www.AFPonline.org Copyright 2014 Association for Financial Professionals, Inc.

All Rights Reserved Page 1

Payments
May 2014
AFPYour Daily Resource
Obey or Pay: Its Time for
Treasurers to Act on FATCA
Andrew Deichler
In the May Payments
This month, we bring you exclusive coverage of the recent AFP Treasury Advisory
Group (TAG) Meeting and the 2014 AFP Retail Roundtable, both of which were
held this month in Dallas. The Foreign Account Tax Compliance Act (FATCA) was
a major topic of discussion at the TAG meeting, with the July 1 deadline a little
over a month away. Also discussed were the security measures that treasurers are
taking in the wake of the massive Target breach. A major topic of discussion at the
Retail Roundtable was the EMV liability shift, slated to occur in 2015. However, as
one retail treasurer pointed out, if your business does not incur a large amount of
fraud, the shift is not something you need to worry too much about. Also, we bring
you more coverage from the recent NACHA Payments conference, including a
write-up of the discussions around modernizing the U.S. payments system, and an
in-depth look at Canadas anti-money laundering laws.
s
Continued on page 2
With the Foreign Account Tax Compliance
Act (FATCA) scheduled to take effect on
July 1, many treasury departments are mak-
ing sure they know what they need to do
to comply. Not surprisingly, the law was a
major topic of discussion at the recent AFP
Treasury Advisory Group meeting in Dallas.
FATCA basics
FATCA imposes a 30 percent withhold-
ing tax on payments of American-source
xed, determinable, annual or periodical
(FDAP) income paid to certain foreign
nancial institutions (FFIs) and some
nonnancial foreign entities. S. Michael
Chittenden, a senior associate with Miller
& Chevalier who spoke to the TAG at-
tendees, joked that FATCA is basically
extortion, as the U.S. government is
essentially saying, If you dont give us the
information on your U.S. customers, were
going to take 30 percent of all of your U.S.
source earnings.
In the future, it will only get tougher for
companies, added Chittenden. Effective in
2017, the government will take 30 percent
of the gross proceeds from the sale of as-
sets that produce U.S.-source interest and
dividends. As an example, lets say you
bought $100,000 of IBM stock as a nan-
cial institution, he said. You sell it a few
years later for $50,000 because something
really bad happened to IBM. The federal
government would take $15,000 of that,
leaving you with $35,000 of your original
$100,000 investment.
Earlier this month, the Internal Revenue
Service (IRS) announced that 2014-2015
would be treated as a transition period
for FATCA. Still, Chittenden is wary of
this grace period and advises nonnancial
companies to keep working to comply
under the original timeline.
Speaking from a legal perspective and
as someone who works with companies
when the IRS comes knocking to impose
penalties, we dont like this very much at
all, he said. Its a very nebulous standard;
its up to the agent to decide whether or
not you complied in good faith. You prob-
ably are going to have to go to appeals and
ght about it, which involves hiring law-
yers. So basically, keep working, and try
to comply. This did not delay the effective
date of FATCA. It is still effective July 1.
First steps
Companies should begin by reviewing
their entire organizational chart for poten-
tial foreign nancial institutions (FFIs),
including corporate afliates, partnership
interests, and branch operations. Because
of the deadline for registering the FFIs,
you have to start by documenting all your
foreign entities, said Chittenden.
It is important that every organization
consider who is in their expanded afli-
ated group (EAG). These are all the entities
that share:
50 percent of the value and 50 percent
of the prots (for corporations)
50 percent of the value or 50 percent
of the prots (for partnerships)
50 percent of the benecial interest
(for trusts).
Not an AFP Member? Join today. wwwAFPonline.org
Page 2 Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved May 2014
Payments
Published by the Association for Financial
Professionals, Inc.
Editor
Andrew Deichler
President and CEO
James A. Kaitz
Managing Director, Communications
Elizabeth Johns
Editorial Manager
Ira Apfel
Publications Manager
Amy Cooley
Payments Editorial Advisory Board
Fred Buttereld, CTP
Trust Company of America
Anand Goel
Optimized Payments Consulting

Katria Kowal, CTP
AFP Board of Directors

Sharon Petrey, CTP
The Coca-Cola Co.

Chuck Phipps, AAP, CTP
NetSpend Corporation
Cristina Pintado
Deutsche Bank
Randy Sabett
ZwillGen, PLLC
Claudia Swendseid
Federal Reserve Bank of Minneapolis
Advertising
Advertise in Payments to reach out to
decision makers seeking new payments
technology. To reserve space today, contact
the AFP Sales Team at 301.961.8833.
