2026-02-07 01:13:22
There was recently an attempt by an independent journalist to expose fraud in a Minnesota social program. It was deeply frustrating; the journalist had notably poor epistemic standards, which secondary media seized upon to dismiss their result.
The class-based sniffing almost invariably noted that prestige media had already reported stories which rhymed with the core allegation, while sometimes implying that makes the allegations less likely to be true, through a logical pathway which is mysterious to me.
The journalism went quite viral anyway, in part because of sensationalized framing, in part because of signal boosting by an aligned media ecosystem and aligned politicians, and in part because the journalism develops one bit of evidence that has a viscerality that paperwork dives often lack: these purported childcare operations routinely have no children in them.
Fraud has become quite politicized in the United States the last few years. We had a poorly-calibrated federal initiative led by a charismatic tech entrepreneur which believed it would unearth trillions of dollars of fraud that focused substantial effort on large programs which are comparatively fraud-resistant. Across the aisle, we have reflexive dismissal that fraud happens in social programs, which functions as air cover for scaled criminal operations which loot many varied social programs [0] and are sometimes run out of geopolitical adversaries of the U.S. including by ambiguously-retired members of their clandestine services.
I worked in the financial industry for a few years. We do not have the luxury of pretending that fraud is something invented by our rivals to besmirch our good name. It hits the P&L every quarter and will eat you alive if you’re not at least minimally competent in dealing with it. Conversely, it is well-understood in industry that the optimal amount of fraud is not zero.
The financial industry has paid at least tens of billions of dollars in tuition here. Overwhelmingly, one learns about fraud in it through an apprenticeship model, with different firms having different internal levels of understanding on the shape of the elephant. The industrial organization presumes small numbers of people architecting anti-fraud systems and relatively larger numbers of investigators and analysts operating those systems on a day-to-day basis.
There does exist some informal knowledge sharing between firms. If you work in payments, try getting invited to the Chatham House rule sessions held by… oh yeah, can’t say. Despite that social technology being originally developed for the benefit of government and press actors, it is my general impression that U.S. benefits programs don’t yet see themselves as sufficiently yoked by adversarial attention to benefit from their own Chatham House series. Perhaps that should change.
And so, for the benefit of fraud investigators with badges, press cards, or GoPros, some observations from a community of practice with an extensive (and mostly nonpublic) body of work. But first a tiny bit of throat clearing.
Minnesota has suffered a decade-long campaign of industrial-scale fraud against several social programs. This is beyond intellectually serious dispute. The 2019 report from the Office of the Legislative Auditor (a non-partisan government body) makes for gripping reading. The scale of fraud documented and separately alleged in it staggers the imagination: the state’s own investigators believed that, over the past several years, greater than fifty percent of all reimbursements to daycare centers were fraudulent. (Separate officials took the… novel position that they were only required to recognize fraud had happened after securing a criminal conviction for it. Since they had only secured a few criminal convictions, there was no way that fraud was that high. Asked to put a number on it, repeatedly, they declined.)
The investigators allege repeatedly visiting daycare centers which did not, factually, have children physically present at the facility despite reimbursement paperwork identifying specific children being present at that specific time. The investigators demonstrated these lies on timestamped video, and perhaps in another life would have been YouTube stars.
Our social class is intensely averse to straightforwardly recounting these facts, partly due to political valence and partly due to this particular fraud being dominantly conducted within a community which codes as disadvantaged in the U.S. sociopolitical context.
Fraudsters are liars and will cheerfully mouth any words they believe will absolve them of their crimes. If an accusation of racism gets one a free pass to steal hundreds of millions of dollars, they will speciously sue you alleging racial discrimination. That empirically worked in Minnesota. The OLA takes explicit notice of this multiple times, a coordinator for the fraud operation is on record explicitly explaining the strategic logic of accusations of racism, and a judge was even moved to make an extraordinary statement to clarify that the bad-faith lawsuit alleging racism did not achieve success through the formal judicial process but rather through the voluntary compliance of governmental actors shamed by its allegations.
(As a sidenote: one has to be able to hold two thoughts simultaneously about fraudulent operations. They can be sophisticated with respect to exploiting sociopolitical cleavages in their targets while also being comically inept at faking evidence elsewhere, such as having a single person write dozens of adjacent rows in a sign-in sheet. This routinely surprises observers and it should not surprise them. The financial industry also has a division of labor in it. The person architecting the fraud department’s standard processes is well-paid, well-educated, and routinely brings crossdisciplinary expertise to bear. A Fraud Analyst I, on the other hand, bears a lot of similarity to a call center employee in terms of compensation, education, and permitted amounts of agency.)
In the immediate wake of the independent journalist’s report, the great and the good rallied around the organizations he accused. Of course it was natural that journalists wouldn’t get immediate access to children if they asked. Of course there was a certain amount of informality in the sector. Of course, as the New York Times very carefully wordsmithed recently:
Minnesota officials said in early January that the state conducted compliance checks at nine child-care centers after Mr. Shirley posted his video and found them “operating as expected,” although it had “ongoing investigations” at four of them. One of the centers, which Mr. Shirley singled out because it misspelled the word “Learning” on its sign, has since voluntarily closed.
An inattentive reader might conclude from this paragraph that the Times disputes Shirley’s reporting.
To the extent that Bits about Money has an editorial line on that controversy, it is this: if you fish in a pond known to have 50% blue fish, and pull out nine fish, you will appear to be a savant-like catcher of blue fish, and people claiming that it is unlikely you have identified a blue fish will swiftly be made to look like fools. But the interesting bit of the observation is, almost entirely, the base rate of the pond. And I think journalism and civil society should do some genuine soul-searching on how we knew—knew—the state of that pond, but didn’t consider it particularly important or newsworthy until someone started fishing on camera.
But this is not a publication about particular ponds. It is a publication about getting better at fishing.
The best non-fiction work on fraud is Dan Davies’ Lying for Money. In it, you’ll find replete examples of something well-known to fraud investigators: the dominant next adventure for a former fraudster is… opening up a new fraud. And therefore, if you want to identify a ridiculously-high-hit-rate list of frauds in round N+1 of a game, a so-easy-its-practically-cheating way to do so is to look at what known fraudsters from round N are doing today.
There is a genuine difference in the culture and epistemology of the financial industry versus the government of the United States here. In the financial industry, we keep blacklists and getting a second chance after obvious misbehavior is intentionally non-trivial. This runs against deeply felt values of civil servants. An accusation is not a conviction, and absent clear authority to impose consequences in a new program, an actor convicted at enormous societal cost emerges to a new program officer as tabula rasa, equal in moral worth to any randomly chosen citizen.
I will not argue that Mastercard has better moral intuitions than the Founding Fathers. I would, however, happily suggest that the government not assume that the Constitution contains emanating penumbras obligating it to be repeatedly taken advantage of by the same people in the same fashion. We are not forbidden object permanence.
Minnesota raided the Sunshine Child Care Center in 2022 on suspicion of overbilling. No charges were brought, in what investigators imply was less an exoneration and more an inter-departmental fumble. That operation was owned by one Fowsiya Hassan. A separate childcare center owned by Fowsiya Hassan was featured on YouTube recently. This follows on $1.5 million of funds received through Feeding Our Future, a scaled fraud operation which has generated over 70 indictments, 5 criminal convictions, and 50 guilty pleas. What a set of coincidences. Perhaps Hassan has, as she has alleged in a lawsuit, been a frequent target of racially-motivated government investigations into a successful serial entrepreneur in the childcare field.
Much of the intellectual energy in policy circles about fraud is aimed at retail-level fraud by individual beneficiaries. Most fraud, like most scaled property crime, is actually the result of a business process.
This is an elementary fact of capitalism. It is deeply disconcerting to find every benefits program independently rediscovers it a decade too late to do anything about it. Most bread is not baked by amateurs in their kitchens. It comes from a bakery which exists to bake bread and hires specialists in baking bread and then supports them with capital-intensive built infrastructure.
Fraud develops a supply chain. Some elements in the supply chain are dual-use; the bad guys use Excel for the same reason every business uses Excel. Some elements in the supply chain, though, are specialized infrastructure with no or de minimis legitimate purpose. Those elements can be profiled.
I worked at Stripe for several years and am currently an advisor there. Stripe does not endorse what I write in my personal spaces. In its own spaces, Stripe has discussed being able to follow fraudulent operations in sufficient detail to determine when the operators went to lunch.
Fraudsters share specialists quite frequently. They use the same incorporation agents, the same mail services, the same CPAs, the same lawyers, etc.
You can make the same observation about many communities of practice. It is a non-coincidence that many tech startups are at 548 Market Street in San Francisco. 548 Market Street is not the world’s hippest coworking space. It is the address for EarthClassMail in SF. There are many P.O. box providers in the world; many geeks with taste reach for ECM. (Bits about Money is legally required to maintain a postal address and, if you were ever to send it a physical letter, that would also end up in the hands of an EarthClassMail employee.)
Elsewhere in the world, there exist P.O. box providers whose customers statistically include fewer AI labs and more frauds. One imagines the specialist-in-fraud at the storefront, picking up the day’s take from fifteen separate boxes.
Elementary work graphing supporting infrastructure, even on something as unsophisticated as butcher paper, frequently unravels fraud networks. Data science has any number of more sophisticated approaches. Jetson Leder-Luis, an academic who now routinely works with the government, has previously discussed some approaches which work based on widely commercially available data sources.
There is an emerging defender’s advantage here in the age of LLMs, since exploratory work in visualizing and walking network graphs is getting much cheaper. You no longer need to buy Palantir and engage a “forward-deployed engineer” to cluster IP addresses. A non-technical fraud investigator could get an LLM to do that while eating at Chipotle, and the lunch would cost more.
This democratization of capabilities is relevant to journalists, formal and otherwise, and also to governments. RFPs and software contracting once de facto mandated a multi-year lead time to do an automated network analysis if an analyst thought perhaps their program might need one. Now that is an afternoon’s work, if we allow ourselves to do it. We should.
As mentioned, there is enormous visceral distaste for the conclusion that a particular fraud ring operates within a particular community. This is quite common. You should expect to find circumstances which rhyme with it when conducting effective fraud investigations. You should not abandon fraud investigation when you chance upon this.
People assume a level of ethical fraughtness here which is not warranted. You would, if doing ethnographic work on perfectly legitimate businesses across industries, routinely discover ethnic concentration rather than population-level representation everywhere you looked. The Patels run the motels. One doesn’t need to adopt grand theories about how certain groups are predisposed to becoming pharmacists or startup employees or line cooks; simple microeconomic reasoning explains reality easily. Firms hire the people they already know, like, and trust. That will routinely include friends and family, who are going to be much more like the founding team than they are like randomly drawn members of the population. This is the default outcome.
Fraudsters do have one structural factor here. Everyone wants to trust their coworkers. Fraudsters need to trust their coworkers will be loyal even upon threat of prison time. That necessarily selects for tighter bonds than the typical workplace. Madoff was a family affair, SBF was in an on-again off-again romantic relationship with a chief lieutenant, and neither of those facts is accidental or incidental.
That’s the other ethical dimension of being other-than-blind to concentration: so-called affinity frauds do not merely recruit fraudsters from affinity groups. They recruit victims from affinity groups. Madoff mobilized the social infrastructure of the Jewish community in New York and Palm Beach to find his marks. Community members certainly did not intend their charitable foundations to be looted by a fraudster. It was an emergent consequence of trust networks.
This also happens to “chosen” communities. FTX was, in material part, an affinity fraud against effective altruists, who are not a religion or ethnic group as traditionally construed.
And so when the great and the good turn a blind eye towards abuses because the perpetrators share an uncomfortable common factor, they are often simultaneously turning a blind eye towards abuses of a community whose interests they purport to champion.
As covered extensively in Lying for Money, the necessary fundamental conceit of a fraud is growth in a business that doesn’t happen in the real world. “Every lie told incurs a debt to the truth, and one day, that debt will be paid”, to quote the excellent drama mini-series Chernobyl. Fraudsters forestall that day of reckoning by telling a bigger lie, increasing the debt, which (mostly as a side effect) alleges that they’re growing much faster than most of your legitimate portfolio. Happily, many businesses have figured out how to keep track of fast-growing customers. Tracking rocketships doesn’t require rocket science.
Sort-by-growth-rate-descending on new accounts will turn up a lot of interesting observations about the world. One is that Fortune 500 companies sometimes open new accounts, and you probably don’t need to open a fraud investigation file in that case. Another is that some people claim to be feeding millions of meals to a community of tens of thousands of people, beginning from a standing start, and growing local social services at a rate which an Uber Eats city manager would not expect to achieve in the wildest dreams of their go-to-market plan.
Feeding Our Future had a CAGR of 578% sustained for 2 years. Uber, during their meteoric growth period in core rideshare services, had an average CAGR of 226%. Their best year was 369%. But, if you asked in Minneapolis in 2021, you’d quickly find someone who had been in an Uber, but fail to find anyone who ate courtesy of Feeding Our Future. So curious, given that they were drubbing one of the fastest growing companies in history on growth rate.
Investigators in Minnesota were ringing the alarm bells for years about implausibly fast growth in Feeding Our Future’s reimbursement requests, including at new facilities. Feeding Our Future felt it was maxed out on the fraud it could conduct at existing sites, and expanded voraciously, including (most prominently) enrolling numerous restaurants as “feeding sites.” They then copy/pasted the usual playbook and requested reimbursement for implausible volumes at those sites, paying kickbacks to many participants. This then required growing the fraud, which… you get the general idea. We could have gotten off the bus at many points, and I suppose that is at some level a question of political will.
The highest growth rates in the economy generally are newer fields (you basically can’t sustain the alternative). This doesn’t imply that those fields are fraudulent, but they will tend to disproportionately attract frauds. The defenders in those fields have not yet paid their tuition to the School of Hard Knocks, and so attackers target the weaker systems. The higher growth rates of legitimate businesses function as protective cover for high stated growth rates of illegitimate businesses; a CAGR of 1,000% looks implausible for a restaurant but barely-meets-expectations for an AI software shop.
And, not to put too fine a point on it, many people are invested, literally and metaphorically, in whatever today’s new hotness is. People who could not secure an allocation in the more legitimate ends of it will sometimes find themselves adversarially selected by less salubrious actors. This will read to those people as a justly earned success. They might even have their marketing department write up their victimization as an indisputable success.
And so, if you’re a defender who has many different lines of business and has limited resources (or political will), where should you deploy those resources? Should you place your bets on e.g. Social Security, a multi-trillion dollar program whose primary source of growth is fun to conjure but then requires 70 years of seasoning? Or should you place them on the Paycheck Protection Program, or pandemic-era unemployment insurance, or genetic testing, or non-emergency medical transportation? Despite those being smaller line items, they probably have more juice worth squeezing, and the fraud is more easily detectable. Just look.
Bits about Money has extensively covered anti-moneylaundering and Know Your Customer regulations and I won’t rehash those regimes here. A bit of tacit knowledge in the financial industry: some actors in the set “broadly considered trustworthy” are more worthy of trust than others… and some are less.
