Why banks are not ready for ISO 20022

As digital payments become more common and process fasterTHE risk of fraud and errors also increase. There is a potential solution that has been in development for years, although compliance is still lagging behind.

THE ISO 20022 standard allows payment messages to include more detailed information organized in a consistent manner for all participants. ISO 20022 has been in preparation since almost a decade and is getting closer to the March 2025 target date for compliance, but a large portion of banks will not be ready.

Less than 40% of banks in North America and Europe are very confident (seven on a scale of one to ten) of being ISO 20022 compliant in major use cases by the implementation date. service from March 2025, according to a new study by Finextra. which was financed by Volante. And in the United States, more than a third of banks say they won’t meet the deadline, according to a KPMG study released earlier this year.

Banks have had plenty of time to prepare for this standard, but payments experts say it still represents heavy lifting and a long window to reap financial benefits.

“This is a massive infrastructure update project that banks would have to overhaul to take advantage of this standard,” said Jonathan Holland, vice president of account management at Mastercard and vice president of the Cross-Border Payments Working Group at US Faster Payments. Advice.

How ISO Works

The International Organization for Standardization developed the ISO 20022 standard with a subgroup of financial industry experts developing and managing the standard, and the global messaging service Swift acting as the custodian or overseer of the ISO 20022 standard. ISO 20022 was originally scheduled to be implemented in 2020, but was delayed due to the Covid-19 pandemic and resulting recovery issues in recent years.

Messages in ISO 20022 format include a greater volume of data and more individualized information than traditional messaging protocols, according to the Federal Reservewhich administers the FedNow real-time payments network. The Clearing House RTP network, real-time payment networks in Europe and most major bank processors are ISO 20022 compliant. Large banks mainly develop ISO 20022 systems in-house, while smaller banks will probably rely on suppliers.

ISO 20022 messages include the name of a person or payer as well as other identifiers such as an address, secondary address, building or apartment number, city, county, state, country, company affiliation and other sender details.

These details make it easier to detect potential fraud, mitigate processing errors and reduce the need for interpretation. Many ISO 20022 email fields allow up to 70 characters, which also allows for more information in each field.

In contrast, non-ISO 20022 fields are open, meaning they are not dedicated to specific information and generally have shorter boundaries within each field. The information may appear anywhere on the non-ISO 20022 form and, as such, is subject to interpretation if the field does not completely identify the parties to a transaction.

“This new standard breaks down the information to ensure you have the right recipient,” Holland said.

The argument for ISO 20022

Since a real-time payment is processed in less than 10 seconds, it leaves less time to verify fraudulent transactions and detect errors. More information allows banks and other stakeholders to better determine and ensure the integrity of transactions.

“There are many parts to the ISO 20022 equation when it comes to the answer of ‘who should care?’ “, said Greg Murray, Managing Director and Head of Transactional Banking Product Management at Santander. “Banks are certainly the biggest beneficiaries of this, as well as the clearing systems they use to move money.”

Companies that receive and make a high volume of payments also track and store payment records in enterprise resource planning systems, Murray said. “If these ERP systems have not been updated, the benefits of ISO 20022 may not be realized. »

Fraud and accuracy management requires banks to verify identities, accounts, and analyze whether a payment is unusual for the sender based on transaction history. Under current protocols, payments may not contain necessary information if a risk-related decision needs to be made instantly, Murray said.

“For faster payment, the more information you can provide, the more likely the payment will go through smoothly,” he said. “It’s beneficial for companies doing business with each other to have access to more, more detailed and similarly structured data.”

And while most real-time payment networks are capable of supporting ISO 20022, banks’ lack of preparedness challenges the maturation of real-time payments.

“With (ISO 20022), it becomes easier to execute instant payments across borders,” said Nadish Lad, head of strategic business and product at Volante, a fintech vendor. “Currently, there is no standard that works in all regions. With the new standard, banks can see more data.”

What’s the problem?

Banks face significant challenges when adopting ISO 20022, said Enrico Camerinelli, strategic advisor at Datos Insights.

Barriers include lack of education, difficulty upgrading existing infrastructure, and uncertainty about customer readiness. “Lower-tier banks struggle to meet compliance requirements, while many institutions need guidance on implementation,” Camerinelli said. “And there are concerns about the degradation of standards and the ability to use enriched data effectively.”

The typical payment journey involves several steps from initiation to settlement that include banking processes or products, requiring technology that must be adjusted to support ISO 20022.

According to Lad, the steps include:

• Orchestration. The transaction is routed through the most efficient and cost-effective processing option. This includes traditional processors and payment facilitatorsor companies that help merchants and other organizations manage payment options.
• Authorisation. This includes authenticating and ensuring the legitimacy of the payer and payee. Real-time payments emphasize authorization given the short processing time.
• Accounting. In almost all cases, payments are routed to the company’s accounting systems. Banks allow or offer this link as a value-added service to their customers.
• Cross-selling. Emerging trends such as integrated finance link payments and payment enrollment to other financial services.
• Billing. Real-time payments include emerging use cases such as payment request, which combines invoicing with instant processing to reduce overdraft risk and improve visibility into cash positions.
• Notifications. A statement that a principal intends to make a payment, including the amount, date, invoice numbers, and transaction type.
• Reconciliation. This ensures that a payment or list of payments due is the same as the payments that appear on bank statements.
• Regulations. The completion of the transaction, which allows the receiving company to access the funds. Real-time payment systems like the RTP Network and FedNow are designed to settle payments in less than 10 seconds.

“It’s a challenge for banks to manage all this data for all these touchpoints,” Lad said. “Some banks are being left behind because of their existing architecture.”
ISO 20022 standards could improve fraud protection through the addition of more robust data, combined with advanced AI-based analytics, making payment security more proactive in an instant settlement environment. The new standard’s expanded data could also provide more information for statements, such as context for transaction histories, balances, and incoming and outgoing payments.

Santander’s Murray, who “strongly recommends” banks adopt ISO 20022, said banks should consider extensive training on all functions performed during a payment.

Camerinelli said banks should focus on education and demonstrating the benefits to customers to facilitate the adoption of ISO 20022. He highlighted benefits such as faster settlement, improved reconciliation and capabilities of enriched data that is important for cross-border transactions.

“Providing guidance, especially to lower-tier banks, is crucial. Helping clients update file formats and consume data is essential,” Camerinelli said, adding that focusing on cases of Use such as improved analytics and positioning all the benefits can drive adoption.

Staff must also be trained or hired to support more complex and detailed messaging areas.

“People need to understand that this is not just a technical problem,” said Barry Tooker, director and consultant at TransactionBanker.com. “There is also a huge learning curve, there are new areas and new formats.”