What Do Open APIs Mean for Banking Business Models? PSD2 Points of View
As the January 2018 deadline creeps closer, PSD2 – and by association instant payments and open banking – is the hot topic in the payments industry. The impact of PSD2 will be felt beyond Europe’s physical borders, as it brings open banking to the fore. As with any global issue, ideas around how best to address the challenges of open banking are fragmented, and opinions differ between retail and corporate banking.
I spoke to two of our resident experts, Craig Ramsey (director, Product Management, Transaction Banking) and Lu Zurawski (solution practice lead, Retail Banking), to get a balanced view of how to meet the challenge of ‘open.’
Rachel Hunt: Lu, why is there so little consensus around how to best approach the open requirement of PSD2?
Lu Zurawski: PSD2 is an attempt to fix an aging banking system; to remove restrictions that throttle innovation and competition, and ultimately foster a broader ecosystem with improved financial products and services that will benefit consumers and corporates alike. But the regulation doesn't prescribe exactly how to achieve that New Payments Ecosystem, because excessively prescriptive regulation is what broke the system in the first place; regulating for a homogenous set of players. PSD2 has created a spectrum of views because it is deliberately open to different interpretations.
RH: If the regulation does succeed in opening up the market, does this mean opportunity or disintermediation for traditional banking?
Craig Ramsey: PSD2 is more than just regulation, it’s a whole new way of enabling banking, and brings with it great opportunities. But in this new environment banks are not sure whether to view Open APIs, and their new ecosystem partners, as friend or foe. Banks recognize that Open APIs - and by extension their own compliance and approach to open-enabled partnerships - can encourage more customer account activity. More account activity could be the result of new accounts; or customers switching accounts to take advantage of an exclusive service offered as part of a particular fintech/bank collaboration.
The flipside of open is that banks risk losing their position as their customers’ primary touchpoint. There is also a danger if they lose access to customer data, or the opportunity to promote new services to the customer. They need to maintain ownership of the customer relationship, even within partnership offerings, to mitigate this risk.
Banks frequently maintain a ‘foe’ attitude to fintech because they (rightly) feel that the costs of ‘open’ are squarely on their shoulders, and that the fintechs have all the opportunities. While it’s easy to critique banks for being slow to innovate, agility is partly hindered by compliance and regulation that fintechs aren't required to meet. That level of compliance plays a large role in building trust in the system.
Fintechs often have a more agile proposition for the market, so banks need to embrace this, and see the opportunity in carefully managed partnerships to generate transactions across their books. It’s a volume game in payments, and the value lies in driving more transactions across all accounts a bank owns.
LZ: I think volume has a role to play, but it goes beyond the pure volume of transactions. In my opinion, the goal is to aim beyond ‘Open 1.0’. How can we use the data from these transactions in a meaningful way to help corporate customers run their businesses better? That data might be generated as a result of increased volume, but it’s the application of the data that will be the game changer.
Winning a greater share of corporate business may well lead to an increase in transaction volumes, but the transaction mix is likely to include new, non-financial transactions such as trust-based identity and authentication functions. Banks have an opportunity to move into providing identity and credentials management as a natural extension of their current services, enabled through Open APIs.
A trend towards micro-transactions, particularly by corporations involved in a future Internet of (Payment) Things (IoT), may drive demand for handling larger payment volumes. Perhaps these micropayments made by end consumers (whether human or robotic) will not translate one-to-one into corporate activity with a bank, but there will be an opportunity to provision and fund these micropayment systems in an efficient manner.
And we mustn’t write off the fintechs when it comes to corporate banking. They are not necessarily any higher risk than the kind of profile to which US SMEs are accustomed. SMEs in North America operate under a high-risk profile, putting money into lending clubs. Although typically, safe-haven funds still sit with the bank.
CR: It’s important to remember that the ‘Goliath’ in the relationship won’t always be the bank. Most people see the bank as the big company, and view the fintech as the garage start-up. Well, what if that fintech is a tech giant? The possibility that these huge new competitors are going to get easy access to the bank’s customer data is a worrying proposition.
LZ: Talking of tech giants, I’m moved to paraphrase Bill Gates; “Banking will always be necessary, but banks may not.” Alternative lending might be a minority sport in the early days of open payments, but it will happen.
RH: Will we see the same appetite for enabling open banking outside of Europe, given the lack of regulatory impetus?
LZ: Europe is being pushed towards open banking by public policy and regulatory pressure. The drive is to make payments, and retail banking, far more competitive. Rather than looking at the lack of regulation in other markets as a missing driver, you could argue that these markets don’t need the same regulatory ‘whip.’ The US payments ecosystem is already much more open in terms of vast choice for the customer. European banks are reacting to a push for greater connectivity, with Open APIs to enable partners to connect to their services.
