Regulatory push spurs API adoption

Publish date:

APIs are expected to both stimulate collaboration between financial services’ stakeholders and augment customer experience

New banking transparency fosters collaboration between banks and third-parties

Around the globe, compliance with shifting governmental protocols is encouraging collaboration between banks and third parties, leading to innovation in financial services. Regulatory bodies such as the Consumer Financial Protection Bureau (CFPB) in the United States and the Monetary Authority of Singapore (MAS) are fostering open-banking initiatives, while the European Union’s revised Payments Services Directive (PSD2) and the UK’s Open Banking Initiative are driving banks to connect with third parties through Application Programming Interfaces (APIs).

PSD2 is the primary force driving API adoption in Europe and is set to go into effect in January 2018[1]. It grants third-party Account Information Service Providers (AISPs) access to bank customers’ account data. Payment Initiation Service Providers (PISPs) that can initiate payment transactions will similarly be allowed access to bank-customer data.

The UK has been particularly active on the open-banking front. The Open Banking Working Group (OBWG) published a framework for the UK Open Banking Standard that seeks to create open APIs for customer data, market information, and relevant open data. Additionally, the Financial Conduct Authority (FCA)[2] has developed open-banking regulations around APIs and FinTechs to promote banking industry transparency.

Similarly, in the United States, CFPB is encouraging banks to make consumer financial data more accessible to help customers better manage their personal finances. In Asia, MAS is supporting API adoption through its Smart Financial Center initiative; with the Economics Committee of Australia and the Financial Services Commission in Korea also promoting APIs and open banking.

Regulations Drive Open APIs across the World, 2017

Source: Capgemini Financial Services Analysis, 2017

Europe is considered an API trendsetter in the financial services industry based on its early mandates requiring banks to open their systems. Within some Asia-Pacific regions, open-banking adoption is becoming increasingly popular, while the United States has been a relatively late entrant. However, growing pressure from US FinTech lobbyists and the Consumer Financial Protection Bureau is fueling API consideration and use.

Growing Need for Consumer Protection

However, there are risks associated with increased financial services’ openness. Adequate security measures will be needed to prevent data breaches and cyber-security threats. Regulators are emphasizing the importance of heightened security and have introduced protocols such as the EU’s General Data Protection Regulations (GDPR), which is slated for May 2018 enforcement. The aim is to hand over data-use rights to the customer, which implies consent-based data sharing.

Digital identity can also be leveraged for Know Your Customer (KYC) processes and customer authentication, which will foster more robust security features. Regulations such as PSD2 use a federated model of ID management where PISPs can verify customers through a bank’s APIs before initiating transactions. Regulators outside of Europe are also expected to introduce stricter identification processes.

During interviews conducted for the World Retail Banking Report 2017[3], a senior executive from a leading bank in Asia said: “There should be clear regulations that guide banks and other service providers concerning the risk or queries that arise from working together. Customers would also be more comfortable in sharing their data if regulations addressed their concerns.”

Impact of Regulations on Financial Services Industry

APIs are more than a compliance measure. Banks should consider them as competitive differentiators that enable third-party partnerships and faster, secure, and frictionless customer services. Various open-banking approaches might be considered based on each bank’s size, strategic priorities, and culture.

  • For large-tier banks, collaboration with FinTechs would enable development of specialized APIs.
  • Mid-tier banks—with fewer resources and less API development expertise—may find the independent implementation of API services difficult and could instead elect to collaborate with third parties, merge with another mid-tier bank, acquire a challenger bank, or consider acquisition by an incumbent.
  • Digital-only banks have the essential technology infrastructure and culture to encourage API adoption and may become a potential acquisition target for incumbents looking to ramp up their digital footprint quickly.

APIs are expected to both stimulate collaboration between financial services’ stakeholders and augment customer experience, thereby benefiting all members of the digital ecosystem.

 

[1] Payments UK, “The Second Payment Services Directive (PSD2),” July 2016, https://www.paymentsuk.org.uk/sites/default/files/PSD2%20report%20June%202016.pdf

[2] The Financial Conduct Authority is the conduct regulator for 56,000 financial services firms and financial markets in the UK and the prudential regulator for over 18,000 of those firms, https://www.fca.org.uk/about/the-fca; Accessed October 10, 2017.

[3] The 2017 World Retail Banking Report, from Capgemini and Efma, explores how, spurred by FinTech innovation, the banking industry is evolving to an open-source model through APIs. https://www.worldretailbankingreport.com

 

Powiązane posty

GDPR

Open Banking and Australia’s emerging Financial Services ecosystem

Philip Gomm
Date icon 2018-06-05

A complex construct of Australian statutory, regulatory, and aligned representative groups is...

Customer trust

GDPR: An opportunity to win customer trust

Ramón Luis Pérez Blanco
Date icon 2018-05-17

Customers are aware that the scope of privacy is growing. They want transparency. The sensitive...

Cybersecurity

Are you prepared for the GDPR?

Peter Hansen
Date icon 2018-05-17

The general issue lies with that anyone with justified and managed access to process data, for...

ciasteczka.

Kontynuując nawigację w tej witrynie, akceptujesz wykorzystanie plików cookie.

Aby uzyskać więcej informacji i zmienić ustawienia plików cookie na swoim komputerze, przeczytaj naszą politykę prywatności.

Zamknij

Zamknij informację o ciasteczkach