Subscriptions
www.AFPonline.org/newsletters
Copyright 2013 Association for Financial Profession-
als, Inc. Copying and redistributing prohibited without
permission of the publisher. This information is provided
with the understanding that the publisher is not engaged in
rendering legal, accounting or other professional services.
If legal or other expert assistance is required, the services
of a competent professional person should be sought.
Association for Financial Professionals
4520 East-West Highway, Suite 750
Bethesda, MD 20814
Phone: 301.907.2862
Website: www.AFPonline.org
Email: AFP@AFPonline.org
Blog: http://blogs.afponline.org/Payments/
Twitter: http://twitter.com/afponline
LinkedIn: http://www.linkedin.com/companies/
association-for-nancial-professionals
Join the Distribution List
Each month, Payments will bring you timely
news on payments. Sign up today
at http:www.AFPonline.org/afppayments.
Obey or Pay: Its Time for Treasurers to Act on FATCA continued
AFP Seeks Board of Directors Candidates
Interested practitioner members in nancial planning and analysis (FP&A),
corporate nance or treasury should submit the following information to AFP:
Biographical sketch containing relevant volunteer experience, especially
experience serving on AFP committees, task forces or regional association boards
Resume, including a brief overview of current responsibilities
Letter of recommendation from an immediate supervisor, as well as information on
the candidates employer, such as an annual report.
Candidates with treasury, corporate nance or FP&A experience, those with
international expertise, as well as CTP/CCMs are encouraged to apply.
Mail applications to:
AFP Nominating Committee
AFP, 4520 East West Highway, Suite 750, Bethesda, MD 20814
or email to driggs@AFPonline.org
If you have questions, please call AFPs Executive Ofce at 301.907.2862
or e-mail driggs@AFPonline.org.
Deadline: June 6, 2014
EAGs that contain FFIs may have registration requirements and due diligence require-
ments for any accounts that they maintain.
Because local banking laws in foreign jurisdictions may prevent FATCA compliance, the
U.S. Treasury Department has been working with more than 80 countries on intergov-
ernmental agreements (IGAs), which are similar to treaties. More than 30 countries have
signed an IGA, and about another 30 are treated as having one in place.
These agreements primarily affect the obligations of FFIs, but can also have an impact
on U.S. withholding agents. For example, some payees in IGA jurisdictions will have a
different Chapter 4 status than they would under the [FATCA] regulations, Chittenden
said. So when youre going through your chart and looking at all your afliates, if theyre
in an IGA jurisdiction, you might need to look at the IGA to gure out whether or not
theyre an FFI. We have clients who, under the regulations, would have an entity thats an
FFI but under the IGA its not.
Times almost up
In many companies, tax has been taking the lead on FATCA, and many TAG members
noted that their tax groups are. However, others revealed that their tax departments have
taken a hands-off approach. My tax department thinks its not a big deal, said a treasurer.
Another treasurer said that his companys tax department is not doing anything at all
about FATCA. Regardless, treasurers need to be involved and if necessary, take the reins.
The reality is, youre going to have compliance problems, and youre going to have 30
percent withholding stuck on you if you dont [comply with FATCA], Chittenden said. So
its really important that treasury get buy-in from the very top; that the general counsel cant
come in and demand you send money immediately without any documentation. You just
cant do it. The treasury clerk who is wiring the money has to be empowered to say, No. s
www.AFPonline.org Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved Page 3
Continued on page 4
Issued by HSBC Bank Canada
*As measured between 15 July 2013 and 31 December 2014.
**Available to qualifying new and current HSBC customers, subject to credit approval.
WEVE DOUBLED OUR
COMMITMENT TO
HELPING BUSINESSES
GROW INTERNATIONALLY.
In 2013, HSBC provided Canadian businesses $1 billion to help
unlock the potential of international markets. In 2014, were
doubling this funding so we can help more companies realize
their expansion goals.*
Why not see where $2 billion could take your business?**
Visit hsbc.ca/seeit for details.
If you see it, we see it.
Fear of the
Unknown:
EMV Tops
Retail
Treasurers
Concerns
Andrew Deichler
Treasurers at the 2014 AFP Retail Round-
table in Dallas said that their biggest
concern is EMV migration. The retail
treasurers cited cost, customer resistance,
and nagging doubts that switching to the
chip-and-PIN equipment is the right tech-
nology to ght future fraud attempts.
