Open Banking is late for the deadline.
On September 14th 2019, the final step of the European Payment Service Directive 2 has been taken. PSD2 is now a mandatory regulation all financial service providers must adhere to. Open Banking culture is finally established in Europe.
Or so we hoped.
Over the last two years, many experts have been expecting banking and financial services companies to groom their Open Banking portfolio in preparation for PSD2. But when PSD2 came into effect on January 2019, it was different. The prospected opening of the market did not happen with full consequence. The Open Banking hype train steamed ahead, while the actual realization of Open Banking services and APIs fell behind. Especially banks and financial service providers struggle with the concept of cross-company account data usage.
Ultimately, this might put them in a tight spot, given the fast-paced nature of the digital financial market. Once AISPs and PISPs have taken root, Open Banking might become the new standard for personal finance. As such, it will leave traditional gatekeepers struggling for their new role in this environment behind.
But, until we are there, time will pass. There are many reasons, why Open Banking is in delay. We will explore a few in this article. But before we do so, we must get one question out of the way: Why should we look forward to Open Banking APIs at all?
Open Banking – What the Fuss Is All About
Basically, API Banking or Open Banking, respectively (not to be confused with the UK company of the same name), means exactly what it says: Breaking up the largely enclosed financial service infrastructure. It does so by giving third-party providers access to banking account data via APIs. Furthermore, Open Banking directives enable the provider in question to interact with the account, given the consent of its owner. Thus, third-parties can perform operations, transactions and data analyses for the bank account in question, as part of their own financial service products.
This API-based integration of third-party software used to be voluntary in Europe (which was equivalent to punctually existent) and limited to regional efforts in, like with the German Homebanking Computer Interfaces (HBCI). That was until the EU passed the second Payment Service Directive (PSD2) in January. PSD2 is making it mandatory for financial institutions to pass on customer transaction and account data to third-parties at customer request.
Fintechs, payment service providers and online stores have reason to be delighted. The new regulation will enable them to draw on necessary and valuable assets for their own services. This can basically take two forms: Businesses registered as AISPs (Account Information Service Providers) have read-only access to the data the bank must provide on behalf of the customer. PISPs (Payment Initiation Service Providers) don’t have such a restriction and may initiate transactions to and from customer’s bank accounts. All companies wanting access to Open Banking APIs have to register as one of those types.
This classification will be the most important distinction in banking services in the immediate future. On September 14th 2019, the interim period has ended. Now, the new directive has come into full effect everywhere in the EU. But PSD2 doesn’t exactly form an open standard. What it does is set the legal framework within which API Banking will unfold in the EU. And beyond: Financial Service Providers doing business in the EU must adhere to Payment Service Directive no. 2 as well. That means the European way of Open Banking will also shape global financial dynamics – for better or worse, depending on who you ask.
And if you ask fintechs, neobanks and other “alt finance” providers, they will point at the advantages of Open Banking. Indeed, there is much to look forward to… and not only for all these new challengers.
Why We Can’t Await Open Banking
When the European Commission passed PSD2, they did so to increase competition in the digital finance sector. But that’s not the only change turn for API Banking will entail. It took some time for banks and service providers to realize the full impact of PSD2 – and this process is by no means complete. The positive changes brought forth by Open Banking include:
Once it has taken root, Open Banking will ensure much faster financial service. Instant settlement will become more commonplace as machining times plummet and the middleman drops out. Especially prepaid and foreign exchange companies will profit from this, as they can remodel their businesses with a leaner administration.
Experts expect to drop 90 percent of the current costs, emerging from application delivery, servicing of external and internal channels, operation and other sources. This online calculator shows the scope of how much you would actually save. For customers, overdraft fees will also likely be reduced.
With API banking in place, cooperations between banks and external service providers will improve. For instance, correspondent banking will proceed more smoothly, while delays, like in bank-to-bank transactions disappear. Likewise, the market becomes more accessible for merchants. For example, the six- to nine-month business registration periods can drop to a matter of hours.
On the usability level, Open Banking promises increased convenience in banking. Users will access a greater number of financial services directly when logged into their bank accounts, as services bundle together. Moreover, the market will get more diverse, with non-banks like AISP and PISP startups or the GAFA corporations (Apple, Google, etc.) joining in. This offers customers new options to choose from.
For Open Banking, it can be argued that there is a higher vulnerability towards data breaches, as transaction data of one’s bank account is more widespread. At least, third-party partners have to manage such data, too, besides the banks. Those third-parties must also provide for the security required.
But on the other hand, Open Banking regulations can increase security by setting unified standards. PSD2 regulators will give out painful penalties for companies who fail to maintain their security. Furthermore, PSD2 forbids the use of data for other purposes than those explicitly authorized by the customers. That means, delivering more transparency towards the user becomes a basic requirement. Practices like screen scraping, which can be used for fraud, will no longer be allowed.
Boost in Innovation
Opening up the banking sphere comes with the opportunity for innovative third-party companies to give banking a new spin, eluding the organizational blindness traditional financial businesses can suffer from at times. So the adoption of PSD2 will bring forth innovations in many financial fields. Fields such as credit scoring, wealth management, micro-saving, and other personal finance management (PFM) applications.
The Brakes of Change
With the destinations mentioned above in mind and fueled by PSD2, API Banking should be on the road to success now, right?
Not exactly. The brakes are still on firmly, keeping Open Banking from breaking through on September 14th and spreading fast.
The Footbrake: Lack of Education
One problem, which has slowed down the pace of Open Banking in Europe, is simply a lack of education. Robert Atkin, Founder of Xcordis Fintech Ldt., with whom we spoke about developments in API banking described a symptomatical scene at the Fintech Trade Mission Amsterdam. When he talked about open banking in a full conference room, the resonance was rather taken back.
