Internet Banking – Legal Issues
Banking over the Internet has attracted increasing attention from bankers and other financial services industry participants, the business press, regulators, and law makers. Among the reasons for Internet banking’s audience are the notion that electronic banking and payments will grow rapidly, more or less in tandem with proliferating electronic commerce; industry projections that Internet banking will cut banks’costs, increase banks’ revenue growth, and make banking more convenient for customers; and some vexing public policy issues. Despite this attention, there is a dearth of systematic information on the nature and scope of Internet banking. Bankers and public policymakers alike have had to plan using largely anecdotal evidence and conjecture.
Banks offer Internet banking in two main ways. An existing bank with physical offices can establish a Web site and offer Internet banking to its customers as an addition to its traditional delivery channels. A second alternative is to establish a “virtual,” “branchless,” or “Internet-only” bank. The computer server that lies at the heart of a virtual bank may be housed in an office that serves as the legal address of such a bank, or at some other location. Virtual banks may offer their customers the ability to make deposits and withdraw funds via ATMs or other remote delivery channels owned by other institutions.
Broadly, the levels of banking services offered through INTERNET can be categorized in to three types: (i) The Basic Level Service is the banks’ websites which disseminate information on different products and services offered to customers and members of public in general. It may receive and reply to customers’ queries through e-mail, (ii) In the next level are Simple Transactional Websites which allow customers to submit their instructions, applications for different services, queries on their account balances, etc, but do not permit any fund-based transactions on their accounts, (iii) The third level of Internet banking services are offered by Fully Transactional Websites which allow the customers to operate on their accounts for transfer of funds, payment of different bills, subscribing to other products of the bank and to transact purchase and sale of securities, etc. The above forms of Internet banking services are offered by traditional banks, as an additional method of serving the customer or by new banks, who deliver banking services primarily through Internet or other electronic delivery channels as the value added services. Some of these banks are known as ‘virtual’ banks or ‘Internet-only’ banks and may not have any physical presence in a country despite offering different banking services.
There is no denying the fact that information technology has been the most rapidly changing industry in India, and the marriage of technology and banking has to occur for India to keep pace with changes in the global scenario. Looking back, the Narasimham Committee deserves mention in that it was instrumental in forcing Indian banks to become competitive. Fleet footed private sector banks, forced the public sector banks to embrace technology and improve their level of customer service. Next, the Khan Committee was highly important in that it recommended the setting up of universal banks. Preference was given to financial institutions, which could provide a whole range of corporate financial solutions under one roof. But most importantly, the Verma Committee recommended the need for greater use of IT even in the weak Public sector banks. Actually, the nationalization of banks back in the 80s is proving to be a major obstacle in bringing about the required technological changes. Nationalization of the banking sector has led to occurrences of pseudo developmental activities for nurturing vote banks, loss of accent on performance and profitability, creation of unions etc to name a few.
Internet banking – A New Medium
The Internet has revolutionized the computer and communications world like nothing before. The invention of the telegraph, telephone, radio, and computer set the stage for this unprecedented integration of capabilities. The Internet is at once a world-wide broadcasting capability, a mechanism for information dissemination, and a medium for collaboration and interaction between individuals and their computers without regard for geographic location.
The Internet represents one of the most successful examples of the benefits of sustained investment and commitment to research and development of information infrastructure. Beginning with the early research in packet switching, the government, industry and academia have been partners in evolving and deploying this exciting new technology.
Internet is a vast network of individual computers and computer networks connected to and communicate with each other using the same communication protocol – TCP/IP (Transmission Control Protocol / Internet Protocol). When two or more computers are connected a network is created; connecting two or more networks create ‘inter-network’ or Internet. The Internet, as commonly understood, is the largest example of such a system. Internet is often and aptly described as ‘Information Superhighway’, a means to reach innumerable potential destinations. The destination can be any one of the connected networks and host computers.
In 1973, the U.S. Defense Advanced Research Projects Agency (DARPA) initiated a research program to investigate techniques and technologies for interlinking packet networks of various kinds. The objective was to develop communication protocols which would allow networked computers to communicate transparently across multiple, linked packet networks. This was called the Internetting project and the system of networks which emerged from the research was known as the “Internet.” The system of protocols which was developed over the course of this research effort became known as the TCP/IP Protocol Suite, after the two initial protocols developed: Transmission Control Protocol (TCP) and Internet Protocol (IP).