What banks in the US and Asia Pacific have to ask themselves is: Am I accessible enough? As European competitors are driven towards an Open API-enabled payments ecosystem they will, by default, adopt an open business model and mentality to drive revenue from the exposed services. That means US banks must consider Open APIs as a strategic move – enabling them to be agile enough to compete with European banks.
CR: Every region is tackling the open trend in its own way. We know that open payments are coming, but for countries where they have yet to address the challenge of real-time payments, the truth is being made clear; Open APIs and real-time go hand-in-hand and it is not possible to address either in isolation. When enacting real-time strategy, it is essential to consider how it will integrate into an Open API plan; how can customers more easily initiate real-time payments? How to drive up the ubiquity of the new scheme?
RH: We’ve touched on the importance of maintaining ownership of the customer relationship, and the accompanying data, but why is that so crucial to open banking success?
CR: The new real-time messaging standard ISO20022 brings with it the capability to incorporate more data than just the basic payment details, which loops back to Lu’s point about finding ways to add value through the data that a bank acquires through increased non-cash volumes. ‘Big Data’ has been a buzzword for years, but we’re only just reaching the point where we can turn big data into big bucks. Advanced real-time data analytics, machine learning, the application of data science, and the advent of Hadoop have all converged in 2017 to make data-rich seams ready for mining.
Turning that data into applicable business intelligence is now a genuine possibility. For payments, that means the launch of new tailored offerings aimed at customer segments; offerings that in turn will use the continued collection and analysis of data to improve services for customers. In today’s real-time payments ecosystem, it’s about continuous evaluation and improvement of the customer experience.
RH: So is there a business case for US corporate banking to initiate an Open API strategy now?
CR: There is a misconception that the business case for Open APIs, beyond PSD2, will become clear at some point in the future. But the reality is that the business case is global, and it is imminent. A large part of the value lies in consolidation to provide a better customer experience, and becoming the aggregator of choice for customers.
Businesses - even SMEs - typically have more than one bank to provide their financial services. Each bank wants to be the primary provider, but the reality is generally a fragmented web of providers and services. A smart fintech could provide a consolidated front-end, through Open APIs, to simplify and streamline the customer experience; this would be a strong value-add for many businesses. It would then be a natural progression for the fintech to layer on special handling, new products and services, and suddenly the bank is relegated to the back-end and payment rails.
Smart banks realize that the business case is as simple as the cost of doing nothing. The opportunity is to be the provider of improved customer experience alongside innovative services, which positions an institution as the preferred single pipe into the banking network. This drives increased value from existing customers, supporting new customer acquisition and creating the potential to enter new markets with these new services.
Many banks worry that they aren’t agile enough to take hold of this opportunity in a timely manner, and could be disintermediated by more nimble competitors overnight. The way to compensate for a bank’s own slow rate of change is to partner with those nimble organizations; in other words, turn foes into friends.
If a bank makes itself easy to do business with it can become the partner of choice for fintechs that can attract customers with their unique propositions. It may even reach the point where corporates are willing to switch their primary banking provider as a means to access fintech value-added services, if the fintech holds exclusive partnerships with banking sponsors.
LZ: I agree that forward thinking banks can - and should - become the front-end aggregator on behalf of payment system users. Proactive institutions are not viewing it simply as an obligation to open up, but they are carefully watching the European landscape and thinking about how to connect into the New Payments Ecosystem and the opportunities it offers.
This also applies to institutions that aren’t historically ‘corporate’ banks. They see the opportunity to develop cross-border business models without the need for correspondent banking relationships, thanks to initiatives like the UK Open Banking initiative from the Competition and Markets Authority. With Open APIs, they can directly enter foreign banking systems with the permission of customers and users.
RH: So, what’s the key takeaway for banks when it comes to Open APIs, and more generally, open payments?
LZ: Before your bank sets itself down a path to open payments, you need to seek a range of opinions!
CR: Open banking is part of the New Payments Ecosystem. Every conversation I have with a bank explores the impact of Open APIs and open regulation, and I believe the current nebulous concept of open will evolve into a tangible shift in the market. My advice to all banks would be to fast-track planning and embrace the fintech community as part of an open banking strategy; banks that want to make the most of this opportunity need to seize it!
LZ: If banks want to take advantage of open banking initiatives, they need to understand that the future is more than just Open APIs, and more even than open payments. The future is real-time, personalized, data-driven services. If banks can achieve this, they can help to overcome the inertia that currently exists in the industry.
Successful banks will take advantage of the new agile payments ecosystem and combine this with what they already do very well: manage access to complicated settlement systems and maintain trust in the financial system.