The retail treasurers concerns were
heightened by the EMV liability shift com-
ing in October 2015. That shift, which
places more of a burden on retailers, has
some treasurers at the Retail Roundtable
making plans to change over to EMV in
the next year or so. One treasurer for a
major restaurant chain said that migrat-
ing to EMV depends on how much you
fear the liability shift. Big box retailers
generally see a lot of fraud, so if they do
not make the transition, they will see
substantial fraud costs shift to them, he
pointed out.
Conversely, retailers that do not see
much fraud are less concerned with the
October 2015 deadline. Restaurants, the
aforementioned treasurer explained, typi-
cally have very low fraud rates. A lot of
big box retailers would kill to have our
fraud rate, he said. Moreover, there is no
actual requirement to move to EMV.
The treasurer added that most retail-
ers will eventually make the shift, but the
retailers with low fraud risk will likely be
late adopters. Regarding EMVwere all
going to have to do it. The only variable is
when, he said.
Outdated technology
One of the arguments against imple-
menting EMV is that it is 30-year-old
technology. It is much more secure than
magnetic-stripe cards, but not a particu-
larly innovative solution. Some retailers
are looking at mobile instead as a more
effective tool to combat fraud at the point
of sale.
Page 4 Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved May 2014
CTP, Certied Treasury Professionals and the CTP logo are registered trademarks of the Association for Financial Professionals. 2/14.
Showcase your expertise.
Improving collection
and disbursement
processes
Managing cross-border
funds movement
Mitigating payment
risk exposures
P P P
Become a CTP.
www.CTPcert.org
The problem is, mobile is still new. But
mobile as a fraud-ghting tool is better
than a card with a chip in it, said the res-
taurant treasurer. He believes it is unlikely
that a large percentage of retailers will be
EMV-compliant by October 2015. Perhaps
the deadlines will be pushed back, he said.
But mag stripes will remain on cars for a
long time, probably 10 years or more.
Contactless cards
One treasurer for a major sporting goods
retailer was curious whether there might be
any interchange discount for retailers who
have EMV capability by 2015. Will Visa
and MasterCard provide one? she asked.
I wont believe that until I see it,
replied the restaurant treasurer. He noted
that his company tested contactless cards
nearly a decade ago. A lot of the same ar-
guments being made for the security that
EMV provides were being made about
contactless cards back then. There was
never a discount for contactless, he said.
We ended up taking it out several years
later because no one is using it.
Meanwhile, the treasurer for a major
drug store chain noted that his company
also implemented contactless card termi-
nals and the results were the same. We
also took them out because they werent
being used, he said.
The restaurant treasurer added that
retailers who elect to take contactless pay-
ments at their establishment are going to
accept mobile payments as well. Contact-
less terminals cant distinguish between a
contactless card and phone-based NFC,
he said. Youre selecting a mobile solu-
tion, like Google Wallet or Isis. If you
enable contactless for plastic cards, youre
enabling mobile payments.
It is for that reason that some retailers,
including 7-11 and Best Buy, have
stopped accepting contactless cards;
they didnt want mobile solutions in
their establishments.
Retraining consumers
Treasurers at the Dallas event agreed
that the lack of customer adoption for
contactless cards could be an indicator
of how EMV adoption could play out for
consumers. In their experience, consumers
generally dont want to have to do some-
thing new when paying.
Shifting to EMV, then, not only would
require an investment for retailers in
technology and staff training; it will require
them to train consumers. Everyone is fo-
cused on putting terminals in, getting cer-
tication, the hardware, said one treasurer
at the Retail Roundtable. But another
problem is American consumers are
going to have to be retrained to put their
card in, leave it there, enter their PIN, etc.
About 150 million people used to swiping
a card are going to have to be retrained.
The treasurer added that most retailers
probably have one group focusing all of
their efforts on EMV, with another group
working on a mobile solution. That mobile
solution might ultimately create a very
differentand preferableexperience
for the consumer than using a chip card.
If consumers like using mobile better,
theyre going to do that versus EMV, he
said. Therefore, many retailers are waiting
on EMV to see what they could do with
mobile. s
Click here for more EMV and payments
information and advice.
The problem is, mobile
is still new. But mobile
as a fraud-ghting tool
is better than a card
with a chip in it.