We are generally discreet about writing this down in as many words. But, as an analogy, cross-national regulatory bodies require that financial institutions maintain a list of high-risk jurisdictions to do business in. You are generally required to do enhanced due diligence on customers/activities/etc touching the high-risk list.
If you are particularly competent, and there are plusses and minuses to being competent in detecting fraud (you will not be the most popular person in the firm at bonus time; that goes to the folks who sold the high-growth accounts), you might have the analogous list of U.S. financial institutions which are not entirely fronts for the bad guys.
If one hypothetically has that list, that’s one more signal you can use in evaluating any particular account, and a one-stop shop for developing a list of accounts to look into. It would be uncouth of me to name an extant bank that has poor controls, but for a general example of the flavor, see my (scathing) commentary on Silvergate’s AML and KYC program. Without using any proprietary information, I predict confidently that Silvergate banked many more multi-billion dollar frauds as a percentage of its customer base than almost any of the U.S.’s 4,500 banks. (Trivial substantiation: divide FTXes-banked by total-count-of-customers.)
One might, if one has never seen the list, wonder whether it is simply proxying for something the financial industry is definitely not allowed to proxy for. One of the first things you learn as a data analyst is zip codes are extremely probative and you are absolutely not allowed to use them. The American system remembers the experience of redlining and has forbidden the financial industry from ever doing it again; the industry mostly respects that. But good news: institutions with weak controls environments are not, in fact, simply a proxy for “Who banks socially disadvantaged people?” There are many financial institutions that have that as an explicit business model. Some of them are good at their jobs. Some, less so, and the fraudsters know it.
This sometimes happens with the knowing connivance of the financial institution and/or their staff. For much more on that, see histories of the savings and loan crisis, or the Lying for Money chapter on control frauds. But more commonly it is simply a community of practice developing organic knowledge about who is just very easy to get an account with. You need accounts, as a business. As a fraudulent business, which intends to cycle through accounts and identities at a much higher rate than baseline, you would prefer to do business with a bank which will not detect that malfeasance.
And so you will disproportionately end up banked, with many of your buddies, at the least attentive place still capable of getting a license. And so an agency, trying to find a fraudulent network, might want to look at fraud-cases-by-routing-number and then start making some judgment calls.
One of the reasons the government has deputized the financial industry is it is good at keeping spreadsheets and quickly responds to requests for them. Perhaps the government should call up a few of their deputies and say “So, not alleging anything here, but we think you might have a list, carefully maintained by your fraud department for your own purposes. We want to see the list. It would be pro-social of you to give us a copy of it.”
There is a thriving market in identities to be used in fraud. This is because bad actors prefer not putting their own names on paper trails certain to become evidence, because they frequently “burn” themselves early in their careers, and because institutions have cottoned onto the wisdom of collecting lists of ultimate beneficiaries.
Sometimes this is a social process, conducted at e.g. the dinner table. Sometimes the market is explicitly a market. Jetson recounted that, having exhausted the supply of patients needing dialysis who could plausibly need ambulance services, frauds began bribing potential patients, first with donuts and then with cash. This is extremely common. In Minnesota, parents were recruited to childcare providers with the promise of cash kickbacks or (a detail we’ll return to in a moment) fictitious paperworked no-show jobs, sometimes at substantially fictitious companies.
Fraudsters sometimes exercise some level of operational discipline in their communications. The bad guys have also seen The Wire; they know Stringer Bell’s dictum on the wisdom of keeping notes on a criminal conspiracy. However, the population of people willing to be named in a federal indictment over $200 necessarily selects preferentially for individuals who are not experts at operational security. They will sometimes organize recruitment very openly, using the same channels you use for recruiting at any other time: open Facebook groups, Reddit threads, and similar. They will film TikTok videos flashing their ill-gotten gains, and explaining steps in order for how you, too, can get paid.
As a fraud investigator, you are allowed and encouraged to read Facebook at work.
Now, knowing that there exists the frequent epiphenomenon where fraudsters recruit strawmen to use their identities to qualify for payments: suppose that you have an entirely new enterprise whose first customers are individuals A, B, C, and D. You know, from past records, that A, B, C, and D have all been customers of an organization which you now know, positively, was a fraudulent actor. You might infer from this that A, B, C, and D might have sold their identities once, but you probably don’t have sufficient information to convict them in a court of law of that. (It is of course possible that they are simply unsophisticated, or that bad actors obtained their information without their knowledge, for example by misappropriating a client list from a previous corporate entity they happened to own/work for/etc.)
But do you have enough information to take a more-detailed-than-usual look at this totally new enterprise? I think you do.
We have choices, as the defender, in what levels of evidence we require to enter the circle of trust, what our epistemological standards are, and how much evidence we require to forcibly exit someone from the circle of trust.
A detail from the Minnesota cases is that these burdens are asymmetric, in a way which disadvantages the defender (all of us). That decision is a choice and we should make better choices.
For example, the primary evidence of a child attending a day-care was a handwritten sign-in sheet of minimal probative value. Prosecutors referred to them as “almost comical” and “useless.” They were routinely fraudulently filled out by a 17 year old “signing” for dozens of parents sequentially in the same handwriting, excepting cases where they were simply empty.
To refute this “evidence”, the state forced itself to do weeks of stakeouts, producing hundreds of hours of video recording, after which it laboriously reconstructed exact counts of children seen entering/exiting a facility, compared it with the billing records, and then invoiced the centers only for proven overbilling.
On general industry knowledge, if you are selected for examination in e.g. your credit card processing account, and your submission of evidence is “Oh yeah, those transactions are ones we customarily paperwork with a 17 year old committing obvious fraud”, your account will be swiftly closed. The financial institution doesn’t have to reach a conclusion about every dollar which has ever flowed through your account. What actual purpose would there be in shutting the barn door after the horse has left? The only interesting question is what you’ll be doing tomorrow, and clearly what you intend to do tomorrow is fraud.
We can architect the asymmetry in the other fashion: legitimate businesses will customarily, as a fact of their operations, put enormous effort into creating visible effects in the world which are trivial to check. In technologist circles this is sometimes called a “proof of work” function.
Once upon a time, a team of fraud analysts asked how they could possibly determine frauds from non-frauds without having extensive industry knowledge about every possible commercializable human activity. I suggested that a good first pass was “Just ask the correspondent for a quick video, shot on their cell phone, of their workspace.”
That is minimally invasive for the business owner, generates a huge amount of signal (including that which can be correlated across accounts), and can be usefully adjudicated by non-specialists in a minute. No multi-month stakeout of their storefront is required. Of course you can convincingly fake a video of working in, say, a machine shop, but fraudsters maintaining spreadsheet row 87 about the machine shop will find that difficult to juggle with all the other required lies in their backlog. Actual machine shops, meanwhile, include people, which means they include functional cell phone cameras at no additional cost to anyone.
You can also get some signal from who can trivially produce a video and who needs a week of advance notice to find a cell phone to record those machines that were absolutely milling aluminum last week.
Fundamentally, we have a choice about where we put our investments in defanging fraud, and we should stop choosing to lose.
So-called “pay-and-chase”, where we put the burden on the government to disallow payments for violations retrospectively, has been enormously expensive and ineffective. Civil liability bounces off of exists-only-to-defraud LLC. Criminal prosecutions, among the most expensive kinds of intervention the government is capable of doing short of kinetic war, result in only a ~20% reduction in fraudulent behavior. Rearchitecting the process to require prior authorization resulted in an “immediate and permanent” 68% reduction. (I commend to you this research on Medicare fraud regarding dialysis transport. And yes, the team did some interesting work to distinguish fraudulent from legitimate usage of the program. Non-emergency transport for dialysis specifically had exploded in reimbursements—see Figure 1— not because American kidneys suddenly got worse but because fraudsters adversarially targeted an identified weakness in Medicare.)
Attackers carefully respond to signals they think they are being sent from defenders. A lawyer for some of the Minnesota defendants, Ryan Pacyga, was quoted by the New York Times as saying that his clients understood Minnesota to tacitly allow their actions.
> No one was doing anything about the red flags. … It was like someone was stealing money from the cookie jar and they kept refilling it.
Don’t be the defender who sends that message. It will not work out well for you or your program.
Most frauds have rich external lives, with a soaring narrative of how deserving people are getting valuable services (and/or getting rich for being right and early regarding e.g. crypto asset cross-margining). They tend to be distinctly underpaperworked internally, partly because a synonym for “paperwork” is “evidence” and partly because… most frauds aren’t really that sophisticated, when it comes down to it. There is a true number; lie about it; done.
Like many time-pressed entrepreneurs busy talking to potential customers, fraudsters put the minimal amount of time necessary into bookkeeping and even less than that into paperworking epiphenomena of their frauds. One example of epiphenomena is sometimes the beneficiaries need their own paperwork. A legitimate mortgage company employs sales reps and a backoffice to help unsophisticated customers successfully get several hundred pages of paperwork together to sell a mortgage. Frauds… mostly don’t do that.
And so, if you have e.g. a statutory requirement that a beneficiary be employed to access services, a fraudster might say “Don’t worry about it!” They’ll just assert that you are an employee at a cleaning company. Perhaps they might even go as far as payrolling you as an employee of a cleaning company. This kills two birds with one stone, paying you your kickback while also generating the paystub they need you to have to qualify for the government reimbursement. (This happened, per the OLA’s reports summarizing the results of many investigations, in Minnesota.)
But fraudsters don’t actually operate cleaning companies even in those cases where they do operate daycares.
Cleaning companies are legitimate businesses, in the main, and working for one is an honest occupation. And so a fraud investigator should feel no chagrin at calling a cleaning company in the phone book and asking for a quote. A cleaning company which expresses complete befuddlement that someone could ask for a quote is providing, ahem, evidence in a direction.
(I have to note, as someone who pays to send children to a private school, that there is replete evidence that the school is accepting new children, knocking on the door and asking will quickly result in being given a brochure, and there are scheduled open houses and similar. I can imagine a gratuitously mismanaged educational establishment which does none of these things, and I can imagine an educational establishment which makes a lot of money, but I have trouble holding both thoughts in my head at the same time.)
The core frauds are sometimes hardened, to an attenuated degree. The peripheral frauds collapse under even a glance. Architect processes to require more signals regarding the periphery, then architect a system which takes at least a cursory look at the periphery. You will trivially catch frauds.
If you’re worried about exposing the exact signal that you are using, costing utility of it in the future, you can use this as a “parallel construction” engine. Develop leads for investigation using the non-public signal, pull the core records as a matter of routine, find the discrepancies that all frauds leave in their core records, and then put those in the indictment. Ask your friendly neighborhood lawyer if that passes muster or if you need to add a sentence rhyming with “was selected for a routine audit on the basis of information available to the department.”
We have discussed some heuristics [1] for identifying fraud. The financial industry still makes material use of heuristics, but a heuristic is a compression of the real world. It will sometimes lose fidelity to the world. It will frequently, by design, be legible to the adversary.
The defender has one advantage the attacker cannot ever replicate: data at scale. It knows what legitimate use looks like because it has all the messy, contradictory, varying quality, typos-and-all data which legitimate businesses in the real world constantly throw off. You cannot duplicate all of the shadows on the wall of Plato’s cave without first duplicating the entire world. Fraudsters, even quite talented ones, can’t do that.
There are any number of techniques for machine learning in anti-fraud; Emily Sands has previously discussed some with me. An important subset of the field can adapt in real-time or close to it to changes in adversary (or legitimate!) behavior. For example, covid surprised the fraudsters at the same time as it surprised every supermarket in the country, but the ex-post actions of the fraudsters and the supermarkets were very different. Revenue went up for both, but only one group actually runs a supermarket. And so by ingesting and constantly analyzing data from all users, including retrospective annotation of which users you’ve identified to be frauds, you get better and earlier signals on which users are likely fraudulent and which are likely not.
This can inform outright interdiction or the investigate-then-punish loop that we ordinarily expect from government. It can also inform less consequential, easier-to-reverse interventions. For example, rather than putting all users immediately through the highest-possible-ceremony process for application, you can let most users do a lower-burden process, saving the higher levels of scrutiny for those which signal greater likelihood of being fraudulent. Or you can default to approving more applicants and reserve more of your investigatory budget for post-approval review, with this being equivalently costly by using better tasking of those reviews versus random allocation. Pay-and-chase becomes more palatable if it is not pay-and-pay-and-pay-and-pay-and-chase and more pay-until-we-decide-to-chase-but-stop-payments-at-that-decision-not-after-the-catching.
Machine learning isn’t simply useful from a perspective of decreasing fraud. The history of regulation of benefits programs is the history of too-late, too-harsh overcorrection to notorious abuses. Much of what advocates find most maddening and Kafkaesque about eligibility criteria and application processes was voted on by a legislature but bears the signature of a fraudster with a novel idea.
With a good machine learning practice, you can increase data ingested but decrease the burdensome formal application/etc requirements. This is in no small part because those data points are less probative (they are under the direct control of the attacker and announce that they will be scrutinized). But it bears a dividend: if you better control fraud, and can successfully demonstrate that to the public and legislators, you can decrease application burden and perhaps even widen eligibility criteria. Those are both in the direct interests of potential marginal beneficiaries.
A political commentator might focus more on the optics here than on the substance, because that is so frequently where the point of actual leverage is in politics. But the substantive reality of fraud losses matters. It is much easier to tell the story of fraud in benefits programs being rare, opposed by all right-thinking people, and swiftly sanctioned when that story is not an obvious lie.
You can read Lying for Money or other histories of frauds for more detail on the texture, but in the main, a dedicated fraudulent enterprise is created, is seasoned for a while before crossing the rubicon, has a period of increasing brazenness, is detected, is closed, and then is resurrected when the fraudster gets the band back together from round N+1.
We can intervene against the lifecycle model if we understand it. This begins with not defaulting to the understanding of investigators that frauds are isolated incidents by disparate individual actors. Those have been known to happen, but frauds are, by total damage, dominated by repeatable business models perpetrated by professional specialized bad actors. We should study them like we study other successful entrepreneurs, and then not invest in them.
One actionable insight from the lifecycle model: because the fraudster intends to be in business multiple times in their life, we should track the person-to-business mapping much more closely than we have historically. As Lying for Money says, if you’re an accountant and willing to go to prison, and you do not get rich via fraud… well, you are very bad at your job. That’s on you. When we give you repeated chances to do it, that’s on us.
One might think that the simplest imaginable reform is passing some sort of beneficial ownership regulation to unroll complex corporate structures designed to obscure who is actually puppeting Totally Not A Fraud, LLC. But the simplest imaginable reform is probably just actually reading corporate filings that already exist and are public. Again, most fraudsters are not the hypersophisticated Moriarties of the popular imagination. The Minnesota fraudsters frequently did not even bother with fig leaves. While they did find some nominee directors in some cases, many of the convicted operated their companies in their own names, with no complicated structuring at all. Sometimes multiple times, consecutively, after the previous entities had worn out their welcome with Minnesota.
The Fed should not be surprised when the bad guys buy a bank when buying a bank requires an extended permission-seeking process and the bad guy’s corporate records, dutifully recorded by Maryland (entity D20033544), are signed by a notorious bagman. In the Fed’s defense, the bagman lied to them about his intentions, which was outside of their world model. (Pip pip to the New York Times for figuring that out before the Fed did. That is, sadly, not the usual way it works in financial journalism.)