Though it began in the 1980s, it was only in the mid nineties that internet banking really caught on. What attracts customers to internet banking is the round the clock availability and ease of transactions. Studies estimate that internet banking still has a long way to go. There are several banks that have customers who prefer banking in the traditional ways. Statistics released by the FDIC show that only 40% of the banks in the U.S. offer internet banking facilities worth mentioning. All the others may have an online presence but do not have enough online transactions to justify their presence on the internet.
According to the Internet in India Report 2007 published jointly by the Internet and Mobile Association of India and IMRB International, the number of internet users in India in the ever user or claimed user category has touched 46 million in September from 32.2 million in September 2006. During the same period, the number of active internet users has reached 32 million.
Through Internet banking, we can check our transactions at any time of the day, and as many times as we want to. Where in a traditional method, we get quarterly statements from the bank. If the fund transfer has to be made outstation, where the bank does not have a branch, the bank would demand outstation charges. Whereas with the help of online banking, it will be absolutely free.
From the perspective of banking products and services being offered through Internet, Internet banking is nothing more than traditional banking services delivered through an electronic communication backbone, viz, Internet. But, in the process it has thrown open issues which have ramifications beyond what a new delivery channel would normally envisage and, hence, has compelled regulators world over to take note of this emerging channel. Some of the distinctive features of i-banking are:
- It removes the traditional geographical barriers as it could reach out to customers of different countries / legal jurisdiction. This has raised the question of jurisdiction of law / supervisory system to which such transactions should be subjected,
- It has added a new dimension to different kinds of risks traditionally associated with banking, heightening some of them and throwing new risk control challenges,
- It poses a strategic risk of loss of business to those banks who do not respond in time, to this new technology, being the efficient and cost effective delivery mechanism of banking services,
- A new form of competition has emerged both from the existing players and new players of the market who are not strictly banks.
Another advantage of Internet banking is that it is cost-effective. Thousands of customers can be dealt with at once. There is no need to have too many clerks and cashiers. The administrative work gets reduced drastically with Internet banking. Expenditures on paper slips, forms and even bank stationery have gone down, which helps raise the profit margin of the bank by a surprisingly large number.
Rough estimates assume teller cost at Re.1 per transaction, ATM transaction cost at 45 paise, phone banking at 35 paise, debit cards at 20 paise and Internet banking at 10 paise per transaction. Fully computerized banks, with better management of their customer base are in a stronger position to cross-sell their products through this channel.
As far as customers are concerned, their account information is available round the clock, regardless of their location. They can reschedule their future payments from their bank account while sitting thousands of miles away. They can electronically transfer money from their bank accounts or receive money in their bank accounts within seconds.
Bill payment service
One can facilitate payment of electricity and telephone bills, mobile phone, credit card and insurance premium bills as each bank has tie-ups with various utility companies, service providers and insurance companies, across the country. To pay bills, all one need to do is complete a simple one-time registration for each biller. One can also set up standing instructions online to pay his recurring bills, automatically. Generally, the bank does not charge customers for online bill payment.
One can transfer any amount from one account to another of the same or any another bank. Customers can send money anywhere in India. Once one login to his account, he need to mention the payees’s account number, his bank and the branch. The transfer will take place in a day or so, whereas in a traditional method, it takes about three working days.
Credit card customers
With Internet banking, customers can not only pay their credit card bills online but also get a loan on their cards. If one loses his credit card, he can report lost card online.
Investing through Internet banking
One can now open an FD online through funds transfer. Now investors with interlinked demat account and bank account can easily trade in the stock market and the amount will be automatically debited from their respective bank accounts and the shares will be credited in their demat account. Moreover, some banks even give one the facility to purchase mutual funds directly from the online banking system.
Nowadays, most leading banks offer both online banking and demat account. However if one has his demat account with independent share brokers, then he need to sign a special form, which will link his two accounts.
With a range of all kind of products, one can shop online and the payment is also made conveniently through one’s account. One can also buy railway and air tickets through Internet banking.
One of the biggest attractions of Internet as an electronic medium is its openness and freedom. It is a public domain and there is no restriction on who can use it as long as one adheres to its technical parameters.
