Insights by Stanford Business, Feb. 2, 2024
by Theodore Kinni
Cory Hall
In the past couple of years, a new payment option has become almost ubiquitous on online retailers’ checkout screens: Buy Now, Pay Later.
This fintech innovation offers consumers instant financing for large and small purchases on a transactional basis. In a typical purchase, a shopper might pay 25% down for that new sofa or this week’s groceries and pay off the remaining 75% in three equal installments — one every two weeks. If they make the payments on time via a bank account or credit card, the loan is interest-free.
Over the past decade, fintech companies such as Klarna, Affirm, and Afterpay have taken Buy Now, Pay Later from a niche alternative to a mainstream choice by signing up tens of thousands of retailers. The retailers offer BNPL as a payment option at the point of sale and pay a small merchant fee, as with credit cards.
Unlike plastic, however, BNPL does not require a rigorous credit check. That’s made it a hit with consumers, especially younger adults without well-established credit. Total loan volume among the largest BNPL providers grew from $8.3 billion in 2020 to $24.2 billion in 2021, according to the Consumer Financial Protection Bureau. During the 2023 holiday season alone, shoppers availed themselves of $16.6 billion in BNPL loans. Estimates for near-term growth range widely, though it’s been estimated that global loan volume could reach $1 trillion by 2025.
“BNPL is a pretty slick innovation. It is convenient and it’s basically free credit if you pay it off on time,” says Ed deHaan, a professor of accounting at Stanford Graduate School of Business.
However, it also has the potential for misuse and abuse. Read the rest here.
Sunday, February 11, 2024
The Hidden Costs of Clicking the “Buy Now, Pay Later” Button
Wednesday, March 15, 2023
When It Comes to Half-Truths, No News Is Bad News
Insights by Stanford Business, March 15, 2023
by Theodore Kinni
iStock/PeopleImages
Voluntary disclosures, like those issued by managers in quarterly earnings calls, inform investment decisions across financial markets. They can buoy — or puncture — corporate valuations and stock prices. But it isn’t always clear what effects result from the policies governing these disclosures, especially when it comes to rules about half-truths and the duty to update.
In a new article in Management Science, Anne Beyer, a professor of accounting at Stanford Graduate School of Business, and Ronald Dye of Northwestern’s Kellogg School of Management, use static and dynamic models to understand the effects of regulation on both voluntary corporate disclosure policies and the investors who depend on them.
Half-truths are disclosures that are true in and of themselves but misleading in light of other information managers know but choose to withhold. For example, if a company announces that it will be losing one of its major customers but doesn’t mention that it’s also aware that another major customer is likely to leave, that would be a half-truth. These kinds of omissions are illegal under federal securities law, but their definition is not universally agreed upon. This creates loopholes that can make it difficult to hold managers legally accountable for skirting the whole truth.
Legality aside, whether permitting half-truths in disclosures is preferable to prohibiting them is an open question. Many disclosure regulations aim at providing transparency for investors and other stakeholders. However, it is not self-evident whether barring managers from issuing half-truths leads them to disclose more information.
On the one hand, if a prohibition of half-truths is enforced, then a firm that wants to make a disclosure must disclose the entire truth and cannot selectively withhold part of the relevant information. This may cause the firm to not make any disclosure. On the other hand, if half-truths are allowed, a firm may be willing to share some information on a topic that it would be unwilling to share if full disclosure was required. Read the rest here.
Tuesday, March 9, 2021
Platform Scaling, Fast and Slow
Learned a lot lending an editorial hand here:
MIT Sloan Management Review, March 9, 2021
by Pinar Ozcan and Max Büge
Image courtesy of Michael Glenwood Gibbs/theispot.com
Shortly after its 2009 founding in San Francisco, Uber executed a simple strategy that rapidly led to its expansion on a global scale. To achieve network effects by connecting as many drivers and passengers as quickly as possible, the company prioritized launches in new cities. It hired core teams of general managers, operations managers, and community managers in multiple cities at once. In each city, these teams attracted drivers by offering existing black-car services an app — and sometimes a free smartphone — to monetize their idle time. To attract riders, the teams offered subsidized fares to attendees of large conferences and other high-profile events, signing them up and then gaining thousands more riders through word of mouth.