Responsible actors in civil society have a mandate to aggressively detect and interdict fraud. If they do not, they cede the field to irresponsible demagogues. They will not be careful in their conclusions. They will not be gentle in their proposals. They will not carefully weigh consequences upon the innocent. But they will be telling a truth that the great and the good are not.
The public will believe them, because the public believes its lying eyes.
[0] In a thing you will see frequently in fraud investigations, early detection of anomalies does not necessarily imply successful identification of the underlying fraudulent enterprise. A teacher was scandalized that a third of their students are using AI to write papers. Those “students” are identities puppeted by a criminal organization to siphon federal funding out of community colleges towards accounts controlled by the criminals. (I award myself one cookie for correctly predicting this.)
[1] A heuristic, in industry parlance, is a hard-coded rule or set of rules as opposed to a system which automatically adapts to changes in the underlying data. Compare the difference between “You are less likely to default on loans if you own versus renting”, which is absolutely demonstrable in aggregate data, versus “You are less likely to default on loans at 780 FICO versus 540 FICO.” For a variety of reasons, the culture that is legislators sees the problem with having one heuristic, which will obviously not come to the correct conclusion all of the time. It corrects for this issue by having several hundred pages of heuristics. Just one more heuristic, man, and we’ll have completely anticipated all the complexity of the world.
Heuristics are wonderful things! They’re cheap to adjudicate, easy to explain, and can be understood by lawyers, even the kind who have ascended from the practice of law to the writing of it. Happily, machine learning systems can have all of these properties if you make them priorities.
2026-01-08 05:12:19
Programming note: Happy New Year! Bits about Money is made possible—and freely accessible to all—by the generous support of professionals who find it useful. If you’re one of them, thank you—and consider purchasing a membership.
The U.S. is often maligned as being customer-hostile compared to other comparable nations, particularly those in Europe. One striking counterexample is that the government, by regulation, outsources to the financial industry an effective, virtually comprehensive, and extremely costly consumer protection apparatus covering a huge swath of the economy. It does this by strictly regulating the usage of what were once called “electronic” payment methods, which you now just call “payment” methods, in Regulation E.
Reg E is not uniformly loved in the financial industry. In particular, there has been a concerted effort by banks to renegotiate the terms of it with respect to Zelle in particular. This is principally because Zelle has been anomalously expensive, as Reg E embeds a strong, intentionally bank-funded anti-fraud regime, but Zelle does not monetize sufficiently to pay for it.
And thus a history lesson, a primer, and an explanation of a live public policy controversy.
If you were to ask your friendly neighborhood reference librarian for Electronic Fund Transfers (Regulation E), 44 Fed. Reg. 18469 (Mar. 28, 1979), you might get back a document yellowed with age. Congress, in its infinite wisdom, intended the Electronic Funds Transfer Act to rein in what it saw as the downsides of automation of the finance industry, which was in full swing by this time.
Many electronic transactions might not issue paper receipts, and this would complicate he-said bank-said dispute resolution. So those were mandated. Customers might not realize transactions were happening when they didn’t have to physically pull out a checkbook for each one. Therefore, institutions were required to issue periodic statements, via a trustworthy scaled distribution system, paper delivered by the United States Postal Service. And electronic access devices—the magnetic-stripe cards, and keyfobs [0], and whatever the geeks dreamed up next—might be stolen from customers. And therefore the banks were mandated to be able to take reports of mislaid access devices, and there was a strict liability transfer, where any unauthorized use of a device was explicitly and intentionally laid at the foot of the financial institution.
Some of the concerns that were top of mind for lawmakers sound even more outlandish to us, today. Financial institutions can’t issue credit cards without receiving an “oral or written request” for the credit card. That sounds like “Why would you even need to clarify that, let alone legislate against it?!” unless you have the recent memory of Bank of America having the Post Office blanket a city with unsolicited credit cards then just waiting to see what happened. [1]
The staff who implemented Reg E and the industry advocates commenting on it devoted quite a bit of effort to timelines, informed by their impression of the cadence of life in a middle class American household and the capabilities of the Operations departments at financial institutions across the U.S.’s wide spectrum of size and sophistication. Two business days felt like a reasonable timeline after the theft of a card to let the financial institution know. They picked sixty business days from the postmark for discovering an unauthorized transaction in your periodic statements. That felt like a fair compromise between wanting to eventually give financial institutions some level of finality while still giving customers a reasonable buffer to account for holidays, vacation schedules, the time it takes a piece of mail to travel from New York City to Hawaii, and the reality that consumers, unlike banks, do not have teams paid to open and act upon mail.
And, very importantly for the future, Congress decided that unsophisticated Americans might be conned into using these newfangled electronic devices in ways that might cost them money, and this was unacceptable. Fraudulent use of an electronic fund transfer mechanism was considered an error as grave as the financial institution simply making up transactions. It had the same remedy: the financial institution corrects their bug at their cost.
“Unauthorized electronic fund transfer” means an electronic fund transfer from a consumer's account initiated by a person other than the consumer without actual authority to initiate the transfer and from which the consumer receives no benefit.
Reg E provided for two caps on consumer liability for unauthorized electronic fund transfer: $50 in the case of timely notice to the financial institution, as sort of a deductible (Congress didn’t want to encourage moral hazard), and $500 for those customers who didn’t organize themselves sufficiently. Above those thresholds, it was the bank’s problem.
Reg E also establishes some procedural rights: an obligation for institutions to investigate claims of unauthorized funds transfers (among other errors—Congress was quite aware that banks frequently made math and recordkeeping mistakes), to provisionally credit customers during those investigations, strict timelines for the financial institutions, and the presumptive burden of proof.
In this privately-administered court system, the bank is the prosecutor, the defendant, and the judge simultaneously, and the default judgment is “guilty.” It can exonerate itself only by, at its own expense and peril, producing a written record of the evidence examined. This procedural hurdle is designed to simplify review by the United States’ actual legal system, regulators, and consumer advocates.
The institution's report of the results of its investigation shall include a written explanation of the institution's findings and shall note the consumer's right to request the documents that the institution relied on in making its determination. Upon request, the institution shall promptly provide copies of the documents.
Having done informal consumer advocacy for people with banking and debt issues for a few years, I cannot overstate the degree to which this prong of Reg E is a gift to consumer advocates. Many consumers are not impressively detail-oriented, and Reg E allows an advocate to conscript a financial institution’s Operations department to backfill the customer’s files about a transaction they do not have contemporaneous records of. In the case that the Operations department itself isn’t organized, great, at least from my perspective. Reg E says the bank just ate the loss. And indeed, several times over the years, the prototypical grandmother in Kansas received a letter from a bank vice president of consumer lending explaining that the bank was in receipt of her Reg E complaint, had credited her checking account, and considered the matter closed. It felt like a magic spell to me at the time.
Banks do not like losing money, citation hopefully unnecessary, and part of the business of banking is arranging for liability transfers. Insurance is many peoples’ paradigmatic way to understand liability transfers, but banks make minimal use of insurance in core banking services. (A bank which is robbed almost always self-insures, and the loss—averaging four figures and trending down—is so tiny that it isn’t worth specifically budgeting for.)
The liability transfer which most matters to Reg E is a contractual one, from issuing banks to card processors and from card processors to card-accepting businesses. These parties’ obligations to banks and cardholders are substantially broader than the banks’ obligations under Reg E, but the banks use a fraction of those contracts to defray a large portion of their Reg E liability.
For example, under the various brands’ card rules, an issuer must have the capability for a customer to say that a transaction which happened over plastic (or the electronic equivalent) simply didn’t meet their expectations. The issuer’s customer service representative will briefly collect facts from the customer, and then initiate an automatic process to request information from a representative of the card-accepting business. On receipt of that information, or non-receipt of it, a separate customer service representative makes a decision on the case. This mechanism is called a “chargeback” in the industry, and some banks are notorious for favoring the high-income quite-desirable customers who hold their plastic over the e.g. restaurant that the bank has no relationship with. “My eggs were undercooked” is a sufficient reason to ask for a chargeback and will result in the bank restoring your money a large percentage of the time.
In the case where the complaint is “My card was stolen and used without my knowledge”, essentially the same waterfall activates, perhaps with the internal note made that this dispute is Reg E sensitive. But mechanically it will be quite similar: bank tells processor “Customer asserts fraud”, processor tells business, business replies with a fax, bank staff reviews fax and adjudicates.
There are on the order of 5 million criminal cases in the formal U.S. legal system every year. There are more than 100 million complaints to banks, some of them alleging a simple disagreement (undercooked eggs) and very many alleging crime (fraud). It costs banks billions of dollars to adjudicate them.
The typical physical form of an adjudication is not a weeks-long trial with multiple highly-educated representatives debating in front of a more-senior finder of fact. It is a CSR clicking a button on their web app’s interface after 3 minutes of consideration, and then entire evidentiary record often fits in a tweet.
“Customer ordered from online store. Customer asserts they didn’t receive the item in six weeks. No response from store. Customer wins. Next.”, “Customer ordered from online store. Customer asserts they didn’t receive item. Store provided evidence of shipping via UPS. Customer does not have a history of fraudulent chargebacks. Customer wins. Next.”, “Customer’s bookkeeper asserts ignorance of software as a service provider charge. Business provided written statement from customer’s CEO stating chargeback filed in error by new bookkeeper. Customer wins. Next.” (I’m still annoyed by that last one, years later, but one has to understand why it is rational for the bank and, in a software company’s clearer-minded moments, rational for them to accept the risk of this given how lucrative software is.)
The funds flow in a chargeback mirrors the contractual liability waterfall: the issuing bank gets money back from a financial intermediary, who gets it back from a card processor (like Stripe, which I once worked for, and which doesn’t specifically endorse things I write in my own spaces), who will attempt to get it back from the card accepting business.
That word “attempt” is important. What if the business doesn’t have sufficient money to pay the aggrieved customer, or they can’t be located anymore when the system comes to collect? Reg E has a list of exceptions and those aren’t on it. The card processor then eats the loss.
The same frequently happens to cover the provisional credit mandated while the bank does its investigation, and the opposite happens in the case where the issuing bank decides that the card accepting business is in the right, and should be restored the money they charged a customer.
This high-frequency privately-funded alternative legal system has quietly ground out hundreds of millions of cases for the last half century. It is a foundation upon which commerce rests. It even exerts influence internationally, since the card brand rules essentially embed a variant of the Reg E rights for cardholders globally, and since nowhere in Reg E is there a carveout for transactions that a customer might make electronically with their U.S. financial institution while not physically located in the United States. If you are mugged and forced to withdraw money at an ATM in Caracas, Uncle Sam says your bank knows that some tiny percentage of cardholders will be mugged every year, and mandates they pay.
Zelle, operated by Early Warning Systems (owned by a consortium of large banks), is a substantially real-time electronic transfer method between U.S. bank accounts. Bank web and mobile apps have for decades supported peer to peer and customer to business transfers, via push ACH (and, less frequently, by wire), but ACH will, in standard practice, take a few days to be credited to the recipient and a few hours until it will become known to them as pending.
Zelle is substantially a blocking play, against Venmo, Cash App, and similar. Those apps captivated a large number of mostly-young users with the P2P payments, for use cases like e.g. splitting dinner, spotting a buddy $20, or collecting donations for a Christmas gift for the teacher from all the parents in a class. After attracting the users with those features, they kept them with product offerings which, in the limit, resemble bank accounts and which actually had bank accounts under the hood for at least some users.
And so the banks, fearing that real-time payment rails would not arrive in time (FedNow has been FedLater for a decade and RTP has relatively poor coverage), stood up Zelle, on the theory that this feature could be swiftly built into all the bank apps. Zelle launched in 2017.
Zelle processes enormous volumes. It crowed recently that it did $600 billion in volume in the first half of 2025. Zelle is much larger than the upstarts like Venmo (about $250 billion in annual volume) and Cash App (about $300 billion in customer inflows annually). This is not nearly in the same league as card payments (~$10 trillion annually) or ACH transfers (almost $100 trillion annually), but it is quite considerable.
All of it is essentially free to the transacting customers, unlike credit cards, which are extremely well-monetized. And there is the rub.
“Hiya, this is Susan calling from your bank. Your account has been targeted by fraudsters. I need you to initiate a Zelle payment to yourself to move it to a safe account while we conduct our investigation. Just open your mobile banking app, type the password, select Zelle from the menu, and send it to your own phone number. Thank you for your cooperation.”
Susan is lying. Her confederates have convinced at least one financial institution in the U.S. that the customer’s phone number is tied to a bank account which fraudsters control. That financial institution registered it with Zelle, so that when the victim sends money, the controlled account receives it substantially instantaneously. They will then attempt to immediately exfiltrate that money, sending it to another financial institution or a gift card or a crypto exchange, to make it difficult for investigators to find it faster than they can spend it. This process often repeats; professionals call this “layering.”
So, some days later, when the victim calls the bank and asks what happened to the money the bank was trying to secure from fraud, what does the bank tell them?
Zelle is quick to point out that only 0.02% of transactions over it have fraud reported, and they assert this compares favorably to competing payments methods. Splendid, then do the banks want to absorb on the order of $240 million a year in losses from fraudulent use of a technology they built into their own apps which is indisputably by any intellectually serious person an electronic funds access device?
Frequently in the last few years, the bank has said “Well, as Gen Z would say, that sounds like a bit of a skill issue.” And Reg E? “We never heard of it. Caveat emptor.”
To be slightly more sympathetic to the banks, they’re engaged in fine-grained decisioning on Zelle frauds, which have many mechanisms and flavor texts. They are more likely to reimburse as required in the case of account takeovers, where the criminal divines a customer’s password, pops an email address, or steals access to a phone number, and then uses it to empty a bank account. They are far less likely to reimburse where the criminal convinces the customer to operate their access device (mobile phone) in a way against their interests. Skill issue.
Why do banks aggressively look for reasons to deny claims? Elementary: there is no waterfall for Zelle. If there is a reimbursement for the user, it has to come from the bank’s balance sheet. (Zelle as originally shipped was incapable of reversing a transaction to claw back funds. That mechanism was something of an antipriority at design time, since funds subject to a clawback might be treated by receiving banks as non-settled, and the user experience banks wanted to deliver was “instantly spendable, like on Venmo.” Instantaneous funds availability exists in fundamental tension with security guarantees even if the finality gets relaxed, as Zelle’s was in 2023 under regulatory pressure.)
Banks like to pretend that the dominant fraud pattern is e.g. a “social media scam”, where an ad on Facebook or a Tiktok video leads someone to purchase sneakers with a Zelle payment from an unscrupulous individual, who doesn’t actually send the sneakers. This pattern matches more towards “well, that’s a disagreement about how your eggs were done, not a disagreement about how we operate payment rails.” Use a card and we’ll refund the eggs (via getting the restaurant to pay for them); don’t and we won’t.
So, in sum and in scaled practice at call centers, the bank wants to quickly get customers to admit their fingers were on their phone when defrauded. If so, no reimbursement.