Internet is not an unmixed blessing to the banking sector. Along with reduction in cost of transactions, it has also brought about a new orientation to risks and even new forms of risks to which banks conducting i-banking expose themselves. Regulators and supervisors all over the world are concerned that while banks should remain efficient and cost effective, they must be conscious of different types of risks this form of banking entails and have systems in place to manage the same. An important and distinctive feature is that technology plays a significant part both as source and tool for control of risks. Because of rapid changes in information technology, there is no finality either in the types of risks or their control measures. Both evolve continuously.
Operational risk, also referred to as transactional risk is the most common form of risk associated with i-banking. It takes the form of inaccurate processing of transactions, non enforceability of contracts, compromises in data integrity, data privacy and confidentiality, unauthorized access / intrusion to bank’s systems and transactions etc. Such risks can arise out of weaknesses in design, implementation and monitoring of banks’ information system. Besides inadequacies in technology, human factors like negligence by customers and employees, fraudulent activity of employees and crackers / hackers etc. can become potential source of operational risk. Often there is thin line of difference between operational risk and security risk and both terminologies are used interchangeably.
Security risk arises on account of unauthorized access to a bank’s critical information stores like accounting system, risk management system, portfolio management system, etc. A breach of security could result in direct financial loss to the bank. For example, hackers operating via the Internet, could access, retrieve and use confidential customer information and also can implant virus. This may result in loss of data, theft of or tampering with customer information, disabling of a significant portion of bank’s internal computer system thus denying service, cost of repairing these etc. Other related risks are loss of reputation, infringing customers’ privacy and its legal implications etc. Thus, access control is of paramount importance. Controlling access to banks’ system has become more complex in the Internet environment which is a public domain and attempts at unauthorized access could emanate from any source and from anywhere in the world with or without criminal intent. Attackers could be hackers, unscrupulous vendors, disgruntled employees or even pure thrill seekers. Also, in a networked environment the security is limited to its weakest link. It is therefore, necessary that banks critically assess all interrelated systems and have access control measures in place in each of them.
As Internet banking transactions are conducted remotely banks may find it difficult to apply traditional method for detecting and preventing undesirable criminal activities. Application of money laundering rules may also be inappropriate for some forms of electronic payments. Thus banks expose themselves to the money laundering risk. This may result in legal sanctions for non-compliance with ‘know your customer’ laws.
The Indian banks’ record in Internet banking is nothing much to write about. The ICICI Bank kicked off online banking in 1996, followed by a host of other banks. But even for the Internet as a whole, 1996 to 1998 marked the adoption phase, while usage increased only in 1999, owing to lower ISP online charges, increased PC penetration and a tech-friendly atmosphere.
On the other hand, the Public Sector Banks (PSUs) lagged in the race for adopting Internet banking practices. While, among the PSUs, the State Bank of India took the lead, others are yet to catch up on Internet banking services.
Some banks blame it on the lack of regulations and procedures to go online. But, not many are willing to buy the argument. More than a lack of regulatory framework, it is a lack of zeal and a mindset attuned towards resisting any new technology that is holding back the nationalized banks.
Internet banking is an extension of traditional banking services. However, there are several instances, which contradict the legal framework for internet banking in India: Banking Regulations Act, 1949, the Reserve Bank of India Act, 1934 and the Foreign Exchange Management Act, 1999.
The Information Technology Act 2000 attempted to address a number of e-commerce regulatory issues. Many feel that grey areas still exist, which have neither been spelt out properly nor any workable modes of implementation suggested by Constitutional institutions.
The IT Act of 2000 did address the need for banks to go online and have laid out security measures to be adopted. However, one cannot say the aspirations of the industry have been satisfactorily looked into.
The Reserve Bank of India has taken several initiatives in setting guidelines for internet banking, and reviews them at periodic intervals. Most important, RBI approval was made mandatory for all banks before offering any transactional services over the Internet. This was however shelved, giving banks more autonomy on the online space, though ensuring at the same time, that it would be strictly under the provisions of the RBI.
Earlier, the RBI had adopted the recommendations of the ‘Working Group on Internet Banking,’ which examined three thrust areas such as Technology and security issues, legal issues and regulatory and supervisory issue.
