1999
“Electronic money” is a generic term which includes stored value cards (“SVC”) and “digital cash”. Since the operation of these have been the subject of numerous papers and books,2 I will presume that the reader is familiar with them.
This paper is concerned with the use of electronic money as a payment system. Consequently, it is assumed that we are discussing SVCs and digital cash systems that are capable of making payments to a wide class of payees and which are available to a wide class of payers. This eliminates from consideration special purpose facilities such as telephone and transport cards, although these facilities are considered briefly.
The issuers of electronic money, and institutional participants in a payment system, will be referred to as financial institutions. In real life, these may not be traditional financial institutions. It is no secret that large organisations such as software and telecommuncations companies are considering entry into the market.
In some cases, the financial institution should be an Authorised Deposit Taking Institution (“ADI”). The “holder of stored value” is required to be an ADI by the Payment System (Regulation) Act 1998. However, as discussed elsewhere, this requirement is subject to exceptions and to difficulty of interpretation.
A modern payment system will incorporate at least three major contracts.
The “Terms and Conditions” will govern the relationship between the issuing financial institution and the customer;
the “Merchant Agreement” will govern the relationships between the participating merchants and their individual financial institutions; and
the “Scheme Rules” will be a multi-party contract regulating the responsibilities of the participating financial institutions.
Drafting these contracts is a non-trivial exercise since they must “fit” together in a reasonable way: see Beatty, et al, (Beatty, Aubrey, and Bollen 1998), Beatty (Beatty 1998); Tyree (Tyree 1999a).
It might be argued that these contracts define the legal relationships between the parties and that no further analysis can or should be attempted.3 In my view, this is incorrect for several reasons. The following is merely a sample:
terms of the contracts may be held to be invalid by virtue of the Trade Practices Act 1974 (“TPA”) or the Australian Investments and Securities Commission Act 1989 (“ASICA”);
customers cannot be bound by the terms of the Merchant Agreement or the Scheme Rules since they are not privy to these contracts;
some problems may not have been foreseen by the contracts;
the “basic” relationships of the parties may entitle one party to require another to exercise rights on behalf of the first;
outside parties will not be bound by the terms of the contracts; this is particularly relevant in an insolvency;
the “fundamental” legal relationships may provide guidance when designing regulatory regimes.
These points are generally obvious and self-explanatory, but the first and fourth are particularly important for our purposes and will be discussed further. Both the TPA and the ASICA impose non-excludable warranties in favour of “consumers”.4 The content of these warranties will, to some extent, be determined by the reasonable expectations of the consumer. To the extent that a contractual term has the effect of excluding, restricting or modifying the non-excludable warranties, it will be void.5 In view of these sections, the “fundamental” legal relationship between the parties is of the utmost importance since it may determine the reasonable expectations of the parties.
The most important of these warranties for the present purposes is the “fitness for purpose” warranty. Where the consumer makes known the purpose, then the services provided must “be reasonably fit for that purpose or are of such a nature and quality that they might reasonably be expected to achieve that result”.6 The “making known” may be explicitly or implicitly. Since there is only one obvious purpose for entering into a contract for the use of a payment system, the purpose is “made known” to the supplier.
What results does a reasonable user of a payment system expect? It would be very difficult to argue against the following three expectations:
the payment will be made for the correct amount;
the payment will be made to the correct person; and
the customer will not be responsible for payments which he/she did not order.
These expectations put very strict limits on the contents of the Terms and Conditions and the Merchant Agreement.
The fourth point will arise when one of the parties is acting in a capacity similar to that of an agent. The point may be illustrated by the decision in Riedell v Commercial Bank of Australia Ltd.7 The plaintiff deposited a cheque with the defendant bank. It passed through the Melbourne clearing and was not returned dishonoured within the time allowed by the clearing rules. The cheque was later returned to the defendant bank who then reversed the credit entry and credited the drawee bank.
The court held that the defendant had received payment as agent of the plaintiff and was therefore liable for money had and received. Although the plaintiff could not complain of delays involved in the clearing procedure he was entitled to have the benefit of any advantage arising from the rules, and the bank was obliged to use those rules for the benefit of its customer.
