In January 2018, Payment Services Directive 2 (PSD2) was implemented into national law in 22 European Union countries. The new rules aim to better protect consumers when they pay online, promote the development and use of innovative online and mobile payments and make cross-border European payment services safer. PSD2 comes into full effect on September 14th, 2019.
One of the implications of PSD2 is open banking. Open banking uses open APIs to enable third-party developers to build applications on top of bank infrastructure and data. This has been enabled by XS2A.
As part of PSD2, providing access to accounts (XS2A) is a requirement. This allows and regulates access of third-party providers (TTPs) to customer accounts and data via two new generic services, Account Information Services (AIS) and Payment Initiation Services (PIS). Since Xs2A allows direct communication between the merchant and the customer’s bank, this opens the door for solutions that replicate e-commerce transactions in store.
Account Information Services
Through account aggregation, an overview of personal finances across financial accounts can be provided. This would also allow for players to offer insights and advice on budgeting, income/expenses analysis, real-time notifications and also provide overview of recurring expenses. As a result, banks and fintech start-ups would be able to offer a better banking experience.
Payment Initiation Services
With PIS, fintechs will be able to create new payment solutions, allowing merchants to create payment services and thereby lower payment cost. This will also allow for the initiation of payments and financial transactions, such as investment trades.
The dawn of the financial marketplace
Open banking has also resulted in the creation of a financial marketplace, where API banking services and modules from multiple solution providers can be offered. Users can then create a tailor-made banking experience, and banks and fintech start-ups can now offer a more complete banking experience and a broader product suite to customers. This includes money management tools from fintech start-ups or investment products from other banks.
The challenges before open banking
In order to capitalize on the full potential of open banking, there are several challenges that need to be addressed. These include:
- Banks offer access of accounts with customer consent to licensed TTPs.
- Banks must rely on certification and supervision of TTPs.
- If TTP IT systems are unsecure, the bank is liable for any losses.
2. API Standards
- Capitalizing on the full potential of open banking and keeping infrastructure efficient requires a large degree of standardization in API technical standards.
- There is no single European standard, but multiple initiatives are working to develop their own standards.
3. Customer Authentication
- In the UK, the Competition and Markets Authority (CMA) requires TTPs to redirect authentication to the bank account.
- This leads to a poor customer experience, increased risk of phishing, and a significant loss of customer adoption.
Open banking initiatives in Europe
There are multiple initiatives to set standards and support implementation of open banking in Europe. Here are a few of them:
To enhance development of efficient open banking infrastructure in Europe, EBA Clearing founded the Open Banking Europe initiative in 2013. The primary focus of Open Banking Europe will be to enable regulatory compliance on PSD2, but the initiative will also focus on technical standards and EBA Guidelines, technical concepts around APIs and certificates, and compliance to related regulations.
The OBIE was established in 2016 by the UK’s Competition and Markets Authority (CMA) to support implementation of the UK open banking infrastructure. The OBIE manages the API and other technical standards, sets guidelines for participants in the ecosystem, supports banks and TTPs in using the standards, and manages the roll-out of open banking.
Polish API was established to support the implementation of open banking in Poland. The initiative unites the banks, association and regulators. Their main responsibility is to develop and maintain the API standards for Poland.
The Slovak Banking Association manages the development of standards for the Slovakian market. This includes delivering technical standards for the APIs and operational rules.
Open banking in the rest of the world
Outside Europe, there are also various open banking initiatives around the world, but it’s still early days. Open banking initiatives are being explored in the US, the UK, Hong Kong, Singapore, New Zealand, Australia, Brazil, and Mexico. Look for our reports on them in the near future!
For more articles related to open banking, check out some of our other reports:
Penser is a specialist consulting firm focused on the fintech industry with clients ranging from private equity funds and their portfolio companies to global financial institutions. Their services include strategic planning, digital transformation, and due diligence.