The main recommendations of the ‘Working Group on Internet Banking,’ are as follows-
The banks providing Internet banking service, at present are only accepting the request for opening of accounts. The accounts are opened only after proper physical introduction and verification. Considering the legal position prevalent, particularly of Section 131 of the Negotiable Instruments Act, 1881 and different case laws, the Group holds the view that there is an obligation on the banks not only to establish the identity but also to make enquiries about integrity and reputation of the prospective customer. The Group, therefore, endorses the present practice but has suggested that after coming in to force of the Information Technology Act, 2000 and digital certification machinery being in place, it may be possible for the banks to rely on digital signature of the introducer.
The present legal regime does not set out the parameters as to the extent to which a person can be bound in respect of an electronic instruction purported to have been issued by him. Generally authentication is achieved by security procedure, which involves methods and devices like user-id, password, personal identification number (PIN), code numbers and encryption etc., used to establish authenticity of an instruction. However, from a legal perspective a security procedure needs to be recognized by law as a substitute for signature. In India, the Information Technology Act, 2000, in Section 3(2) provides for a particular technology (viz., the asymmetric crypto system and hash function) as a means of authenticating electronic record. This has raised the doubt whether the law would recognize the existing methods used by banks as valid methods of authentication. The Group holds the view that as in case of other countries, the law should be technology neutral.
In keeping with the view that law should be technology neutral, the Group has recommended that Section 3(2) of the Information Technology Act, 2000 needs to be amended to provide that in addition to the procedure prescribed there in or that may be prescribed by the Central government, a security procedure mutually agreed to by the concerned parties should be recognized as a valid method of authentication of an electronic document / transaction during the transition period.
Banks may be allowed to apply for a license to issue digital signature certificate under Section 21 of the Information Technology Act, 2000 and function as certifying authority for facilitating Internet banking. Reserve Bank of India may recommend to Central Government for notifying the business of certifying authority as an approved activity under clause (o) of Section 6(1) of the Banking Regulations Act, 1949.
Section 40A(3) of the Income Tax Act, 1961 recognizes only payments through a crossed cheque or crossed bank draft, where such payment exceeds Rs. 20000/-, for the purpose of deductible expenses. Since the primary intention of the above provision, which is to prevent tax evasion by ensuring transfer of funds through identified accounts, is also satisfied in case of electronic transfer of funds between accounts, such transfers should also be recognized under the above provision. The Income Tax Act, 1961 should be amended suitably.
Under the present regime there is an obligation on banks to maintain secrecy and confidentiality of customer’s account. In the Internet banking scenario, the risk of banks not meeting the above obligation is high on account of several factors like customers not being careful about their passwords, PIN and other personal identification details and divulging the same to others, banks’ sites being hacked despite all precautions and information accessed by inadvertent finders. Banks offering Internet banking are taking all reasonable security measures like SSL access, 128 bit encryption, firewalls and other net security devices, etc. The Group is of the view that despite all reasonable precautions, banks will be exposed to enhanced risk of liability to customers on account of breach of secrecy, denial of service etc., because of hacking/ other technological failures. The banks should, therefore, institute adequate risk control measures to manage such risk.
In Internet banking scenario there is very little scope for the banks to act on stop-payment instructions from the customers. Hence, banks should clearly notify to the customers the timeframe and the circumstances in which any stop-payment instructions could be accepted.
The banks providing Internet banking service and customers availing of the same are currently entering into agreements defining respective rights and liabilities in respect of Internet banking transactions. A standard format / minimum consent requirement to be adopted by banks may be designed by the Indian Banks’ Association, which should capture all essential conditions to be fulfilled by the banks, the customers and relative rights and liabilities arising there from. This will help in standardizing documentation as also develop standard practice among bankers offering Internet banking facility.
The concern that Internet banking transactions may become a conduit for money laundering, has been addressed by the Group. Such transactions are initiated and concluded between designated accounts. Further, the proposed Prevention of Money Laundering Bill 1999 imposes obligation on every banking company to maintain records of transactions for certain prescribed period. The Banking Companies (Period of Preservation of Records) Rules, 1985 also require banks to preserve certain records for a period ranging between 5 to 8 years. The Group is of the view that these legal provisions which are applicable to all banking transactions, whether Internet banking or traditional banking, will adequately take care of this concern and no specific measures for Internet banking is necessary.
