The discussion focussed on the establishment of an environment for the safe interaction between electronic banks (e-banks) and third party developers in the new world of PSD2, aka the revised Directive on Payment Services. PSD2 is the new European Union (EU) legislation, which sets rules over payments services to streamline and harmonise cross border payments. It requires banks to open some aspects of their processes to third parties while increasing competition and efficiency, within a secure, regulated framework.
The panel generally achieved consensus on the key elements and issues of the new open payments environment. Establishing an effective open platform requires banks to move from an environment with proprietary access for clients to one readily available to developers. This will be achieved by opening large and complex communication networks, through making available technical facilities such as application program interfaces (APIs).
This advance gives banks and other enterprises the opportunity build new functionality inside the organisation in a controlled environment, taking advantage of the developer community’s innovative skills. A major benefit to the enterprise is that new solutions can be launched with less effort and cost. The EU is, in effect, using regulation to create a level playing field in electronic commerce (e-commerce), through enabling a more open format, with the elimination of various constraints on third parties. This can provide significant new commercial opportunities for all types of participant.
“The changed environment gives enterprises a chance to build something inside – not outside,” says Nektarios Liolios, managing director of Startupbootcamp.
The know-your-customer’ (KYC) and anti-money laundering (AML) regulation in place provides appropriate constraints. Also, the global behaviour of customers resists rapid change. Cash has, after all, been around for thousands of years, and efforts in the UK to phase out cheques are disliked by consumers and many small businesses. The market is liable to erect road blocks against rapid innovation in the payments field.
Financial institutions (FIs) are more exposed competitively in the evolving environment – but equally, they have new chances to partner with trusted, proven third parties to develop new solutions. The challenge for banks is to select those who can work in a smart and structured way to enhance their payments space.
“Innovation attracts fraudtsres,” cautions Adrian Field, digital strategy senior manager at Visa. “New patterns will emerge, setting new challenges to security structures.”
Clearly, the new payments environment requires a robust security and control model to secure the willing co-operation of the major banks and others. The spectrum of possibilities ranges from the old model of restricting open access to selected third parties, to an environment that enables permissionless innovation – ‘rather like the wild west of the Bitcoin world’ noted one panellist with a shudder. The major players will look to the regulators to encourage the development of the necessary robust infrastructure to enable post-PSD evolution to take place.
Meeting the Challenge
If the payments industry is to realise its current opportunities, it really needs creative external input to evolve effectively. It must engage with the third party developer community, so that constructive innovations can be quickly developed and delivered and enabling forward-looking organisations to accelerate the realisation of the newly available benefits.
The technical challenges for organisations, which interconnect thousands of banks with daily payments volumes in millions are vast. Their developments require powerful risk management processes, to detect and handle AML issues, and to prevent cybersecurity and the related data breach exposures. Some US organisations have been breached in the past, and the new, significantly more competitive open payments environment requires substantial efforts to establish new secure platforms.
The panel certainly agreed that the opening of the European payments market is disruptive – and also a great competitive opportunity for structured and secure innovation.
Businesses should look to identify the strategic opportunities presented by GDPR rather than simply seeing regulatory hurdles as an additional constraint, costs or obligation for the compliance officer.
A series of governments are now very worried about the idea of bitcoin and these currencies because customers would be able to make sustainable ongoing transactions and payments without having to ever introduce the use of a typical financial model or banking system. To combat this potential threat, several countries including major central banks like the Bank of England and the Bank of Israel will be launching their own version of a cryptocurrency. This could bring big advantages to customers.
The new EU General Data Protection Regulation of the European Union will have a wide impact on how data of EU citizens can be stored – and business are well advised to not take it lightly.
New Thomson Reuters research into Know Your Customer (KYC) related challenges impacting financial institutions (FIs) and their corporate clients reveals that many of the issues raised by the company's 2016 survey remain.