What Do Open APIs Mean for Banking Business Models? PSD2 Points of View
As the January 2018 deadline creeps closer, PSD2 – and by association instant payments and open banking – is the hot topic in the payments industry. The impact of PSD2 will be felt beyond Europe’s physical borders, as it brings open banking to the fore. As with any global issue, ideas around how best to address the challenges of open banking are fragmented, and opinions differ between retail and corporate banking.
I spoke to two of our resident experts, Craig Ramsey (director, Product Management, Transaction Banking) and Lu Zurawski (solution practice lead, Retail Banking), to get a balanced view of how to meet the challenge of ‘open.’
Rachel Hunt: Lu, why is there so little consensus around how to best approach the open requirement of PSD2?
Lu Zurawski: PSD2 is an attempt to fix an aging banking system; to remove restrictions that throttle innovation and competition, and ultimately foster a broader ecosystem with improved financial products and services that will benefit consumers and corporates alike. But the regulation doesn't prescribe exactly how to achieve that New Payments Ecosystem, because excessively prescriptive regulation is what broke the system in the first place; regulating for a homogenous set of players. PSD2 has created a spectrum of views because it is deliberately open to different interpretations.
RH: If the regulation does succeed in opening up the market, does this mean opportunity or disintermediation for traditional banking?
Craig Ramsey: PSD2 is more than just regulation, it’s a whole new way of enabling banking, and brings with it great opportunities. But in this new environment banks are not sure whether to view Open APIs, and their new ecosystem partners, as friend or foe. Banks recognize that Open APIs - and by extension their own compliance and approach to open-enabled partnerships - can encourage more customer account activity. More account activity could be the result of new accounts; or customers switching accounts to take advantage of an exclusive service offered as part of a particular fintech/bank collaboration.
The flipside of open is that banks risk losing their position as their customers’ primary touchpoint. There is also a danger if they lose access to customer data, or the opportunity to promote new services to the customer. They need to maintain ownership of the customer relationship, even within partnership offerings, to mitigate this risk.
Banks frequently maintain a ‘foe’ attitude to fintech because they (rightly) feel that the costs of ‘open’ are squarely on their shoulders, and that the fintechs have all the opportunities. While it’s easy to critique banks for being slow to innovate, agility is partly hindered by compliance and regulation that fintechs aren't required to meet. That level of compliance plays a large role in building trust in the system.
Fintechs often have a more agile proposition for the market, so banks need to embrace this, and see the opportunity in carefully managed partnerships to generate transactions across their books. It’s a volume game in payments, and the value lies in driving more transactions across all accounts a bank owns.
LZ: I think volume has a role to play, but it goes beyond the pure volume of transactions. In my opinion, the goal is to aim beyond ‘Open 1.0’. How can we use the data from these transactions in a meaningful way to help corporate customers run their businesses better? That data might be generated as a result of increased volume, but it’s the application of the data that will be the game changer.
Winning a greater share of corporate business may well lead to an increase in transaction volumes, but the transaction mix is likely to include new, non-financial transactions such as trust-based identity and authentication functions. Banks have an opportunity to move into providing identity and credentials management as a natural extension of their current services, enabled through Open APIs.
A trend towards micro-transactions, particularly by corporations involved in a future Internet of (Payment) Things (IoT), may drive demand for handling larger payment volumes. Perhaps these micropayments made by end consumers (whether human or robotic) will not translate one-to-one into corporate activity with a bank, but there will be an opportunity to provision and fund these micropayment systems in an efficient manner.
And we mustn’t write off the fintechs when it comes to corporate banking. They are not necessarily any higher risk than the kind of profile to which US SMEs are accustomed. SMEs in North America operate under a high-risk profile, putting money into lending clubs. Although typically, safe-haven funds still sit with the bank.
CR: It’s important to remember that the ‘Goliath’ in the relationship won’t always be the bank. Most people see the bank as the big company, and view the fintech as the garage start-up. Well, what if that fintech is a tech giant? The possibility that these huge new competitors are going to get easy access to the bank’s customer data is a worrying proposition.
LZ: Talking of tech giants, I’m moved to paraphrase Bill Gates; “Banking will always be necessary, but banks may not.” Alternative lending might be a minority sport in the early days of open payments, but it will happen.
RH: Will we see the same appetite for enabling open banking outside of Europe, given the lack of regulatory impetus?