Fear of the Unknown: EMV Tops Retail Treasurers Concerns continued
www.AFPonline.org Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved Page 5
Treasury and nance professionals who are focused on payments
are looking for ways to modernize the United States payments
system, if discussions at the recent NACHA Payments conference
in Orlando, Fla. are any indication. The question is, will it ever
actually happen?
The next step is to address issues related to governance and
ownership. In order to install trust and credibility it has been
suggested that the banks play a signicant role. At the same
time it is not necessarily in the best interest of the users if banks
are dominant actors. The meeting ended with a request for
comment of the current proposal. The outcome will be shared
in future meetings. The Remittance Coalition meeting at the
AFP Conference in November should be a good venue for this.
Future of the U.S. payment system
The future of the U.S. payment system was highlighted in
a conference session led by experts from the Federal Reserve.
The Fed staffers shared some of the ndings from their pub-
lication, Payment System ImprovementPublic Consulta-
tion Paper released this past fall. Not surprisingly, the paper
concluded that faster payment features are preferred. What is
meant by this is, for the most part, is payments notication
and conrmation of good funds at initiation. Fast availability of
funds for businesses is the most important feature.
Other ndings include priority of domestic payment sys-
tems over global, problems switching from paper checks to
electronic for B2B payments, too many regulations and card
fraud. Regarding checks, there seems to be an opinion that
they should be allowed to evolve, but not at the expense of
the development of electronic alternatives. This could prove
problematic as it creates less of an incentive to develop more
modern payment systems.
ISO 20022 standard
Since many key global payments entities, such as the SEPA,
are implementing the ISO 20022 standard, any discussion
regarding modernizing the U.S. payment systems should also
include the ISO 20022. Some initial steps have been taken,
and a business case study has been conducted to assess the
potential adoption of the ISO 20022 standard for U.S. compa-
nies. This issue was also addressed in sessions at the conference.
Takeaways
The Feds consultation paper raised awareness of the indus-
trys preferences when modernizing payments. Shifting from
paper checks to electronic payment methods makes sense not
only from efciency and security standpoints, but also from a
business case scenario since corporations have the opportunity
to save money. Along with electronic payments is the discussion
regarding standards and particularly the business case discussion
of implementing the ISO 20022 standard for U.S. corporations. s
Magnus Carlsson, Manager, Treasury & Payments, AFP
Moving American
Payments Forward:
Whats the Holdup?
Magnus Carlsson
Many companies still cite the difculty
of convincing trading partners to switch
from paper checks to ACH transactions,
as well as problems with ACH remittance
information. One of the main barriers is a
reluctance to provide bank information
and account numbers.
Migration to electronic payments
Electronic payments continue to gain traction in the U.S.
However, many companies still cite the difculty of convincing
trading partners to switch from paper checks to ACH transac-
tions, as well as problems with ACH remittance information.
One of the main barriers is a reluctance to provide bank infor-
mation and account numbers.
Some companies did share their success stories moving from
paper checks to electronic payments in several conference ses-
sions. During one discussion, Johnson & Johnson and Ameren
Services revealed the benets they reaped by switching to elec-
tronic payments and remittance alternatives.
The electronic payments issue also was addressed at length at
the Remittance Coalition meeting on Sunday prior to the start
of the conference. One of the projects discussed was the B2B
Directory project, which will help address the issue of sharing
sensitive information. The core B2B Directory working group
has produced a document addressing pain points as well as clear
directions for what the directory should contain and how it
should work.
Page 6 Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved May 2014
AFP Fraudwatch Andrew Deichler
AFP compiles the most alarmingand
informativefraud news relevant to
corporates in Fraudwatch. This column is
part of AFPs Payments Fraud Resource
Center and is intended to keep you aware
of the latest threats to your organization.
Post-Target, Treasurers
Take Proactive Measures
Fraud has always been a concern for
treasurers, and in the post-Target environ-
ment, it has only become even more of
a priority. At the latest meeting of AFPs
Treasury Advisory Group in Dallas, prac-
titioners discussed the new fraud issues
they face, and the steps they are taking to
address them, in the wake of the Target
security breach.
One treasurer for a major retailer said
that immediately following the Target
breach, his company saw a huge spike
in fraud on gift cards that customers can
reload online. We saw in a two-month
period as much fraud as we typically see
in a year, he noted. We didnt have very
sophisticated antifraud tools; we were just
using basic stuff. The fraudsters sophistica-
tion level is to the point now where they are
just blowing all of our protections away.