It is obvious that if this rule applies to participants in a particular payment system then it will have an influence on the contents of the Scheme Rules and the Merchant Agreement.
For all of the above reasons, it is important to determine, if possible, the basic legal relationships in a payment system. The remainder of this paper is devoted to that determination.
In order to explore the legal nature of SVCs and other forms of electronic money, I would like to consider a hypothetical payment system that functions entirely with paper and ink. This example will help to illuminate the essential features of SVCs and so guide us to a technology neutral analysis of electronic money.
Suppose that we develop a special formula paper and ink. The characteristics of this paper and ink are that they cannot be replicated. We have the monopoly on the manufacture and on the supply. The system also depends upon stationing a “trusted person” at the premises of each participating merchant. This “trusted person” is issued with the secret formula ink.
The new payment system works like this: upon payment of a certain amount, a customer is issued with a passbook whose pages are made with the special paper. An entry is made in the passbook using the special ink. This entry records the amount standing to the credit of the customer. When a customer wishes to purchase an item from a participating merchant, the passbook is presented to a trusted representative of the passbook issuer who records a debit in the passbook using the special ink. The passbook of the merchant is credited with a similar amount at the same time.
This passbook system may be designed to be “rechargable” or “disposable”. A “rechargable” system has a provision for accepting further “deposits”,8 whereas a “disposable” system begins with the initial amount and the user is expected to throw the passbook away when its value is depleted.
The passbook system may also be “accountable” or “anonymous”, depending upon the information maintained both in the passbook and by the issuer. If the rules permit, it is possible to transfer sums from passbook to passbook by presenting both passbooks to a “trusted person”.9
There are valuable lessons to be learned from the passbook system described above. As a psychological matter, nobody would think of referring to the system as a “stored value” system, nor would anyone ever describe an entry as “transferring value”. It is seen as precisely what it is: a method of accounting.
The second lesson derives from the fact that the passbook system is functionally indistinguishable from a SVC. Rather than special formula paper and ink, SVC transactions are recorded on a computer memory. Rather than use an expensive “trusted person” we use an inexpensive computer terminal that is equipped to read and write onto the computer memory of the SVC.
Thirdly, we recognise that there is nothing magic about the use of a computer chip in a SVC. What is needed is a means of maintaining a record which may not be altered by the user and which may not be copied to another card. Cards may be made non-copyable by using embeded holographs. We could read and write encrypted messages to such a card using a laser device. This would be functionally equivalent to computer chip based SVCs but would require no software on the card. 10
The most striking feature of the passbook system is the demonstration that electronic money, at least in the form of SVCs, need not be electronic! This is not merely a clever joke: if we are going to develop a useful regulation regime, we cannot base it on “electronic” concepts.
Consider now a question that seems silly at first glance: why do we care if the passbook is copyable? The answer must obviously be that we don’t want the customer to be able to “double spend”. We need a single verifiable account that reflects the true state of affairs. The reason that the question is not as silly as it first appears is that there may be other means of achieving the result. This will be important if we wish to convert the passbook system into an electronic system since we all know that electronic messages are perfectly and easily copyable. However, importantly, we can ensure that they are not modified.11
To cope with copyable passbooks, we modify the system as follows: each passbook has a serial number. The “trusted person” not only enters the debit or credit information, but also the time at which the transaction occurs. At the same time, the “trusted person” records the time at which the passbook was last modified. This record of modification times must be available to all “trusted persons” immediately.
When the passbook is next presented, the “trusted person” checks the time of the last transaction both as recorded in the passbook and in the database. If they agree, then the transaction may proceed. Because a new time stamp is entered in the passbook and in the database, all copies of the passbook are rendered obsolete.
Although this system depends upon each passbook having a unique serial number, it does not depend upon the financial institution knowing the identity of the passbook holder. In other words, the system may still be “anonymous”.
