What was worth reading this week? March 3

PAYMENTS & FINTECH

The European Payments Council has expanded SEPA's reach to North Macedonia and Moldova, bringing the payment network to 40 countries. This strategic enlargement enables seamless SCT, SCT Inst and SDD transactions across a broader European landscape. Financial institutions from these nations can join from April 2025, with full operational capability commencing 5 October 2025.

Expedia Group is introducing Flex Pay, a BNPL solution developed by Upgrade, for cruise bookings across its brands. This allows travellers to finance their cruises in monthly instalments over 3 to 24 months, enhancing affordability and flexibility for over 20 cruise brands available on Expedia's platforms.

Klarna is set to file for a US IPO, aiming to raise at least $1 billion and target a valuation of over $15 billion on the New York Stock Exchange. The listing, expected to price in early April, marks a significant move for the Swedish fintech giant, which has filed confidentially with the SEC and is working with major banks like Goldman Sachs and JPMorgan Chase.

Nine major UK banks, including Barclays, HSBC, and Lloyds, faced over 33 days of IT disruptions across 158 incidents since January 2023, affecting millions of customers. Common causes include third-party failures and software glitches. Barclays alone may pay up to ￡12.5 million in compensation for outages, highlighting the need for robust systems and swift customer communication during failures.

The UK's Payment Systems Regulator (PSR) has found that the market for card scheme and processing services is not functioning effectively. The PSR identified issues with competition, transparency, and innovation, which can lead to higher costs for merchants and consumers. It plans to address these concerns through regulatory measures to improve market efficiency. Consultation on potential remedies to follow.

Google Wallet opened up for Least-Cost Routing in Australia, Enabling Merchants to Save 20% on card fees by using the local eftpos network run by Australian Payments Plus. This feature can significantly reduce interchange fees, benefiting businesses by increasing profit margins and enhancing payment efficiency.

Wizz Air has partnered with Revolut to offer one-click payments via Revolut Pay in the WIZZ app, enhancing checkout efficiency and security. Users can earn RevPoints, redeemable for discounts or air miles, while benefiting from competitive fees and high authorisation rates. This collaboration aims to boost customer loyalty and streamline transactions.

Visa's Tap to Phone technology has seen a 200% global uptake and a 300% surge among UK small businesses over the past year. This innovation empowers micro-sellers and SMEs to accept contactless payments via NFC-enabled smartphones, making it an accessible solution for new businesses to start accepting payments instantly

Citigroup experienced a "fat finger" error, briefly crediting a client account with $81 trillion instead of $280. The mistake was caught and reversed without any funds leaving the bank. This incident highlights the importance of robust controls and automation to prevent such errors, which can have significant consequences if not detected promptly.

Temu has partnered with Canadian fintech Nuvei to expand global payment options, offering customers seamless, secure card payments and hyper-localised methods like iDeal in the Netherlands and MBWAY in Portugal. This integration enhances e-commerce convenience and supports Temu's international growth, with plans to extend payment solutions to Colombia, Chile, and Canada in 2025.

ARTIFICIAL INTELLIGENCE

Skyfire Payments Network has exited beta, offering a platform for AI agents to execute transactions securely and efficiently. This network enables AI-driven entities to manage payments autonomously, leveraging blockchain technology to ensure transparency and reliability. It aims to facilitate seamless interactions between AI systems and financial services. (Skynet? ??)

Combating AI over-reliance in fintech requires a balanced approach, integrating AI-driven efficiency with human oversight. This hybrid strategy mitigates errors and ensures ethical decision-making, fostering more reliable financial systems. By combining AI capabilities with human judgment, fintech can harness the benefits of automation while maintaining control and accountability.

OPEN BANKING

Unzer has partnered with Mastercard to launch an open banking payment system, enabling seamless, secure transactions across Europe. This integration allows merchants to accept account-to-account payments, providing consumers with an alternative to traditional card payments. The collaboration enhances payment flexibility and reduces transaction costs for businesses.

The Payments Association's 2025 Manifesto proposes 66 policies across regulation, ESG, financial crime, inclusion and open banking. It urges the UK government to modernise payments infrastructure, tackle economic crime, and embrace digital currencies to prevent falling behind the US and EU. The manifesto aims to maximise economic potential while ensuring consumer protection in an inclusive society

CRYPTO & ALL THAT JAZZ

BVNK has launched an embedded wallet that integrates fiat and stablecoin payments, offering access to major blockchains and payment schemes like Swift and Ethereum. The wallet allows customers to store, spend, and exchange between stablecoins and fiat, with auto-conversion features to simplify transactions and reduce the need for businesses to hold crypto assets

The Bank of Israel has unveiled a high-level design for a potential digital shekel, a multipurpose CBDC available to the public, including foreigners and businesses. It would offer immediate and final payments, offline capabilities, and interoperability with other systems. The central bank invites feedback but has not yet decided on a rollout.