The Consumer Protection Act, 1986 defines the rights of consumers in India and is applicable to banking services as well. Currently, the rights and liabilities of customers availing of Internet banking services are being determined by bilateral agreements between the banks and customers. It is open to debate whether any bilateral agreement defining customers rights and liabilities, which are adverse to consumers than what is enjoyed by them in the traditional banking scenario will be legally tenable. Considering the banking practice and rights enjoyed by customers in traditional banking, it appears the banks providing I-banking may not absolve themselves from liability to the customers on account of unauthorized transfer through hacking. Similar position may obtain in case of denial of service. Even though, The Information Technology Act, 2000 has provided for penalty for denial of access to a computer system (Section-43) and hacking (Section – 66), the liability of banks in such situations is not clear. The Group was of the view that the banks providing Internet banking may assess the risk and insure themselves against such risks.
The Information Technology Act, 2000, in Section 72 has provided for penalty for breach of privacy and confidentiality. Further, Section 79 of the Act has also provided for exclusion of liability of a network service provider for data traveling through their network subject to certain conditions. Thus, the liability of banks for breach of privacy when data is traveling through network is not clear. This aspect needs detailed legal examination. The issue of ownership of transactional data stored in banks’ computer systems also needs further examination.
Regulatory and Supervisory Issues:
All banks, which propose to offer transactional services on the Internet should obtain approval from RBI prior to commencing these services. Bank’s application for such permission should indicate its business plan, analysis of cost and benefit, operational arrangements like technology adopted, business partners and third party service providers and systems and control procedures the bank proposes to adopt for managing risks, etc. The bank should also submit a security policy covering recommendations made in chapter-6 of this report and a certificate from an independent auditor that the minimum requirements prescribed there have been met. After the initial approval the banks will be obliged to inform RBI any material changes in the services / products offered by them.
RBI may require banks to periodically obtain certificates from specialist external auditors certifying their security control and procedures. The banks will report to RBI every breach or failure of security systems and procedure and the latter, at its discretion, may decide to commission special audit / inspection of such banks.
To a large extent the supervisory concerns on Internet banking are the same as those of electronic banking in general. The guidelines issued by RBI on ‘Risks and Controls in Computers and Telecommunications’ will equally apply to Internet banking. The RBI as supervisor would cover the entire risks associated with electronic banking as a part of its regular inspections of banks and develop the requisite expertise for such inspections. Till such capability is built up, RBI may outsource this function to qualified EDP auditors.
Record maintenance and their availability for inspection and audit is a major supervisory focus. RBI’s guidelines on ‘Preservation and Record Maintenance’ will need to be updated to include risks heightened by banking on the net. The enhancements will include access to electronic record only by authorized officials, regular archiving of data, a sufficiently senior officer to be in charge of archived data with well defined responsibilities, use of proper software platform and tools to prevent unauthorized alteration of archived data, availability of data on-line, etc. If not available on-line, the system should be capable of making available the data for the same financial year within 24 hours and past data within a period of maximum 48 hours.
Banks should develop outsourcing guidelines to manage effectively, risks arising out of third party service providers such as risks of disruption in service, defective services and personnel of service providers gaining intimate knowledge of banks’ systems and misutilizing the same, etc. Alternatively, IBA or IDBRT may develop broad guidelines for use of the banking community.
With the increasing popularity of e-commerce, i.e, buying and selling over the Internet, it has become imperative to set up ‘Inter-bank Payment Gateways’ for settlement of such transactions. The Group have suggested a protocol for transactions between the customer, the bank and the portal and have recommended a framework for setting up of payment gateways. In their capacity as regulator of banks and payment systems of the country, the RBI should formulate norms for eligibility of an institution to set up a payment gateway and the eligible institution should seek RBI’s approval for setting up the same.
Only institutions who are members of the cheque clearing system in the country may be permitted to participate in Inter-bank payment gateways for Internet payment. Each gateway must nominate a bank as the clearing bank to settle all transactions. Only direct debits and credits to accounts maintained with the participating banks by parties to an e-commerce transaction may be routed through a payment gateway. Payments effected using credit cards, payments arising out of cross border e-commerce transactions and all intra-bank payments (i.e., transactions involving only one bank) should be excluded for settlement through an inter-bank payment gateway.
Inter-bank payment gateways must have capabilities for both net and gross settlement. All settlement should be intra-day and as far as possible, in real time. It must be obligatory for payment gateways to maintain complete trace of any payment transaction covering such details like date and time of origin of transaction, payee, payer and a unique transaction reference number (TRN).
