“Rolling in my Uber, that's just how I use my time” – Travis Scott, Uber Everywhere Remix. 

Welcome to the world where hip hop artists talk about companies created in the digital economy powered by application program interface (API), a term once buried deep in the lexicon of software programmers and tech geeks.

APIs have enabled an ecosystem for companies from the tech titans of Amazon, Google, Twitter and Facebook to new entrants such as Uber and smaller niche companies. They’ve helped promote partnership and innovation, and build disruptive business models and platforms that serve digital consumers and businesses globally. Open APIs fuel the “as a service” model to deliver a frictionless customer experience.

Financial services participants are familiar to the world of open APIs. However, the change on the horizon is far more fundamental. The vision of the future most agree on is one where these organizations are smaller, leaner and much more digitized. That is evolving the conversation from one based on technical considerations, to one about future strategy enabled by APIs.

In Europe, regulators have been the drivers for introducing data sharing and promoting open APIs under PSD2. When compliance drives change it’s sometimes viewed as a necessary evil. But banks must realize there is more to this than a specific compliance deadline.

Banks should seize this opportunity to transform into the base for the connected user and the innovative firms that seek to add to that experience to generate and extract value in new ways. The real opportunity to add value is in building a model for digital customers leveraging partnership ecosystems, encouraging innovation,  and modernizing legacy platforms to offer innovative products and services.

With the goal to move to banking as a service, the open API model offers opportunities for banks to take a big step in that direction. Similar to an Apple store for services, open APIs can offer banks plug and play service capabilities across card issuance, mobile wallets, fraud monitoring, POS integration, customer support and more, all based off capabilities they already possess. 

A tale of two continents

Banks have the one thing that challengers crave: scale. The problem is that banks cannot expect to emerge as the winners based on their size and ability to throw budget at the problem. 

Today, incumbent banks guard their data and services making it hard to access them. Bundeskartellamt, the German regulator, recently said the country's banking industry violates competition law by using roadblocks to deter competing online payment services. It’s clear that implementation of the regulation will focus heavily on access.

In Europe, PSD2 clears the barriers to entry for new players and removes revenue “sacred cows” making the position of certain service providers extremely precarious. It also defends the right of individual choice and information security in a transparent and easy-to-understand world as a basis, not a service. This is one of the reasons you also see a number of European banks with open API implementations moving into the market, be it Atom, Fidor (recently acquired by BPCE), Monzo, N26, Starling and so on.

In the US, the push for open API is more market than regulatory driven. It is also fueled by banks finding ways to move away from third parties pulling customer data to banks pushing data.

A very public example comes from JPMorgan Chairman and Chief Executive Officer Jamie Dimon. He dedicated an entire page of his shareholder letter last year to discuss the bank’s policy on sharing customer data with outside parties. To prevent customer data from being misused, JP Morgan, Wells Fargo and others stopped customer information “data sharing” and moved to build systems that allow banks to push data to third parties rather than pulling data at their discretion.

Wells Fargo made a splash last year when it created an API so small businesses can have their bank account data poured directly into the accounting software provided by Xero. CapitalOne has also announced a similar deal with Xero, with the API-based integration strengthening data sharing security for Capital One’s small business customers.

JP Morgan, Visa and MasterCard are also building an API ecosystem with selected partners and I expect we’ll see many, many of these types of announcements in the next six to nine months.

Building the right framework

Implementing open APIs is a journey. But with the PSD2 deadline approaching in Europe, there’s a real sense of urgency to enable an API framework. However, as a trusted partner, banks need to ensure open API efforts have the customer at the center of the decision making. It’s up to the customer to manage who sees their data, and the information must be shared in a way that is secure and encrypted with the proper checks in balances in place to see who is using the information.

Balancing transparency with data security and privacy is key to building an open API framework.

As you embark toward API frameworks, some key success factors to consider include:

1. Customer value proposition—How does an open API framework impact customer experience?
2. Architectural considerations—What’s the impact on cloud platforms, scalability, legacy system coupling and internal versus external API approaches? How are those married together?
3. Regulatory framework—In Europe, PSD2 is driving open adoption. How can US banks educate regulators on what open API could mean for the US?
4. Partnership guardrails—How do you define models for partners to leverage open APIs? Is it open for all to use or do you define a subset of partners and how they will be governed?
5. API platforms and tools—With a number of well-established API management platforms, do you build your own or buy a platform to build upon?
6. Monitoring and metrics—How do you report and manage the success of APIs?
7. Data security and privacy framework—How do you ensure data security and privacy for customer data and transactions exposed through the APIs?
8. Building ROI models and a business case—How do you build a business case for internal justification and investments into API framework?

Suppressing competitive threats 

In an API world where data is currency and a customer-centric experience is king, banks are lagging behind the tech titans. However, the advent of open banking legislation may just force the hand of banks to innovate around the customer before tech firms enter the financial services market.

Banks should look at APIs as a way to enhance service offerings, improve customer engagement, increase digital revenues and build partnership models with fintech while ensuring regulatory and data guardrails are in place.

As Stefan Weiss, head of APIs at Fidor said, “Just because you can offer an API for something doesn’t mean that you have to offer an API for something. APIs are products, have to be handled as products. You must have a customer, and a reason for the customer to buy the product.”

I don’t see mainstream hip hop artists jumping at the opportunity to talk about their “banking everywhere experience” anytime soon. But there is an unprecedented opportunity for banks to make every customer interaction more seamless and strengthen their partnership ecosystems by building a core API strategy.