Banks and other financial institutions are racing against the clock to comply with the European Union’s revised Payment Services Directive (PSD2) by January 2018. At the same time, many of these companies view PSD2 as a regulatory requirement at best and a threat to their business at worst. After all, PSD2 threatens to eliminate the sole ownership of customer data that banks have enjoyed until now. This in turn is instilling a justifiable fear of becoming a commodity service and being overshadowed by innovative payment services offered by Account Information Service Provider (AISP) and Payment Initiation Service Provider (PISP) businesses.
However, progressive banks are recognizing the flip side of data sharing. Instead of being displaced by third parties offering AISP and PISP services, banks can compete by bringing something unique to the table: their vast knowledge of customer behaviour and attributes. This puts banks in a stronger position to deliver superior and personalized services that create additional revenue streams. With this in mind, organizations putting the technology into place for PSD2 compliance need to do so in a way that will scale to fit the new business models that financial firms need to adopt for long-term success.
This article examines how banks and other financial institutions can capitalize on their investment in PSD2 compliance to create new digital business opportunities, as well as an architecture that scales to support these opportunities
The New Normal of Open Banking
Banking as we know has always been “closed” in nature—with both interactions and the data driving them limited to the bank and the customer. By contrast, PSD2 promotes a more “open” environment for banking interactions by requiring these firms provide regulated third-party providers (TPPs) with access to customer information. This access, which needs to be authorized by the customer, can be in the form of account information and payment initiation.
WANT TO BUILD A FINANCIAL EMPIRE?
Subscribe to the Global Banking & Finance Review Newsletter for FREE Get Access to Exclusive Reports to Save Time & Money
By using this form you agree with the storage and handling of your data by this website. We Will Not Spam, Rent, or Sell Your Information.
API management serves as the underlying technology for enabling PSD2 compliance since it can expose customer information through APIs in a secure and controlled manner. The diagram below shows how banking transactions look today and how they will appear once PSD2 compliance is in place.
The Open Banking Ecosystem for Data-Driven Business Expansion
Complying with the PSD2 regulation should be viewed as simply one piece of the bigger open banking picture. In order to visualize and reap all of its potential benefits, banks need to think more broadly about how the EU created PSD2 to support the best interests of the customer. And then financial firms need to follow the same thought process.
To date, third-party providers have taken the financial domain by storm, offering innovative and customized financial services that leverage the data exposed by banks. Yet, there is nothing stopping a bank from doing the same, or even better. Banks, credit unions, and other financial institutions can expand their purview of a customer’s journey to their interactions with other banks by consuming these other organizations’ APIs to gain a holistic understanding of their customers’ financial portfolios – along with an understanding into their competitors’ customers.
The result is a rich set of data that can be analyzed to build valuable customer insight, which can be used to support a data-driven sales strategy. Following are some of the most notable opportunities
Extended Product and Service Portfolio. By viewing a customer’s complete financial portfolio, banks can proactively create more competitive products and services. For example, a customer might have four accounts, including not just savings but also credit cards and a retirement plan, spread across different banks. By considering the average return on investment (ROI) for these four accounts, a financial firm can create an investment product that provides a more competitive return. If the bank already has a product that provides a better ROI, it can deploy aggressive marketing campaigns that encourage customers to switch.
Additionally, data can be used to identify recurring events over the long-term financial cycle of customers. If a bank identifies a deficit across all customer accounts by the end of a particular quarter or particular month, it can create a short-term overdraft service. The customer can subscribe to this service as soon as the predefined deficit is reached. Such services boost customer loyalty and retention.
Market Expansion. PSD2 lets managers see the financial world through a set of eyes they did not have before. This is the perfect opportunity for identifying lucrative or underserved markets. For example, if there is a large volume of payment transactions or account deposits within a certain demographic (age or location) currently unserved by the bank, this creates a market expansion opportunity. Further, if there are large volumes of account deposits all being served with basic saving plans, financial firms can approach these markets with more competitive offerings.