A copyable passbook puts a premium on physical security. A rogue who copies a genuine passbook may “capture” the account. The ability to “stop” the account will depend upon the characteristics of the system. In our proposed passbook structure, the account may be stopped since each “trusted person” has access to the serial number of the passbook. In a system that used inexpensive computer terminals, the individual terminals may or may not have this capability.
It is the duty of a financial institution to maintain its customer’s accounts.12 There is, however, no duty to maintain it at the offices of the institution. The passbook system and SVCs share the characteristic that the accounts are maintained on a device which is in the possession of the customer. The institution need not be aware of the state of the account provided only that it can be certain that the account may not be tampered with by the customer or some third party.
SVCs clearly maintain accounts directly. Less obviously, but just as effectively, digital cash systems may be thought of as an accounting device. The state of the account is determined precisely by the number of “digital coins” in the possession of the customer which have not already been recorded as having been spent.
Collectively, it is useful to refer to these systems as “distributed accounting” systems. Accounts are maintained on a device or devices which are under the control of the customer rather than the institution.13
The institution still has a duty to maintain accurate accounts, but the content of this duty may be different for a distributed accounting system. Since the institution may not know the exact state of the account at any particular time, the duty becomes one of maintaining equipment and systems which are reasonably capable of maintaining accurate accounts. There may be a duty to provide facilities so that the customer may determine the state of the account, but the details of that duty may vary from system to system.
Although the institution may not know the state of any particular account, it should know the “big picture”. Part of any sensible regulation regime must include the requirement that overall liabilities be controlled.
The passbook system has one more thing to teach us. Presentation of the passbook to a “trusted person” is the means whereby the customer initiates the payment. In modern parlance, it is the “access method”.
Customers initiate a payment using an SVC by inserting the card into an appropriate terminal. Digital cash payments are initiated by presenting a copy of the “coins” to a participating merchant.
Access methods permit the customer to initiate payments. We also require some procedure which ensure that only customers initiate payments, that is, that the payments initiated are probably authorised by the proper person. Note the “probably” in the preceding sentence. An authentication method does not guarantee that the payment is legally authorised by the proper person. So, for example, the signature of the drawer is the method of authorisation used by the cheque system, but the existence of forgeries shows that the method is not foolproof.
In the passbook system and in the standard SVC system, physical possession of the passbook or card is itself the authentication method. It is, obviously, not perfect. If a passbook or card is stolen, it may be used by the thief. Such payments are clearly not authorised even though they conform to the authentication procedure.
Some authentication methods are “stronger” than others. A SVC may require the entry of a personal identification number (“PIN”). This adds a level of security to the authentication procedure, but as we know from debit cards and EFT, it is itself far from perfect.
One of the most difficult questions for regulators is the allocation of losses when transactions are authenticated but unauthorised. There are many factors to consider in determining this allocation, but one relevant one is the strength of the authentication method. Note that the choice of authentication method lies solely with the system operator.
All forms of electronic money must have several essential characteristics:
the system must implement an accounting system which may, and probably will, be a distributed accounting system;
the system must have an “access method” that permits the customer to initiate payments;
the system must have an “authentication method” that is intended to prevent strangers from initiating payments which are then debited to the customer’s account.
It seems clear that the presence of all three of these characteristics is sufficient to implement a payment system and that the absence of any one of them will be fatal. Any of the three parts may be implemented using electronic technology, but the use of electronics is not necessary.
It is also clear that no new legal concepts are needed to deal with a payment system that has the above characteristics. The method of maintaining accounts is the only significant difference from the traditional current account operated by cheque, debit card or direct credit/debit instructions.
Since money is handed over, accounts maintained and payments made from the amount handed over, there seems little reason to treat electronic money different from the usual current account. In other words, electronic money consists of “deposits”, that is, loans to the issuer which are repaid by making payments to third parties, just as described over 75 years ago by Lord Atkin in Joachimson v Swiss Bank Corp14 when making the definitive statement about the banker–customer relationship:
…The bank undertakes to receive money and to collect bills for its customer’s account. The proceeds so received are not to be held in trust for the customer, but the bank borrows the proceeds and undertakes to repay them. The promise to repay is to repay at the branch of the bank where the account is kept, and during banking hours. It includes a promise to repay any part of the amount due against the written order of the customer addressed to the bank at the branch…
The only thing that has changed is the method of making repayment. It is no longer “against the written order” of the customer but “against the access method and authenication method” of the customer.