Atkin is likely not alone with the experience. Even as the deadline for PSD2 has passed and the specialist press has long explored the topic from different angles, customers are largely left in the dark. As of November 2018 only 22% of customers had even heard of the concept “Open Banking”. Traditional financial institutions have an advance in knowledge, of course, but it’s fair to say that at least some don’t grasp the full picture and their role within it.
Atkin is certain that the period of education on API banking, open data transfers and similar topics is continuing, and that it will become a period of “learning by using” after PSD2 is established completely. People and institutions will take time to get accustomed to the benefits of Open Banking. Atkin:
“When it’s got into gear, it will change the whole banking scene. It’s gonna be worth trillions, but now it’s worth nothing.”
The Handbrake: Lack of Infrastructure
Broad education on API Banking topics can be achieved while everything is already up and running on the digital finance market. But the lack of PSD2-compliant infrastructure prevents Open Banking from even coming out of the starting blocks.
Because the market is not yet ready to implement many Open Banking regulations, official institutions decided to grant longer transition periods. For instance, the German Bafin recently decided to allow third-party providers to keep using old, non-PSD2-compliant bank interfaces for credit card payments. The reason: Banks did not yet provide enough working Open Banking APIs for third parties to connect with. Technically, banks are allowed to cap all non-PSD2-compliant connections after September 14th.
But fintechs successfully argued before Bafin that this would run counter to the intention of PSD2. If banks don’t provide APIs, they edge third-party providers aside, as these can no longer offer their service in compliance with current regulations. Bafin agreed, and put more requirements for banks into action. But still, it’s just a brief respite for third-party providers. As Mirko Hüllemann, founder and CEO of the Heidelpay Group put it for t3n:
“It’s the final wake-up call for online merchants to do their homework and update their the payment mixture on their online shop for PSD2.”
We can easily find more examples that the infrastructures for API Banking have not been created yet. Take two-factor authentification, which is required by the new Payment Service Directive, but has been postponed. Or the fact that even the UK, the current forerunner at Open Banking due to coordination efforts by the biggest account providers, faces a lack of PSD2-compliant payment gateways.
Banks – A Cold Start for Open Banking
Insufficient infrastructure and education might act like brakes, holding Open Banking back.
But, to stretch the analogy a little more: Some banks haven’t even started the engine yet.
While fintechs and other third-party providers likely see PSD2 as an opportunity to grow and innovate, banks are more reserved. For the deadline in March, which required banks to offer test APIs to third-parties, almost 40% of them complied. And even now, there are many banks that are not quite ready to open up.
It’s not that banks don’t know what’s in for them: Half of the traditional banking institutes expect 10 percent of their future revenue growth will come from Open Banking. But their inclination towards slower innovation cycles makes them vulnerable in the age of digital acceleration. The long-established gatekeepers of finance must react more determined to not fall behind technologically advanced competitors like neobanks, fintech-savvy PISPs and even big tech companies like Apple or Google.
It’s long-time planning we are talking here: As of now, banks hold all the aces. They have strong ties with their customers, both private and corporate. They hold vast amounts of data about them and have a reputation as secure and reliable partners, mostly. Indeed, 68% of companies would want banks to lead the way, building the Open Banking ecosystem.
That dynamic is about to change. 55% of companies don’t mind third-party providers to dominate API banking either. If that number increases further – and it likely will –, banks must think about leaving their comfort zones, or they’ll find themselves in a position where they no longer are their clients’ primary partners for specific financial services. The Open Banking movement decouples services from the all-in-one package, which banks provide as of now. Given time, this could lead to banks becoming bound to the role of a mere facilitator. They would then simply offer the basic banking functions, while newcomers (fintech, neobanks, and non-banks) come around with innovative services, achieving greater shares of value.
Yet, to keep their dominant role in international finance and payment, banks should refrain from seeing third-party providers as rivals. One bank cannot chase all potential Open Banking opportunities alone but must develop a compelling, specialized vision for itself and be transparent about it. That might mean that a bank must consider settling for Banking-as-a-service or shifting from retail to corporate banking. B2B payment acceptance, loans, investment products, deposit, savings accounts, and escrow facilities are still fields in which banks can easily outclass their respective competitors. But their focus will have to wonder if they want to call the shots in a world in which all banking is open-minded and open-ended. The must become more than service providers. They must become platform providers.
As Robert Atkin puts it: “No one is waiting for banks; if they don’t do it, others will.” And competitors are already upon their heels. The UK already is home to neobanks with more than 4.5 million customers.
Open Banking – Give It Time
With all that said, it’s not surprising that Open Banking is more of a gradual transition than a clean cut. There will be a long crossover period during which banking APIs will exist side-by-side with older systems that are not fully PSD2-compliant.
Given the diversity of the national banking industries of the EU member states, we can indeed talk of a “multi-speed” Europe. The UK, for example, is a bit ahead: API Banking has been live there since December 2018 and the Commonwealth is at the forefront of innovating banking globally. The Banking industry in the UK provides the greatest trade surplus of any British exporting industry and is thus highly competitive internationally. How all the interconnections between UK and EU finance are detangled after Brexit is a question, which currently causes headaches at the highest levels.
That aside, we should not expect hundreds of merchant stores and financial applications to appear in the coming months. Rather, Open Banking services will be deployed in waves. Use cases will appear step-by-step and manifest on top of each other. And the real advantages for customers and merchants will need some time to show.
We should gladly give Open Banking the time. What are another few months in comparison to how much transaction time those new Banking APIs will save us in the end? Open Banking is not a sprint, it’s a marathon. And at times it will be a slow and heedful hiking trip even. Let’s just hope the banking industry finally substitutes its pair of worn-out shoes for a newer one.