A flurry of internet finance-related regulatory documents were issued in China last week just before the New Year. On December 28th, the People’s Bank of China (“PBOC”) issued the final rules on online payments while the China Banking Regulatory Commission (“CBRC”) issued the draft rules on online lending for public opinion. Here, I will focus on the final online payment rules as the impact on the internet finance industry is imminent and much more concrete.
As the leading payment platform operators, Tencent and Alibaba have issued statements in Chinese media praising these final rules. I am skeptical that they sincerely welcome these regulations. This type of public brown-nosing is typical in China as a show of support for government policies to appease regulators. Looking more closely at the rules, as well as statements by PBOC officials in response to media queries, the policies are quite convoluted and will likely have an adverse effect on users and platforms alike.
Below are the three main areas covered by the rules that I think are important to address:
- Strict know your customer (“KYC”) checks to support anti-money laundering and counter-terrorism efforts
- Limits to force payment platforms to focus on providing small ecommerce transaction services
- Tiered regulation for platforms instead of a blanket approach
KYC Checks and Account Types
Much has changed between the final rules and the draft that was issued in July regarding payment account types and the KYC checks required to open such accounts. In addition to the two types of accounts outlined in the draft rules, the final rules included another account type that requires minimal KYC checks.
Under the new rules, Type I accounts require only one online ID check to open, but the account balance can only be used for outgoing transactions totaling up to RMB 1000, including transfers to the user’s own bank account. Given these restrictions, this type of account is essentially useless after reaching the RMB 1000 limit and would require additional ID checks for continued use. This account type was likely added to the final rules to set a lower barrier enabling platforms to more easily onboard new customers.
Type II accounts are the same as the “consumer accounts” defined in the draft rules. In-person ID verification or three external ID database checks are required to open a Type II account, and the account balance can only be used for purchase and account transfer transactions. This account type has an annual cumulative outgoing transaction limit of RMB 100,000, which does not apply to transfers to the user’s own bank account. So users such as ecommerce merchants can receive and withdraw funds with no limit whatsoever.
Type III accounts are the “general accounts” defined in the draft rules that can be used for investments in addition to making purchases. In-person ID verification or five external ID database checks are required to open a Type III account, which has an annual cumulative outgoing transaction limit of RMB 200,000. As with Type II accounts, the outgoing limit does not apply to transfers to one’s own bank account.
In the context of marketplace lending, the above rules seem to contradict the draft policies on online lending that stipulate customer’s funds should be under custodianship by a banking institution. If Type III account balances are allowed to “invest or purchase wealth management and other financial products,” this implies that third-party payment platforms can serve as custodians for customer funds. However, the annual outgoing limits on the Type III account may be inhibitive for users that have greater investment needs or tend to transact in and out of an account frequently.
For lending platforms that continue to use payment platforms as fund custodians for customers, it would mean that borrowers would only need a Type II account to participate and would be subject to fewer KYC checks than an investor/lender that wants to open a Type III account. This does not make sense from a counter-terrorism standpoint as the barrier is lower for fundraising, but marketplace lending platforms tend to gather more information on a borrower for risk assessment purposes anyway.
As I mentioned in my commentary on the original draft payment rules, there are three main issues with the KYC requirements, though PBOC officials claim the additional inconvenience is minimal:
- The requirements greatly impede user experience since customers now have to either show up in person to some location to verify identity and open an account (much like a bank) or provide multiple IDs online to fulfill the verification requirements.
- Aside from government-issued personal ID and bank account information, the Chinese market currently does not have robust commercial databases to provide other forms of ID verification. It will be inconvenient and prohibitive for someone to pass five different ID checks to open a Type III account and will likely exclude some potential users.
- The multiple ID checks significantly increase costs for platforms as they will need to purchase the ID verification services from external data providers, costs that will likely be passed on to consumers in the form of increased account or transaction fees.
Official statements from the PBOC put the onus on platforms to provide a streamlined user experience to complete the KYC checks, but with a requirement of five ID checks, it’s hard to imagine how streamlined the process can be as customers will have to provide the information.