The legal mechanism involved in the “repayment” will now be considered.
In modern payment systems, individuals circulate the liabilities of ADIs and ADIs circulate the liabilities of the Reserve Bank. The remainder of this section examines the legal mechanisms by which this might occur.15
The language will be simplified if we acknowledge the concept of a negative liability. If A owes B the sum of $100, then we normally say that A has a $100 liability to B. In the following, it will also be convenient to say that B has a –$100 liability to A.
An example will illustrate the benefits:
Suppose that A and B both hold an account with a financial institution FI. Suppose further that A’s account is in credit to the amount of $20, and B’s account is overdrawn by $40. Suppose that A orders a payment to B of $100. It is thought that such an order is an implied request by A for an overdraft.16 Assume that the institution is willing to make the payment. Without the extended use of the word “liability” we need to describe the transfer in the following terms:
FI’s liability to A is decreased by $20;
A has a new liability to FI of $80;
B’s liability to FI is decreased by $40; and
FI’s has a new liability to B of $60.
With the extended use of the word “liability” that recognises negative liabilities, we may simply say that FI’s liability to A is decreased by $100 and its liability to B is increased by a similar amount. This is not only more economical, but it gives a clearer picture of the way in which financial institutional liabilities are used to make payments.
All modern payment systems result in a reduction of the liability owed to the payer by one financial institution and the increase in the liability of another (possibly the same) financial institution owed to the payee. This is true whether payment is made by cheque, by direct credit, direct debit, SVC, digital cash or credit card. It is what is meant by saying that individuals circulate the liabilities of ADIs.
This is not to say that all legal problems have the same solution for the various payment systems, merely that the end effect of payment in each of them is the same. It may be that questions such as the right of the payer to countermand or when payment is completed have different solutions in the different systems.
Analysis of a payment may be simplified by breaking a complex transaction involving multiple ADIs into a series of simpler ones involving a single ADI. To illustrate this, consider another example: A maintains an account with FIA and B maintains an account with FIB. the end result of a payment from A to B is a decrease in the liability of FIA to A and a corresponding increase in the liability of FIB to B. This payment must be “settled” between the institutions.
This settlement is done through “settlement accounts” held with the Reserve Bank. FIA must “pay” FIB the amount of the transaction. This is done by an adjustment of the Reserve Bank liabilities, the liability to FIA being reduced and that to FIB being increased just as in any other payment.
Consequently, the payment from A to B may, for the purposes of analysis, be split into three separate simple payments:
In the first (the initiation of the payment by FIA), FIA’s liability to A is decreased by the amount of the payment and its liability to FIB is increased by the same amount;
in the second (the crediting of B’s account), the liability of FIB to FAI is reduced and its liability to B is increased.
In the third (the settlement) the liability of the Reserve Bank to FIA is reduced and its liability to FIB is increased.
The end result of the process is a debit to A’s account with FIA, a credit to B’s account with FIB, a debit to FIA’s account with the Reserve Bank and a credit to FIB’s account with the Reserve Bank.
Further analysis will show that all payments may be reduced to a series of “simple” transfers which involve the transfer of liabilities of a single financial institution. In other words, the basic payment model is: A pays B by a transfer of liabilities of some financial institution FI. More complex payments are made up of a series of “simple” transfers.
If the basic payment model is a transfer of liabilities of an ADI, we must ask: What is the legal mechanism that effects this transfer? In the context of payments, there are not many mechanisms available. I suggest that the following three devices exhaust the practical methods available:17
assignment;
negotiable instrument;
contractual obligation.
I will give only brief attention to the first two possibilities. A much fuller discussion may be found in Galvin (Galvin 1999); see also Ellinger and Lomnicka (Ellinger and Lomnicka 1994) who discuss the issues in relation to GIRO payments; Paget (Hapgood 1996) discusses similar issues in respect of electronic funds transfers.
