The European Parliament’s (EP) revised Directive on Payment Services (PSD2), along with other initiatives such as the Open Banking Working Group (OBWG) and the increase in real-time payments, is set to change the face of banking.
The implications of PSD2 and other legislation will be far-reaching; not just for banks but for the consumer, as well as businesses from small and medium enterprises (SMEs) to multinational enterprises.
For the first time, banks will have a regulatory obligation to implement open application programming interfaces (APIs) that allow permitted third party providers to initiate payments and access account information. In this process access to customers’ bank data, such as transaction history and balances, will be passed through the API to these third party providers – or indeed other banks = in order to deliver truly integrated and digitalised customer services.
Once PSD2 comes into effect in January 2018, we can expect a dramatic shift in the payments landscape. Online and mobile, while already pervasive, will become the norm as security and innovation in these mediums improve. For banks, this is a threat as well as an opportunity.
Yet with such a short space of time before the deadline, how can both banks and businesses ensure there are no blockers to its development in their systems?
Setting the new standard
These new open banking standards now mean that the sets of data being exchanged are larger than ever, and between more parties than before. This creates a significant challenge and opportunity for payments professionals. How can they process this data in order to convert it into valuable features for consumers, SMEs and large businesses alike?
Artificial Intelligence (AI) can go a long way in ensuring that this process is efficient, effective and, importantly, delivers consistent results for the customer or end user. For example, the AI discipline natural language processing (NLP) provides understanding and context from large data sets, while machine learning (ML) allows us to gather and generate valuable insights into the usage and behaviours of the users. Leveraging these two technologies allows the most forward looking players in the payments space to harness information more effectively.
One of the biggest trends we are seeing – the drive to automate many aspects of payments services – can also be greatly aided by AI, which can process payments in real time by making sense of data and utilising domain-based knowledge. This is another reason why adopting AI will be essential in order to remain competitive in the years ahead.
While the solutions are ready to be put in place, it is important to note a serious blocker currently standing in the way of progress – a bank’s own legacy systems. Previous bank technology systems were only ever designed to work in a closed environment, which at first glance presents a considerable challenge when trying to open up systems to other players.
However, it is not necessary to reinvent the wheel. Instead, this challenge can be addressed simply by putting a layer on top of legacy applications and functions, which will allow third parties to access the necessary information.
The key here is collaboration. By working in partnership with a fintech, both banks and their providers can build a flexible platform that will bridge the gap between the old technology and the new.
This way of working will also provide a framework for how banks can partner with third party providers and other suppliers going forward. For this, standardisation of communications will be key. Many hope that the final PSD2 regulatory technical standards – due to be published any day now – will go into some detail regarding how the exchange of data will work in respect to the access to accounts (XS2A) rule. This will be key in avoiding a scenario where each bank or provider introduces its own communication standard, which would only serve to make the ecosystem more complex.
Securing the future
Open APIs need to walk a tightrope, balancing between ease of use on one hand while providing adequate security for the end users on the other.
A topic that has been of great debate since the draft regulatory technical standards document was published is the transaction threshold for requiring strong customer authentication (SCA). Many payments professionals are now hoping that the final document will strike the right balance between consumer protection and user friendliness.
Regardless, banks still need to consider the track record of the vendors they will work with when establishing their open APIs.
The past couple of years has seen a rise in the number of companies, from established firms to start-ups, that are now specialising in API management. While this does give banks far more choice and a more diverse market place to pick vendors from, many will not have much in the way of experience of payments and transaction banking. APIs have to be treated as one more communication channel and therefore need to integrate with other systems in the bank.
A different landscape
We are on the cusp of a new wave of innovation in payments and transaction banking. The payments landscape for banks, corporates and consumers alike will look very different within only a brief amount of time.
While PSD2 will ensure the future of open banking and work to establish a level playing field for banks and other fintech players, it will not happen automatically, and banks cannot be standing by simply expecting that it will.
The challenge is going to be in coming up with innovative products at a short time to market. AI can – and will – play an important role here; however the ability to launch innovative, new propositions efficiently requires a strong understanding of the entire payments life-cycle, the transaction banking industry and the underlying technologies which power it, as well as the science behind AI itself.
Partnering with the experts is the most efficient and cost effective solution – and means that a bank will not find itself lagging behind competitors in three years’ time. Most of all, it is imperative that this is not treated as just another compliance project.
The banks most likely to emerge as winners out of PSD2 will be those that actively participate and turn it into a business opportunity to launch new product offerings quickly, harnessing their existing strengths such as large customer base and ability to deal with regulation. At the same time, banks should combine these with the attributes of other established players in the industry, such as the agility and innovation strengths of experienced fintechs.
For further recent articles on PSD2, click here.
Africa presents the ideal environment for new cash and payments services architecture by linking rapidly changing customer expectations with new technologies. This puts banks at the centre of the creative clash of trends and technology as Africa’s financial institutions harness disruption for innovation and growth.
The only way PSD2 will function effectively and securely, will be through the mobile banking application itself. However, the directive does not specify how secure this access will be, nor, what risks will arise, and for who.
PSD2 heralds a new dawn for mobile payments, as the regulatory technical standards around the upcoming European open banking regulations are expected to put mobile devices at the heart of new payment techniques. But despite the regulatory environment nudging markets towards certain payment types, it is not easy to predict exactly how consumers will adopt the technology.
These are interesting – and uncertain – times for global retail banking, from Trump's desire to remove Dodd Frank to Brexit and new British banking regulations.