Emphasis on Small Transactions
Given that the original purpose of third-party payment services was to facilitate ecommerce transactions, PBOC officials emphasized that account balance transactions should be limited in accordance with this principle. The daily spending limits on and rules for using account balances remain unchanged from the draft rules. Payment platforms can choose from three options to conduct transaction verifications: user-set password, unique digital identification such as a one-time password or a digital certificate or electronic signature in the form of a browser plugin, or a biometric ID such as a fingerprint. If the platform verifies the customer transaction using a browser plugin and an additional verification listed above, then the daily transaction limit can be an amount agreed upon between the platform and customer. If the platform uses a two-step verification that does not include a browser plugin, then the daily transactions for the payment account cannot exceed RMB 5,000 in aggregate. If the platform only uses a single verification method, then the daily transactions for the payment account cannot exceed RMB 1,000 in aggregate.
These daily limits pose another inconvenience to consumers using payment accounts to conduct online transactions and forces them to use bank portals for transactions if they exceed the daily limits. Although the daily limits may be increased if the consumer uses an electronic signature or digital certificate in the form of a browser plugin, installing these plugins can be a nuisance. The majority of users in China may not be technologically savvy enough to install and update the plugins as these plugins often have compatibility issues with different browsers. And of course, platforms must develop or purchase these plugins from third parties, which adds to the cost that may be passed on to consumers.
Again, it is important to note that the annual and daily transaction limits only apply to transactions using a payment account’s balance. Consumers can continue to conduct online transactions beyond the limits by directly using their bank account balance, which would require using the bank’s web portal and authorization process but still having the ability to use the third-party payment platform to process the transaction. The overall effect of the annual and daily limits would be that platforms would lose out on a huge chunk of interest income for the account balances of users that are deposited in the platform’s bank account, but would not lose out on any transaction processing fees.
Tiered Regulation for Platforms
An interesting concept introduced in the final rules is the idea of “tiered” regulation for payment platforms. With this idea, the PBOC plans to analyze, categorize, and rate payment platforms and apply different regulatory policies to each platform category or rating. Better-rated platforms will have fewer restrictions while lower-rated platforms will be subject to additional regulatory scrutiny. For example, platforms that are rated type A and have over 95% of users that have completed Type II and III account KYC checks would be allowed to use alternative ID check methods subject to PBOC approval. This could give some flexibility for innovation, but I am doubtful that the PBOC would approve new ID verification methods with ease.
A more concrete advantage for these better-rated platforms is that the daily spending limits for their users could be raised to 1.5 or 2 times that of the standard limits I outlined above. Annual limits cannot be increased.
The idea of a government body rating platforms in China could be a cause for concern if the rating process is not transparent. For one, it’s likely that state-backed platforms would easily gain favorable ratings even if their standards are not up to par given the government’s own financial interests. In addition, as the rating results would likely be public, platforms would use such ratings in its advertisements to attract more business. Better ratings could potentially be garnered by platforms through bribery of officials involved in the process. Recent anti-corruption probes have brought down a few CBRC and CSRC officials, and graft is not uncommon among these central governing bodies. Thus, a highly transparent process is needed if regulators intend to determine and issue the ratings themselves. A similar type of tiered regulation concept was also introduced in the draft online lending rules and would encounter the same issues if implemented in the final rules.
The final online payment rules are set to take effect on July 1, 2016, which does not give marketplace lending platforms much time to react. The restrictive KYC checks and daily limits on account balance spending would likely force lending platforms to abandon the fund custodianship services provided by payment platforms. Combined with the fact that very few banks offer custodianship services, platforms may be forced to abandon fund custodianship all together come July in order to maintain a better customer experience in the near term. Since the draft online lending rules offers an 18-month compliance transitional period, it would not be illegal for platforms to not use fund custodianship for their customers during this period. During this time, lending platforms can wait for more banks to offer custodianship services and transition before the 18 months is over. Thus the uncoordinated policies on payments and lending might actually induce the opposite of their intended effect on lending platforms in the near term. We will examine the draft online lending rules in more detail in part two of this series.
Spencer Ang Li has served as Fincera’s Vice President of Product since June 2015 and as Chief Executive Officer for Fincera’s multiple product development subsidiaries since March 2014. Prior to joining Fincera, Mr. Li was an Investment Banking Analyst at Cogent Partners in New York, a sell-side advisor for private equity secondary transactions, from 2011 to 2014. During his tenure at Cogent, Mr. Li conducted fund due diligence, managed marketing processes, and participated in the sale and transfer of nearly $2 billion in limited partnership interests on behalf of public pensions, large regional banks, asset managers, and other financial institutions. Mr. Li received a BS in Economics and BA in Psychology from Duke University in 2011.