Since then, the retailer has implemented
a fraud scoring tool by security vendor
ThreatMetrix for its e-commerce business.
Like a credit bureau score, it will score a
credit card transaction, the treasurer said.
You can just deny transactions that score
too low. It looks at everythingwhether
youre using a Yahoo address, what IP
youre coming from, how many times
youve used that credit card, etc. It even
looks at the type of device you are using.
Another treasurer at the TAG meeting
said that her company uses a similar tool
for its prepaid products. They are very
effective; its amazing what they can do,
she said. We picked it up through an ac-
quisition of another company. Thats who
they were using and had integrated. Thats
how it came into our portfolio. But Im More AFP Fraudwatch on page 7
going to go back and ask if they looked at
it recently or thought about an RFP with
other vendors.
The rst treasurer said that he has spo-
ken to several of his retail peers and they
informed him that they are also looking
at technology vendors who offer similar
fraud protections for their e-commerce
operations. If youre an e-commerce
business like Amazon, youve done this
stuff years ago, he said. But if youre not
primarily an e-commerce merchant, youve
been pretty vulnerable up to this point. Its
time to be more sophisticated.
A third treasurer said that although his
company has previously not addressed
cyber risk, it is rethinking that approach.
The head of our IT security has been
tasked with re-evaluating that, he said.
Post-Target, the board has had conversa-
tions about it.
The treasurer compared the Target
breach to the TJ Maxx breach in 2007
that compromised more than 45 million
credit and debit cards. The compensation
of those that were affected has changed
dramatically, he said. It used to be a cash
payout, which is pretty signicant. Now
its, Well give you free credit monitoring,
which you may or may not use. So thats
another thing thats changedthe solu-
tions to pay folks.
Fallout from Target Breach
Culminates in CEO Ousting
First it was Targets chief information of-
cer. Now its the big box retailers CEO
who has been shown the door.
Target has relieved Chairman and CEO
Gregg Steinhafel of his duties, follow-
ing the massive holiday data breach that
compromised 110 million customers, hurt
Targets fourth quarter 2013 prots and
seriously damaged the companys reputa-
tion. CIO and executive vice president for
technology services Beth M. Jacob resigned
in March, clearly another corporate casu-
alty of the breach.
Additionally, Target launched an expan-
sion into Canada last year that was not
well-received, which also likely played a
role in Steinhafels departure.
After extensive discussions, the board and
Gregg Steinhafel have decided that now is
the right time for new leadership at Target,
Targets board said in a statement. CFO John
Mulligan has been named interim CEO until
a replacement is found, while board member
Roxanne Austin will serve as interim non-
executive chairman of the board.
Steinhafel, a 35-year veteran of the com-
pany, assumed the role of CEO in 2008
and was named chairman of the board in
2009. He will serve in an advisory capacity
as Target searches for its new CEO. The
company said it is looking at both internal
and external candidates, as well as candi-
dates from outside the retail industry.
Now is the right time for new leader-
ship at Target, Steinhafel wrote in a letter
to the board.
Upon the news of Steinhafels removal,
Brian Krebs, who originally broke the Tar-
get breach story, provided a list of numbers
pertaining to the incident. He noted that
Target has pledged to spend $100 million
upgrading its terminals to support chip-
and-PIN enabled cards. However, such
technology would have protected exactly
zero cards even if it had been put in place
prior to the breach. Without end-to-end
encryption of card data, the card numbers
and expiration dates can still be stolen and
used in online transactions, he wrote.
Also numbering zero are individuals that
currently hold the title of chief information
security ofcer (CISO) and chief security
ofce (CSO) at Target. Hackers who sold
about 2 million of the cards are believed to
have made about $53.7 million.
Meanwhile, between 1 million and 3
million cards are estimated to have been
successfully sold on the black market and
used for fraudulent transactions before
they were cancelled.
Lastly, Krebs noted that Steinhafel stands
www.AFPonline.org Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved Page 7
AFP Fraudwatch Continued
to make about $55 million in executive com-
pensation and benets on his departure.
Interestingly, some experts believe that
Targets recent struggles could be indica-
tive of a different problem. In a note, Stifel,
Nicolaus & Company wrote that the retail-
er has recovered somewhat since a weak
December in the U.S. and a weak start in
Canada. However, [Target] continues to
face the issue of the younger, more afu-
ent, more urban discount shopper simply
not wanting to go to stores in the same
way as their predecessors, the brokerage
and investment banking rm noted.
