Decoding ISO 20022: Lessons for Cross-Border Payments

Posted on Nov 22, 2023 by Nasreen Quibria, Senior Director, Head of Cross-border Policy Engagement, and Kristina Breen, Vice President, Global Standards Management, Visa

A key deliverable under the Financial Stability Board’s G20 payments program focuses on harmonized data requirements of ISO 20022 messages in improving cross-border payments. In October 2023, the Bank for International Settlements’ (BIS) Committee on Payments and Market Infrastructures (CPMI) released the publication on the harmonized ISO 20022 data requirements. The CPMI has also convened payment systems operators and industry groups to align market practices with the requirements.

As ISO 20022 adoption gains momentum, we believe that policymakers and the broader financial services community can leverage insights from the last 15 years of ISO 20022 implementations, while also drawing from card networks’ more than 40 years of experience to modernize payments systems, improve interoperability, and foster an environment for innovation.

Marching to ISO 20022

According to the CPMI, fragmented and mixed use of standards in payments messaging are chief contributors to frictions in cross-border payments today. For payments to flow freely across borders, payment systems need to be able to “talk” to each other. But for years, proprietary payment messages[1] have grown in complexity, especially for international noncard transactions that can require multiple steps to process.

It is widely expected that ISO 20022 will play a key role in cross-border payments interoperability. The adoption of ISO 20022 — a common language in data exchange between financial institutions — promises to lessen the long-standing challenges that have constrained many forms of cross-border payment flows. With richer, valuable payment data in structured fields within the ISO 20022 standard, the transaction flows of major reserve currencies can be routed more efficiently across borders — laying the foundation for streamlined compliance procedures, enhanced customer experiences, and the building blocks of innovation.

Moving ISO 20022 Migration Timelines

Although ISO 20022 is set to become the de facto standard, the journey has been long and fraught with challenges. Even with extensive preparation, the global financial community faced years of delays and false starts.

Finding Solutions in ISO 20022 Implementations

ISO 20022 is often framed as a panacea for many of the frictions in the banking and larger financial ecosystem. Indeed, it can have a profound impact on new payment infrastructure (like faster payment solutions) and other modernization efforts (such as real-time gross settlement systems) in achieving interoperability across networks and driving down costs by eliminating manual intervention and reducing errors, making transactions faster, efficient, and more secure.

Internal infrastructure and processing barriers

However, a significant implementation effort in an ISO 20022 transformation is the complexity of orchestrating the changes to the proprietary systems that many financial institutions and market infrastructures rely on. A project of such magnitude requires an architectural transformation of internal payment processing from the front-end interface to the back-end systems (and more so if the intent is to design for added future business value). In a typical bank environment, the aging infrastructures are not easily compatible with ISO 20022, which means introducing changes to a number of impacted applications in addition to performing high-volume testing with many industry partners before migration can even start. This type of effort also requires strong collaboration and a proactive flow of information across all functions, including technology, business, operations, treasury, marketing, and more.

Embracing a new language

An essential aspect that requires attention is raising awareness and providing education about ISO 20022. Creating a well-designed educational campaign for market participants is crucial — including providing guidance on new vocabulary and how the enhanced transaction details affect input applications and downstream processes. This effort will help reduce disruptions and confusion within the industry, allowing industry participants to better prepare for the transition.

Performance challenges with message size

Moreover, market participants need to consider the impact of transitioning to the richer ISO 20022 eXtensible Markup Language (XML)-based financial messages that have extended fields and hierarchical data elements. The verbose nature of the highly structured ISO 20022-based XML format not only makes transmission less efficient, leading to performance and bandwidth issues, but it also demands increased disk storage and warehousing. In response to these considerations, the CPMI established a panel of market participant experts to promote the harmonization of API protocols for cross-border payments earlier this year.

Dimensions of data overpopulation

With the enhanced data in the ISO 20022 message, the risks from unexpected additional data (or data overpopulation) remain unclear, especially concerning combating money laundering and the financing of terrorism (AML/CFT). Additional content brings further potential concerns, including security and privacy issues and the possible heightened risk of data exposure. A consistent data framework is needed to govern this data exchange.

Balancing transparency and trust

Improved transparency is another consideration for cross-border payments. Outside of retail card transactions, the tracking of payment status for international transactions can be a lengthy and manual process involving different time zones, reliance on intermediaries, and limitations in consistent tracking information. Distinct privacy and data protection laws, many of which differ by jurisdiction, add another layer of complexity. Increased coordination and harmonization between financial regulators and agencies responsible for privacy and data use policies will be key to building transparency and trust.

