Project PurposeThe purpose of this project is to develop an information exchange standard for the Check IBAN open finance use case, to enhance cybersecurity and fraud detection measures within electronic business and international trade by immediately verifying the correct association between a given IBAN code and a certain Tax Code/VAT number. The project will benefit businesses and Public Administrations speeding up administrative procedures within the International Supply Chain. The financial services industry has seen profound technology-led changes over the past years, experiencing a “revolution” due to the impact of new paradigms based on "open" models, which are adopted nowadays in over 40 countries worldwide. Furthermore, the Covid-19 pandemic has accelerated the adoption of information technology within critical infrastructures, production processes and the private lives of citizens. The pandemic has pushed not only financial institutions to increase their investments in innovative technologies but also to develop legislative regulations to strengthen security. In this regard, the theme of cybersecurity has emerged to prevent the risk of fraud, especially in the payments sector, and delivering greater transparency in the payments process. The high profitability of cyber-attacks conducted for economic purposes fosters the steady growth of cyber-crime, which evolves by adopting increasingly sophisticated attack tools and techniques. For this reason, since the financial system is particularly exposed to cyber threats, new technical developments are required for greater stability. The digitalization of the financial sector itself has led to an increasing availability of easily accessible innovative services at decreasing costs, therefore promoting financial inclusion. This, however, has also increased its overall vulnerability and makes the overall financial economic system a prime target for malicious actors. The role of cybersecurity in the digital payments industry is becoming critical nowadays. As the world's payments environment becomes more cashless, the growth in digital payment transaction value increases. In the past years there has been a major evolution and growth in cybersecurity related to corporate and retail cash management activities. In this regard, cyber threats and cyber-attacks are influencing financial resources, resulting as an obstacle for the entire business sector. Within the financial international community there is a steadily growing interest in payment-related services, which allow corporates to mitigate risks by checking the correct ‘match’ between the ‘International Bank Account Number’ (IBAN) and the name of the payment beneficiary. These services allow businesses and Public Administrations to immediately verify, through their reference PSPs (Payment Service Providers), that a given IBAN code is actually matched to a certain Tax Code/VAT number (YES/NO response), speeding up administrative procedures; they also represent an indispensable fraud detection tool within payments in international trade and the international supply chain. The need to prevent the risk of error has led, for instance, the European Commission (EC) to adopt a legislative proposal on Instant Payments (IPs) in euro, fulfilling its commitment of the 2020 Retail Payments Strategy for the European Union, which takes the form of an amendment to Regulations (EU) No 260/2012 and (EU) 2021/1230 as regards instant credit transfers in euro, introducing additional provisions into the SEPA (Single Euro Payments Area) Regulation on Instant Payments (IPs) in euro. This proposal states that all PSPs offering the service of sending of euro IPs (including those not under an obligation to do so) are required to provide their PSUs (Payments Service Users) with a service checking that the payee’s IBAN matches the payee’s name and notifying the PSU of any detected discrepancy. The notification must be given before the payer finalizes the IP payment order and before the PSPs executes the IP. The user remains free to decide whether to submit the payment order for an IP in all cases. Based on these assumptions, there is a major need of use cases and standards for the exchange of messages and harmonised rules under a scheme-like approach. Considering the need of integrating cybersecurity measures and the need to control all counterparts in electronic trade, the Finance & Payment domain believes it is necessary to develop in UN/CEFACT a Business Requirement Specification of the Check IBAN service. The BRS will serve as a standpoint for the JSON-Rest application that grants full interoperability on a global and open scale, acting as the preferred syntax over the web. The degree of adoption of the standard will be explored, starting from addressing the UN/CEFACT domain members in order to investigate whether they are going to develop such services in their respective countries. Finally, this BRS directly and indirectly contributes to the achievement of a number of UN Sustainable Development Goals and specifically targets: - 8.10 - Strengthen the capacity of domestic financial institutions to encourage and expand access to banking, insurance and financial services for all - 12.5 - By 2030, substantially reduce waste generation through prevention, reduction, recycling and reuse - 12.6 - Encourage companies, especially large and transnational companies, to adopt sustainable practices and to integrate sustainability information into their reporting cycle - 17.16 - Enhance the Global Partnership for Sustainable Development, complemented by multi-stakeholder partnerships that mobilize and share knowledge, expertise, technology and financial resources, to support the achievement of the Sustainable Development Goals in all countries, in particular developing countries In particular, the Check-IBAN service does so by providing: - significant cost savings - greater efficiency - reduced environmental impact of financial services - innovation throughout a collaborative ecosystem that includes traditional and new financial players in the market
Project ScopeThe project scope is the development of a Business Requirement Specification of the Check IBAN service, in order to make more efficient and cost-effective the process of verifying the correct association between a given IBAN code and a certain Tax Code/VAT number, which contributes to enhancing cybersecurity and fraud detection measures within electronic business and international trade. This project follows the publication in June 2022 of the White Paper on Open Finance to Support Trade Facilitation (https://unece.org/trade/uncefact/guidance-material), prepared by the UN/CEFACT Finance & Payment domain, which describes open finance use cases such as the Check IBAN service.
Project DeliverablesDeliverable 1: Business Requirement Specification Deliverable 2: Optional: NDR (Naming and Design Rules); RSM (Requirements Specification Mapping)
Exit CriteriaExit Criteria for Deliv. 1: Business Requirement Specification (and optionally NDR) approved by the Bureau for publishing
Project Team Membership and Required Functional ExpertiseMembership is open to UN/CEFACT experts with broad knowledge in the area of: Finance and Payments In addition, Heads of Delegations may invite technical experts from their constituency to participate in the work. Experts are expected to contribute to the work based solely on their expertise and to comply with the UN/CEFACT Code of Conduct and Ethics and the policy on Intellectual Property Rights.
Geographical FocusThe geographical focus of the project is global.
Initial ContributionsThe following contributions are submitted as part of this proposal. It is understood that these contributions are only for consideration by the Project Team and that other participants may submit additional contributions in order to ensure that as much information as possible is obtained from those with expertise and a material interest in the project. It is also understood that the Project Team may choose to adopt one or more of these contributions “as is”. • White Paper on Open Finance to Support Trade Facilitation (https://unece.org/trade/uncefact/guidance-material)
Resource RequirementsParticipants in the project shall provide resources for their own participation. The existence and functioning of the project shall not require any additional resources from the UNECE secretariat.
Project LeadershipFabio Sorrentino (E-mail: email@example.com)
Project Proposal Files