Microsoft Issues Fix
for IE Vulnerability
Microsoft issued an emergency security
update last week to x a recently discov-
ered zero day vulnerability found in all
versions of Internet Explorer. Should an IE
user view a specially crafted webpage, an
attacker who has successfully exploited the
vulnerability can control processes on the
system and install malware.
Security rm FireEye, which is cred-
ited with discovering that exploit, said
in anadvisory that vulnerable versions of
IE represent about a quarter of the total
browser market. FireEye said the exploit
leverages a previously unknown use-after-
free vulnerability, and uses a well-known
Flash exploitation technique to bypass
Windows ASLR and DEP protections.
Microsofts update modies the way that
IE handles objects in memory. Most users
have automatic updating enabled and do
not need to take any action. However, any
users that have not turned on automatic
updates should do so immediately.
Even users of Windows XPwhich
Microsoft is no longer supporting as of
last monthwill get the update. However,
Adrienne Hall, general manager, trustwor-
thy computing for Microsoft, urged users
to move on from XP as soon as possible.
The reality is that the threats we face
today from a security standpoint have
really outpaced the ability to protect those
customers using an operating system that
dates back over a decade, she said. This
is why weve been encouraging Windows
XP customers to upgrade to a modern,
more secure operating system like Win-
dows 7 or Windows 8.1.
New Yorks Banks to
be Held to Higher
Cybersecurity Standards
The New York Department of Financial
Services (DFS) will conduct cybersecurity
assessments for the states banks, following
the release of a report that revealed that
cyberattacks are becoming more frequent,
sophisticated and widespread.
The assessments will evaluate banks
cybersecurity preparedness. Banks will be
asked questions in the areas of IT manage-
ment and governance, incident response
and event management, access controls,
network security, vendor management and
disaster recovery. The process is intended
to provide a holistic view of banks
cyber readiness.
Governor Andrew Cuomo said in a
statement that the assessments aim to
protect New Yorkers nances in the
face of growing cyber threats. Targeted
cybersecurity assessments for banks will
better safeguard nancial institutions from
attacks and secure personal bank records
from being breached, he said. When
consumers sign up for online banking
they expect their personal information to
be secure and we are working to make
sure nancial institutions take the proper
precautions to safeguard it.
The assessments follow a 2013 industry
survey on cybersecurity, in which DFS
polled 154 nancial institutions on their
cybersecurity programs, costs and future
plans. According to banks, the greatest
challenges to building an efcient cyberse-
curity program are the increasing sophisti-
cation of threats (71 percent) and emerging
technologies (53 percent).
The majority of FIs experience intru-
sions or attempted intrusions into their
IT systems in the past three years. Meth-
ods used included malware (22 percent),
phishing (21 percent), pharming (7 per-
cent), and botnets or zombies (7 percent).
The most frequent types of criminal
activity resulting from a breach were ac-
count takeovers (46 percent), identity theft
(18 percent) telecommunication network
disruptions (15 percent), and data integrity
breaches (9.3 percent). Both small and
large institutions reported third-party pay-
ment processor breaches (18 percent and
15 percent, respectively). Large institutions
also experienced mobile banking exploita-
tion (15 percent), ATM skimming/point-
of-sale schemes (23 percent), and insider
access breaches (8 percent).
Due to the rising threats, most banks are
upping their game when it comes to cyber-
security. DFS report found that 77 percent
of all nancial institutions increased their
information security spending over the
past three years. Most of the remaining
institutions (18 percent) reported that that
budget spending remained the same; virtu-
ally no banks reported a decrease. Fully
79 percent said they expect to increase
information security spending in the next
three years.
DFS has recommended that all New
York State-chartered depository institu-
tions become members of the Financial
Services-Information Sharing and
Analysis Center (FS-ISAC), in order to
receive notications and information
tailored to help protect their systems
against cyber threats. s
Take the Payments Continuing Education Quiz: www.AFPonline.org/CEQuiz
Page 8 Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved May 2014
News Staff Writers
Cash: The Once, Current and Future King,
Says Fed
New data from several Federal Reserve Banks indicates that U.S.
consumers still prefer to use cash over any other payment method,
including debit and credit cards. In a new report, the Cash Product
Ofce (CPO) of the San Francisco Fed explained that while many
electronic payments pundits have been predicting the demise of
cash for years, the data tells a different story. According to the Diary
of Consumer Payment Choice (DCPC), conducted in October 2012
by the Boston, Richmond, and San Francisco Federal Reserve Banks,
cash dominates low-value transactions, is the top payment instru-
ment for many types of purchases, and is the key alternative when
other payment options are unavailable.
