Blog article
See all stories »

Enabling anywhere, anytime banking with an API-driven architecture

Maurizio Canton, CTO EMEA, TIBCO Software

As PSD2 drives the compulsory introduction of open APIs in banks, now is the time to go beyond compliance to achieving digital goals.  

Application Programming Interfaces (APIs) have stepped to the forefront as the financial sector looks to tackle its traditional reticence towards new technology. Institutions who have already taken the leap have benefited from faster service delivery and a broader customer reach. This provides clear evidence of the technology’s ability to shift an ‘anywhere, anytime’ banking vision from a catchy strap line to a tangible reality and best serve today’s more mobile customers.

In facilitating single view, real-time access to banking information, APIs have empowered customers to make their own financial decisions, the result of which has transformed relationships, spawned a number of added value services and captured more sales.

Now, this bond is set to be cemented further thanks to the advent of the PSD2 and the Third Party Payment (TPP) component, which signals the mandatory introduction of open APIs in banks.

For the uninitiated, it’s a move that progresses the original Directive of Payment Services (PSD) and marks the latest chapter in the European Commission’s ongoing mission to foster innovation and a more inclusive way of working across the banking sector.

The key game changer here is how payment processing services and customer accounts held by the bank will be opened up to the industry. Open APIs will enable permitted third parties to access key information such as banking products and interest rates as well as customer account data such as transaction history and account balances.

The theory is that a more transparent, single payments market across Europe with enhanced security around internet payment and account access will be of mutual benefit to the banks and the customer fuelled by API technology as the natural mechanism to drive the greater cohesion and integration needed.

For example, a mortgage provider with access to a customer’s transactional data can use this information to provide an instant view of what they can afford and the kind of mortgages available to them. Similarly, a financial management tool fuelled by greater data insight can monitor an individual’s spending and provide feedback and alerts in real time, the sort of useful intervention that can radically change how an individual handles their finances.

While no one can take issue with the underlying aim, here, the use of open APIs to grant third party access to a customer’s online account/payment transactions has ruffled feathers in a sector traditionally reluctant to publish open external APIs for customers or third parties, principally due to fear of a loss of control.

Yet, as a pending legal obligation, it’s a reticence that will need to be overcome because the choice is stark; approach it reluctantly with a mindset that says ‘unavoidable compliance’ or embrace it and capitalize on the opportunities to increase revenue potential generated through added value data and the ability to evolve a particular offering to the millions already registered via APIs.

But if the potential is to be fully reaped, the onus will be on the bank to be proactive and ensure its API proposition is both functional and attractive to developers. Furthermore, how the process is managed and the underlying platform chosen will be critical with APIs developed for PSD2 unlikely to be a routine internal IT management issue for the bank. It’s a development that will demand commercial decisions to be made about a technology different to the bank’s traditional own-brand products a challenge that not every organization will necessarily be ready for or indeed equipped to do.

For those operating with legacy systems and architecture and more broadly a legacy culture, the challenge will be felt most acutely as they look to harness a whole new approach to their IT infrastructure.

Progressing to an API-driven architecture is no small feat, but the latest breed of API platform solutions that can cover the entire API lifecycle will increasingly take center stage along with support from a team with the experience and knowledge to guide through the issues that arise during this process.

Platforms that enable users to create, integrate manage APIs inbuilt within a single cloud-based offering for ease of use, optimal visibility that come with inbuilt security and analytics features to drive insight and understanding at all stages of the process, will offer the peace of mind that covers all bases.

While APIs themselves are being heralded as the enabler of more integrated and transparent banking, one must not forget that an API platform as sophisticated as the APIs is essential for driving integration with the channel and trading partners. Not only will this mean that the banks’ response to PSD2 goes beyond simply compliance, but will assist in their efforts to fully evolve their digital business.


Maurizio Canton, CTO EMEA, TIBCO Software

Comments: (0)

Maurizio Canton

Maurizio Canton

CTO EMEA at TIBCO Software

TIBCO Software

Member since

21 Mar 2017



Blog posts


This post is from a series of posts in the group:

Banking Architecture

A community for discussing the latest happenings in banking IT. Credit Crunch impacting Risk Systems overall, revamp of mortgage backed securities, payment transformations, include business, technology, data and systems architecture capturing IT trends, 'what to dos?' concerning design of systems.

See all

Now hiring