LZ: Europe is being pushed towards open banking by public policy and regulatory pressure. The drive is to make payments, and retail banking, far more competitive. Rather than looking at the lack of regulation in other markets as a missing driver, you could argue that these markets don’t need the same regulatory ‘whip.’ The US payments ecosystem is already much more open in terms of vast choice for the customer. European banks are reacting to a push for greater connectivity, with Open APIs to enable partners to connect to their services.
What banks in the US and Asia Pacific have to ask themselves is: Am I accessible enough? As European competitors are driven towards an Open API-enabled payments ecosystem they will, by default, adopt an open business model and mentality to drive revenue from the exposed services. That means US banks must consider Open APIs as a strategic move – enabling them to be agile enough to compete with European banks.
CR: Every region is tackling the open trend in its own way. We know that open payments are coming, but for countries where they have yet to address the challenge of real-time payments, the truth is being made clear; Open APIs and real-time go hand-in-hand and it is not possible to address either in isolation. When enacting real-time strategy, it is essential to consider how it will integrate into an Open API plan; how can customers more easily initiate real-time payments? How to drive up the ubiquity of the new scheme?
RH: We’ve touched on the importance of maintaining ownership of the customer relationship, and the accompanying data, but why is that so crucial to open banking success?
CR: The new real-time messaging standard ISO20022 brings with it the capability to incorporate more data than just the basic payment details, which loops back to Lu’s point about finding ways to add value through the data that a bank acquires through increased non-cash volumes. ‘Big Data’ has been a buzzword for years, but we’re only just reaching the point where we can turn big data into big bucks. Advanced real-time data analytics, machine learning, the application of data science, and the advent of Hadoop have all converged in 2017 to make data-rich seams ready for mining.
Turning that data into applicable business intelligence is now a genuine possibility. For payments, that means the launch of new tailored offerings aimed at customer segments; offerings that in turn will use the continued collection and analysis of data to improve services for customers. In today’s real-time payments ecosystem, it’s about continuous evaluation and improvement of the customer experience.
RH: So is there a business case for US corporate banking to initiate an Open API strategy now?
CR: There is a misconception that the business case for Open APIs, beyond PSD2, will become clear at some point in the future. But the reality is that the business case is global, and it is imminent. A large part of the value lies in consolidation to provide a better customer experience, and becoming the aggregator of choice for customers.
Businesses - even SMEs - typically have more than one bank to provide their financial services. Each bank wants to be the primary provider, but the reality is generally a fragmented web of providers and services. A smart fintech could provide a consolidated front-end, through Open APIs, to simplify and streamline the customer experience; this would be a strong value-add for many businesses. It would then be a natural progression for the fintech to layer on special handling, new products and services, and suddenly the bank is relegated to the back-end and payment rails.
Smart banks realize that the business case is as simple as the cost of doing nothing. The opportunity is to be the provider of improved customer experience alongside innovative services, which positions an institution as the preferred single pipe into the banking network. This drives increased value from existing customers, supporting new customer acquisition and creating the potential to enter new markets with these new services.
Many banks worry that they aren’t agile enough to take hold of this opportunity in a timely manner, and could be disintermediated by more nimble competitors overnight. The way to compensate for a bank’s own slow rate of change is to partner with those nimble organizations; in other words, turn foes into friends.
If a bank makes itself easy to do business with it can become the partner of choice for fintechs that can attract customers with their unique propositions. It may even reach the point where corporates are willing to switch their primary banking provider as a means to access fintech value-added services, if the fintech holds exclusive partnerships with banking sponsors.
LZ: I agree that forward thinking banks can - and should - become the front-end aggregator on behalf of payment system users. Proactive institutions are not viewing it simply as an obligation to open up, but they are carefully watching the European landscape and thinking about how to connect into the New Payments Ecosystem and the opportunities it offers.
This also applies to institutions that aren’t historically ‘corporate’ banks. They see the opportunity to develop cross-border business models without the need for correspondent banking relationships, thanks to initiatives like the UK Open Banking initiative from the Competition and Markets Authority. With Open APIs, they can directly enter foreign banking systems with the permission of customers and users.
RH: So, what’s the key takeaway for banks when it comes to Open APIs, and more generally, open payments?
LZ: Before your bank sets itself down a path to open payments, you need to seek a range of opinions!
CR: Open banking is part of the New Payments Ecosystem. Every conversation I have with a bank explores the impact of Open APIs and open regulation, and I believe the current nebulous concept of open will evolve into a tangible shift in the market. My advice to all banks would be to fast-track planning and embrace the fintech community as part of an open banking strategy; banks that want to make the most of this opportunity need to seize it!
