren't contactless enabled, use this time to fix that.

SPEAKER_00 13:35

Thanks for joining us today. And if you've got a topic you would like us to discuss, follow and message us on social media at SenseChat, and as always, we would love your feedback. Aiden out.