This rationale is new and is against our standard practice, for decades. If you are defrauded via a skimming device attached to an ATM, the bank is absolutely liable, and will almost always come to the correct conclusion immediately. It would be absurdly cynical to say that you intended to transact with the skimming device and demonstrated your assent by physically dipping your card past it.
Bank recalcitrance caused the Consumer Financial Protection Bureau to sue a few large banks in late 2024. The CFPB alleged they had a pattern and practice of not paying out claims for fraud conducted over Zelle rails. The banks will tell you the same, using slightly different wording. Chase, for example, now buries in the fine print “Neither Chase nor Zelle® offers reimbursement for authorized payments you make using Zelle®, except for a limited reimbursement program that applies for certain imposter scams where you sent money with Zelle®. This reimbursement program is not required by law and may be modified or discontinued at any time.”
The defensible gloss of banks’ position on “purchase protection” is that the purchase protection that customers pay for in credit cards which makes them whole for eggs not cooked to their liking is not available for Zelle payments. Fine.
The indefensible extension is that banks aren’t liable for defrauded customers. That is a potential policy regime, chosen by the polity of many democratic nations. The United States is not one of those nations. Our citizens, through their elected representatives, made the considered choice that financial institutions would need to provide extraordinary levels of safety in electronic payments. In reliance upon that regime, the people of the United States transacted many trillions of dollars over payment rails, which was and is very lucrative for all considered.
The CFPB’s lawsuit was dropped in early 2025, as CFPB’s enforcement priorities were abruptly curtailed. (Readers interested in why might see Debanking and Debunking and Ctrl-F “wants some examples made.”) To the extent it still exists after being gutted, it is fighting for its life.
But knifing the CFPB doesn’t repeal Reg E. In theory, any bank regulator (and many other actors besides) can hold them to account for obligations under it. One of the benefits of Reg E is that the single national standard is easiest to reason about, but in the absence of it, one can easily imagine a patchwork of state-by-state consumer protection actions and/or coalitioning between state attorneys general. I will be unmoved if banks complain that this is all so complicated and they welcome regulation but it has to be a single national standard.
Having for the moment renegotiated their Reg E obligations by asserting they don’t exist, and mostly getting away with it, some banks might attempt to feel their oats a bit and assert that customers bear fraud risks more generally.
For example, in my hometown of Chicago, there has been a recent spate of tap-to-pay donation fraud. The fraudster gets a processing account, in their own name or that of a confederate/dupe, to collect donations for a local charitable cause. (This is not in itself improper; the financial industry understands that the parent in charge of a church bake sale will not necessarily be able to show paperwork to that effect before the cookies go stale.) Bad actors purporting to be informal charities accost Chicagoans on the street and ask for a donation via tap-to-pay, but the actual charged donation was absurdly larger than what the donor expected to donate; $4,000 versus $10, for example. The bad actor then exits the scene quickly.
(A donor who discovers the fraud in the moment is then confronted with the unfortunate reality that they are outnumbered by young men who want to rob them. This ends about as well as you’d expect. Chicago has an arrest rate far under 1% for this. A cynic might say that if you don’t kill the victim, it’s legal. I’m not quite that cynical.)
But Reg E doesn’t care about the safety of city streets, in Chicago or anywhere else. It assumes that payment instruments will continue to be used in an imperfect world. This case has a very clear designed outcome: customer calls bank, bank credits customer $4,000 because the customer was defrauded and therefore the “charity” lacked actual authority for the charge, bank pulls $4,000 from credit card processor, credit card processor attempts to pull $4,000 from the “charity”, card processor fails in doing so, card processor chalks it up to tuition to improve its fraud models in the future.
Except at least some banks, per the Chicago Tribune’s reporting, have adopted specious rationales to deny these claims. Some victims surrender physical control of their device, and banks argue that that means they authorized the transaction. Some banks asserted the manufactured-out-of-their-hindquarters rationale that Reg E only triggers when there is a physical receipt. (This inverts the Act’s responsibility graph, where banks were required to provide physical hardcopy receipts to avoid an accountability sink swallowing customer funds.)
Banks will often come to their senses after being contacted by the Chicago Tribune or someone with social power and gravitas who knows how to cite Reg E. But it is designed to work even for less sophisticated customers who don’t know the legislative history of the state machine. They just have to know “Call your bank if you have a problem.”
That should work and we are diminished if it doesn’t.
With a limited number of carveouts (e.g. wire transfers), Reg E is intentionally drafted to be future-proof against changes in how Americans transact. This is why, when banks argue that some new payments rail is exempt because it is “different,” the correct legal response is usually some variation of: doesn’t matter—that’s Reg E.
Our friends in crypto generally believe that Reg E is one star in the constellation of regulations that they’re not subject to. They created Schrödinger’s financial infrastructure, which is the future of finance in the boardroom and just some geeks playing with an open source project once grandma gets defrauded. There is an unresolved tension in saying “Traditional institutions like Visa are adopting stablecoins” and in the see-no-evil reimburse-no-losses attitude issuers and others in the industry take towards fraud which goes over their rails.
Reg E doesn’t have an exception in its text for electronic funds transfers which happen over slow databases.
A hypothetical future CFPB, given the long-standing premise that fraud is not an acceptable outcome of consumer payment systems, would swiftly come to the conclusion that if it walks like a checking account, quacks like a checking account, and is marketed as an alternative to checking accounts, then it is almost certainly within Reg E scope.
Casting one’s eyes across the fintech landscape, many players seem to have checking account envy. In the era of the “financial superapp” where everyone wants to bolt on high-frequency use cases like payments to e.g. AUM gathering machines like brokerage accounts, that is worth a quick chat with Legal before you start getting the letters from Kansan grandmas.
[0] The first “credit cards” were not the plastic-with-a-magstripe form factor which came to dominate but rather “charge plates.” They were physical tokens which pointed at a record at e.g. a department store’s internal accounts, usually by means of an embossed account number, to be read by the Mk 0 human eyeball and, later, physically copied to a paper record via ink. Many were metal and designed to be kept around a key ring. As Matt Levine and many others have mentioned, the crypto community has speedrun hundreds of years of financial history, and keeping your account identifier on etched metal enjoyed a short renaissance recently. Unlike the department stores’ bookkeepers, crypto enthusiasts lost many millions of dollars of customer funds by misplacing their metal (see page 20 particularly).
[1] Market research in the 1950s was hard. Short version of the Fresno drop: they lost money due to abuse by a small segment of users, but successfully proved that the middle class would happily use plastic to transact if they were offered it and it was generally accepted by businesses as opposed to being tied to a single store. They then scaled the 60,000 card pilot to millions within a year. Visa is the corporate descendant of that program; Mastercard that of what competitors did in response.
2025-12-20 04:45:06
Programming note: Merry Christmas! There will likely be another Bits about Money after the holiday but before New Year.
Bits about Money is supported by our readers. If your education budget or business can underwrite the coming year of public goods in financial-infrastructure education, commentary, and policy analysis, please consider supporting it. I’m told this is particularly helpful for policymakers and others who cannot easily expense a subscription, and who benefit from all issues remaining publicly available with no paywall.
The American Association of Retired People (AARP, an advocacy non-profit for older adults) has paid for ads on podcasts I listen to. The ad made a claim which felt raspberry-worthy (in service of an important public service announcement), which they repeat in writing: Asking to be paid by gift card is always a scam.
Of course it isn’t. Gift cards are a payments rail, and an enormous business independently of being a payments rail. Hundreds of firms will indeed ask you to pay them on gift cards! They also exist, and are marketed, explicitly to do the thing that the AARP implicitly asserts no business or government entity will ever do: provide a method for transacting for people who do not have a banked method of transacting. [0]
Gift card scams are also enormous. The FBI’s Internet Crime Complaint Center received $16.6 billion in reports in 2024 across several payment methods; this is just for those consumers who bothered reporting it, in spite of the extremely real received wisdom that reporting is unlikely to improve one’s direct situation.
The flavor texts of scams vary wildly, but in substance they’ll attempt to convince someone, often someone socially vulnerable, to part with sometimes very large sums of money by buying gift cards and conveying card information (card number and PIN number, both printed on the card) to the scammer. The scammer will then use the fraud supply chain, generally to swap the value on the card to another actor in return for value unconnected to the card. This can be delivered in many ways: cash, crypto, products and services in the scamming economy (such as purloined credit cards or even “lead lists” of vulnerable people to run more scams on), or laundered funds within regulated financial institutions which obscure the link between the crime and the funds (layering, in the parlance of AML professionals). A huge portion of running a gift card marketplace is trying to prevent yourself from being exploited or made into an instrumentality in exploiting others.
It surprises many people to learn that the United States aggressively defends customers from fraud over some payment methods, via a liability transfer to their financial institution, which transfers it to intermediaries, who largely transfer it to payment-accepting businesses. Many people think the U.S. can’t make large, effective, pro-consumer regulatory regimes. They are straightforwardly wrong… some of the time.
But the AARP, the FBI, and your friendly local payments nerd will all tell you that if you’re abused on your debit card you are quite likely to be made whole, and if you’re abused via purchasing gift cards, it is unlikely any deep pockets will cover for you. The difference in treatment is partially regulatory carveouts, partially organized political pressure, and partly a side effect of an accountability sink specific to the industrial organization of gift cards.
There exists an ecosystem of gift card program managers, who are essentially financial services businesses with a sideline in software. (I should probably mention that I previously worked for and am currently an advisor to Stripe, whose self conception would not be precisely that, but which a) supports many ways for people to pay money for things and b) does not necessarily endorse what I say in my personal spaces.)
Why does the program manager exist? Why not simply have the retailer keep some internal database of who the retailer owes money to, updating this when someone buys or loads a gift card and when they spend the balance at the store? Because this implies many capabilities that retailers do not necessarily have, such as e.g. software development teams.
There is also a large regulatory component to running a gift card program, despite gift cards’ relatively lax regulatory drag (we’ll return to that in a moment). Card programs are regulated at both the federal and state levels. One frequent requirement in several states is escheatment. (Essentially all states have a requirement for escheatment; many but not all exempt gift cards from it.)
As discussed previously in Bits about Money, a major component of the gift card business model is abandonment (“breakage”). Consumer advocates felt this was unfair to consumers, bordering on fraudulent really. They convinced states to take the money that retailers were keeping for themselves. (Many states didn’t take all that much convincing.)
In theory, and sometimes even in practice, a consumer can convince a state treasurer’s office of unclaimed property (e.g. Illinois’) that the $24.37 that Target remitted as part of its quarterly escheatment payment for an unused gift card 13 years ago was actually theirs. A consumer who succeeds at this, which is neither easy nor particularly inexpensive to do, will receive a $24.37 check in the mail. The state keeps the interest income; call it a fee for service. It also keeps the interest income of the tens of billions of dollars of accumulated unclaimed property, which it generally promises to dutifully custody awaiting a legitimate claim for as long as the United States shall exist.
And so if you are a regional or national retailer who wants to offer gift cards, you have a choice. You can dedicate a team of internal lawyers and operations specialists to understanding both what the laws of the several states require with respect to gift cards, which are a tiny portion of your total operations, not merely today but as a result of the next legislative session in Honolulu, because you absolutely must order the software written to calculate the payment to remit accurately several quarters in advance of the legal requirement becoming effective. Or you can make the much more common choice, and outsource this to a specialist.
That specialist, the gift card program manager, will sell you a Solution™ which integrates across all the surfaces you need: your point-of-sale systems, your website, your accounting software, the 1-800 number and website for customers to check balances, ongoing escheatment calculation and remittance, cash flow management, carefully titrated amounts of attention to other legal obligations like AML compliance, etc. Two representative examples: Blackhawk Network and InComm Payments. You’ve likely never heard of them, even if you have their product on your person right now. Their real customer has the title Director of Payments at e.g. a Fortune 500 company.
And here begins the accountability sink: by standard practice and contract, when an unsophisticated customer is abused by being asked to buy a BigCo gift card, BigCo will say, truthfully and unhelpfully, that BigCo does not issue BigCo gift cards. It sells them. It accepts them. But it does not issue them. Your princess is in another castle.
BigCo may very well have a large, well-staffed fraud department. But, not due to any sort of malfeasance whatsoever, that fraud department may consider BigCo gift cards entirely out of their own scope. They physically cannot access the database with the cards. Their security teams, sensitive that gift card numbers are dangerous to keep lying around, very likely made it impossible for anyone at BigCo to reconstruct what happened to a particular gift card between checkout and most recent use. “Your privacy is important to us!” they will say, and they are not cynically invoking it in this case.
As mentioned above, Regulation E is the primary driver for the private enforcement edifice that makes scarily smart professionals (and their attached balance sheets) swing into action on behalf of consumers. Reg E has a carveout for certain prepaid payments. Per most recent guidance, that includes prepaid gift cards, gift certificates, and similar.
And so, if you call your bank and say, “I was defrauded! Someone called me and pretended to be the IRS, and I read them my debit card number, and now I’ve lost money,” the state machine obligates the financial institution to have the customer service representative click a very prominent button on their interface. This will restore your funds very quickly and have some side effects you probably care about much less keenly. One of those is an “investigation,” which is not really an investigation in the commanding majority of cases.
And if you call the program manager and say, “I was defrauded! Someone called me and pretended to be the IRS, and I read them a gift card number, and now I’ve lost money,” there is… no state machine. There is no legal requirement to respond with alacrity, no statutorily imposed deadline, no button for a CS rep to push, and no investigation to launch. You will likely be told by a low-paid employee that this is unfortunate and that you should file a police report. The dominant reason for this is that suggesting a concrete action to you gets you off the phone faster, and the call center aggressively minimizes time to resolution of calls and recidivism, where you call back because your problem is not solved. Filing a police report will, in most cases, not restore your money—but if it causes you not to call the 1-800 number again, then from the card program manager’s perspective this issue has been closed successfully.
The people of the United States, through their elected representatives and the civil servants who labor on their behalf, intentionally exempt gift cards from the Reg E regime in the interest of facilitating commerce.
It is the ordinary and appropriate work of a democracy to include input from citizens in the rulemaking process. The Retail Industry Leaders Association participated, explaining to FinCEN that it would be quite burdensome for retailers to fall into KYC scope, etc etc. Many other lobbyists and industry associations made directionally similar comments.
The Financial Crimes Enforcement Network, for example, has an explicit carveout in its regulations: while FinCEN will aggressively police rogue bodegas, it has no interest in you if you sell closed-loop gift cards of less than $2,000 face value. This is explicitly to balance the state’s interest in law enforcement against, quote, preserving innovation and the many legitimate uses and societal benefits offered by prepaid access, endquote.
FinCEN’s rules clarify that higher-value activity—such as selling more than $10,000 in gift cards to a single individual in a day—brings sellers back into scope. Given the relatively lax enforcement environment for selling a $500 gift card, you very likely might not build out systems which will successfully track customer identities and determine that the same customer has purchased twenty-one $500 gift cards in three transactions. That likely doesn’t rate as a hugely important priority for Q3.
And so the fraud supply chain comes to learn which firms haven’t done that investment, and preferentially suggests those gift cards to their launderers, mules, brick movers, and scam victims.