In October 2012, the average American consumer completed 59
transactions, and 23 of these payments were in cash. At about 40
percent, cash made up the single largest share of consumer transaction
activity, followed by debit cards at 25 percent and credit cards at 17
percent. Electronic methods and checks came in at 7 percent each.
However, the CPOs ndings suggest that consumers typically
reserve electronic methods and checks for higher-value transactions.
Electronic methods make up 27 percent of payments by value and
checks make up 19 percent. Cash, meanwhile, only accounts for 14
percent. The average value of a cash transaction is only $21, compared
with $168 for checks and $44 for debit cards, the report reads.
Nevertheless, consumers complete a lot of low-value cash transac-
tions. About one-third of the average consumers monthly payments
have a ticket value of less than $10, and cash is used in about two-
thirds of these transactions. Consumers typically use cash for half of
all of transactions valued at less than $50.
The CPO noted that while the actual number of cash transactions
and cashs share of all transactions decrease as the ticket size rises,
the number of card payments remains roughly the same regardless
of ticket size. Electronic payments and checks are the top methods
for ticket prices over $100 at 30 percent and 20 percent respectively,
largely due to their use in bill payments.
Differences with UK
The CPOs report contrasts dramatically with new data released
from the UKs Halifax, a division of the Bank of Scotland. Halifax
reported that cash is in decline, representing 17 percent of payment
activity, down 1.8 percent from last year. It accounts for about 18
percent of every 100 spent.
Meanwhile, debit cards are now used in 56 percent of UK transac-
tions, Halifax said. For every 100 spent, over a quarter of all payments
are made using debit cards, while another quarter are comprised of
automated payments. Direct debits make up about 20 percent.
Magnus Carlsson, AFPs director of treasury and payments, noted
that the difference in trends in the two reports may boil down to
cultural differences and traditions. For example, in the UK, checks
are not really used at all for personal use anymore while they are still
fairly popular in the U.S. for certain transactions, he said. Also, as
opposed to the UK, many transactions in the U.S. include tipping,
which is much easier facilitated with cash.
Additionally, transactions such as direct debits have been accepted
and commonly used in the UK for quite some time, but they have
not gained the same acceptance in the U.S., Carlsson added. One
reason for this may be a generally more protective attitude of keep-
ing bank account information private in the U.S., as well as a certain
uneasiness about having an external party extracting funds from
ones bank account, he said.
NACHA Requests Feedback from Network
End Users on Same-Day ACH
NACHA is requesting feedback from treasury and nance profes-
sionals on use cases, benets and potential transaction volume of a
ubiquitous same-day settlement capability across the ACH Network.
The features of this capability would likely consist of two new
same-day settlement times each banking day, in addition to the ex-
isting overnight settlement capability. For the purpose of providing
feedback, network end-users are asked to assume the following:
New settlement window # 1
9:00 a.m. ET
Deadline for originator to submit ACH les to ODFI
10:00 a.m. ET
Deadline for ODFI to submit ACH les to ACH Operator
11:00 a.m. ET
Latest time RDFIs receive ACH les from ACH Operator
12:00 noon ET
Inter-bank settlement occurs
New settlement window #2
2:00 p.m
Deadline for originator to submit ACH les to ODFI
3:00 p.m.
Deadline for ODFI to submit ACH les to ACH operator
4:00 p.m.
Latest time RDFIs receive ACH les from ACH operator
5:00 p.m.
Inter-bank settlement occurs
All SEC codes, including credits and debits, would be eligible
for same-day settlement except IAT. Individual Same-Day ACH
transactions would be limited to $25,000, and funds availability for
same-day ACH credits would be no later than 5:00 p.m. the RDFIs
local time.
Network end-users can provide comment to NACHA here.
More information on ubiquitous same-day ACH settlement is
available here. s
www.AFPonline.org Copyright 2014 Association for Financial Professionals, Inc. All Rights Reserved Page 9
Navigating
Canadas
Anti-Money
Laundering Laws
Andrew Deichler
Understanding regulations around
Canadian payments is critical for corporate
practitioners operating north of the
borderand south of it as well. Because
the two nations are each others largest
trading partners, treasury and nance
professionals on both sides of the border
should pay close attention.
