Skip to main content

Article

As scrutiny increases, BNPL businesses should take action

The number of Australians using buy now, pay later (BNPL) products has increased rapidly. But regulators in Australia are scrutinising BNPL plans, underscoring the importance that plan providers take action to protect their organisations.

Buy now, pay later (BNPL) plans give consumers the ability to pay for products in instalments, often interest-free. And they are extremely popular: the number of Australians using buy now, pay later (BNPL) products has more than doubled in the past year, to the point where nearly two million (or one in 10 people) now use such platforms.

Financial institutions and legacy technology providers are increasingly entering the market, with observers estimating steep growth in the coming years.

But regulators in Australia are scrutinising BNPL plans, underscoring the importance that plan providers take action to protect their organisations.

Widespread use, minimal vetting

Large payments platforms like Visa, Amex and PayPal have moved into the BNPL space, often through either acquisitions or partnerships.

Despite its widespread use, however, the BNPL process has historically required minimal — if any — vetting of a consumer’s finances. BNPL plans often do not require credit checks, which can protect less financially literate consumers from taking on more debt than they can manage to pay off.

Moreover, while some BNPL providers are formally classified as financial services companies, many others are still operating in a largely unregulated — but growing — field. That’s now changing, as regulators take a closer look at the way these offerings are structured and implications on consumer credit.

Keep up to date with regulatory changes

The ease of securing BNPL financing as well as the rapid acceleration of these services is attracting regulatory scrutiny and focus, which could lead to specific action.

The AFIA Buy Now Pay Later (BNPL) Code of Practice, which came into effect in Australia on 1 March 2021, preserves the customer’s choice to make purchases and payments in a way that suits their needs and preferences. The BNPL providers who are accredited to this Code represent an estimated 95 percent of the BNPL market, including Afterpay, Brighte, Humm Group, Klarna, Latitude, Openpay, Payright and Zip Co.

This Code has been voluntarily developed and is intended to assist Code Compliant Members of the AFIA BNPL Providers Group to:

a) Promote a customer-centric approach to the design, marketing and distribution of a BNPL Product or Service;

b) Promote high industry standards of service for customers and build best practices across the BNPL industry; and

c) Support compliance with legal and industry obligations.

Despite the current lack of regulations, BNPL providers should consider investing in robust internal controls. As the regulatory landscape shifts, companies without significant internal compliance frameworks could face significant risk, especially if new regulations require swift changes to a company’s business model.

Minimise risks through smart technology investments

BNPL providers can invest in technology to de-risk their operations through specific tools and processes, including anti-money laundering initiatives and know-your-customer technologies that allow them to verify the identity of consumers.

Because providers generally operate over technology-enabled platforms such as mobile apps, regulators will likely be interested in the cyber controls that they have put in place to safeguard information. Companies can invest in internal controls and processes that improve their resilience to cyberattacks, including multifactor authentication tools.

Critical risk transfer considerations

Greater scrutiny and new regulations requiring business changes could be costly for BNPL companies. These companies could also face litigation, either from regulators or consumers themselves.

While insurance policies can be crafted to transfer this exposure, coverage is often limited and requires extensive negotiation with carriers. BNPL companies that effectively explain their risk mitigation strategy to insurers are typically in a better position to secure cost effective coverage that is suitable for their needs.

BNPL companies may benefit from:

1.   Professional indemnity insurance, which typically provides coverage for financial or professional services provided to a customer for a fee or pursuant to an agreement and includes coverage for regulatory exposure. Companies should carefully review these policies with their brokers and insurance advisors, and clarify whether they are sufficiently covered, especially since some policies may include lenders liability exclusions.

2.   Directors and officers liability (D&O) insurance, which can provide coverage for the organisation’s directors and officers. This is particularly important for hyper-growth or publicly traded organisations that may be at risk of litigation.

3.   Cyber insurance, which can protect institutions in the event of an attack that either leads to the interruption of service or puts customer information at risk.

As the BNPL market continues to grow and regulators keep an eye on the industry, companies offering the service should revisit their risk and insurance programs. Taking action now, including stepping up internal controls and making changes to insurance coverage, may help to protect your organisation from potential regulatory and consumer action.