Jay Hibbin, regional sales director – financial services EMEA, CenturyLink
The second Payment Services Directive, more commonly known as PSD2, has graced media headlines for many months now. With the 2018 implementation date fast approaching, we’re seeing more and more conversations centred around whether or not this will be an opportunity for tech companies, fintechstartups, merchants and challenger banks alike to eat the lunch of the traditional banks.
Essentially, under the directive, banks will be required to provide third parties, such as those mentioned above, with access to their customers’ accounts via application programme interfaces (APIs). If, for example, you were to purchase books on Amazon for example, under PSD2, you wouldn’t necessarily need to be redirected to PayPal or Visa to make the payment, but instead, Amazon could,if it chooses to take advantage of new categories of provider created by PSD2, make the payment for you. This also gives the likes of Amazon theopportunity to build financial services on top of the banks’ data and infrastructure, thus expanding their services to the end user, and ultimately enhancing customer experience.
This is also an opportunity for account information services (AIS) providers. They could act as consolidators under PSD2 where they would be able to utilise the fact that most people have more than one bank account, bank loan, or card account. An AIS would gather data on the multiple accounts and their terms and send a text to the customer suggesting that if they moved their money to another account, they could save money – by offering these value-added features, they will become more proactive and able to provide useful information from monitoring a customers’ spending.
The element of security obviously comes in here as new data protection will be required – although it may be true that third parties will have access to a bank’s customer data, they will require the specific permission of these customers. The General Data Protection Act (GDPR) also comes into force in 2018, and whilst this focuses on the protection of data, a quality GDPR and PSD2 share is that both put the customer first. What will be at the crux of their success, as well as compliance, will be explaining to a customer explicitly what you’re offering.
Reality or a fad?
PSD2 and open banking is a completely new directive in the sense that it is driven by competition, not compliance. As a result, it will create a real shift in the nature of banking as we know. At its heart, it will aim to increase choice for the customer when it comes to financial services. However, this has understandably spread fear amongst banks that loyalty to one financial provider, which was once guaranteed, will be less prevalent amongst consumers.
We’ve heard a lot of noise around how fintechs and tech companies are looking to take this opportunity to break down the once reliant nature that consumers had to traditional finance providers, but will this really be the case? Yes, the landscape will open and new players with genuine solutions that can provide a better service to customer will present themselves,but it’s not all doom and gloom – PSD2 is an opportunity for banks too.
Now is the time for banks to continue to enhance their innovative thinking. The buzz around fintechs‘eating the lunch of banks’ isn’t going to end, so in order to compete, banks need to turn this into motivation to learn from their younger counterparts. Moving to the cloud will be critical for banks looking to develop new services and speed up their time to market. Take for example startup banks like Metro Bank and Atom – they have successfully utilised the benefits of the cloud to speed up time to market for new products. This is now the route that traditional players should be considering for key projects where implementing a minimum viable product quickly are key to success.
Enablement via the cloud
The cloud is a key way for banks to remain agile. By usingadvanced orchestration and management systems, they can deliver innovative software to clients quickly and securely. Any project in an R&D or developmental phase, or those that are quick to develop,are ripe for a cloud setting. Really, any standalone product that sits outside core banking legacy systems, even if they interface with them, could also be potentially migrated to the cloud. For example, payment service provider solutions or mobile payments. This way, banks will be able to operate their newest service offerings in a similar way to their fintech counterparts.
The right cloud
There isn’t a “one size fits all” approach to which environment is most suitable for a move to the cloud. Multiple public and private clouds all have their place, but the key here is to choose the best execution venue for each application and operate these under a single hybrid IT model.
The cloud boasts transparency of cost, flexibility and agility, but there is a high-level view in the boardroom that the public cloud is cheaper than traditional managed hosted systems. When it comes to cost, banks need to be careful to ensure they consider the workload and usage patterns of the operation, as this will all play a part in containing the overall cost. To exemplify this, should a system be running 24 hours a day, 365 days a year, versus actually only needing to scale up on a particular time of the day, month or year, the usage pricing model can mean this will ultimately cost more than expected.
When customer data is brought into the mix, security is of course a major concern. Public cloud is suitable for workloads that require huge computing power, need to scale at continued pace and have the ability to switch on and off easily. But, it can be harder and costlier to securethe required standard depending on the workloads deployed than private solutions. The latter is consequently more readily used when holding highly sensitive customer data and needing to comply with internal governance and external regulation.
By combining the public cloud’s utility benefits of flexibility and elasticity, while maintaining the privacy of a dedicated private environment, a hybrid cloud offers the best of both worlds. This means that it’ll become increasingly commonplace for banks to require multiple cloud providers, with a strategy encompassing both public and private options. This will ultimately offer greater flexibility and efficiency, but it will be a large task for the CIO. In order to reduce this operational headache, they should look to add a managed service layer to keep complexity to a minimum.
Preparing for the inevitable
There’s no denying PSD2 will increase the level of competition that banks will have to fend off. No longer will they be able to rely on their vast customer data as a point of difference so they will need to find ways of using the data to their own advantage. If not, they will miss out on a massive opportunity. By giving thought now to the types of services and data they want to move to the cloud, the type of cloud they want to move it to, and the steps they need to take to make this happen, banks can begin preparing for the inevitable and ensure they retain the agility to remain competitive and keep their current, and potential, clients happy.