Jacqueline Dawn Shineld, partner with
Toronto-based Blake, Cassels & Graydon
LLP, one of the largest law rms in Canada,
offered the following guidelines for navigating
Canadas regulatory regime at the recent NA-
CHA Payments conference in Orlando, Fla.
in Canada, the requirement is to comply
with the legislation. Theres no state licens-
ing in which people are looking at your
nancials, capital requirements or require-
ments to hold funds in trustwe dont
have anything like that.
Shineld noted that Canadas AML
legislation is currently in a state of ux
Canada continues to introduce more and
more AML laws to catch up to the U.S. Re-
cently, Bitcoin and virtual currencies came
under the scope of AML regulation. Taking
a cue from the Financial Crimes Enforce-
ment Network (FinCEN) in the U.S., the
Canadian federal government in February
introduced anti-money laundering and an-
ti-terrorist nancing regulations for virtual
currencies in its 2014 Budget document.
The government has also turned its atten-
tion to online casinos, which will now be
subject to the Proceeds of Crime (Money
Laundering) and Terrorist Financing Act.
When a Canadian entity that is subject to
AML law sends or receives a cross-border
electronic payment in excess of C$10,000 it
The Canadian denition of an EFT is
very broad and includes instructions for
a transfer of funds. So if someone asks
you to send money, but because of your
back-ofce procedures, you dont have
to actually move the money across the
borderyou can instruct one of your cor-
respondent banks somewhere to move that
moneyits still [considered EFT], because
your client gave you instructions to receive
or send funds, Shineld said.
There is no ling threshold for suspicious
transactions in Canada, Shineld added.
If the transaction is suspicious, you are
required to le, regardless of the amount.
Even if its only an attempt at a transaction,
you are still required to le. Say someone
comes to you and says they want to send a
cross-border wire transfer of C$11,000. You
say, Okay, well need some ID, and they
reply Oh you need ID? Nevermind, thats
okay. Thats an attempted transaction and
you have to le, she said.
When receiving a cross-border EFT,
entities are required to take reasonable
measures to ensure that the transfer you
receive has all of the senders required in-
formation. Taking reasonable measures is
not saying, Oh, the information isnt here;
thats too bad. Taking reasonable measures
has been interpreted as actually reaching
out to asking and trying to get that infor-
mation, Shineld noted.
Furthermore, if an entity sends or receives
an EFT of over C$100,000, it has to use rea-
sonable measures to determine whether the
sender is a politically exposed foreign person
(PEFP) within 14 days of the transfer. A PEFP
is a foreign national who works for the gov-
ernment, a government-owned state bank or
the military, as well as their family members
and even close associates. The receiving entity
must determine the source of funds for the
transaction if possible, have a senior ofcer
review that transaction, and keep a record of
the entire event. s
A longer version of this story will appear in
the June edition of AFP Exchange.
Unlike money service businesses in the U.S. that have state-by-state
licensing, in Canada, the requirement is to comply with the legislation.
Theres no state licensing in which people are looking at your
nancials, capital requirements or requirements to hold funds in trust
we dont have anything like that.
Anti-money laundering laws
Canada denes a money service busi-
ness (MSB) as any person or business that
transmits funds, exchanges currencies,
or cashes/sells money orders or travelers
checks. However, according to Canadas an-
ti-money laundering (AML) regulator, the
Financial Transactions and Reports Analysis
Center of Canada (FINTRAC), merchant
acquirers are not considered MSBs. There-
fore, while merchant acquirers in the U.S.
are regulated under AML, they are not in
Canada. Canadian credit card networks are
also not regulated under AML.
Its a very different regime, Shineld
said. Unlike money service businesses in
the U.S. that have state-by-state licensing,
has to le an electronic funds transfer (EFT)
report with FINTRAC. Additionally, there is
a new requirement that the entities would
also have to le an EFT report with the
Canada Revenue Agency (CRA). The Cana-
dian entity must also verify the identity of
the sender/receiver in cross-border EFTs.
Two or more transactions made within
a 24-hour period that total C$10,000
or more would also have to be reported,
because they would be viewed as a single
transaction. So if I send $8,000 at the close
of business one day and the next morn-
ing I send more, it trips the C$10,000
because its been less than 24 hours. And
you keep ling as you get more consecutive
C$10,000 amounts on the rolling clock.