Rapid scaling, as exemplified by Uber, is a core element of platform strategy, with speed considered the decisive factor in the race to succeed in winner-takes-all and winner-takes-most markets. But we’ve found that rapid scaling may not be the best strategy for all platforms. In some cases, a more careful, incremental, and thus slower approach to scaling is more beneficial.
In studying platform businesses, including Airbnb, Amazon, Apple, Expedia, Facebook (particularly its e-payment project, Libra), Google, Grindr, LinkedIn, Netflix, PayPal, and Uber, we found that regulatory complexity and regulatory risk are two significant but often neglected factors in platform scaling decisions. Moreover, they are likely to become increasingly important in the years ahead as efforts to regulate tech companies gain momentum and as more companies in a greater variety of sectors and markets seek to capture the benefits of platforms. Read the rest here.
Wednesday, November 11, 2020
The Rising Risk of Platform Regulation
Learned a lot lending an editorial hand on this article:
by D. Daniel Sokol and Marshall Van Alstyne
On Oct. 6, 2020, the U.S. House Judiciary Committee’s antitrust subcommittee released a 450-page report following a 16-month inquiry into the digital economy. It recommended fundamental changes to antitrust laws generally and targeted the Amazon, Apple, Facebook, and Google technology platforms specifically. Several weeks later, the U.S. Department of Justice filed suit against Google, accusing it of using “anticompetitive tactics to maintain and extend its monopolies in the markets for general search services, search advertising and general search text advertising.” Similar regulatory initiatives aimed at platforms are underway around the world, including in the European Union, United Kingdom, Japan, Korea, and India.
The blizzard of regulatory action swirling around platforms is producing new rules and laws, expanded powers for existing regulatory authorities, and the establishment of new regulatory authorities. These outcomes will not only affect Big Tech but also many other companies, in industries such as construction, health care, finance, energy, and industrial manufacturing, that have adopted or are considering adopting platform business models.
Few platform operators and owners have fully considered how the growing regulatory risk — which includes breakups, line-of-business restrictions, acquisition limits, and interoperability and data portability mandates — could derail their businesses. As a result, they could be caught off guard, just like many companies were caught off guard when the Sarbanes-Oxley Act of 2002 mandated board restructurings and expanded executive financial accountability in the aftermath of accounting scandals. Read the rest here.
Thursday, October 15, 2020
What Elite Donors Want
Insights by Stanford Business, October 14, 2020
by Theodore Kinni
REUTERS/Joshua Roberts
In November 2012, newly elected Democratic members of the United States Congress got about a week to savor their victories. Then, the Democratic Congressional Campaign Committee advised them to start hitting the phones for 3-4 hours per day. Who were they supposed to be calling? Mainly, elite donors — the fewer than 1% of Americans who give candidates more than $200 in any given election cycle.
It isn’t news that politicians court elite donors or that elite donors have greater political access and influence than the typical voter. But, as Stanford Graduate School of Business political economist Neil Malhotra points out in an article recently published in Public Opinion Quarterly, “we know remarkably little about what they actually want from government.”
This is a particularly relevant issue during the current, seemingly endless, election cycle, in which the battle for control of the executive and legislative branches of the federal government is unusually contentious and fraught with implications for the future of the nation.
Malhotra and his coauthor David Broockman, a former Stanford GSB professor who recently moved to the University of California, Berkeley, based their findings on a survey they conducted of 1,152 elite donors, who collectively contributed more than $17.2 million to election campaigns since 2008. That survey was performed for an earlier study aimed at understanding the political anatomy of tech entrepreneurs in Silicon Valley, whom they labeled “liberaltarians.” Read the rest here.