Insight Selling. Being able to look into a target market’s financial profile is a dream come true for most vendors. Industries that deal with large volume purchases, such as real estate, mortgage, investment banks and insurance, welcome data on creditworthiness, net incomes and competing investments of their target markets. At the same time, lifestyle industries, such as retailers, airlines and hospitality, value insights into seasonal spending patterns, demographic trends, and financial status that can help them target niche segments. Banks have the power to use aggregated data and generate customized insights for each of these industries
Business Banking. Open banking provides the opportunity to create stronger relationships with corporate customers. Banks can create cash flow management dashboards for small to medium enterprises (SMEs) who need a consistent funding stream to run their operations. There also is an opportunity to cross-sell foreign transaction services to firms that conduct large volumes of business outside the operating country. And the most valuable service financial firms can offer is insight-based advice on how to manage a business’s finances better. Since open banking provides a complete picture of corporate customers’ finances, their needs can be served as a business and not just an individual.
Scalable Architecture for Digital Optimization
Technology plays a key role in realizing the business expansion opportunities presented by PSD2. This requires an architecture that can address compliance and then scale to support several other technology requirements for driving digital businesses.
Central to any open banking architecture is an API management platform, since it provides the mechanism for exposing customer account and payment data through APIs in a secure manner. At a compliance level, the API management technology needs to support:
- Strong customer authentication (SCA) to ensure that there are no security compromises between the API interactions of banks and third-party providers.
- Customer consent management to obtain a customer’s consent to complete transactions on his or her behalf, especially when the payment initiation happens through a third party.
- API analytics and usage dashboards to identify the consumption patterns of a bank’s APIs, which can drive insight for future API monetization opportunities. These analytics are collated and presented via dashboards.
Looking more broadly, much of a bank’s success in PSD2 will rely on its ability to take advantage of the open data ecosystem that PSD2 enables. Firms that go the extra mile and are able to act as third-party service providers then get access to a rich and comprehensive customer financial data set maintained across banks. In order to achieve this, the technology used for compliance should be extended to meet the requirements of third-party services. These include API integration, fraud detection, and business analytics and dashboards.
API Integration is required to connect to third-party APIs. The API management technology implemented, needs to expand out of a bank’s internal architecture to connect to external APIs of other financial firms. These APIs may be written on different data formats, hence there will be the need for an API aggregator to mediate these different data formats into a common flow.
Fraud detection is critical and only becomes more so when operating in an ecosystem that is populated by multiple API users and consumers, since this opens the door to greater vulnerability. The fraud detection mechanisms deployed for PSD2 compliance need to scale to capture a larger volume of events and adopt more stringent techniques to detect anomalies.
Business analytics and dashboards play a central role since data is only as useful as how you derive insights from it. All of the data collated through an API ecosystem needs to be processed, analyzed and presented using a combination of real-time and batch analytics. These analytics then need to be represented through various levels of dashboards customized for purpose and audience.
Many banks will want to go beyond the basic business analytics of the API management system and implement more in-depth analytics to derive insights about customers’ financial portfolios, spending patterns, purchase decisions by demographics, etc. These insights can then be used to create customized financial products and services that capture niche market needs and are not addressed by the competition, supporting strategies for both cross-selling and upselling.
Further, banks can open up new revenue streams through the creation of aggregate business insights from consolidated customer account and payment data, which can be sold to other financial and nonfinancial service providers. These service providers then can use the insights to support their own marketing and sales strategies.
Ecosystems to Support Customer Lifestyles
We have discussed the concept of an ecosystem. One of the most exciting aspects of open banking is that it gives banks the opportunity to pick their definition of an ecosystem. Those firms that want to take the ecosystem concept to the next level can partner with third-party providers to offer services outside the financial domain. The core technologies remain the same as those required with third-party financial services, but the requirement to scale becomes much larger and more demanding.
Similarly, banks need to be open in their perceptions of PSD2 and realize the digital transformation opportunities that it brings. This means thinking beyond the compliance hurdle and accepting open banking as the digital reinvention that financial firms never knew they needed. Once this hurdle has been cleared, the sky is the limit for banks that want to compete by creating a customer-first business.
About the Author
Seshika heads the financial solutions team at WSO2 where she builds financial industry-specific solutions using WSO2’s middleware platform. She also works closely with potential customers looking to deploy a financial solution, providing ongoing consulting.