And that’s why the AARP tells fibs about gift cards: we have, with largely positive intentions and for good reasons, exposed them to less regulation than most formal payment systems in the United States received. That decision has a cost. Grandma sometimes pays it.
[0] Indeed, there are entire companies which exist to turn gift cards into an alternate financial services platform, explicitly to give unbanked and underbanked customers a payments rail. Paysafe, for example, is a publicly traded company with thousands of employees, the constellation of regulatory supervision you’d expect, and a subsidiary Openbucks which is designed to give businesses the ability to embed Pay Us With A Cash Voucher in their websites/invoices/telephone collection workflows. This is exactly the behavior that “never happens from a legitimate business” except when it does by the tens of billions of dollars.
As Bits about Money has frequently observed, people who write professionally about money—including professional advocates for financially vulnerable populations—often misunderstand alternative financial services, largely because those services are designed to serve a social class that professionals themselves do not belong to, rarely interact with directly, and do not habitually ask how they pay rent, utilities, or phone bills.
2025-12-06 05:16:46
Programming note: Bits about Money is supported by our readers. I generally forecast about one issue a month, and haven't kept that pace that this year. As a result, I'm working on about 3-4 for December.
Much financial innovation is in the ultimate service of the real economy. Then, we have our friends in crypto, who occasionally do intellectually interesting things which do not have a locus in the real economy. One of those things is perpetual futures (hereafter, perps), which I find fascinating and worthy of study, the same way that a virologist just loves geeking out about furin cleavage sites.
You may have read a lot about stablecoins recently. I may write about them (again; see past BAM issue) in the future, as there has in recent years been some uptake of them for payments. But it is useful to understand that a plurality of stablecoins collateralize perps. Some observers are occasionally strategic in whether they acknowledge this, but for payments use cases, it does not require a lot of stock to facilitate massive flows. And so of the $300 billion or so in stablecoins presently outstanding, about a quarter sit on exchanges. The majority of that is collateralizing perp positions.
Perps are the dominant way crypto trades, in terms of volume. (It bounces around but is typically 6-8 times larger than spot.) This is similar to most traditional markets: where derivatives are available, derivative volume swamps spot volume. The degree to which depends on the market, Schelling points, user culture, and similar. For example, in India, most retail investing in equity is actually through derivatives; this is not true of the U.S. In the U.S., most retail equity exposure is through the spot market, directly holding stocks or indirectly through ETFs or mutual funds. Most trading volume of the stock indexes, however, is via derivatives.
The large crypto exchanges are primarily casinos, who use the crypto markets as a source of numbers, in the same way a traditional casino might use a roulette wheel or set of dice. The function of a casino is for a patron to enter it with money and, statistically speaking, exit it with less. Physical casinos are often huge capital investments with large ongoing costs, including the return on that speculative capital. If they could choose to be less capital intensive, they would do so, but they are partially constrained by market forces and partially by regulation.
A crypto exchange is also capital intensive, not because the website or API took much investment (relatively low, by the standards of financial software) and not because they have a physical plant, but because trust is expensive. Bettors, and the more sophisticated market makers, who are the primary source of action for bettors, need to trust that the casino will actually be able to pay out winnings. That means the casino needs to keep assets (generally, mostly crypto, but including a smattering of cash for those casinos which are anomalously well-regarded by the financial industry) on hand exceeding customer account balances.
Those assets are… sitting there, doing nothing productive. And there is an implicit cost of capital associated with them, whether nominal (and borne by a gambler) or material (and borne by a sophisticated market making firm, crypto exchange, or the crypto exchange’s affiliate which trades against customers [0]).
Perpetual futures exist to provide the risk gamblers seek while decreasing the total capital requirement (shared by the exchange and market makers) to profitably run the enterprise.
In the commodities futures markets, you can contract to either buy or sell some standardized, valuable thing at a defined time in the future. The overwhelming majority of contracts do not result in taking delivery; they’re cancelled by an offsetting contract before that specified date.
Given that speculation and hedging are such core use cases for futures, the financial industry introduced a refinement: cash-settled futures. Now there is a reference price for the valuable thing, with a great deal of intellectual effort put into making that reference price robust and fair (not always successfully). Instead of someone notionally taking physical delivery of pork bellies or barrels of oil, people who are net short the future pay people who are net long the future on delivery day. (The mechanisms of this clearing are fascinating but outside today’s scope.)
Back in the early nineties economist Robert Shiller proposed a refinement to cash settled futures: if you don’t actually want pork bellies or oil barrels for consumption in April, and we accept that almost no futures participants actually do, why bother closing out the contracts in April? Why fragment the liquidity for contracts between April, May, June, etc? Just keep the market going perpetually.
This achieved its first widespread popular use in crypto (Bitmex is generally credited as being the popularizer), and hereafter we’ll describe the standard crypto implementation. There are, of course, variations available.
Instead of all of a particular futures vintage settling on the same day, perps settle multiple times a day for a particular market on a particular exchange. The mechanism for this is the funding rate. At a high level: winners get paid by losers every e.g. 4 hours and then the game continues, unless you’ve been blown out due to becoming overleveraged or for other reasons (discussed in a moment).
Consider a toy example: a retail user buys 0.1 Bitcoin via a perp. The price on their screen, which they understand to be for Bitcoin, might be $86,000 each, and so they might pay $8,600 cash. Should the price rise to $90,000 before the next settlement, they will get +/- $400 of winnings credited to their account, and their account will continue to reflect exposure to 0.1 units of Bitcoin via the perp. They might choose to sell their future at this point (or any other). They’ll have paid one commission (and a spread) to buy, one (of each) to sell, and perhaps they’ll leave the casino with their winnings, or perhaps they’ll play another game.
Where did the money come from? Someone else was symmetrically short exposure to Bitcoin via a perp. It is, with some very important caveats incoming, a closed system: since no good or service is being produced except the speculation, winning money means someone else lost.
One fun wrinkle for funding rates: some exchanges cap the amount the rate can be for a single settlement period. This is similar in intent to traditional markets’ usage of circuit breakers: designed to automatically blunt out-of-control feedback loops. It is dissimilar in that it cannot actually break circuits: changes to funding rate can delay realization of losses but can’t prevent them, since they don’t prevent the realization of symmetrical gains.
Perp funding rates also embed an interest rate component. This might get quoted as 3 bps a day, or 1 bps every eight hours, or similar. However, because of the impact of leverage, gamblers are paying more than you might expect: at 10X leverage that’s 30 bps a day. Consumer finance legislation standardizes borrowing costs as APR rather than basis points per day so that an unscrupulous lender can’t bury a 200% APR in the fine print.
Prices for perps do not, as a fact of nature, exactly match the underlying. That is a feature for some users.
In general, when the market is exuberant, the perp will trade above spot (the underlying market). To close the gap, a sophisticated market participant should do the basis trade: make offsetting trades in perps and spot (short the perp and buy spot, here, in equal size). Because the funding rate is set against a reference price for the underlying, longs will be paying shorts more (as a percentage of the perp’s current market price). For some of them, that’s fine: the price of gambling went up, oh well. For others, that’s a market incentive to close out the long position, which involves selling it, which will decrease the price at the margin (in the direction of spot).
The market maker can wait for price convergence; if it happens, they can close the trade at a profit, while having been paid to maintain the trade. If the perp continues to trade rich, they can just continue getting the increased funding cost. To the extent this is higher than their own cost of capital, this can be extremely lucrative.
Flip the polarities of these to understand the other direction.
The basis trade, classically executed, is delta neutral: one isn’t exposed to the underlying itself. You don’t need any belief in Bitcoin’s future adoption story, fundamentals, market sentiment, halvings, none of that. You’re getting paid to provide the gambling environment, including a really important feature: the perp price needs to stay reasonably close to the spot price, close enough to continue attracting people who want to gamble. You are also renting access to your capital for leverage.
You are also underwriting the exchange: if they blow up, your collateral becoming a claim against the bankruptcy estate is the happy scenario. (As one motivating example: Galois Capital, a crypto hedge fund doing basis trades, had ~40% of its assets on FTX when it went down. They then wound down the fund, selling the bankruptcy claim for 16 cents on the dollar.)
Recall that the market can’t function without a system of trust saying that someone is good for it if a bettor wins. Here, the market maker is good for it, via the collateral it kept on the exchange.
Many market makers function across many different crypto exchanges. This is one reason they’re so interested in capital efficiency: fully collateralizing all potential positions they could take across the universe of venues they trade on would be prohibitively capital intensive, and if they do not pre-deploy capital, they miss profitable trading opportunities. [1]
Gamblers like risk; it amps up the fun. Since one has many casinos to choose from in crypto, the ones which only “regular” exposure to Bitcoin (via spot or perps) would be offering a less-fun product for many users than the ones which offer leverage. How much leverage? More leverage is always the answer to that question, until predictable consequences start happening.
In a standard U.S. brokerage account, Regulation T has, for almost 100 years now, set maximum leverage limits (by setting minimums for margins). These are 2X at position opening time and 4X “maintenance” (before one closes out the position). Your brokerage would be obligated to forcibly close your position if volatility causes you to exceed those limits.
As a simplified example, if you have $50k of cash, you’d be allowed to buy $100k of stock. You now have $50k of equity and a $50k loan: 2x leverage. Should the value of that stock decline to about $67k, you still owe the $50k loan, and so only have $17k remaining equity. You’re now on the precipice of being 4X leveraged, and should expect a margin call very soon, if your broker hasn’t “blown you out of the trade” already.
What part of that is relevant to crypto? For the moment, just focus on that number: 4X.
Perps are offered at 1X (non-levered exposure). But they’re routinely offered at 20X, 50X, and 100X. SBF, during his press tour / regulatory blitz about being a responsible financial magnate fleecing the customers in an orderly fashion, voluntarily self-limited FTX to 20X.
One reason perps are structurally better for exchanges and market makers is that they simplify the business of blowing out leveraged traders. The exact mechanics depend on the exchange, the amount, etc, but generally speaking you can either force the customer to enter a closing trade or you can assign their position to someone willing to bear the risk in return for a discount.
Blowing out losing traders is lucrative for exchanges except when it catastrophically isn’t. It is a priced service in many places. The price is quoted to be low (“a nominal fee of 0.5%” is one way Binance describes it) but, since it is calculated from the amount at risk, it can be a large portion of the money lost. If the account’s negative balance is less than the liquidation fee, wonderful, thanks for playing and the exchange / “the insurance fund” keeps the rest, as a tip.
In the case where the amount an account is negative by is more than the fee, that “insurance fund” can choose to pay the winners on behalf of the liquidated user, at management’s discretion. Management will usually decide to do this, because a casino with a reputation for not paying winners will not long remain a casino.
But tail risk is a real thing. The capital efficiency has a price: there physically does not exist enough money in the system to pay all winners given sufficiently dramatic price moves. Forced liquidations happen. Sophisticated participants withdraw liquidity (for reasons we’ll soon discuss) or the exchange becomes overwhelmed technically / operationally. The forced liquidations eat through the diminished / unreplenished liquidity in the book, and the magnitude of the move increases.
Then crypto gets reminded about automatic deleveraging (ADL), a detail to perp contracts that few participants understand.
(Pray we do not alter them further.)
Risk in perps has to be symmetric: if (accounting for leverage) there are 100,000 units of Somecoin exposure long, then there are 100,000 units of Somecoin exposure short. This does not imply that the shorts or longs are sufficiently capitalized to actually pay for all the exposure in all instances.
In cases where management deems paying winners from the insurance fund would be too costly and/or impossible, they automatically deleverage some winners. In theory, there is a published process for doing this, because it would be confidence-costing to ADL non-affiliated accounts but pay out affiliated accounts, one’s friends or particularly important counterparties, etc. In theory.
In theory, one likely ADLs accounts which were quite levered before ones which were less levered, and one ADLs accounts which had high profits before ones with lower profits. In theory. [2]
So perhaps you understood, prior to a 20% move, that you were 4X leveraged. You just earned 80%, right? Ah, except you were only 2X leveraged, so you earned 40%. Why were you retroactively only 2X? That’s what automatic deleveraging means. Why couldn’t you get the other 40% you feel entitled to? Because the collective group of losers doesn’t have enough to pay you your winnings and the insurance fund was insufficient or deemed insufficient by management.
ADL is particularly painful for sophisticated market participants doing e.g. a basis trade, because they thought e.g. they were 100 units short via perps and 100 units long somewhere else via spot. If it turns out they were actually 50 units short via perps, but 100 units long, their net exposure is +50 units, and they have very possibly just gotten absolutely shellacked.
In theory, this can happen to the upside or the downside. In practice in crypto, this seems to usually happen after sharp decreases in prices, not sharp increases. For example, October 2025 saw widespread ADLing as (more than) $19 billion of liquidations happened, across a variety of assets. Alameda’s CEO Caroline Ellison testified that they lost over $100 million during the collapse of Terra’s stablecoin in 2022, but since FTX’s insurance fund was made up; when leveraged traders lost money, their positions were frequently taken up by Alameda. That was quite lucrative much of the time, but catastrophically expensive during e.g. the Terra blowup. Alameda was a good loser and paid the winners, though: with other customers’ assets that they “borrowed.”
In the traditional markets, if one’s brokerage deems one’s assets are unlikely to be able to cover the margin loan from the brokerage one has used, one’s brokerage will issue a margin call. Historically that gave one a relatively short period (typically, a few days) to post additional collateral, either by moving in cash, by transferring assets from another brokerage, or by experiencing appreciation in the value of one’s assets. Brokerages have the option, and in some cases the requirement, to manage risk after or during a margin call by forcing trades on behalf of the customer to close positions.
It sometimes surprises crypto natives that, in the case where one’s brokerage account goes negative and all assets are sold, with a negative remaining balance, the traditional markets largely still expect you to pay that balance. This contrasts with crypto, where the market expectation for many years was that the customer was Daffy Duck with a gmail address and a pseudonymous set of numbered accounts recorded on a blockchain, and dunning them was a waste of time. Crypto exchanges have mostly, in the intervening years, either stepped up their game regarding KYC or pretended to do so, but the market expectation is still that a defaulting user will basically never successfully recover. (Note that the legal obligation to pay is not coextensive with users actually paying. The retail speculators with $25,000 of capital that the pattern day trade rules are worried about will often not have $5,000 to cover a deficiency. On the other end of the scale, when a hedge fund blows up, the fund entity is wiped out, but its limited partners—pension funds, endowments, family offices—are not on the hook to the prime broker, and nobody expects the general partner to start selling their house to make up the difference.)
So who bears the loss when the customer doesn’t, can’t, or won’t? The waterfall depends on market, product type, and geography, but as a sketch: brokerages bear the loss first, out of their own capital. They’re generally required to keep a reserve for this purpose.
A brokerage will, in the ordinary course of business, have obligations to other parties which would be endangered if they were catastrophically mismanaged and could not successfully manage risk during a downturn. (It’s been known to happen, and even can be associated with assets rather than liabilities.) In this case, most of those counterparties are partially insulated by structures designed to insure the peer group. These include e.g. clearing pools, guaranty funds capitalized by the member firms of a clearinghouse, the clearinghouse’s own capital, and perhaps mutualized insurance pools. That is the rough ordering of the waterfall, which varies depending geography/product/market.