LZ: If banks want to take advantage of open banking initiatives, they need to understand that the future is more than just Open APIs, and more even than open payments. The future is real-time, personalized, data-driven services. If banks can achieve this, they can help to overcome the inertia that currently exists in the industry.
Successful banks will take advantage of the new agile payments ecosystem and combine this with what they already do very well: manage access to complicated settlement systems and maintain trust in the financial system.
Find out more about leveraging the opportunities of open banking: Watch the video with Lu Zurawski
Related Blog Posts
Open Banking Goes Live: The Walls Around Traditional ‘Old Style Banking’ Are Crumbling Down
January 13, 2018 may well be remembered as the ‘beginning of the end’ of the traditional retail banking industry.
Thanks to a profound set of new rules by European regulators and the UK government, we may see the start of an era where consumers no longer hesitate to change their bank accounts or make more personalized arrangements with regards to their finances.
When Is Processing Payments in The Cloud More Secure?
Back when I started my career, “Jessie’s Girl” by Australian rocker Rick Springfield topped the charts, the federal funds rate was 20 percent and most organizations were reliant upon one or more mainframe computers that were hosted in an internal “computer room.”
Another Day, Another ‘Pay’? Why Google Pay Could Be Different
The official announcement of Apple Pay back in late 2014, and Android Pay just a few months later, was the catalyst for seemingly endless prognostication on the dawn of a new era in mobile payments. Along with a clutch of ‘Pay’ cohorts, these digital wallets were widely expected to transform shopper behavior, nudging us closer to cashless world where the physical wallet could be left to collect dust at home.
Ripe For Change? New Frontiers in Merchant Payments [Klarna Q&A]
Consumers often have a love/hate relationship with online shopping. They are easily frustrated when the checkout experience does not deliver the convenience they expect, and delighted when the online journey – including payment – is smooth and frictionless.
More than Half: the Story of Cyber-Attacks and Global Organizations in 2017
Three words. It might not seem enough to cause a rethink of your 2018 cyber-security strategy, but it should. Why? Because according to the latest Forrester report, “Top Cybersecurity Threats for Retailers in 2018,” attackers breached more than half of all global enterprises in 2017.
More. Than. Half.
Oh, the Different Ways to Pay Today (Not by Doctor Seuss)
Mark, Mega Millions tickets cost 2 dollars now?!? I don’t have 2 dollars in my wallet... I don’t have any dollars in my wallet!
And due to my lack of paper currency, if I’m not in it, I can’t win it. And I wanna win it, which has got me to thinking (again) about the new(er) ways to pay. When we last tackled the topic, I think we were ranting about wearable rings, speedos, the Rio Games and maybe Ryan Lochte’s hair. We’re now approaching a saturation point when it comes to places (on the body) to put payment mechanisms (especially if you’re in Rio!).
Payments Presents a Towering Opportunity for Telcos
Mobile phone usage is soaring and, with around a third of the world’s population and up to 65 percent of Western Europeans estimated to own smartphones in 2017, it is fairly safe to conclude that digitally-connected consumers are a strong and growing group.
Payments' Big Five: what We Will be Hearing about in 2018
The new year is here… so while resolutions are enacted, and almost inevitably broken before the month is out, it is also the time to look ahead at what the next year may bring. One thing that is clear is that payments will become an even more important ingredient in the business strategy of every merchant. From my perspective, these are the five trends that will have the biggest impact in 2018.
Immediate Payments Require New Business Models First, It Solutions Can Come Later
Hungary is probably not the first country that comes to mind when talking about fintech hotspots and innovation hubs. However, the country is very much at the forefront when it comes to banking innovation in Europe. In late 2017, I had the privilege to speak at the annual Fintech Innovation Conference in Budapest. Organized by Privatbanker.hu, this was a great opportunity to meet not only Hungarian experts, but finance professionals and industry stakeholders from across the continent.
The Eba's Regulatory Technical Standards Provide the “How” to Psd2's “What”
February 2017 saw the release of the long-awaited draft regulatory technical standards (RTS) for strong customer authentication (SCA) from the European Banking Authority (EBA). The RTS defines the technical framework for the implementation of PSD2 with primary focus on SCA, and common and secure connection (CSC). In short, we could say that PSD2 covers the “what” aspect of the regulation whereas the RTS defines the “how” this is to be done.