Flavors and fragmentation

While ISO 20022 holds the promise of borderless payments, delivering on that promise could be unobtainable for some years. And with Swift’s co-existence of using existing systems in parallel with ISO 20022 messages until November 2025, the financial services ecosystem must continue to handle both the older and the more modern standards. However, because processes and procedures are not interchangeable between the two, market participants face a significant burden in supporting multiple standards. Without alignment and strong public-private sector collaboration, ISO 20022 may not be consistently adopted within the payment sector and across different regions, which will compound inefficiencies in cross-border payment flows and interoperability may not be fully realized.

Not All Payments are Created Equal — Lessons in Modernization and Innovation from the Retail Card Ecosystem

To address the risks of fragmentation and other challenges, in March 2023 the CPMI launched a formal consultation on harmonization requirements for the use of ISO 20022 in cross-border transactions so payment systems and networks could get closer to achieving interoperability by speaking the same language.

However, in view of the complexity and magnitude of ISO 20022 conversion projects, applying a one-size-fits-all approach to all payment types can also introduce significant risks to a complex payments ecosystem because different end users have different needs. There are lessons to be drawn from the retail card ecosystem, which brings with it more than 40 years of experience effectively utilizing ISO 8583 messaging for retail card payments, that can guide the broader adoption of ISO 20022 within the financial services sector, including handling versions and maintenance cycles and meeting the needs of end users.

Moving beyond version numbers and maintenance cycles

Today, updates to the ISO 20022 standard can be a lengthy process (anywhere from two to three years), with the need to align to Swift's annual standard release, which has its own set of complexities before it enters the market. As industry moves to implement ISO 20022, one key lesson to adopt from the card ecosystem is that it is essential for the maintenance cycles to be flexible enough to adapt to ever-evolving regulatory changes and market-led innovation occurring in different jurisdictions at different times. Additionally, this flexibility should accommodate the unique needs of different financial sectors and account for innovation occurring at different rates worldwide.

Meeting the needs of evolving end user expectations

The rise of 24/7 real-time connectivity is rapidly transforming end user preferences. Increasingly, consumers and businesses expect successful payment experiences anytime, anywhere, both locally and across borders.

Over the last ten years, Visa has spent more than $3 billion on artificial intelligence (AI) and data infrastructure to enable the safer, smarter movement of money and to proactively identify and prevent fraud. Until ISO 20022 can effectively adapt to the new digital economy, particularly in high-speed, high-volume scenarios, both existing and proprietary formats will persist. To that end, the development of flattened messages and lean APIs will serve as vital technical enablers in driving broader adoption of ISO 20022.

ISO 20022 is at a Crossroads

The ongoing transformation of market infrastructures is set to fuel global momentum in ISO 20022 adoption. Many payment networks are now recognizing the advantages of ISO 20022 and are considering its integration into both existing and new infrastructures, where it aligns with business goals. However, the full worldwide rollout of ISO 20022 will be a multi-year endeavor.

As the payments industry continues its ISO 20022 journey, it is crucial for policymakers and financial institutions to assess the broader impact on a complex payments ecosystem. They should carefully weigh the risks, especially those unique to each financial services sector, and prepare for the transition. Learning from the well-established card space and its historical development is also vital.

Factors to consider include:

  • developing rapid transaction processing
  • developing high-volume transaction requirements
  • ensuring interoperability within specific payment domains
  • ensuring robust transaction security
  • evaluating the impact on existing value-added services

Finding the right balance between a unified approach to standardization across varying payment sectors and accommodating the unique demands of specific regions and payment types will be essential in the evaluation process as the private and public sectors move forward.

About the Authors

Nasreen Quibria is Senior Director, Head of Cross-border Policy Engagement at Visa. A recognized authority with over 18 years in the payments space and over a decade in ISO 20022 standards, she’s held senior positions at organizations such as the Federal Reserve Bank of Boston, the Independent Community Bankers Association (ICBA), and the Association for Financial Professionals (AFP).

Kristina Breen is Vice President of Global Standards Management at Visa, bringing 30 years of experience within payments and industry standards. In addition to her current focus on financial services standardization activities as well as standards policy, Kristina sits on Boards of the American National Standards Institute (ANSI) and the Accredited Standards Committee (ASC) X9.

[1] Proprietary payment messages are a unique message format defined by a country, region, or monetary authority for facilitating payments.

No part of Central Bank Payments News may be reproduced, copied, republished, or distributed in any form or by any means, in whole or in part, without the express and prior written permission of the publisher, Currency Research Malta, Ltd.