One can imagine a true catastrophe which burns through each of those layers of protection, and in that case, the clearinghouse might be forced to assess members or allocate losses across survivors. That would be a very, very bad day, but contracts exist to be followed on very bad days.
One commonality with crypto, though: this system is also not fully capitalized against all possible events at all times. Unlike crypto, which for contingent reasons pays some lip service to being averse to credit even as it embraces leveraged trading, the traditional industry relies extensively on underwriting risk of various participants.
Many crypto advocates believe that they have something which the traditional finance industry desperately needs. Perps are crypto’s most popular and lucrative product, but they probably won’t be adopted materially in traditional markets.
Existing derivatives products already work reasonably well at solving the cost of capital issue. Liquidations are not the business model of traditional brokerages. And learning, on a day when markets are 20% down, that you might be hedged or you might be bankrupt, is not a prospect which fills traditional finance professionals with the warm fuzzies.
And now you understand the crypto markets a bit better.
[0] Brokers trading with their own customers can happen in the ordinary course of business, but has been progressively discouraged in traditional finance, as it enables frontrunning.
Frontrunning, while it is understood in the popular parlance to mean “trading before someone else can trade” and often brought up in discussions of high frequency trading using very fast computers, does not historically mean that. It historically describes a single abusive practice: a broker could basically use the slowness of traditional financial IT systems to give conditional post-facto treatment to customer orders, taking the other side of them (if profitable) or not (if not). Frontrunning basically disappeared because customers now get order confirms almost instantly by computer not at end of day via a phone call. The confirm has the price the trade executed at on it.
In classic frontrunning, you sent the customer’s order to the market (at some price X), waited a bit, and then observed a later price Y. If Y was worse for the customer than X, well, them’s the breaks on Wall Street. If Y was better, you congratulated the customer on their investing acumen, and informed them that they had successfully transacted at Z, a price of your choosing between X and Y. You then fraudulently inserted a recorded transaction between the customer and yourself earlier in the day, at price Z, and assigned the transaction which happened at X to your own account, not to the customer’s account.
Frontrunning was a lucrative scam while it lasted, because (effectively) the customer takes 100% of the risk of the trade but the broker gets any percentage they want of the first day’s profits. This is potentially so lucrative that smart money (and some investors in his funds!) thought Madoff was doing it, thus generating the better-than-market stable returns for over a decade through malfeasance. Of frontrunning Madoff was entirely innocent.
Some more principled crypto participants have attempted to discourage exchanges from trading with their own customers. They have mostly been unsuccessful: Merit Peak Limited is Binance’s captive entity which does this. It also is occasionally described by U.S. federal agencies as running a sideline in money laundering, Alameda Research was FTX’s affiliated trading fund. Their management was criminally convicted of money laundering. etc, etc.
One of the reasons this behavior is so adaptive is because the billions of dollars sloshing around can be described to banks as “proprietary trading” and “running an OTC desk”, and an inattentive bank (like, say, Silvergate, as recounted here) might miss the customer fund flows they would have been formally unwilling to facilitate. This is a useful feature for sophisticated crypto participants, and so some of them do not draw attention to the elephant in the room, even though it is averse to their interests.
[1] Not all crypto trades are pre-funded. Crypto OTC transactions sometimes settle on T+1, with the OTC desk essentially extending credit in the fashion that a prime broker would in traditional markets. But most transactions on exchanges have to be paid immediately in cash already at the venue. This is very different from traditional equity market structure, where venues don’t typically receive funds flow at all, and settling/clearing happens after the fact, generally by a day or two.
[2] I note, for the benefit of readers of footnote 0, that there is often a substantial gap between the time when market dislocation happens and when a trader is informed they were ADLed. The implications of this are left as an exercise to the reader.
2025-10-11 01:24:13
The ultimate goal of financial plumbing is to enable commerce in the real economy. Consider the humble window: it is a fairly expensive, surprisingly high-tech manufactured good, installed by the dozen in homes by artisans. A window represents a supply chain, and one part of that supply chain is a sales process, convincing a homeowner of the desirability of updating their windows. The sales representative running that process would urgently prefer to leave their single visit to the home with not just tentative measurements but with a durable commitment to buying the window and financing firmly in place for it.
Why finance the purchase? Windows cost $1,000 to $3,000 each and updating all or a large fraction of them quickly becomes a mid-five figures project; relatively few homeowners will pay upfront with cash. Moreover, the sales process would strongly prefer the purchase be financeable, because that will sell more windows than a counterfactual world where windows were only available for cash.
One could imagine a world in which window manufacturers or installers provided financing off of their own balance sheets. This would be a rough world for them: they have upfront capital outlay (the window) and would recoup only after extended periods, bearing credit risk all the while. No, they would prefer to sell windows for money. It’s frequently delivered in milestone payments, perhaps half prior to manufacturing the windows and half upon successful installation.
You could imagine the buyer could bring their own financing, perhaps by going to their usual bank and asking for a home improvement loan. That product very much exists, but it might be surprisingly less attractive to all parties: it will be costly, low margin for the bank, and have poor operational dynamics for the window company. And so you could imagine the window company asking the financial industry to come up with an alternative.
That alternative exists, and can underwrite and paperwork a four-party commercial loan in fifteen minutes, before the salesman has even left their home visit that sold the window. We’ll return to it in a moment.
Again, very many banks do actually make home improvement loans available. But they’re not wonderful loans for the banks.
We’ll begin with the somewhat awkward dollar amount: a home improvement loan is enough money to hurt if it goes bad, but not enough money to justify a high-volume well-oiled machine to underwrite, not like e.g. mortgages. And indeed that is what many banks will immediately try to sell you if you ask for a loan for the purpose of home improvement: can we instead counterpropose a home equity line of credit (HELOC)? You can then borrow against your existing home equity, withdrawing cash, and we have no objection to you swapping cash for a window, a decision we need hear no more about. We have a supply chain for mortgages, including HELOCs, and this supply chain will decrease our capital requirements while smoothing every part of underwriting.
Why does the bank want to take the window out of the window purchase? Because a home improvement loan otherwise requires multiple operationally intensive document reviews and conversations where bankers talk to construction company office managers. Those conversations are frequently unhappy ones.
Consider the case where a construction project flies off the rails, which has been known to happen. The window company says it has installed the windows, and potentially they have a certificate proving that they were indeed installed, allegedly signed by the homeowner or their spouse on the date of installation. The homeowner, however, is unhappy with the windows: they are drafty; the color isn’t the same as the brochure; and goodness was this what they agreed to pay e.g. $25,000 for?! They don’t want to pay it anymore.
The bank must be the adult in this scenario, to release that second milestone payment. They very possibly could be drawn into litigation over their decision, because a few tens of thousands of dollars is just enough to justify calling a lawyer. Then the bank will have to have their own lawyers defend their own contracts in an expensive proposition over what is, to it, a small-dollar loan.
It’s not nearly this hard to generate $25,000 of balances with a credit card issuing business. You mail out the cards and people buy airplane tickets. And then the airline pays you 200 basis points off the top even before you get to originate the high-interest loan! Great business to be in and you never have to talk about a stewardess spilling someone’s drink or it raining in Hawaii that week.
Meanwhile, the window installer has their own complaints about this loan, even before it is originated. Between the day the salesman shakes hands with the customer and the bank commits to the installation, they have very little they can do to influence success. The homeowner might develop buyer’s remorse and, while they might have signed a contract, it’s just rough to compel payment for windows which don’t exist yet. Your staff will not enjoy the process, your reviews will suffer, and it’s not guaranteed that your contract will hold up: in some states, your customer might even have legal right to sever during a cooling-off period. You would prefer to accelerate delivery to avoid them cooling on the idea of windows.
But the bank is slow and has a bespoke underwriting process which requires information from you but which you cannot control, because the window installer is not the bank’s customer. They can’t call the bank up and yell at the underwriters to move faster, and they can’t debate the bank over a credit decision, where a perfectly good sale gets nixed six weeks later because the bank just isn’t feeling it. Very few of those sales will result in the buyer arranging successful alternative financing, partly for very human reasons and partly for a mechanical one: the fact of the hard pull on the credit report for the original loan origination plus non-issuance of a loan from one’s home financial institution signals to the rest of the world “Oh goodness there are probably better ex-ante risks in the economy than this one!”
No, what the window installer wants is a lending product which can be issued at scale, very predictably, in as short a timeframe as possible, by financial institutions responsive to it who ask very few followup questions, always fund milestone payments promptly, and actually want this business.
That product exists.
Consumer credit issuance is, unless it comes directly from a manufacturer, a privilege reserved by law for regulated financial institutions. But, as we’ve established, regulated financial institutions don’t lust for this business on their own balance sheets at scale. (Recharacterizing the home improvement loan as a draw on a HELOC allows the bank to quickly get it off their balance sheet, because the HELOCs will generally be securitized. You could theoretically securitize a large pool of installment loans if you had a business process to generate them, but unless a bank specializes, they are unlikely to have core depositors simply ask for enough of these every year to justify building out the framework required to do this.)
Why is it reserved by law for financial institutions? As Bits about Money mentions often, financial institutions are a policy arm, and one thing the state requires is that Compliance make sure the financial institution is not abusing customers. The state believes that a e.g. window installer might use high-pressure sales tactics or say untrue things to a homeowner about how e.g. an interest-free financing period works, and then perhaps forget about those things when the customer complains. It believes, rationally, that financial institutions will keep extensive records of what they communicate about loans, that those records will be truthful by default, and that the financial institution will not endanger its permission to do business over a single product. Also, and this is a blunt but true observation, the state trusts white collar employees and executives at banks more than it trusts blue collar window installers.
So we need a bank involved, but that bank does not necessarily need to lend (from its own balance sheet). The bank could immediately sell a large portion of the loan, retaining perhaps 1% for form’s sake, to a private provider of capital.
But, again, it is unlikely that a bank will want to call around to hedge funds and see if there are any takers. Someone needs to have capital providers have a standing offer to snap at this product quickly.
That standing offer is variously called a forward funds flow agreement or warehouse financing. I’ve previously discussed the mechanics for Buy Now Pay Later (BNPL), and they’re the same here. Someone, typically a facilitator and not the bank itself, has brought the capital partners to the table, negotiated terms, and has prepared them to receive what they want: millions of dollars of loans, at attractive prices, with known-in-advance credit characteristics… originated by a massively scalable process, conducted partly by commission-earning sales reps bearing iPads into houses needing windows and partly by web applications and operational teams.
This machinery wasn’t originally perfected for windows. It was originally aimed mostly at solar installations, which were heavily tax-advantaged at the time. Capturing the tax credit required a sale and upfront capital outlay, and the pitch was essentially “Sign these loan docs for free money for all of us and, also, you’ll get some solar panels.” But the credits eventually expired, the addressable market for solar got more tapped, and the software and companies yearned for more originations. So, sign these documents, get windows at attractive prices.
The loan application begins with the customer verbally informing the salesman of their phone number or email address. They get given a link which swiftly brings them to a competently-designed web application. That application asks a few simple questions that are required for underwriting. The two most important ones that are not on a credit card application are “Is this your house?” and “Do you live in this house?” This is because the capital partners are much, much more confident that people will not welch on debts tied to their primary residence than that every real estate investor will be above water if 2008 happens again.
Questions about your finances are extremely pro-forma. You’ll be asked to self-state your income, but no attempt will be made to verify it. A credit report will be pulled, which satisfies the twin purposes of a) derisking the applicant pool and b) verifying, via checking for the presence of a mortgage, that you do actually own the house.
I ended up in a fraud queue at this point in the process. Story of my life. The facilitating company does not expose to the sales rep why you are in the fraud queue, but the clock is ticking, and the rep will (hypothetically) strongly prefer continuing to drink tea and chitchat rather than leaving and letting one resolve that issue asynchronously. It was resolved by a combination of automated submission of a passport photo (again, shockingly competent software by the historical standards of loan origination) and an analyst manually clicking a button in a web application.
If I were to speculate what that analyst was doing, it would be reviewing the facts: credit report says high credit score, credit report shows a mortgage, credit report does not match this address, but government-provided ID does match the asserted identity. And thus the wager: is he in his own house, or has he decided to pull a hilarious prank on a window installer and buy someone else windows with a hedge fund’s money? The analyst swiftly concluded I was probably in my own house. (Why did I end up in the fraud queue? I have a lot of weirdness, such as not being listed on the deed due to holding title through a land trust, for privacy reasons. Unfortunately, perhaps that sometimes makes it difficult for cron jobs to conclude I own the house.)
Once you’re approved for the loan, you are automatically sent loan documents for signature. This will not be compelled at the meeting, but the installer sure would appreciate you signing before they leave. Compliance has extensively briefed them on where the line is. Compliance has, in fact, extensively briefed them on many lines, and because Compliance cares more about the law than it does about paying programmers to code a login form, I was able to read their entire Compliance training series and presentations to installers.
Don’t lie. Don’t translate any loan docs from English or provide any gloss of the terms. Don’t say any of the forbidden phrases like “guaranteed approval”, “same-as-cash financing”, “interest-free financing”, etc. And definitely definitely do not touch their phone or computer during the application process.
The financial industry learned some things during the global financial crisis about aggressive salesmanship by its agents. Almost every bullet point in that 40 page PowerPoint has a stack of criminal convictions, billions of dollars of losses, or both to justify it.
The salesman will first quote a scary number designed to anchor you, then present the discount available if you commit within a month. They will then say there is a sweetener if and only if you sign before they leave. Compliance is very clear that if you say that in the context of acting as an agent for a financial institution it had better not be a lie, but percentages are percentages and window companies like making deals for windows, and I would not bet against the proposition that they would offer other inducements on other days for other reasons, perhaps summing to similar numbers.
They then present financing terms. I was pleasantly surprised that this was not presented in the typical obfuscating car dealer financing four square method. The real price stays onscreen on the iPad at all times and you are presented with columns for choices: pay cash (they mean immediately deliverable value, not actually specie), 12-month deferred interest financing, 15-year fixed rate financing, and pay in milestones (e.g. 50% deposit, 50% due on installation) on a credit card.
Compliance will inform representatives that you are absolutely not supposed to use the words “same as cash” and “interest-free” to describe 12 month deferred interest financing. This salaryman is unfortunately forgetful sometimes and so I cannot quite recall what the friendly local salesman actually said while pointing to the iPad. The offer is “If you fully pay for your windows within the next 12 months, you just pay the sticker price. If it takes you longer than that, you will pay us interest, starting from the date of installation, at a rate which is materially higher than the rate we quote in the next column.”
You might think, given that sketch, that the system is trying to trick naive homeowners and surprise them on day 366 with a nasty bill. I’m slightly more sympathetic. This offer is designed to be attractive to people who can bring their own financing without making the window installation dependent on that financing. If, for example, a customer does not currently have a HELOC, but is pretty sure they can get a HELOC, the window installer is saying “Great, convince any bank to give you a HELOC, then do a draw any time in the next year and repay us, and we’ll foot the interest until then. But to be clear this window is going in irrespective of your future discussions with banks. Our capital partners do not want you to attempt to skate if your financing falls through, if you get divorced, if your tax refund is smaller than expected, etc, and you will be penalized if you attempt to turn this into a backdoor installment loan.”