If electronic money is simply an account with a financial institution, then it clearly may be assigned as a debt owed by the financial institution to the customer. However, it is submitted that most payments are not intended to be assignments nor do they satisfy the requirements of a successful legal or equitable assignment.
A legal assignment is a statutory creation. It has been held that a legal assignment must assign the whole of a debt.18 This requirement alone indicates that most payments are not legal assignments.
Payment instructions could be equitable assignments, a possibility recognised by s88 of the Cheques Act 1986 which provides that a cheque is not an assignment of funds in the hands of the drawee. Arguments based on the requirement of writing are no longer conclusive since s25 of the Acts Interpretation Act 1901 has extended the meaning of writing to such an extent that electronic messages might be construed as writing. A requirement of a signature is more problematic, but the concept of an electronic signature is flexible. At least one American case has held that a direct credit instruction is an assignment,19 but an English case has held that a similar payment was based on agency principles.20
It is surprisingly difficult to refute completely the possibility that a payment is an assignment. Perhaps the best argument is that the parties clearly do not contemplate it as such. It is usually not contemplated that a payee may claim directly against the paying institution. For those payments made from an account in debit, it is obvious that there is no assignment since there is no institutional debt to assign. It would be strange if the same payment was an assignment merely because the account was in credit. A similar remark applies to systems such as credit card schemes where there is no initial institutional liability to assign.
Can electronic money be considered as a negotiable instrument? As with the question of assignment, arguments based on the requirement of writing and signature must be considered as vulnerable: see the discussion of electronic bills in Gamertsfelder (Gamertsfelder 1998).
One of the problems is to determine precisely what the instrument might be. For example, when a payment is made with a SVC the card itself is not delivered. Galvin considers carefully whether the “stored value” may be negotiable, concluding that it is probably not: see Galvin (Galvin 1999). However, the view taken here is that “stored value” is nothing more than an accounting mechanism so that nothing is “delivered” or “transferred” when the card is used. Alternative technology SVCs would not even have electronic interaction with terminals, so the question could hardly arise.
Generally, the question of negotiability is not relevant to the payment system as such. So, for example, there is no doubt that a cheque is a negotiable instrument,21 but since the drawee is not liable on the instrument since it does not become an acceptor or an indorser. It is true that many cheque problems are caused by the negotiability of the cheque as a payment order, but the fact is not directly relevant to the operation of the cheque as a payment order: see Ellinger and Lomnicka (Ellinger and Lomnicka 1994).
The financial institution does add its electronic signature to some forms of electronic money. In those forms, it might be possible to argue that the “money” is a promissory note, but generally the message constituting the “money” will not be in the form of a promise: see (Tyree 1997), (Tyree 1996a), and (Tyree 1996b). Again, it is not usually contemplated that a “holder” may claim directly against the issuing institution.
The legal analysis of payment by liability transfer that makes the most sense and which accords most closely with the practice and expectation of the parties is the contractual obligation analysis. The financial institution FI increases its liability to the payee (or to the payee’s financial institution) because it is contractually bound to the payer to do so.
This certainly conforms to our knowledge of existing payment systems. An ADI pays a cheque not because it is liable on the cheque but because it is contractually bound to its customer to do so.22 Direct credits and other GIRO type payments are made as a result of contractual arrangements.23 Electronic funds transfers and EFTPOS are the same.24
In certain circumstances, the financial institution might also be under a contractual obligation to the payee. This will be the case in “substitution systems” such as documentary letters of credit. The financial institution will be under a contractual obligation to the account party to make the payment, but will also have direct contractual obligations to the payee/beneficiary.25 Similarly, there will be a direct contractual obligation to the merchant in a credit card transaction.26
Where there is more than one institution involved in the transfer, the receiving institution will be under a contractual obligation to the payee to receive the payment and credit the account of the payee. This is simply the analogue of the standard duty to collect cheques and credit the proceeds to the account of the customer.27
As described above, the customer uses the access method to give a payment instruction to the financial institution. The financial institution is then contractually bound to effect payment in accordance with the rules of operation of the payment system in question.
