Good morning. Thank you to the Brookings Institution for hosting this event.
Over roughly a decade, digital payments, mostly conducted through mobile devices, rapidly became ubiquitous in China. Two services offered by dominant Chinese Big Tech companies, Alipay and WeChat Pay, process millions of transactions every hour and capture an extraordinary amount of data on the movement of money by the Chinese people. In the same vein, Facebook announced in 2019 that it had hatched a scheme to create a new global currency called Libra.
While Alipay and WeChat Pay have succeeded, Facebook failed. Libra never became a new global currency. But the questions it provoked in the West for consumer and data protection regulators, financial stability watchdogs, national security agencies, and central banks live on. And, importantly, the vision at the heart of the Libra project – control over the flow of money throughout the economy and over the sensitive data generated – remains alive among the global Big Tech giants.
Their incursion into finance comes at a uniquely vulnerable moment for the historical separation of banking and commerce, a debate that traces back to the earliest days of the republic. Several trends are colliding: the erosion of traditional lines between core banking activities and commercial financial activities, the growth of e-commerce, and the ease of digital surveillance.
Today, I want to discuss digital dollars and digital payments from the consumer, household, and retail perspective here in the United States. First, I will briefly discuss how money and payments systems serve as essential infrastructure for society. Then, I will share some analysis from the CFPB’s inquiry into payment gatekeepers, as well as some observations about surveillance and censorship. Finally, I will close with a summary of the dangers of allowing very large nonbanks to issue private money outside of the banking system and to wield inordinate control over payments rails, as well as some policy considerations for the future of digital payments.
My remarks today reflect those of the CFPB and do not necessarily represent the views of any other part of the Federal Reserve System.
We’ve long known that sectors like transportation and telecommunications are critical pieces of infrastructure of the economy and society. Technology that increased the speed of ships and railways dramatically changed the nature of commerce. High-speed internet connections have allowed us to work with colleagues around the globe and see family members living far away.
Banking, money, and payments is just as essential. Without this, there could not be the trade and commerce that is foundational to our standard of living. But this infrastructure is also somewhat different, relying heavily on confidence, in addition to any physical or technological attributes.
Banks are the primary means through which money is created and moved. When we keep money in banks, we can demand it back, immediately, in physical cash. We can also use these deposits to make payments.
As a society, we give banks special legal treatment to issue deposits and influence the supply of money in the economy. We afford them access to the public safety net to ensure this money is safe and reliable. In return, banks are subject to regulation and supervision and are supposed to meet the needs of the community. To prevent conflicts of interest, anticompetitive behavior, and undue risk-taking, banks are also limited to certain financial activities, rather than allowing them to engage in commercial enterprise or be merely an arm of a larger conglomerate.
It didn’t always work this way. Banks used to issue shaky private money. And at times in our history, banks and their executives created and managed sweeping conglomerates across commercial sectors – dictating to the economy instead of serving it. In many ways, aligning our national currency and bank-issued money, while structurally dividing banking and commerce, promoted a neutral standard for money and payments that instilled confidence and reliability.
The creation of the nation’s central bank, the Federal Reserve, was a further acknowledgement that banking and payments was public infrastructure that needed public investment and governance. Just as aging bridges and outdated power grids demand public investment, so too does the nation’s public payment system. As the payments system evolved, driven in part by technological adoption like the telegraph and eventually the internet, the Federal Reserve invested in the payments architecture and created public utilities for wire services, bank-to-bank (ACH) transfers, and now real-time payments, among others. To be sure, our country has not always devoted the necessary resources to ensure fast and open payments options, especially over the last few decades, even as other nations invested substantially.
At the same time, private gatekeepers emerged, too.
Gatekeepers, Surveillance, and Financial Censorship
Decades ago, new private electronic payment networks, like Visa and Mastercard, started to grow. They still moved money through the regulated banking system on the back end, but also relied heavily on communication rails built outside of the Federal Reserve System. At first, these networks facilitated short-term borrowing, largely through charge cards and credit cards. Over time, modern-day debit cards grew into a massive portion of their traffic. General purpose reloadable prepaid cards, where funds could enjoy pass-through federal deposit insurance, also ride these rails.
More recently, new private gatekeepers have emerged. Some are mobile payment apps with enormous bases of users. Here at home, PayPal’s Venmo and Block’s CashApp are among the most popular, especially when it comes to facilitating personal payments between friends and family.
Others are Big Tech firms. In China, Alibaba’s Alipay and WeChat Pay became dominant in retail payments. In the US and across the globe, Apple and Google traffic a growing number of payments through their digital wallets.
Starting in late 2021, the CFPB began to study these payment platforms, including Big Tech firms. We issued orders to many of the major players operating in the United States. Last month, at the Federal Reserve Bank of Philadelphia, we released our analysis of “tap-to-pay" features describing the regulations imposed by Apple and Google. Our research has also led to issuances on the lack of deposit insurance coverage on certain stored funds, as well as a spotlight on the emergence of so-called “super apps.”
We have also spent considerable time evaluating the complex data handling practices and privacy protocols at these firms. Their regulations are often long and filled with legalese, and to make things even more confusing, they sometimes refer people to other policies to understand what data is being surveilled, how it is being used, and what if any rights a person may have. While their regulations are convoluted, there are clear takeaways.
First, these firms collect a significant amount of data about the consumers using their payment products. And they use this data for a variety of purposes including to develop, market, and sell payments products and, for a majority of them, other products and services to potential third parties.