Monday, July 15, 2019
Casting the Dark Web in a New Light
Learned a lot lending an editorial hand here:
MIT Sloan Management Review, July 15, 2019
by Keman Huang, Michael Siegel, Keri Pearlson, and Stuart Madnick
With cyberattacks increasingly threatening businesses, executives need new tools, techniques, and approaches to protect their organizations. Unfortunately, criminal innovation often outpaces their defensive efforts. In April 2019, the AV-Test Institute, a research organization that focuses on IT security, registered more than 350,000 new malware samples per day, and according to Symantec’s 2019 Internet Security Threat Report, cyberattacks targeting supply chain vulnerabilities increased by 78% in 2018.Wide-scale attacks are becoming more common, too. In October 2016, a distributed denial-of-service (DDoS) attack that hit Dyn, a domain name system (DNS) provider, in turn brought down companies such as PayPal, Twitter, Reddit, Amazon, Netflix, and Spotify. In 2017, the WannaCry and NotPetya ransomware attacks affected health care, education, manufacturing, and other sectors around the world. A report from the Department of Health in the U.K. revealed that WannaCry cost it 92 million pounds. That same year, while the cyber-defense community was working out how to fight ransomware, cryptojacking — the hijacking of other people’s machines to mine cryptocurrency — arose as a threat. Cryptojacking attacks detected by Symantec increased by 8,500% during 2017. During 2018, the value of cryptocurrencies plunged 90%, yet Symantec still blocked four times as many cryptojacking attacks as the previous year.
Attackers always seem to be one or two steps ahead of the defenders. Are they more technically adept, or do they have a magical recipe for innovation that enables them to move more quickly? If, as is commonly believed, hackers operated mainly as isolated individuals, they would need to be incredibly skilled and fast to create hacks at the frequency we’ve seen. However, when we conducted research in dark web markets, surveyed the literature on cyberattacks, and interviewed cybersecurity professionals, we found that the prevalence of the “fringe hacker” is a misconception.
Through this work, we found a useful lens for examining how cybercriminals innovate and operate. The value chain model developed by Harvard Business School’s Michael E. Porter offers a process-based view of business. When applied to cybercrime, it reveals that the dark web — that part of the internet that has been intentionally hidden, is inaccessible through standard web browsers, and facilitates criminal activities — serves as what Porter called a value system. That system includes a comprehensive cyberattack supply chain, which enables hackers and other providers to develop and sell the products and services needed to mount attacks at scale. Understanding how it works provides new, more effective avenues for combating attacks to companies, security service providers, and the defense community at large. Read the rest here.
Wednesday, May 23, 2018
Your Customers May Be the Weakest Link in Your Data Privacy Defenses
Learned a lot lending an editorial hand here:
MIT Sloan Management Review, May 22, 2018
by Bernadette Kamleitner, Vincent W. Mitchell, Andrew Stephen, and Ardi Kolah
Does your company have consumer data it isn’t legally authorized to possess?Don’t be too quick to answer. Many ethical, lawfully managed businesses do have such data — and it comes from a surprising source: their customers, who inadvertently share the personal data of their family, friends, and colleagues.
The lack of awareness regarding peer-dependent privacy is one way that London-based Cambridge Analytica Ltd. was able to collect the personal information of more than 71 million Facebook users, even though only 270,000 of them agreed to take the now-bankrupt company’s app-based personality quiz. Cambridge Analytica reportedly knew what it was doing, but any company that accesses customer data, such as contacts, call logs, and files, can unknowingly breach peer privacy.
Blame apps. Virtually all large companies offer apps to their customers, and most of those apps access and collect customer data. Often, that includes peer data, which also is collected even though the app’s owner may have no direct relationship with the user’s peers.
Consider a typical scenario: John installs a customer club membership app on his smartphone. During this process, the app requests permission to access core services on his device, including his contacts. John agrees. This opens a Pandora’s box of potential problems. John has given a third party — the company owning the app — permission to access not only his personal data, but also the personally identifiable information of the hundreds of contacts saved in his phone. None of those people, including Rachel, whose name, phone number, email address, photo, and date of birth are stored in John’s phone, agreed to share their information with the company. They have no idea that they have been caught up in a peer-dependent privacy breach.