Because of the “reasonable expectations” of any customer using a payment system, it is clear that this contractual obligation of the financial institution must, in effect, be to follow the instructions of the customer in making the payment. This has all the earmarks of an agency arrangement, and it is submitted that the obligations of the financial institution are indeed analogous to that of an agent.
Not only does this accord with common sense, it also fits electronic money and other forms of payment squarely within the familiar framework of banking and payments law. This is valuable for all parties since it provides some predictability and guidance for settling disputes.
This does not mean that all payment systems must follow the same rules. Even less does it mean that there is no purpose for the three contracts mentioned. It does mean that these rules and contracts must fit within a familiar framework.
An example will illustrate. A customer who operates a cheque account is under an obligation to exercise care in the drawing of a cheque.28 The precise contents of this duty have been defined in a number of cases.29
By analogy, we can deduce that the customer in any payment system has a duty to use care when using the access method to give the payment instruction. However, the cases that define the content of the duty do not obviously apply to, say, giving the order by means of a SVC. It is appropriate that the Terms and Conditions spell out reasonable guidelines to be followed by the customer when using the access method.
The technical implementation of a payment system may also have some effect on the rights and obligations of the parties. For example, where a SVC is both anonymous and unaccounted it will probably be impossible to prevent unauthorised transactions where the card is lost or stolen. It is probably not unreasonable in these circumstances to throw the loss onto the customer contrary to the general rules.
Some rules appear at first instance to be contrary to general principles but are, in fact, merely an application of them. For example, in a payment system which implements “instantaneous” payments, there is no room for the right of countermand. Although this will probably be spelt out in the Terms and Conditions, it is merely an application of the rule that the right of countermand exists only so long as the agent has not acted on the original order.
Applying these principles to electronic money has some consequences which not everyone will welcome. These are:
electronic money involves the taking of deposits;
electronic money involves the operation of an “account”; and
the customer and “issuer” are in a relationship that is similar to principal and agent;
There are immediate consequences of these conclusions if we maintain the present regulatory regime. An electronic money issuer must be an ADI or must issue an appropriate prospectus. The issuer may be a “cash dealer” for the purposes of the Financial Transactions Reports Act 1988 and there may be an “account” for the purposes of that Act.30 There are real constraints on the contractual terms that may be imposed on the customer by the Terms and Conditions.
The response of electronic money issuers who do not welcome these conclusions should not necessarily be to reject them. An alternative is to begin to revue our regulatory scheme. Perhaps SVCs should not be subject to the regulation which would follow from the above analysis. Perhaps some should be and some should not. Perhaps digital cash and SVCs are different in some way.
If, however, these forms of payment are to be excluded from the existing regulatory regime, then arguments must be advanced as to why they are significantly different from other payment systems. In other words, particular characteristics must be identified which would convince us that they are, in spite of the above analysis, safe to exclude from the regulatory system.
There are many factors which might be considered. Obvious candidates are:
the size of the payments permitted; low value systems might have a greater claim for exemption from regulation;
the amount which may be held in the “account”; again, low caps on accounts may be relevant to a claim for exemption;
the class of potential payees;31
the class of people who may use the payment system.
There are probably many others, but the point is that we should exclude a payment system from regulation only because it does not raise issues that give rise to regulation in the first place.
Placing electronic payments and electronic money in the legal mainstream has numerous advantages. Most importantly, it allows us to:
draft reasonable contracts governing new schemes;
solve problems that arise with third parties and other places where contract law is not applicable; and
devise reasonable regulatory schemes.
To summarise, this paper has concluded that all existing forms of electronic money:
implement a “distributed accounting” system;
effect payment by means of transferring institutional liabilities; and
this transfer of liabilities is done by means of contractual arrangements that are similar to agency arrangements in all important aspects.
Further, the second and third points apply to all existing payment systems. Electronic money is not some special development requiring the invention of new legal rules. It is an evolutionary development which fits comfortably within our existing legal framework.