API-based banking: shaping a new financial cafetaria landscape
“Innovation in payments, or open banking – from compliance to strategic choice”
In payments there are four key drivers for innovation: technological developments, customer behavior, market demand and the regulatory context. Not all have the same amount of impact at any given point in time, and they of course mutually impact each other. The nature of the payments business has fundamentally changed in recent years. Even only a decade ago, payments practitioners were described as “the guys in the basement doing the plumbing”. Not very sexy, but someone had to do the job …
Today, however, payments are hot. Globally the amount of venture capital being poured into payments related startups and innovators is the highest of all financial service related investment in innovation. Bigtech and Fintech alike are looking for opportunities and a large number of non-bank players have entered the market, all looking to improve customer experience and add value to the offerings of the incumbents, using the experiences from their own industries to disrupt the financial industry.
In the European Union, of the four drivers of innovation the regulatory context probably has the biggest impact. The Payment Services Directive (PSD), which had to be transposed in national legislation by November 2009 provided the legal foundation for a single EU market for retail payments. It also seeks to improve competition by opening up payment markets to new entrants, thus fostering greater efficiency, innovation and cost-reduction. A new, lighter regulatory regime was introduced for Payment Institutions. On January 2016 the revised Payment Services Directive or PSD2 entered into force. It aims to improve the level playing field for payment service providers (including regulation of new players) and must be incorporated into national law by January 13, 2018.
What will prove to be a game changer is the introduction of two new types of financial services that can be provided by another service provider than the account servicing payment service provider – traditionally those are the banks. These new services are Payment Initiation Services (PIS) and Account Information Services (AIS). PIS and AIS providers will need a “light touch” license as payment institution. Crucial concept in PSD2 is the right of the consumer to grant access to his or her payment account to PIS and AIS providers, and that consumers may provide the personal security credentials they received from the Account Servicing PSP to the third party that is providing the PIS or AIS. That is the new concept of third party access to the payment account – or XS2A.
With the new directive in place, open banking is no longer an option, but -to a certain extent- mandatory. The “what” question has been dealt with: banks must open up to foster competition and innovation. Disintermediation looms and a “do nothing but comply” scenario will most likely lead to banks being disintermediated and pushed back in the value chain. So, the incumbents now must contemplate how to stay relevant for their customer base and find a strategy. The challenge is to not just comply with the strict regulatory requirements but go beyond what is required. Because it is not all bad news: the new regulatory environment also offers hope: how can banks leverage this opportunity to beef up their legacy systems and renew infrastructure? How can they best cooperate with Fintechs? How can they reinvent themselves? Or, to quote the CEO of one large retail bank: “”We have to disrupt ourselves before we are disrupted!”.
So, does open banking offer a real innovation opportunity? Probably it does. The “what” question has been answered, but the “how” question is still largely remains open. How can we make the new XS2A concept work in practice in a secure way? The European legislator has left this to the European Banking Authority (EBA). The EBA has been mandated to draft Regulatory Technical Standards (RTS) on several technical and security aspects of PSD2. The draft RTS are expected to be published for consultation by the end of August, and must be presented to the European Commission by January 2017. It is to be expected however, that the RTS will not be very detailed and will only contain functional requirements. It will be left to the market to fill the gap between the RTS and the account access. And that is where API’s come into play – XS2API.
At GPS I will highlight key European developments. A detailed briefing on relevant developments and expected next step. I will secure sufficient room for questions and discussion, blending in the Asia developments, differences and joint outlook at a very dynamic transaction space!
Looking forward to meeting you in Singapore,