Peer-to-peer banking, a challenge to conventional banking

• Savers have never had a worse deal but for most borrowers, credit is scarce and costly. That seeming paradox attracts new businesses free of the bad balance sheets, high costs and dreadful reputations which burden most conventional banks.
• Foremost among the newcomers are peer-to-peer (P2P) lending platforms, which match borrowers and lenders directly, usually via online auctions. The loans issued often comprise many tiny slivers from different lenders. Some P2P platforms slice, dice and package the loans; others allow lenders to pick them. Either way, the result is a strikingly better deal for both sides. Zopa, a British P2P platform, offers 4.9% to lenders (most bank accounts pay nothing) and typically charges 5.6% on a personal loan (which is competitive with the rates most banks charge).
• Elsewhere, returns (and risks) are higher. IsePankur, which lends to more than 60,000 people in four euro-zone countries, pays its lenders (who include your correspondent) a stonking 21.45% average net return (after a 3% default rate). Its typical borrowers do not flinch at rates of up to 28%: they are refinancing far costlier credit-card debt and doorstep loans.
• Peer-to-peer lending is growing fast in many countries. In Britain, loan volumes are doubling every six months. They have just passed the £1 billion mark ($1.7 billion), though this is tiny against the country’s £1.2 trillion in retail deposits. In America, the two largest P2P lenders, Lending Club and Prosper, have 98% of the market. They issued $2.4 billion in loans in 2013, up from $871m in 2012. The minnows are doing even better, though they are growing from a much lower base.
• Neil Bindoff of PwC, a professional-services firm, speaks of a “perfect storm” supporting P2P’s growth. Interest rates are close to zero, the public is fed up with banks, costs are low (one third of a typical bank’s, according to Renaud Laplanche of Lending Club), and e-commerce is becoming part of daily life. People use the internet for peer-to-peer telephony (Skype) and shopping (eBay), so why not loans?
• Awareness is still low—a survey by pwc found only 15% of Britons claimed to have heard of the big P2P firms such as Zopa, Funding Circle and RateSetter; 98% had heard of the main banks. Another hurdle in Britain is that P2P is not fully regulated; that will change on April 1st. The Financial Conduct Authority will issue the new rules imminently. In America, people saving for retirement can apply tax breaks to their loans, and offset their losses against profits. Britain’s P2P industry is awaiting a decision to extend tax-free savings schemes to its lenders.
• Regulation should help forestall a big worry: that an ill-run platform might collapse, taking investors’ money with it. At a conference organised by the P2P Finance Association, a trade body, this week, executives were worried about the risks of a “Bitcoin-style bust” that could rattle confidence in the nascent industry. New rules are likely to insist that P2P businesses ringfence unlent funds gathered from savers and arrange for third parties to manage outstanding loans if they cease trading.
• Other big questions abound. One is insurance. Funds placed with P2P lenders are not covered by the state-backed guarantees that protect retail deposits in banks. Some platforms offer something of a substitute. Zopa and most other British companies have started “provision funds”, which aim (but do not promise) to make good on loans that sour. These smooth the risk for lenders, but blunt the original P2P concept. So too does insurance: Ron Suber of Prosper, America’s second-biggest lender, says “deep actuarial conversations” are going on with outsiders who would like to help lenders provide for the risk that their borrower defaults, dies, or loses his job. Purists fear such arrangements could recreate the moral hazard that has plagued conventional banking.
• The boom in cross-border P2P raises tricky legal questions. The European Commission has yet to get to grips with the industry. National rules often determine how credit is issued and debts are collected. But they offer little help when the money comes from hundreds of lenders in dozens of countries. Yield-chasing foreigners, private and institutional, are investing heavily in the American market.
• Only a third of the money coming to Lending Club is now from retail investors: the rest (the fastest-growing slice) comes from rich people and institutions. Should such big investors get a better deal—such as getting their pick of the best loans on offer? In Britain, Giles Andrews of Zopa regards the idea as anathema: all savers should be treated equally. Some others think big lenders will eventually dominate P2P.
• P2P also ends the dangerous mismatch between short-term deposits and long-term loans inherent in conventional banking—but generally by locking lenders in for the loan’s duration. A secondary market in P2P loans is developing fast. This allows investors to get their money back if they need it, usually by selling the loans at a discount. But rules vary: some platforms will buy back the loans; others just hold an auction.
• P2P is not complicated: success largely depends on marketing oomph, the quality of the algorithms used to screen borrowers and ease of use (P2P platforms are scrambling to develop apps for smartphones and tablets). P2P may attract big outsiders, such as banks, or internet companies which already have lots of data about their customers and (like Facebook) are good at connecting them. Google last year led a $125m investment in Lending Club, valuing it at $1.55 billion. It might well want more.

Can bitcoins be relied?