Second, these entities retain much of the data they collect for extended periods of time. The companies generally require that consumers consent to their data being collected to use the product and that the lack of such consent would restrict their access to many or all product features. Similarly, fulfilling a request to delete data may result in the closure of a consumer’s account or their inability to continue use of the product.
Finally, regardless of how these companies use the consumer data they have collected today, their regulations do not appear to commit to meaningful limitations on future efforts to monetize the data. Moreover, their policies are not static and evolve over time, and each new version affords these entities opportunity to change their position on what data is collected or how it used, including how they might share this data with other parts of their corporate conglomerates.
As I mentioned earlier, U.S. banks are subject to restrictions when it comes to cross-ownership and affiliation with commercial firms. The payment platforms I’ve just mentioned are not banks and are indeed parts of massive conglomerates touching so many areas of commerce in our digital economy.
So, what’s the problem? The traditional lines we drew within the financial sector have become fuzzy over the past several decades. Big Tech companies are now taking advantage of that blurring as they move into finance, threatening the fundamental separation between banking, money, and payments on one side, and our real economy on the other. They can engage in bank-like activities, either on their own or through complex arrangements with banks, without facing many of the same limitations and obligations.
Naturally, Big Tech companies will have a strong incentive to surveil all aspects of a consumer’s transactions, since this data can advantage the rest of their businesses. For example, Big Tech firms can use detailed payments data to develop personalized pricing algorithms for e-commerce or increase engagement with behavioral advertising.
Of course, corporate surveillance activities can also raise a range of questions about espionage, tracking, and censorship. Indeed, there has been concern both in the U.S. and abroad about the relationship between Chinese tech giants and governmental entities, including with respect to the sharing of sensitive user data and censorship.
Given the massive scale that payments firms and tech giants can amass, this can also raise alarm bells regarding private financial censorship, as well. Since each of these firms controls the regulations of its payments systems, the CFPB has also been studying how these firms decide which users to deplatform and why.
For example, last October, PayPal updated its regulations to give itself the power to levy fines and take other punitive actions, including deplatforming, against users engaged in conduct that would not otherwise violate federal law. (PayPal withdrew the regulation.) Merchants selling goods and accepting payments through these platforms also report being censored and muzzled when it comes to informing consumers about cheaper payment alternatives.
Private Digital Dollars and Privatized Payment Systems
Many of these issues are top of mind for many regulators and legislators.
In November 2021, the Treasury Department and other federal regulators produced a on private digital dollars. The CFPB found their report to be interesting, especially when it comes to concerns outside of the consumer, household, and retail context. For example, the report described certain risks to the financial system and to market competition, particularly if these private currencies became broadly adopted.
From a consumer regulator’s perspective, it is important to safeguard against the risks of private currencies issued by nonbanks, such as the potential for sudden digital dollar devaluation, intrusive data surveillance, censorship, private regulations that favor the issuer’s commercial interests, challenges with error resolution, and consumer fraud. Of course, the technological specifications and the business model of the currency creator and payment platform operator may surface additional risks or mitigate others.
The November 2021 report made a couple of helpful suggestions that would address some of these risks. For example, the report described the benefits of limiting commercial affiliations with private currency issuers and limiting the use of transaction data. The report also suggested that agencies could explore the applicability of Section 21(a)(2) of the Glass-Steagall Act that prohibits nonbanks from engaging in deposit-taking activities.
To ensure that private digital dollars and payments systems in the household and retail context do not harm consumers, a number of steps are warranted:
First, the CFPB will be issuing supplemental orders to certain large technology platforms to acquire more data and information that will help us better ascertain their business practices, especially with respect to the use of sensitive personal data and any issuance of private currencies.
Second, to reduce the harms of errors, hacks, and unauthorized transfers, the CFPB is exploring providing additional guidance to market participants to answer questions regarding the applicability of the Electronic Fund Transfer Act with respect to private digital dollars and other virtual currencies for consumer and retail use.
Third, the CFPB will look use appropriate authorities to conduct supervisory examinations of nonbanks operating consumer payment platforms. The CFPB has a number of authorities to do so, such as when these firms serve as service providers to large depository institutions. Another one of these authorities includes defining larger participants in this market, by rule, which would subject nonbanks meeting a particular size threshold to CFPB supervision.
Fourth, as suggested in the November 2021 report, the Financial Stability Oversight Council should consider exercising its authority under Title VIII of the Dodd-Frank Act to designate this activity as, or as likely to become, a systemically important payment, clearing, or settlement activity. This could provide, for example, other agencies with critical oversight and tools to ensure that a stablecoin is actually stable.
Finally, it is critically important for American consumers to have stronger protections against excessive surveillance and misuse of payments data. Later this month, I will authorize the publication of a proposed rule regarding personal financial data rights pursuant to Section 1033 of the Consumer Financial Protection Act. The rule will seek to accelerate America’s shift to open, competitive, and decentralized banking, while also seeking to safeguard against misuse of personal financial data. In addition, policymakers must continue to identify additional financial privacy protections that go beyond the existing Gramm-Leach-Bliley Act provisions, which have proven to be insufficient. I am hopeful that federal legislation can provide us with more tools to deter personal financial data abuses.
In conclusion, I fear that the U.S. is lurching toward a consolidated market structure, like the one that has emerged in China, that blurs the lines between payments and commerce and creates the incentives for excessive surveillance and even financial censorship.
A quarter century ago, the U.S. Mint within the Treasury Department began to chart out its thinking on minting coins in the digital era. Today, we have many more questions to answer and challenges to overcome.
As we seek to configure a payments architecture that can provide safe and secure electronic cash, we should make sure that the deployment of private sector technologies and services are aligned with our values for fair competition, consumer protection, and our national interest.