As retail payments shift increasingly from paper to electronic form, payment products, services, rules, and technologies are changing rapidly. So too are the risks associated with operational disruptions, fraud, illicit use, and breaches of data security. However, emerging—and even established—providers of payment methods can manage these risks by employing the right techniques, according to a forthcoming study in the Economic Policy Review.

In “Understanding Risk Management in Emerging Retail Payments,” Michele Braun, James McAndrews, William Roberds, and Richard Sullivan consider whether, in an evolving payment environment, providers of emerging payment methods have sufficient incentives and tools to control risk before problems materialize.

The authors explain that emerging payment methods are making retail transactions less expensive and easier to process, while opening new commercial venues for the transactions. As with more established forms of payment, the ultimate success of these methods will depend on the ability of providers to manage and mitigate risk; new payment methods that fail to do so face rejection in the market.

The study presents an economic framework for understanding risk control in retail payments and applies it to the risk associated with three types of payments: general-purpose prepaid cards, e-check payments made through the Automated Clearinghouse system, and proprietary online balance-transfer systems. The payment types incorporate new technologies, new networks, and new rules to create an entirely new payment method. They are used in different venues, employ different means for initiating payments, and clear and settle transactions differently—yet they rely on similar risk mitigation strategies.

Braun et al. argue that containment programs are critical to payment risk management. These programs include coordinated industry efforts to develop and maintain risk mitigation standards, monitor compliance with standards, and enforce penalties for noncompliance. Limiting access to the payments system is an essential tool, with exclusion from the system serving as the ultimate penalty.

The authors caution that containment alone does not eliminate risk. However, a payments system can successfully manage risk if it recognizes problems quickly, encourages commitment from all participants to control risk, and uses an appropriate mix of market and public policy mechanisms to align risk management incentives.

An important lesson to be taken from the study, the authors observe, is that the techniques for mitigating the risks asso­ciated with fraud and data breaches are thus far meeting with success. “Generally, market mechanisms appear to encourage providers to mitigate risks appropriately,” they note. “Most private sector providers have the tools to manage many of these risks, particularly because they treat the integrity of the network as a “club good”; in other words, they retain the option to exclude any party that fails to comply with the network’s safeguards.”