• Less than a year ago Mt Gox was the pinnacle of bitcoin trading, accounting for an estimated 70% of the cryptocurrency’s global transactions. Today Mt Gox is apparently gone—early Wednesday Tokyo time, its website, which had been blank all Tuesday, displayed a short message saying the exchange was closed “for the time being”. The firm’s Tokyo offices appear to be abandoned, and its chief executive and sort-of founder, Mark Karpeles, has dropped out of sight. (The only thing that has been heard from him since Sunday is an e-mail sent to Reuters, saying “We should have an official announcement ready soon-ish. We are currently at a turning point for the business. I can’t tell much more for now as this also involves other parties.”)
• Worse, according to a document entitled “Crisis Strategy Draft” that is circulating on the web and appears to come from Mt Gox, 744,400 Bitcoins are also missing, the result of “malleability-related theft” that may have been going on since the exchange began operating. When Bitcoins are traded, each transaction is recorded in a log known as the “blockchain”. But a software bug—which Bitcoin’s developers have known about since 2011, but done little to fix—creates a brief time period in which the unique ID (or TXID) of each transaction can be changed.
• The bug seems to have enabled cyberthieves to steal Bitcoins by making it appear that transactions didn’t occur—a problem exacerbated by Mt Gox’s custom software (many other Bitcoin exchanges use standard, “core” Bitcoin software), which made the bug even easier to exploit because it used an automated system to approve withdrawals. The result is a heist that, even at today’s tumbling Bitcoin values, could be in excess of $390 million, or about 6% of all Bitcoins in circulation. That would make it the largest-ever currency-related cybertheft in history.
• Mt Gox has always been an accident waiting to happen. Originally an exchange for trading cards used in the game “Magic: The Gathering” (its name is taken from Magic: The Gathering Online eXchange), the site was converted into a Bitcoin exchange by its founder, Jed McCaleb, who then sold it to Mr Karpeles in 2011. Since then, Mt Gox has been plagued with problems. It has been hacked on a regular basis, has frequently suspended trading and withdrawals, was sued by Bitcoin business-incubator CoinLab, and had some $5 million in assets seized when federal authorities shut down two of its American bank accounts, leaving Mt Gox unable to transfer Bitcoins to America. On February 7th Mt Gox halted all Bitcoin withdrawals, “to obtain a clear technical view of the currency processes”. On Sunday, Mr. Karpeles resigned from the Bitcoin Foundation, the virtual currency’s trade group. Two days later both he and Mt Gox were gone.
• Bitcoin enthusiasts, who often seem to operate within a Steve-Jobs-like reality-distortion field, were quick to distance themselves from Mt Gox—forgetting, perhaps, that until recently they had often lauded it as the most “trusted brand” in Bitcoinland. Other exchanges have rushed to assure customers that all is well, conveniently disregarding the fact that many of them, too, have been the target of a massive and clearly well-coordinated distributed denial-of-service (DDoS) cyber-attack in recent weeks—an attack also aimed at the malleability bug.
• In a recent blog post, Gavin Andresen, chief scientist of the Bitcoin Foundation and a prominent Bitcoin luminary, wrote that “it’s important to note that [D]DoS attacks do not affect people’s bitcoin wallets or funds.” Like so much else in Bitcoinland, this sounds like magical thinking. Blockchain.info, which says it is Bitcoin’s most popular online “wallet”, is less sanguine. Speaking with Coindesk.com, a virtual-currency news service, Andreas Antonopoulos, Blockchain.info’s chief security officer, said that as a result of the DDoS attacks, “malformed/parallel transactions are also being created so as to create a fog of confusion over the entire network, which then affects almost every single implementation out there.” He also assured Bitcoin enthusiasts that no funds had been lost from the system—but in the wake of the massive Mt Gox theft, that seems optimistic.
• So: Mt Gox and hundreds of millions of dollars of Bitcoins have disappeared; large parts of the Bitcoin trading system may have been compromised; the value of a Bitcoin is less than half last year’s peak and fluctuating wildly; and hordes of Bitcoin users seem either to have lost their cryptocash for good, or are unable to withdraw or trade their funds. Many are screaming for help from financial regulators, but none are likely to come to the rescue of a currency that has constantly bragged it is outside the system. Japan’s Financial Services Authority says it isn’t going to help. The only response from America has been the launch of an investigation into Bitcoin by a panel of regulators and the Conference of State Bank Supervisors. And the cryptocurrency’s Stateside woes increased today when the Alabama Securities Commission warned people to steer clear of Bitcoin—a move likely to be followed by other states.
• But as ever, much of the Bitcoin community continues to act as if nothing has happened. Six Bitcoin businesses issued a statement saying that recent events don’t “reflect the resilience or value of bitcoin.” And today’s entry on the Bitcoin Foundation’s blog is an invitation to “Bitcoin 2014” in Amsterdam (“Bitcoin is a game changer on a global scale — don’t miss out!”). It’s hard not to think that the real problem in Bitcoinland isn’t denial-of-service attacks. It’s denial.