April 24, 2020

E-commerce in COVID-19

E-commerce has been impacting the sales of bricks-and-mortar for years but the arrival of COVID-19 has accelerated changes in shopping behaviour. 

As Australia and the world adjusts to an extended period of social distancing, many are wondering what this will mean for life after the crisis has passed.

Working from home, technology use in our daily lives, shopping online…. some of the changes we’ve seen over the last few months are unlikely to be reversed, with many becoming standard arrangements or habits.

E-commerce has been impacting the sales of bricks-and-mortar for years but the arrival of COVID-19 has accelerated changes in shopping behaviour.  For example, if you’d behaviourally grocery shopped in store, COVID-19 may’ve triggered you to grocery shop online and found the online experience satisfactory.  Repeated enough times, that behaviour has potentially changed permanently.

For many businesses during this crisis, it’s meant a small operational pivot as existing digital channels sees sales volume increase.  For instance, ‘Click and Collect’ services have quickly become more available.  These businesses have adjusted and will likely continue to invest and uplift capability and automation to drive customer experience and efficiency benefits.

But for businesses with little or no website or phone presence, what are the initial considerations for beginning to move in this direction?

A website

The most important aspect of any e-commerce setup is the website – it’s the shopfront and drives the customer experience.  There’s a myriad of design considerations and operational issues around process integration which a in-house IT team or an outsourced quality website designer could assist with.

At a basic level (in addition to any legal requirements) the website must include:

  • Business name
  • Australian Business Number
  • Contact details
  • A clear description of the products or services on offer

Terms and conditions including a refund & exchange policy, delivery arrangements, etc.  There must also be a Privacy & Security statement detailing how the customers’ data is stored and managed, and what security measures are in place.

Merchant facility

You’ll need an approved facility from your bank or Payment Service Provider (PSP) to process card authorisations and deliver value to your account for approval transactions.  Typically, the provider needs to understand:

  • What a cardholder buys from you?
  • Is your business purely online or do you have a bricks and mortar presence as well?
  • Do you sell goods or services as a one-off transaction or by subscription?
  • When does the cardholder receive the goods or services in full after payment? For example, 5 business days for delivery or initial membership from day one that’s then valid for 12 months.

Payments integration

NAB customers can use NAB’s own payment gateway or use an accredited PSP as a third-party payment gateway.  Your banking partner or PSP will provide options to accept credit card payments online from customers with a variety of integration options typically supporting:

  • ‘e-commerce’: These transactions are used for taking one-off customer payments initiated in real time. This is generally using standardised Application Programming Interface (API) messaging between the website and the payment gateway.
  • ‘MOTO’ (Mail Order/Telephone Order): For mail orders, written authorisation is provided by the cardholder to charge their credit card. For telephone orders, you instead accept a verbal authorisation from the cardholder. Payment details are then submitted for processing.
  • ‘Recurring transactions’: Involves automatically charging a customer’s credit card on a regular basis, for example subscriptions or automatic bill payments. To do this, you must establish a recurring authority with the cardholder.

As technology used by banks and PSPs has evolved, card fraud has also become more sophisticated. Visa and MasterCard have developed the Payment Card Industry Data Security Standard or ‘PCI DSS’ as a means of managing risk of data compromises. All businesses that store, process and/or transmit cardholder data must comply with the PCI DSS.  Your bank or PSP will provide solutions options and guidance on this as you progress.


A new normal means many industries will see profound and long-lasting impacts to their operating environments.  Consumer behaviour will be modified and trends that have been playing out for many years will be accelerated.  The future is arriving faster than we had expected.

In terms of adjusting to rapid digitisation over this crisis, many organisations have surprised themselves with the speed, efficiency and accuracy that projects have been delivered with.  Assumptions around cost and time for a project need to be rethought – as a crisis has highlighted for many just how much can get done when the organisation is fully motivated.

In light of this, businesses should be reviewing arrangements and asking the question on what the best approach is for their sales channels ongoing.  In a fundamentally changed landscape, it’s appropriate to reassess past assumptions.  It’s increasingly likely arrangements put in place for today will have longer lasting implications for the business.

To explore options for your organisation both now and into the future, please contact your local NAB Transaction Solutions Specialist.


Speak to a specialist


Important Information

This material has been prepared by personnel in the Corporate and Institutional Bank division of National Australia Bank. It has not been reviewed, endorsed or otherwise approved by, and is not a work product of, any research department of National Australia Bank and/or its affiliates (“NAB”). Any views or opinions expressed herein are solely those of the individuals and may differ from the views and opinions expressed by other departments or divisions of NAB.

Any advice contained in this material is general and does not take into account your objectives, financial situation or needs. You should consider whether the advice is suitable for you and your personal circumstances.

This material is intended merely to highlight market developments and is not intended to be comprehensive and does not constitute investment, legal, accounting, hedge accounting or tax advice, nor does it constitute an offer or solicitation for the purchase or sale of any financial instrument or a recommendation of such product or strategy.


©2020 National Australia Bank Limited ABN 12 004 044 937


Countdown to climate risk reporting

Countdown to climate risk reporting

16 April 2024

Mandatory climate disclosures are on the way for thousands of businesses and organisations in Australia, with a start date as early as next year planned for the largest corporates. NAB unpacks what’s on the horizon.

Countdown to climate risk reporting