Connectivity between the gateway and the computer system of the member bank should be achieved using a leased line network (not through Internet) with appropriate data encryption standard. All transactions must be authenticated using user-id and password. Once, the regulatory framework is in place, the transactions should be digitally certified by any licensed certifying agency. SSL / 128 bit encryption must be used as minimum level of security. Adequate firewalls and related security measures must be taken to ensure privacy to the participating institutions in a payment gateway. Internationally accepted standards such as ISO8583 must be used for transmitting payment and settlement messages over the network.
The RBI may have a panel of auditors who will be required to certify the security of the entire infrastructure both at the payment gateway end and the participating institutions end prior to making the facility available for customers use.
The credit risk associated with each payment transaction will be on the payee bank. The legal basis for such transactions and settlement will be the bilateral contracts between the payee and payee’s bank, the participating banks and service provider and the banks themselves. The rights and obligations of each party must be clearly stated in the mandate and should be valid in a court of law.
It will be necessary to make customers aware of risks inherent in doing business over the Internet. This requirement will be met by making mandatory disclosures of risks, responsibilities and liabilities to the customers through a disclosure template. The banks should also provide their latest published financial results over the net.
Hyperlinks from banks’ websites, often raise the issue of reputational risk. Such links should not mislead the customers in to believing that they sponsor any particular product or any business unrelated to banking. Hence, hyperlinks from a banks’ websites should be confined to only those portals with which they have a payment arrangement or sites of their subsidiaries or principals. Hyperlinks to banks’ website from different portals are normally meant to pass information pertaining to purchases made by banks’ customers in the portal. Banks must follow the minimum recommended security precautions while dealing with such request, which includes customer authentication through user-id and password, independent confirmation of transaction by the customer and authorizing payment, use of SSL and 128 bit encryption for all communication both with the portal and customer browser terminal, etc.
On the question of additional capital charge on banks, which undertake Internet banking, the group held the view that standards have not yet been developed for measuring additional capital charge for operational risk. However, this requirement could be covered as the RBI moves towards risk based supervision.
The applicability of various existing laws and banking practices to e-banking is not tested and is still in the process of evolving, both in India and abroad. With rapid changes in technology and innovation in the field of e-banking, there is a need for constant review of different laws relating to banking and commerce. The Group, therefore, recommends that the Reserve Bank of India may constitute a multi disciplinary high level standing committee to review the legal and technological requirements of e-banking on continual basis and recommend appropriate measures as and when necessary.
The regulatory and supervisory framework for e-banking is continuing to evolve and the regulatory authorities all over the world recognize the need for cooperative approach in this area. The Basle Committee for Banking Supervision (BCBS) has constituted an Electronic Banking Group (EBG) to develop guiding principles for the prudent risk management of e-banking activities. This Working Group, therefore, recommends that the Reserve Bank of India should maintain close contact with regulating / supervisory authorities of different countries as well as with the Electronic Banking Group of BCBS and review its regulatory framework in keeping with developments elsewhere in the world.
In a competitive market where services command market share, banks are constantly vying for customers. Banking has become a process of choice and convenience; better the service, customers tend to bank, and vice-versa, and Internet Banking is vital for both the industry and the customer.
The future of banking would be in terms of integration, as people will have less time for banking.
People will want to process more transactions on the Internet. There will be more activity in terms of applications and services on the mobile. Geography will not be an inhibitor any more as everything is executable on the net.
In the Internet banking system, information is considered as an asset and so worthy of protection. However, the present system of authentication does not address the security aspect in full. This calls for an urgent need to acclimatize the whole system.
According to Online Banking Association, member institutions rated security as the most important issue of online banking. There is a dual requirement to protect customers’ privacy and protection against fraud.
Another major issue is that of Data Protection and the need for a legal and regulatory framework.
Information security in e-banking presents two main areas of risk: preventing unauthorized transactions and maintaining integrity of customers’ transactions. Data protection falls in the latter. Data protection laws primarily aim to safeguard the interest of the individual whose data is handled and processed by others. ‘Interests’ are usually expressed in terms of privacy, autonomy and/or integrity.
The Internet and its underlying technologies will change and transform not just banking, but also all aspects of finance and commerce. It represents much more than a new distribution opportunity. It will enable nimble players to leverage their brick and mortar presence to improve customer satisfaction and gain share. It will force lethargic players who are struck with legacy cost basis, out of business since they are unable to bring to play in the new context.