Interview: Santander’s Paul Horlock warns of the risks of slow NPA implementation

by Anjana Haines

Share this post

Several payment initiatives are happening at the same time. If regulators and the industry fail to collaborate now, banks and other businesses face a challenging situation, according to Paul Horlock, chief payments officer at Santander UK.

A veteran in the payments sector, Horlock’s expert views about the future of the industry are often sought, particularly because of his previous roles at Pay.UK, Barclays and Nationwide, among others.

Horlock sits down with Anjana Haines, editorial director at The Payment Association, to discuss the problems with the planned implementation of the New Payments Architecture (NPA), central bank digital currencies (CBDC). He believes that if the foundations aren’t built correctly now, it could create a wide range of problems in the future and the cracks could be significant.

What do you see as the biggest risks, particularly for banks, in the coming years?

The risks are, in many cases, hidden behind some of these new ways of doing business. We’ve got to spend time thinking through the risks and the unforeseen consequences.

So, we’ve got to understand that it needs to be a joined-up approach between the HMT, BoE, the PSR, the FCA, the PRA and the commercial banks. We’ve all got to be thinking through strategically: what’s the outcome we want? What are the potential issues? And how do we understand that upfront and start to mitigate and drive away from some of the difficult situations?

The risk I see with some proposals is that they come with a great view of this ‘wonderful opportunity’ and immediately the banks start to call out the problems. We are then seen as the doomsayers.

Our views are that we are trying to see the problems for us, for UK PLC and for consumers as a whole. That’s crucial for joining the dots across that activity.

How do you see this strategic and collaborative approach working out?

That’s a tough question. I don’t think I’ve got a fully formed vision, but I can give you the current example.

When – the industry – did the Payment Strategy Forum in 2016-17, we made real progress as a group of institutions. It wasn’t just banks – we had the Bank of England, PSR, fintechs, large corporates and wider interested and affected parties in the payment ecosystem in the same room. The Blueprint of how we thought the ecosystem would work is still relevant now.

We haven’t been back in the room in such a joined-up manner for five years. What we see now is things starting off and developing on an individual basis.

The NPA seems to be struggling to deliver; we haven’t got through the process of appointing a supplier. In the meantime, you’ve got the CBDC consultation coming out, which could be damaging for the NPA usage if the volumes went in a different direction. I’m not aware of a conversation between the parties that are driving those developments to try and reconcile those positions.

So, how would I see it? I think we’ve got to get the same people around the table on a regular basis who have an opportunity to talk about what’s going on in the market.

The country is seeing a cost-of-living crisis that we haven’t seen for decades, we’ve got a war in Europe, we’ve just come out of Covid, we’ve got a massive balance of payments deficit. Yet, we are still looking at how can we spend hundreds of millions of pounds on something that actually might be hugely impacted if the next idea gets underway, because lives changed in five years.

We’ve got to validate, calibrate and agree those positions on a more regular basis and test ourselves by asking if the overall plan is still holding up.

HMT had a piece of work to do in the last couple of years to lay out a roadmap, different types of payment regulation and activity. This is an essential piece of the puzzle to ensure a strategic joined up approach.

We’ve got to get back around the table to do that and do it quickly because we are at a point where we’re being asked as banks to commit to a multi-year, multi £100 million pound investment in the NPA, when actually the world is not as it was five years ago.

Do you anticipate the big banks having to pick up the cost for future problems with siloed efforts on the NPA and CBDC?

The history has been that the larger institutions pick up the costs. And some of this is absolutely right – you process more volume; you tend to take more of the costs.

One of the things that we did, when I started at Pay.UK, was to move from a bi-yearly call model to a pay-per-click model to create a more commercial model for those banks to pay for the services. It was very clear, the more you use, the more you pay. And everybody understood that situation.

The challenge we have is when we pay for things, and we don’t release the full potential value of the investment.

I’ll give you a great example that I recently gave to the PSR.

As an industry, we delivered cheque imaging in recent years; it took time, and it was hard work. And it was very expensive – I would estimate around £100 million for the central infrastructure.

If you then add to the cost of what each bank needed to do locally, that’s probably cost the industry about £1 billion. So, if we’re going to do the NPA, that cost is going to be a magnitude higher. If you have a cost of hundreds of millions as a centre, you’re probably looking at billions as an industry.

Now, under the cheques service there is an ISO 20022 capable push payment engine. The core technology is the base of what does the job in the US with The Clearing House, for Singapore and Thailand. This isn’t being applied to the NPA challenge as the regulatory order for the NPA insists that the industry competitively procure a new engine for faster payments, on an ISO 20022 basis.

Ideally, if you were being really commercial and asking how do we leverage the investments we’ve already made; then we could look at the engine that sits under cheques and figure out how to repurpose that to deliver NPA quickly, so that we start to create real competition in the overlay market and start to drive more opportunity for customers, quicker and more effectively.

That challenge still exists. I’m making it because, as banks and larger institutions, we want to make sure we can leverage the investment we made over the last few years and if this is a better way to get customer value out of that, we need to consider it seriously.

Is there a consensus among the banks to do that?

I’m sure there would be a consensus to find the most effective way to deliver customer benefit and ensure we can get the most value for money already invested in central systems.

Do you do see anything changing on the NPA in the next three years?

We are expecting to find out who the vendor is in a couple of months’ time. Although, the plan does seem to be regularly under pressure.

There’s no doubt about it, the requirements will have gone through to a level of detail for the RFP. But once you get into the next stage, we will be into the more detailed design activity. That then has to go out to the participants to make sure we all agree with that design – that takes time.

And then once you start building and buddy testing, you’re into a couple of years’ activity before you are really getting any activities on the ground that are pumping out services to customers. That’s the sort of order of magnitude. As with any large technical delivery, this takes time and there are so many things that can then happen in the meantime.

Where do retailers sit within this because they won’t see any benefit or consequence for years?

Retailers are still very much wedded to a very mature and effective cards model. As much as there may be questions about the servicing costs, it works very well and customers can pay easily at the point of sale, with strong protection.

If we tried to introduce an account-to-account model, which may not compete practically or operationally with cards, let alone from a business case perspective, then I expect that retailers would resist. They won’t want to take the risk of downtime or delays at checkout.

It could be a long way to go before we get the account-to-account system, which really will compete practically at every level with [cards]. If that’s the aspiration, the sooner we can get off the mark to get on with it the better.

There’s a lot to make progress on. Can you share your final thoughts for the industry?

I’ve been in industry for a while now and I was referred to as a veteran in my last job before this one. With that comes a responsibility to call out what the best way is to collaborate and create value for our customers.

We can’t wait for a big milestone or iconic moments because they tend to be few and far between and are very expensive. If we can iterate with what we’ve got, we can really work hand in glove with customers and partners. I think we can start to create better solutions, faster and create benefits for customers, providers and regulators.

More To Explore


Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?