This article explores the concepts behind open application programming interface (open API); ranging from its technical origins to deployment by businesses and the platform economy, as well as adoption by regulatory bodies around the world. It also considers how consumer experiences in other industries are driving open API adoption in banking, as well as what financial professionals should be wary of as open APIs continue their growth.
How new is it?
Open API is starting to gain traction as a transformative technology in banking; but what is this concept exactly? Has it always been around, but never properly appreciated – a little like Bruce Springsteen or Sting? Or is it more like gluten intolerance, in coming out of nowhere and somehow on-track to change civilisation?
Before investing precious time and capital into studying the effects of a new technology or legislation within the banking sector, it’s not unreasonable to first pause and consider whether this new concept is genuinely a new “thing”. So, let’s take a moment to understand what open API is before exploring its potential impact on the banking sector.
By itself, API seems to be a relatively old technical construct – certainly sensible and useful, but not exactly revolutionary. Open API, on the other hand, is a combination of API technology and contemporary thinking about open collaboration. It refers to new dialogues, connections and ways of working between participants in emerging business ecosystems. These kinds of arrangements already exist in the media, travel, hospitality and retailing industries. Now disruptive innovators – and perhaps more curiously innovative regulators – are adopting open API as a way of stimulating new business in banking.
Many professionals in and around financial services have been quick to credit blockchain as “the next big thing.” There is certainly merit for distributed ledger technology and the implications for de-centralised asset ownership tracking are profound, but it could take several more years for blockchain to make a meaningful impact across our industry. In the near term, open API is rather more likely to drive an immediate and tangible revolution in banking.
Whilst most industry observers will by now recognise “open API” as an expression, several conflicting definitions surround the term. For technology enthusiasts, it has a reassuring familiarity. After all, the concept of technical constructs that allow different computer programs to talk to each other has existed for decades. One wonders whether the “open” adjective might just be signage; designed to make old-school material more attractive to a Generation Z developer audience.
The term is also sometimes used interchangeably with “open banking”; another polysemous expression much loved by disruptive fintech and regulatory professionals. Open banking is a concept driven by contemporary regulatory environments, such as the UK’s Competition and Markets Authority (CMA) and the European Union’s (EU) new Payment Services Directive (PSD2) framework.
More generally, open data initiatives are also adopted by governments around the world to promote fairness for citizens and transparency in government and trade – under the guise of the Open Government Partnership (OGP) that consists of 70-plus national governments. Initiatives such as the UK government’s Open Banking project are already forcing banks to roll-out API access this year and into 2018.
From technology to state of mind
Against this backdrop of transparency and expectations of fair access to public services, PSD2 and other pro-competition initiatives are forcing existing banks to allow access to third party providers (TPPs) of payment services, with permission from consumers. There is little doubt that providing this access, inevitably via API techniques, is both new and “open” – particularly when you consider that banks will not be allowed to discriminate against registered TPPs in terms of access quality or pricing, or hide behind traditional barriers of closed clubs, relationships and contracts.
There is a temptation to treat this open banking drive, most visible in stagnant financial markets, as a revolutionary new construct. Yet champions of regulatory openness also point to existing role models in other industries such as software (Salesforce, Google and Facebook), as well as the success of relatively new payments companies (like PayPal) and neo-banks (like Fidor) as examples of existing convergence between Silicon Valley innovators and Brussels regulators.
So “open” in this context of open API means more than just the provision of access to data or systems. Moreover, openness is not necessarily a commitment to use a specific industry “open” technical standard either. The enabling mechanisms of open API can be framed as message formats and defined data fields, but open API must be viewed through a wider lens of partnership and collaboration.
API used to be just a technology, now it is a state of mind – an approach to business development that supports new dialogue between customers, suppliers and partners in emerging business ecosystems. It’s about stimulating innovation via the kinds of interconnected API-driven communities already adopted by the media, travel, hospitality and retailing industries.
Despite the noble intentions of regulators and open banking advocates, the word “open” can still induce knee-jerk discomfort among established bankers. The subconscious side of financial services screams that being “open” is inappropriate for handling complex, valuable and sensitive data.
The rational part of the brain, however, can offer reassurance – and this should be the prevailing sentiment. Openness should not be confused with poor security; it’s perfectly possible to design an entrance to a massive building (for example a storefront) able to handle huge volumes of traffic while remaining secure. Similarly, new easily accessible doorways based on API technology can be designed to handle huge new volumes of transaction traffic arriving from third parties keen to explore the new channel of open API.
While banks, retailers, corporates and intermediaries are among the stakeholders affected by open API as a regulatory-influenced movement, consumers are also well-prepared for its impact on banking. The rise of consumerism and app-use savviness among customers stands to shape the future of open API within banking.
Echoes of the Web
This evolution draws comparisons to when the Web first hit banking. Turn the clock back 15 years and few, if any bankers were clued up on the Web and the impact it would have. It was a novel and delightful new way to find and share information. Early pioneers even used www as a channel for buying items, but it took a long time for mass adoption to catch on and a “do-nothing” approach at the time was a legitimate and sensible option for retailers and banks alike.
That said, big winners eventually emerged and open API is likely to follow suit, only at a much more accelerated pace – with consumers already well-versed in app-based, digital offerings from a variety of “mash-up” providers capable of blending social media, geotags, loyalty programmes, shopping and other services
Anyone who has logged onto their fitness app via Facebook, or seen Google Maps automatically appear on a retail site’s directions section, is already experiencing the fruits of creative collaborations between diverse API-driven businesses. Partnerships like these are essential to creating useful new services that consumers and advertisers will pay for. The underlying API technology may not be seen by typical consumers, but users are already comfortable with the concept of fast-changing mobile app and social-oriented developments – a trend that has precipitated the global rise of the “platform economy,” allowing innovative online structures like Etsy and Uber to flourish.
Banks and payments providers have seen this demand for integrated services first-hand and the adoption of open API techniques is the most practical way to bring such capabilities to the financial services industry. The understanding and skills needed to exploit this new opportunity are not limited to new technology, though. Fresh ways of thinking about business relationships, customer propositions, user experience and engagement with untethered developer communities are also required.
On the surface, open API appears to favour non-banks; entities that are nimble and able to drive customer relationships using app-based digital offerings. The danger here is that established banking institutions become utilities focused only on providing core basic services that can be accessed via alternative, low-cost personal lifestyle apps such as Venmo. Some observers are even predicting that open API initiatives could mark the end of many physical banks as we know them, which is a myth that needs busting. Established banks are perfectly capable of adopting new digital techniques to maintain customer relationships, as well as partnering with/acquiring specialist companies that bring in specific skillsets. Experimentation with open API techniques on both sides of the banking-fintech bridge will make it more likely for collaborations and their customers to prosper in the long-term.
We’re still at the early stages of a new era in API-driven payments revolution. Banks, fintech companies and merchants will have much to learn, so organisations must get their hands dirty with open API techniques as quickly as possible. Some institutions, particularly those in Europe, will inevitably wait for more clarity on “standards” and specifications. These outfits will be making a mistake, Open API is more than a technology or a new way to meet compliance obligations; it represents a new way of doing business that must be embraced open arms and put to work.
Tim de Knegt, treasurer for the Port of Rotterdam, discusses how he is looking to bring more value to the Port's clients using blockchain.
Regulation technology is fast gaining currency by transforming how financial institutions can tackle compliance in a swift, comprehensive and less expensive manner.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.