But the next column is where the real action is. I was quoted 6.99% APR for equal amortizing payments over 15 years. They, naturally, express this as a monthly number, but the contract floridly and in bold print (as required by regulations) discloses e.g. total interest cost over the life of the loan, the fact there is no pre-payment penalty, etc. This is as honest as consumer lending can possibly be.
You e-sign the loan documents and then the salesman thanks you for your time and arranges for another professional to come back and redundantly measure the windows. He measured for the quote, and the quote is good, but they’ll measure again because a quarter inch matters a lot more for the physical universe than it does for the spreadsheet. Then the order goes to the factory and, a few weeks later, they install the windows. You sign an acknowledgement, and then the automated software springs back into action, starting the clock on your interest and collecting payments.
Here I am going to speculate in reliance upon publicly available data sources rather than use information which I know as a result of private commercial negotiations. Window salesmen are not the only professionals who have been to Compliance training.
In the 15-minute window between the loan being applied for and signed, software has conducted a four-way commercial negotiation between the window installer, the facilitating entity, the bank, and the capital provider. The loan contract is between the customer and the bank (again, it has to be, regs) but the capital provider is a specialist institution.
There are a few banks which specialize in doing business like this. One of them is Cross River Bank, which keeps a keen eye on trends in consumer lending.
A bank which originates a loan might charge the facilitating entity an upfront fee-for-services, collect a servicing fee from the capital providers sliced out of the APR quoted to the customer, and of course retains actual economic interest in the loan… well, OK, a few hundred dollars of the loan, so that it can tell its regulators “No, really, we are lending money! It would be calumny to describe this situation as renting out a banking license!” Indicatively, that fee for services might look something like 1% of total loan volume, and the servicing fee might be 1% of the outstanding balance annually. (Mortgage servicing fees are about 0.25% but houses cost more than windows do and so you get an economy of scale. The servicing is essentially the same amount of work: you need a 1-800 number, lawyers on standby, the capability to receive checks, etc.)
So who is the capital provider and what are they getting? It will generally be a specialist fund, like say Sunlight Financial, whose name alludes to the solar business they got started in. You might naively assume “OK, 6.99% to the consumer, 1% servicing fee to the bank, so they get 5.99% APR on the loan, right?” I doubt that is the full calculation.
One reason is that loan sounds awfully cheap: the 10 year Treasury rate is currently a hair over 4%, so why would you give a consumer 15 years fixed rate financing for 6%? Even with excellent credit quality, 2% spread doesn’t sound like enough money to make a business out of this.
But: what if, like BNPLs, you could charge someone else a bit of money? Who benefits the most from this transaction? The window installer. So charge them for it. They’re clearly willing to pay something like 2.4% of the entire transaction size already, because they will happily let you buy windows with a credit card. So that’s the floor. A BNPL provider can charge Sephora something like 6% to sell lip gloss. That might be the ceiling. So can you get them to kick in… 5%? Probably.
That moves the APR as perceived by the lender to about 7.9%. (Ask Python or Excel if you don’t believe me.) It’s a bit better than this, too, because of what will happen to the fund if interest rates fall. The value of outstanding bonds increases if rates fall, but this consumer loan might get rolled into e.g. a newly cheap HELOC if rates fall. (The free no-penalty prepayment option is a fundamental challenge in mortgage finance.) So by default this is a lose-lose situation for the lender: if rates rise the value of the loan falls, if rates fall the loan very possibly gets repaid early. But with the origination fee from the installer, if rates fall and the loan is repaid early, the return on capital over the lifetime of the loan rises sharply.
If the loan is repaid after 7 years, which is approximately the average tenure in a house in the U.S., the real rate is about 8.15%. If it’s extinguished after a year, perhaps due to rates-related refinancing, about 12%.
These numbers start to sound attractive to credit funds, particularly when you have a repeatable process for generating them at 9 figure scales with independent credit quality.
As an additional wrinkle: is Sunlight the ultimate source of capital at risk? Well, if I were Sunlight, I might think of tapping the booming private credit market: borrow at a lower rate than I earn in expectation on my portfolio, collect the spread. If I were Apollo (such a natural brand to associate with sunlight, and among the world’s largest credit funds), I might buy an insurer or figure out how to get retail investors private credit exposure to fund billions of dollars to anyone who creates a loan origination engine with demonstrable credit quality.
For much more on that side of things, you should read Money Stuff or listen to Odd Lots, which cover “private credit is the new bank lending” all the time. I’m just presenting the speculative case for how private credit turns permanent capital vehicles into windows.
Compliance will tell you not to describe this as unsecured lending to the customer. I am so forgetful as to offhand comments made during sales presentations, though.
Formally, the lender does have a security interest. However, they do not want to go to the trouble of “dirtying the title” by getting a lien on the house. That can’t be done in 15 minutes. No, they only have a security interest in the window they financed.
A security interest in a car is valuable because people are quite attached to their cars and, if push comes to shove, you can repossess a car. A security interest in a house is valuable because people are quite attached to their homes and, if push comes to shove, you can foreclose on a mortgage and repossess the home. A security interest in a window is valuable because… a security interest in a window is actually not valuable.
However, by construction, the commanding majority of borrowers here have excellent credit. One factor decreasing their credit risk is that many consumers are, and this is an underwriting term of art, “judgement proof.” If you sue them for performance and a court gives you a judgement, that is worth the paper it is printed on, because they have no easily attachable assets and they might have employment in a System D fashion where garnishing their income is difficult.
A homeowner, on the other hand, always has one asset you can attach: the house, by filing a lien on it after receiving the judgement. A lien against a house is an immediately monetizable asset in the United States, because it blocks the sale of the house until it is satisfied, and there is a specialized financial ecosystem which is happy to buy that lien and then attempt collection by some combination of a) asking nicely and then in the alternative b) waiting patiently.
And so the lender’s contract is, to the extent it is concerned with credit risk, concerned with swiftly demonstrating to a court: valid contract, loan paid for windows, customer isn’t paying, issue us judgement, thank you very much, we’d like to file that judgement as a lien against coincidentally the same house. It’s only fair.
Nice new windows are better than broken ones, and the process of buying them is now painless at an attractive financing cost. They are still expensive, but homes are expensive.
Every time anyone mentions innovation in consumer lending, the same comment is made: isn’t this just the financial crisis all over again? Aren’t we stacking up billions of dollars of low-quality loans with intermediating layers of complex products like CDO-squared? Isn’t this going to blow up?
That’s an understandable point of view. But: there is an actual underwriting process here. We replaced “You write a lie on paper, no one reads it” with a computer program that never gets bored at comparing databases. The borrower is actually reasonably good credit quality, rather than a ninja (“no income, no job”; one of the subprime lending era excesses was writing NINJA loans in quantity).
If the installer successfully leans on the origination machine to lower underwriting standards and let anyone who can fog a window buy one with a smile, then the losses are largely not in the regulated banking sector and backstoppable by taxpayers. They’re mostly to sophisticated investors in credit funds, who are being paid handsomely to take that risk. The system is also self-correcting: early defaults would cause the credit funds to tighten their risk appetites and constrain originations fairly quickly, rather than encouraging refinancing to juice origination numbers, until we were all holding (to quote Margin Call) the biggest bag of odorous excrement ever assembled in the history of capitalism.
Besides, if credit quality keeps you up at night, you should be much more concerned about bog-standard commercial real estate loans.
2025-08-14 07:17:05
Much of the operation of the financial industry is legible to people outside of it. Your credit card works basically like you understand it to (excepting the occasional mythmaking about second order consequences). Debates about what terms banks are allowed to offer on credit cards are fairly straightforward and can be easily followed by non-specialists.
But some issues are under the hood, and a societal debate about them doesn’t exactly wear its consequences on its sleeves. Consider the controversy over Section 1033 of the Dodd-Frank Act (and even that framing is an effective medication for insomnia).
In July, JPMorgan Chase announced its intention to charge fintechs for access to so-called Open Banking data. This comes amidst a consortium of banks trying to sue this hithertofore obscure regulation out of existence.
Almost all discussions of it center on “data”, but it’s actually a fight about payments, and whether banks have a right to monopolize and charge for all economic activity their users engage in, irrespective of whether the bank operates the payment method.
Cards on the table: I previously worked at, and am an advisor to, Stripe, a financial infrastructure company which facilitates customers’ use of both bank-sponsored (cards, etc) and competing (account-to-account, stablecoins, etc) payment methods. Stripe does not necessarily endorse what I say in my personal spaces. (I’m also a user and tiny shareholder of Chase. One presumes they also don’t endorse what I say in my personal spaces.)
The Dodd-Frank Act was passed in the wake of the 2008 financial crisis. It included a combination of needed reforms and, effectively, partial negotiated settlements for the way in which banks had reaped enormous profits originating mortgages of less-than-stellar quality then left taxpayers holding the bag once those mortgages could not be repaid.
We’ve previously discussed one of the knuckle raps: banks had their debit card interchange capped, with an exemption for small banks. (Interchange is the fee card-accepting businesses pay to transact with bank customers.) The Durbin Amendment became a major pillar of fintech companies, as it established a revenue model for them. It also became something of a lifeline for smaller financial institutions, particularly those that partnered with fintechs.
Did banks like the interchange cap? No. It made a very lucrative line of business rather less lucrative. Taxpayers had provided about $245 billion in capital to backstop banks, and they (through the ordinary operation of a representative democracy) got a post-hoc concession for it.
The interchange cap was not the only concession in the Dodd-Frank Act. Section 1033 was another one: it is designed to increase competitiveness in financial services by establishing a presumption that banks must allow users to access their own data, including through competing providers.
In the intervening years, that competition has arrived. The banks do not like it, and would prefer it if it went away.
Financial institutions offer their customers a complex bundle of services.
You might reasonably expect that Open Banking is a fight over the budgeting app space. The banks have, via the magic of account records, a large portion of the underlying data about a household’s finances. You could imagine software using Open Banking to allow it to slurp in transactions and then categorize them. That would compete against the lackluster offerings the large banks have in their apps.
But Open Banking is not actually a fight over budgeting apps. Banks don’t make money on them and the best known standalone budgeting app, Mint, was acquired for a relatively small amount of money.
Payments, on the other hand, are an enormous business. They are monetized both by banks and by a diverse ecosystem of fintech providers.
The data banks find it annoying to make Open are, principally, account numbers. This is because, due to the long shadow of checks, possession of an account number (plus the routing number, identifying the bank) is sufficient to attempt to debit a bank account. Direct account-to-account transfers, including “pulls”, are a common payment method in many countries, but they are not a large share of consumer to business payments in the United States.
Why not? One reason is that the user experience of asking someone for their account number is pretty awful. There is no way to check in real time whether an account actually exists. Credit card numbers, in addition to having infrastructure which allows you to query them in real time, are specifically formatted so that typos in them are easily catchable.
Since you can’t know whether the account exists you certainly can’t know its current balance or whether a transaction posted against it today will succeed in a few days or be reversed for insufficient funds (or another reason). This means that businesses which use account transfers as a payment method would frequently suffer credit losses if they released goods or services at the time of “payment.” For many businesses, that isn’t a worthwhile tradeoff.
So they keep using cards. Cards give much stronger (but not foolproof) real-time guarantees of funds availability and likelihood of a transaction going through successfully. The ergonomics of card acceptance, at the register, through your phone, or in a web browser, are also much more palatable to most customers.
Several fintech companies, including Stripe, realized that they could use Open Banking to make account-to-account payments something customers would actually enjoy. The user is prompted at checkout whether they’d like to pay directly from their bank account. They log into their bank account and grants the fintech read access. This is a much stronger signal of authorization than simply knowing an account number. (We print those on every check, after all, and a check is designed to be handed to a cashier or waiter you’ll never meet again.) The fintech then grabs the account number and perhaps e.g. looks up the current balance.
Then, they can pull money from the account, through an ACH debit.
The ACH debit itself is not Open Banking. It is the ordinary operation of existing payment rails in the financial system. The ACH debit was just made much more convenient by Open Banking.
Most use of Open Banking is through so-called aggregators. Plaid and Yodlee are well-known examples.
Prior to the existence of Open Banking, the aggregators (and businesses which needed the data they can make available) were largely forced to build supportability networks, bank by bank, by writing so-called screenscraping software. Screenscraping software emulates someone typing the password into a bank’s website then browses through a live bank account to extract the information needed from it. Hopefully that screenscraping software isn’t bugged, because bugs in scrapers that interface with consequential systems are terrifying.
Aggregators would then ask users to share their bank account passwords, so they could operate the bank accounts via software automation, to get the data the aggregators’ business customers were interested in. Like, say, account numbers.
This is a worse model for users and security of the banking system than Open Banking, because sharing bank account passwords leads to misuse of accounts. The flow for Open Banking, in the best implementations, redirects users to the bank site to authorize the data sharing, without forcing the user to irrevocably cough up the keys to the kingdom.
ACH debits are not new. Businesses have been able to use them for decades. You very likely use them yourself to e.g. pay recurring bills every month, like utilities, mortgage, or credit cards. ACH debits have just been very annoying to use for payments online or at cash registers, and so almost all consumer to business payments go over card rails instead.
ACH debits are almost free.
NACHA, which administers ACH, charges a per-transaction fee of 1.85 hundredths of a cent. This compares favorably to regulated debit card interchange (21 cents plus five basis points of the transaction size) and extremely favorably to Durbin-exempt debit cards or credit cards (generally about 2.X% of the transaction size plus 20-30 cents). The interchange fee is paid mostly to the card issuing banks.
Banks would strongly prefer the world not make novel payment methods that are convenient and cost accepting businesses less than cards. Banks are interested in Section 1033 because they want to continue earning interchange revenue on coffee purchases and software subscription invoices.
But payments for goods and services are not the only interesting Open Banking use case. Useful infrastructure, once it exists, tends to get incorporated into everything.
When you open a brokerage account or engage with crypto companies, you are quite likely to pass through an Open Banking flow to link your existing bank account. You’ll use your linked bank account to fund your investments and, hopefully, eventually receive your returns.
Older users might remember that this used to require asking the brokerage to make trial transactions, typically pushing two ACH payments under $1 in total and asking you to confirm the amounts. This would demonstrate that you hadn’t typoed your bank account number, that the account could actually accept transfers, and that you (presumptively) had authorized access to that account, given that you could read recent transactions at will.
Trial transactions are painful for all parties. They insert a multi-day wait into the account opening process, and many customers abandon the process during that lull. Brokerages and fintechs were overjoyed that Open Banking largely allowed them to move away from trial transactions to authorize every new account.
