Booklet: Retail Payment Systems
Section: Retail Payment Systems Risk Management
Subsection:
 

 

 

 

 

 

Action Summary additional information.

Financial institutions should tailor their risk management strategies to the nature and complexity of their participation in retail payment systems, including any support they offer to clearing and settlement systems. Financial institutions must comply with federal and state laws and regulations, as well as with operating rules of clearing houses and bankcard networks. From the initiation of a retail payment transaction to its settlement, financial institutions are exposed to certain risks. For individual retail payment transactions, risks resulting from compliance issues and potential operational failures including fraud are always present. Operational failures can increase costs, reduce earnings opportunities, and impair an institution’s ability to reflect its financial condition accurately. Participation in retail payment systems may expose financial institutions to credit, liquidity, and operational risk, particularly during settlement activities. In addition, a financial institution’s credit, liquidity, and operational risks may be interdependent with payment system operators and third parties.

Risk profiles vary significantly based on the size and complexity of the financial institution’s retail payment system products and services, IT infrastructure, and dependence on third parties. All financial institutions should maintain an effective internal control environment commensurate with the level of retail payment products and services offered. Effective internal controls should include financial, accounting, technical, procedural, and administrative controls necessary to minimize risks in the retail payment transaction, clearing, and settlement processes. These measures reduce operational and credit risks, ensure individual transactions are valid, and mitigate processing and other errors. Effective controls also ensure supporting IT and network infrastructure promote retail payment transaction integrity, confidentiality, and availability. Financial institutions engaging in retail payment system services should be aware of the risks inherent in the activity.

Financial institutions have always offered a variety of retail payment services; however, recent technological advances are expanding the opportunities for the development of innovative payment products and services. Financial institutions should recognize the reputation and strategic risk of newer products and services, which may lack consumer acceptance. Often, participants will also face uncertainty regarding how state and federal laws and regulations will apply to new payment systems. The ongoing shift from paper to electronic payments is increasing the participation of nonbanks in various payment functions, such as payment processing. Financial institutions should have a comprehensive and effective vendor and third-party service provider risk management and oversight program. additional information.