Find out more about leveraging the opportunities of open banking: Watch the video with Lu Zurawski
Related Blog Posts
So, here in the northern hemisphere, we’re still basking in waning remnants of sunny days and lingering high temperatures. Though we’re not wishing the sunshine away, us northerners here at ACI also can’t help but let our minds turn to the chillier times ahead with fall and winter approaching.
And we all know what fall and winter bring: shopping. Lots of shopping.
Positive Profiling Makes Everyone a Winner in Gaming
Online gaming is one of the fastest-growing segments within the broader entertainment industry. With 2 billion active gamers worldwide and 200 million people playing games on social networking sites at least once a day, it is no surprise that the market is now worth well over USD $100 billion per year.
Top Tips to Battle Payments Fraud in Gaming—From a Millennial Gamer
The gaming industry, from a consumer point of view, has evolved dramatically over the last 5-10 years. The buying process has rapidly changed from a one-time, final payment – often at a physical store for a physical product – to a series of never ending bundles, boosters, skins, downloadable content and in-game currency sales!
Online Retailers Are Fighting Account Takeover Fraud Fires
Online merchants and retailers are facing an ever-growing threat from account takeover fraud, which is accelerating within the card-not-present space. Account takeover occurs when user credentials for a retailer’s website are compromised, leading to exploitation of a consumer and potentially offering a large return on investment for the fraudster. Per research from ACI Worldwide and Javelin Strategy, this type of sophisticated attack accounted for a staggering USD $5 Billion in fraud losses in 2017 alone. The card-not-present environment, due to anonymity, allows a fraudster to hide themselves in the act.
Hat in Hand with 17 Heads: Payments Innovation and the Fraud Pitfalls to Avoid
Imagine that you live in a world that is revenue-agnostic, where payments revenue is so far decoupled from the payments channels that they ride on, and that startup culture and venture capital allow for the creation of all sorts of innovations that have some creative monetization that keep the train on the tracks. If you got halfway through that horrific sentence and realized we’ve been there for quite a while already, I’m impressed. It is essentially the cornerstone of banking, in many capacities.
Pints, Penalties and Payment Fraud: Welcome to the World Cup
You’d think that England already had the World Cup in the bag, based on the nationwide scenes of jubilation after the Three Lions’ penalty-takers had gone against the (painful) grain of football history, and emerged victorious at the end of a scrappy match against Colombia. However, those cries of “It’s Coming Home” from English football fans may just be a little premature, given that there are still three matches to play (and win) before the English can lay claim to being world champions for the first time in half a century.
Slam the Brakes on Gas Pump Fraud and Rental Car Scams This Memorial Day Weekend
The process of secretly reading data off credit and debit cards (aka skimming) could be netting criminals as much as $3 billion a year in the US, according to Bankinfosecurity.com.
As we look forward to Memorial Day weekend here in the U.S., travelers are getting ready for road trips to their favorite destinations. Whether it’s a beach party in Miami, snorkeling in Catalina Island, or even a staycation, payments – and more specifically, payment fraud – is a huge consideration for travelers, especially during the holiday weekend. I sat down with one of our payments fraud experts, Seth Ruden, to talk about what travelers must look out for regarding payment fraud and how they can keep their money safe. Here’s what he told me.
Despite the Hype, Machine Learning, Models, Behavioral Profiling and the Customer Experience are Still Fundamental
Think about the last time you got a fraud decline. Where were you? In the grocery store? Buying airline tickets? On holiday? Shopping in the same place you’ve been a dozen times, but across the border? How frustrating was that, what did it do to your perspective, your mood, your confidence in your financial institution? This can be embarrassing and inconvenient, stressful and alarming for the consumer. There are few things that can be more disruptive in our day-to-day lives then the lack of access to your funds, or the care taken by your financial institution after a fraud occurs. According to ACI’s Global Consumer Fraud Survey, 20% of people may decide this is too much and move along to another financial institution.
Cross-Border eCommerce Expansion: A Fraud Perspective
For merchants that are expanding their online presence overseas, enabling the right locally-preferred alternative payment methods and connecting to local acquirers can be a critical determinant of success. But without considering fraud management strategy in tandem with payments strategy, the road to cross-border success could be a bumpy (not to mention costly) one.
The 12 Biggest Security Threats to Payments
Consumers ask a lot of you in terms of convenience, speed and, above all, security. This puts the pressure on you to offer a pain-free consumer experience that is also highly secure. And when you accept payments, you need to secure all parts of your organization. Here’s an actual example: one major breach occurred when an air conditioning vendor was hacked, allowing hackers to access the corporate network and finally the point of sale network. This highlights the importance of understanding the threat landscape we face today.