There are also clever uses of Open Banking to piggyback on banks as oracles. For example, how do you, a financial institution or insurance company, know that I, a particular natural person, have authority to direct Kalzumeus Software, LLC to open a new financial account? One way you could establish that is to ask me to submit a copy of the LLC’s Articles of Organization and a Certificate of Good Standing from the great state of Nevada. Then you pass those to a backoffice paralegal, who can ascertain that the Articles name me the Managing Member, and empower the Managing Member to open new financial accounts. This costs $50 to involve Nevada, and very many small businesses in America will not succeed at the task “please locate an authoritative copy of your Articles of Organization.”
A much faster way is to use an Open Banking aggregator to read a bank account statement issued to Kalzumeus Software, LLC. This allows a second financial institution to make the reasonable inference that if I habitually direct a small business’ banking, as demonstrated by being able to grant access to its accounts, then I probably direct a small business’ banking. This will save their operations team from reviewing 100 pages of boilerplate and cut down on account opening time. (This is one of the rare and underacknowledged benefits of Know Your Customer regulations. Since banks are understood to have KYC responsibilities, the bank “vouching” for you as a customer in this fashion is treated as strong evidence by others in the economy.)
So why is Open Banking in the news now? We’ve had Open Banking for almost 15 years. The competing payment products work and work well. They are lower cost to accepting businesses and easy for customers to start using. Customers are switching to them in increasing numbers. Not all of them, but enough to worry the banks into wanting to strangle the upstarts.
This has happened via a regulatory push, litigation, and ultimatums over fees.
The Consumer Financial Protection Bureau finalized its rule for Section 1033 in late 2024. As you can tell by the lag between 2010 (when the Dodd-Frank Act was passed) and 2024, it was something of an involved process.
Relevantly, the CFPB which passed this rule was the Biden administration CFPB. I try to be non-partisan in professional spaces but will need to neutrally observe how partisan players have seen the CFPB.
The CFPB was not well loved by many people in the finance industry or the fintech community. Critics alleged that the CFPB was less a federal agency and more a one-woman show, with the stars being Senator Elizabeth Warren and a ventriloquism dummy. This was unfair. The CFPB staff was actually quite intelligent in anticipating Senator Warren’s preferred positions and rulemaking to achieve them without the dreary necessity of her writing legislation or convincing Congress to vote for it.
As I mentioned last December in discussing the debanking discourse, influential supporters of the second Trump campaign, including fintech and crypto investors, wanted the CFPB’s scalp. They essentially got what they wanted. The CFPB was hollowed out early in the new administration.
In a swift and ironic turn of events, a policy promoted by the crypto industry due to their frustration with the decisions of large banks (regarding their industry’s supportability) was quickly used by large banks for commercial advantage, catching the crypto industry in the crossfire.
Prior to the election, the Bank Policy Institute, a banking industry trade group, and the Kentucky Bankers Association sued to prevent the CFPB’s rulemaking from taking effect. I think an informed person would understand that their legal arguments are pretextural. Their policy arguments, against the normative intent of Open Banking, I’ll return to below.
The CFPB initially defended the suit vigorously, but the newly hollowed out CFPB in June announced its intention to surrender.
This has caused a bit of chaos in Washington, as Section 1033 is administered by the CFPB but is part of the financial regulatory apparatus that crypto companies actually like.
Exchanges largely monetize by charging a vig on crypto purchases, and the so-called “onramp” (transfering money from the traditional financial system to the crypto ecosystem) enables the rest of their revenue (such as e.g. receiving a cut of interest earned by stablecoin issuers or staking the coins owned by customers).
Exchanges want to accomplish the onramp at the lowest possible cost, which is through ACH debits. Their desired outcome is the new user uses an aggregator to authorize a debit from their bank account. Then, the debit is very close to free, both for the first transaction and also for subsequent transactions using the same banking details. (The exchange bears a bit of credit risk, since the debit is not known to settle successfully until about two business days later and it can be reversed long after that if it was fraudulent. These issues cost Coinbase about $20 million last quarter. It dries its tears on money.)
The legal and regulatory wrangling continues. It’s difficult for me to read tea leaves from Washington in the best of times, and in the interests of avoiding partisan commentary, I’ll refrain from confidently guessing whether statements of the administration predict its future actions over multi-week timescales.
The credit card brands, which were originally created by banking consortiums, consider Open Banking data aggregators to be an existential risk to their business. They have long wanted to co-opt or kill them.
That isn’t just me saying it. Visa attempted to buy Plaid back in 2020. The argument to Visa’s board was (pg 5) that Plaid could potentially be a, quote, “existential risk” to their debit card business, which threatened a $300 to $500 million a year revenue hit. It was cheaper to take them off the table, even at $5.3 billion. Call it an insurance policy, their CEO said.
The FTC quashed the acquisition, saying it would have the anti-competitive harm of protecting the debit card business. The FTC alleged that Visa had a near monopoly in online debit transactions. (This payments geek thinks there is actually a vibrant competitive landscape there, including internationally.)
Some commentators might assume that that was one of the Commissioner Lina Khan era anti-monopoly interventions. (This enforcement environment was part of the causus belli which flipped some notable Silicon Valley personages. It’s a complicated story and not particularly well-told by the press, in part because people with a nuanced view of the situation no longer respond to press inquiries, due to journalists’ repeated defection in an iterated game.)
While I’m not a close follower of anti-trust enforcement, I do happen to know how to use a calendar, and so feel obliged to mention that the action to stop the Plaid acquisition was late during the first Trump administration.
Politics legendarily creates strange bedfellows. Crypto companies are now asking the CFPB to revive a regulation protecting a business the first Trump administration kneecapped, after which the second Trump administration hollowed out that same agency, despite campaigning against kneecapping tech and crypto—leaving the CFPB, long a sworn enemy of big banks, in Chase’s corner dismantling the crypto industry and suppressing competing payment methods, because the administration apparently thinks that’s what its backers want.
Yep, one’s head spins.
Chase is the largest bank in the U.S., maintaining checking accounts for approximately 44 million Americans, and therefore makes up a hefty chunk of total transaction volume within the financial system.
To avoid adversarially screenscraping banking apps, which is unreliable and a bit of a security hole, the better way to do Open Banking is to negotiate API access with as many banks as possible. (Companies make APIs available to let developers access data from them in a safe and controlled fashion. API access allows customers to give secure, scoped, and revocable access to their financial information. Handing over a password is not ideal for those properties.)
This will customarily require signing a contract with the bank, obligating you to e.g. not steal the money, not attempt to hack bank servers, and not abuse customers’ expectations. These are all reasonable requests, swiftly agreed to. Most of the aggregators had agreements in place with Chase, which eagerly promotes their API access to developers.
In July, Chase started sending data aggregators notices about upcoming changes to their agreements.
The typical notice between financial institutions and developers downstream about changes to contracts is something along the lines of “We updated the wording in our privacy policy.”
These notices weren’t that. Chase was altering the deal; pray that they do not alter it further.
Chase demanded payment for access to Open Banking APIs, and would cut that access if companies interfacing with them did not acquiesce. The fees demanded were enormous.
A fintech industry trade group was quoted by the Financial Times as saying:
“Across all the companies that received the notices, the cost of just accessing Chase data is somewhere from 60 per cent and in some cases well over 100 per cent of their annual revenue for the year … Just from one bank.”
Plaid was asked for $300 million, which would be 75% of their 2024 revenue. That is likely more than the wages and benefits for all of the 1,200 people who work at Plaid.
Even as someone whose perennial advice to companies was Charge More, these don’t strike me as serious proposals to put a reasonable price tag on valuable services.
The prospect of Chase monetizing Open Banking has dragged some other banks into the fray; PNC is also looking at taking a bite at the apple. The table gets crowded quickly if even a fraction of the next 4,500 banks try to join.
You can imagine some rapid back-and-forth happening between bank and fintech negotiators happening in the background. There is some reluctance in the industry to speak of that openly, partly because negotiations are delicate and partly because some fear retaliation elsewhere in their business relationships.
But, helpfully, the banks have published their arguments, directly and via their industry associations. They are not particularly persuasive.
The best one is that banks bear risk here, and want to price it. Should a bank authorize a third party to use Open Banking, that third party might use it to exfiltrate value from a bank account. Should a bank customer authorize a transaction but regret it, perhaps because it was to a scam operation, they might ask their bank to make them whole.
Banks bear this fraud risk, the same as they do when they pay out a fraudulent check, until they can recover the money by reversing the transaction. They will not always be able to successfully reverse the transaction.
This is structurally similar to banks’ obligations under Regulation E for debit cards and Regulation Z for credit card purchases. If a consumer gets abused over card rails, the bank is good for it by regulation, less a $50 deductible that the industry universally waives in the interests of their good name. Banks are quite happy with this responsibility for cards, because card issuing prints money, but Regulation E covers almost any form of electronic payment and almost any imaginable form factor of abuse. (For non-limiting examples, see the AI-sung ditty, Doesn’t Matter, That’s Reg E.)
But account-to-account payments are less like cards and more like checks. Indeed, the Automated Clearinghouse part of “ACH debit” refers to being a clearinghouse for check payments.
Banks will occasionally take fraud losses over checking accounts. They mostly can’t charge for checks directly; customers expect to write them freely and businesses expect to deposit them for, at most, a nominal fee. Certainly you’d be laughed out of the boardroom if you suggested a check fee scaling with the size of the check. That’s check cashing nonsense, and not something that regulated financial institutions or their customers expect.
Dimon, in his 2024 letter to shareholders, laments that typical retail checking accounts are a low- or negative-margin business. As an avid reader of Chase shareholder letters, I know why Chase operates that business anyhow: it’s the foundation of their relationship with households, which they largely monetize through credit card issuance, mortgage origination, and the like. It’s also operated by design to charge lower-income lower-asset consumers less and reliably increase monetization over their long relationships with the institution
The deposit franchise, which contributes a lot to the Fortress Balance Sheet™, is most valuable when it attracts retirees, small businesses, and others who keep larger balances earning 0.01% in a savings account or nothing in checking. As a cost of acquiring that business, it offers accounts to e.g. a teenager who wanted to cash the paycheck for their summer job, even though the margins on that account might be negative for the next ten years.
And so suggesting that retail checking account availability is threatened by banks’ responsibility to monitor transactions and pay out if they make mistakes in authorization is, frankly, an insult to the intelligence of anyone familiar with banking.
Checking accounts are also a public service expected by society of banks. This is in return for their lucrative monopolies on industries like e.g. consumer debt issuance and explicit and implicit taxpayer backstops of their operation. Chase is intimately familiar with those, most recently from when it cashed a $13 billion sweetener check to acquire a failed bank.
We have made enormous strides, both from the financial industry and civil society, in banking almost everyone. That should not immediately imply “and thus banks get to charge a fee on every transaction in society.”
Chase is extremely capable of shipping payment products that customers actually want to use. Witness the Chase Sapphire Reserve, which probably half of fintech VCs and management teams use to pay for dinners, to my casual observation.
When Chase can’t successfully convince a customer to use a Chase payments rail that has a Chase CSR standing by to help out at 2 AM, Chase shouldn’t charge the accepting business money. Chase should understand that Open Banking and account-to-account payments are close in character to a check: one facilitates them in the ordinary course of business, for close to free, as part of the larger package offer.
Banks additionally make the argument that Open Banking leads to screen scraping. Certainly, as a financial technologist, I would prefer high-quality APIs with reasonable security guarantees. And some banks, like Chase, used the fifteen years of advance notice they had to develop these.
Other banks had other priorities, and are now using their own inaction to argue that screen scraping is a threat. (One can’t help but notice the bait and switch: first say aggregators must use official APIs rather than screenscrape, then claim that anyone who’s viewed developer documentation has agreed to a bill for 75% of their revenue.)
The banks additionally argue that fintechs are freeriding on substantial technology investments made by banks to serve their customers. This is extremely selective memory. Stripe did over $1.4 trillion in payment volume in 2024. Using no private information whatsoever, that implies that Stripe alone paid the banking industry somewhere in the general neighborhood of $20 billion in interchange fees.
Twenty. Billion. Dollars. From one firm alone.
It’s a little rich, pardon the pun, to cash a check for $20 billion and then whine about fintechs freeriding on your IT spend.
Credit cards are an enormously lucrative business for banks. The capability for businesses of all sizes to transact with customers worldwide over those rails is an enormous service to the world.
But cards are not and cannot be the last word in payments. We, as a society, should continue making things people want. Sometimes, the natural way to buy those things will be less compatible with cards or the assumptions baked into cards’ business model.
There has been quite a bit of enthusiasm for stablecoins in some quarters recently. Part of the sales pitch for stablecoins has been that you get to bypass the traditional financial system rails. This sales pitch does not accurately predict the operation of stablecoin businesses with material volume. Those are often operating something of a crypto mullet, with a stablecoin in the front and a bank transfer in the back. Those bank transfers are often substantially facilitated by Open Banking. This is a necessary part of the growth story for stablecoin businesses, as they are increasingly attempting to interact with the real economy, rather than crypto speculation. The real economy wants dollars and doesn’t much care what brand of database your backoffice uses.
People, particularly at the socioeconomic margins, increasingly use things which aren’t exactly a plastic rectangle. Sometimes that is a Cash App or a Venmo, or wallet directly integrated into a phone, or whatever a YC company invents next week. Our international peers like Japan (and our adversaries) have thriving payments ecosystems.
Developing these innovations will almost always need to touch the banking system because, at the end of the day, businesses want dollars. If we award banks the ability to impose a fee on any transaction that competes with their card business, that will strangle some of these innovations. This would be unfortunate, because customers and businesses benefit from choice.
It also helps us keep the banks on their toes. The industry tends to default to sleepwalking with regards to core services. Bank apps actually being quite good in the last few years is not simply a reflection of their general technical competence. They invested deliberately, after decades of underprioritization, because they saw the younger generation increasingly defecting to apps, and then they realized that would eventually threaten the deposit franchise.
The banks aren’t inherently opposed to shipping good products! They do it frequently! But if you ask the question slightly differently, they will happily bankrupt anyone who threatens revenue streams which are fat-and-happy. In that world, you get to use 1999 banking websites on Internet Explorer 5.0 forever. (And if that sounds unlikely, speak to a Korean friend sometime.)
There was also something of a kerfuffle with regards to banking supportability decisions recently. I have a nuanced point of view on it, but if I can offer a comment: when you let banks look into the economic logic of their customers’ lives to determine their pricing structure, you’re giving them the capability to pick winners and losers.
It has been reported that Chase wants a two-tier pricing system for Open Banking: one fee for data access and another, much higher, fee if someone uses that data access to facilitate a payment. These are the same products from Chase’s perspective. The same servers hold the same data. The same CSR stands ready to answer the call if a customer’s data leaks. But one of them is inimical to Chase’s preferences, and so they charge it more to discourage it.
We should not allow banks to get into the habit of sending demand letters to ruin the economics of businesses they simply do not like. Those demand letters will be inevitably abused, including in ways which are not determined by any conceivable direct business interest.
Banks are good at much of what they do, and it is quite profitable. If they want to maintain their share of wallet in their payments businesses, they employ intelligent people who are capable of shipping good products. Let them compete for the business. They’ll frequently win it, fair and square, including from me. But if customers choose to use someone else or if they mistakenly release payment to a fraudster, eh, have your teams break out Excel and try better tomorrow.