The PSD2 deadline is just seven months away, and we all know just how quickly time flies. Market feedback suggests that many financial institutions are still in the ‘reflection’ phase. So far, this year we have seen the EBA (European Banking Authority) publish
the Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and common and Secure Communication (SC) – this, in hand with the approaching PSD2 deadline, will force these banks to increase their efforts.
When we consider the complex infrastructures, inflexible roadmaps and long development / implementation lifecycles typical within most financial institutions then the urgency to implement a compliant solution becomes apparent. If we add to the mix that PSD2
inevitably brings its own complexities, such as strong security challenges associated to PSD2 XS2A (Access to Accounts) and the strategic implications of the directive, then that seven-month period is right behind you.
Over 4,000 European banks must open their legacy (mainframe) data stores to Third Party Players (TPP) for retrieving account information or initiating payments via APIs.
Those banks, which already launched studies in context of PSD2 know that the impact of the IT and operational related issues are considerable:
- A secure API gateway with coarse grained and fine grained API authorization.
- Integration with different - often very closed - legacy systems.
- Management of the customer consents for TPPs to retrieve data.
- The technical and operational process for onboarding TPPs.
- A sandbox for TPP developers to find the documentation about the bank’s APIs and to test them.
- Providing a trained support desk to TPP developers to contact in case of integration issues.
Considering the effort this involves, it is very likely that many banks will just do the bare minimum to be compliant. This could be a short-sighted strategy and the banks who adopt this approach risk missing out on future revenue opportunities, as PSD2
is just the beginning! Banks must accelerate their transformation to an Open Bank environment, offering innovative value-added customer services in several ecosystems. To help them on their journey, banks should acquire a solution to build tailored digital
experiences faster and more agile and which provides a full pre-packaged PSD2 offering. If financial institutions don’t invest now to become more actively present on the new playing field by creating innovative, customer-centric services, they are likely to
get left behind.
Don’t bury your head in the sand, if you act now the chances are you could start to fly.