The Trump administration has signalled a shift towards deregulation in the US crypto market. The SEC has clarified that meme coins are not securities and has dropped several crypto-related investigations. This move aligns with Trump's pro-crypto agenda, though it raises concerns about potential conflicts of interest and regulatory oversight.

The US SEC has clarified that meme coins are not considered securities, as they lack yield and do not convey rights to future income. Transactions involving meme coins do not require SEC registration, though they remain subject to other regulatory scrutiny for fraudulent activities

Bank of America is poised to launch its own dollar-backed stablecoin if US lawmakers legalise it. CEO Brian Moynihan expressed readiness to enter the market, likening stablecoins to foreign currencies. The move hinges on legislative approval, with the Genius Act potentially paving the way for stablecoin regulation within the administration's first 100 days.

An Ethereum researcher, Malik672, has proposed a decentralised block proposal system to address centralisation issues and eliminate Maximal Extractable Value (MEV). The solution uses a shared random algorithm and Byzantine Fault Tolerance, aiming to democratise block building and accelerate transaction propagation, aligning with Ethereum's trustless ethos.

Brazil's Central Bank has released findings from its Drex CBDC pilot, highlighting challenges in balancing privacy, programmability, and oversight. Advanced cryptography can protect user privacy but complicates regulatory monitoring. The project is moving into a second phase to address these issues, emphasizing collaboration and security over rapid rollout. (For the report in Spanish, see https://www.bcb.gov.br/content/estabilidadefinanceira/real_digital_docs/piloto/Relatorio_Drex_piloto_fase_1.pdf)

FRAUD & SECURITY

Brazil's Central Bank has tightened security rules for Pix, its instant payment system, to combat rising fraud. New measures include enhanced authentication and verification processes, aiming to protect users from scams and ensure the system's integrity. This move reflects the bank's commitment to maintaining trust in Pix, which has seen rapid adoption across Brazil.

Savings accounts are increasingly being exploited for mule-linked activity, with criminals using them to launder illicit funds due to their perceived lower scrutiny compared to current accounts. Financial institutions are urged to strengthen monitoring and detection systems, as well as enhance customer due diligence, to combat this growing threat in the payments ecosystem.

The Financial Services Information Sharing and Analysis Center (FS-ISAC) has issued guidance to help the payment card industry mitigate quantum computing risks. As quantum computers could break current encryption methods, FS-ISAC advises implementing quantum-resilient cryptography, strong access controls, and robust monitoring to ensure ongoing security in the post-quantum PCI ecosystem.

The US Consumer Financial Protection Bureau has dropped its lawsuit against JPMorgan Chase, Bank of America, and Wells Fargo over allegations of allowing widespread fraud on the Zelle platform. The case, which claimed customers lost over $870 million, has been dismissed with prejudice, meaning it cannot be reopened.

Scammers are using the Docusign API to send phishing emails impersonating PayPal, bypassing security filters by leveraging genuine Docusign accounts. These emails often report unauthorised transactions and provide a phone number for "refunds," but red flags include Gmail addresses for customer care. Docusign closes suspicious accounts within 24 hours of detection.

A UK Bitcoin ATM operator has been sentenced to four years in prison for operating unregistered crypto ATMs despite being refused FCA registration. He was also convicted of forgery and possessing criminal property. This marks the UK's first criminal sentencing for unregistered crypto activity, underscoring the FCA's crackdown on non-compliant operations

Lloyds Banking Group has secured a patent for its Global Correlation Engine (GCE), a cybersecurity tool that uses algorithms to identify genuine threats while reducing false positives. The GCE analyses alerts from various cybersecurity technologies to pinpoint common attributes and trends, enhancing threat detection and customer protection

The US Treasury has halted enforcement of the Corporate Transparency Act for domestic businesses, citing regulatory overreach and support for small businesses. The law, aimed at combating money laundering, requires disclosing beneficial owners. The decision reflects a broader policy shift to balance financial oversight with economic growth, with potential revisions targeting foreign entities instead.

PayPal is transitioning from two-factor authentication (2FA) codes to a single-step login process. This change aims to enhance user experience by simplifying security measures, potentially leveraging more advanced authentication technologies to maintain robust protection without the need for additional verification steps.

The PCI Security Standards Council has released a new FAQ clarifying eligibility criteria for SAQ A under PCI DSS v4.0.1. It explains how e-commerce merchants can confirm their sites are protected from script attacks, either by using specific security techniques or obtaining confirmation from compliant third-party service providers.

DIGITAL IDENTITY

The City of London's Innovation Forum (CITF) has proposed a digital company ID system to combat UK fraud. This initiative aims to verify businesses' identities, reducing the risk of impersonation and scams. By enhancing trust and transparency, the system could significantly slash fraud levels and protect both consumers and businesses in the digital economy.

India has launched the Aadhaar Governance Portal to streamline authentication processes, enhancing access to welfare benefits and public services across sectors like healthcare, education, and e-commerce. Featuring expanded face authentication capabilities and simplified onboarding for private entities, the portal marks a significant step in digital transformation while raising questions about compliance with Aadhaar’s voluntary nature and potential commercial applications.