Company executives may be no more aware of the privacy breaches built into their apps than John and his contacts. Yet, it could cost them as dearly. Under the EU General Data Protection Regulation (GDPR), any company can incur fines of up to 4% of global annual revenue or 20 million euros, whichever is greater, for failing to respect the sovereignty of EU citizens over their personal data. Notably, these fines are not limited to customer data: As of May 25, 2018, the personal data of EU citizens, including data on other people’s devices, must be obtained lawfully, fairly, and transparently in accordance with the principles of the GDPR. This implies that the fully informed consent of peers is needed prior to taking possession of their personal data (barring some other legal basis). In most cases and subject to a balancing test, companies also need to provide peers with access to their personal data and, in some cases, delete that data on demand.
In short, peer-dependent privacy has become a significant exposure for companies that want to ensure the highest standards of data protection, privacy, and regulatory compliance....read the rest here
Monday, September 18, 2017
Is Capitalism Killing America?
Insights by Stanford Business, September 18, 2017
by Theodore Kinni
On August 2, 2017, the Dow Jones Industrial Average hit a record-breaking 22,000 — its fourth 1,000-point advance in less than a year. That same day, I read the first sentence in Peter Georgescu's new book, Capitalists Arise! End Economic Inequality, Grow the Middle Class, Heal the Nation (Berrett-Koehler, 2017): “For the past four decades, capitalism has been slowly committing suicide.”
How does Georgescu, the chairman emeritus of Young & Rubicam (Y&R) and a 1963 graduate of Stanford Graduate School of Business, reconcile the Dow’s ascent with his gloomy assertion?
“The stock market has nothing to do with the economy per se,” he says. “It has everything to do with only one thing: how much profit companies can squeeze out of the current crop of flowers in the garden. Pardon the metaphor. But that’s what corporations do — they squeeze out profits.”
In the latter half of the 1990s, Georgescu shepherded Y&R through a global expansion and an IPO. He has served on the boards of eight public companies, including Levi Strauss, Toys “R” Us, and International Flavors & Fragrances. He also is the author of two previous books, The Constant Choice: An Everyday Journey from Evil Toward Good (Greenleaf, 2013) and The Source of Success (Jossey-Bass, 2005). An Advertising Hall of Fame inductee, the 78-year-old adman is still pitching corporate leaders. Now, however, he is trying to convince them to fundamentally rethink how — and for whom — they run their companies. Read the rest here.
Saturday, March 11, 2017
Regulation, Who Needs It?
Monday, July 25, 2016
Catalyst or threat? The strategic implications of PSD2 for Europe’s banks
Europe’s consumers have started to embrace the kinds of services and companies that PSD2 will foster. A PwC Strategy& study on PSD2, conducted in the first quarter of 2016, suggests that 88 percent of consumers use third-party providers for online payments, which indicates that there is a large, primed base of customers for other digital banking services.
Nevertheless, the overall response of Europe’s bankers to PSD2 is one of uncertainty: Although 68 percent of bankers fear that PSD2 will cause them to lose control of the client interface, many of them remain unsure how to respond to the new directive. As a result, they are adopting a defensive, wait-and-see stance that is risk averse.
In contrast, there are a few banks — and more third-party providers and FinTechs — that are embracing the possibilities of open banking and pursuing strategies aimed at winning a leading role in the future. They are not waiting until the implementation of PSD2.
In this report, we bring together the attitudes and behaviors of banking customers, the mind-set and concerns of bankers, and the responses of first-mover banks and FinTechs to analyze the implications and ramifications of PSD2 for Europe’s banks. And we offer five strategic options that banks can consider to expand their offerings, better serve their customers, and grow their market share and revenues.
With the adoption of PSD2, an irrevocable shift to open banking in Europe has become inevitable. Europe’s banks cannot afford to wait for the official PSD2 implementation date in 2018 to formulate a strategic response. Download the full paper here
