In the run up to its implementation date on 13 January 2018, the EU’s Second Payment Services Directive (PSD2) – which in the UK is known as ‘Open Banking’ – was widely perceived to be a game changer in retail banking services. In a nutshell, the directive
aims to ensure that all payment service providers (PSPs) that operate in the European single market are subject to far-reaching supervision and comply with the new rules aiming to create a level playing field, promoting innovation and driving down costs.
Ahead of its implementation, a number of larger and more established industry players have voiced concerns about PSD2 and its scope, citing cyber security implications and broader technical challenges. In the UK, a number of banks have adopted a defensive
approach, demonstrated by their recent request for an extension to the January deadline from the Competition and Markets Authority (CMA). Making large swathes of customer data available externally is a significant undertaking and it is understandable that
banks need time to introduce adequate measures to address valid concerns such as data security.
Nevertheless, the level of engagement between incumbents and new entrants in the market is certainly increasing, indicating that we will soon see new services and operators become available in the retail banking space. For example, hackathons have become
commonplace, bringing together established players and start-ups and allowing them to exchange ideas.
In fact, PSD2 appears to be already bearing fruit. BNP Paribas Fortis, a subsidiary of BNP Paribas, has
recently announced that it is integrating a financial management app from a fintech provider Tink into its mobile banking apps in order to comply with and benefit from the Directive’s requirements. Additionally, HSBC has
publicised plans to launch an app which provides a centralised view of all clients’ accounts, featuring spending analysis and purchase round-ups.
But while a number of developments are underway, the new PSD2-driven solutions are only as good as the data entrusted to service providers by consumers. At the Directive’s core sits a requirement for banks to grant third-party providers access to a customer’s
data. Building trust and persuading consumers to share their account information with third party providers might take some time.
In order to build this trust with customers, financial services providers will need to ensure that they are able to deliver added value. They will also need to be unambiguous about their intention to store and share the client data with any approved third-party
providers. Some industry players are currently considering introducing rewards or even monetary payments to those clients who are agree to share their data – we are likely to see this implemented soon.
Demographics will also play their part, as different generations are likely to have different standards when it comes to sharing personal information. Younger generations, and especially millennials, are much more willing to share information – having a
teenage daughter who is constantly on social media platforms, I can attest to that. But while younger generations are more willing to share data as well as explore and experiment with technology, they are also well-versed in researching information before
deciding to opt for a particular solution. Financial services providers will therefore need to be particularly vigilant in ensuring they have the required measures in place to safeguard customer data – in addition to substantial material damages, being exposed
to a cyber security breach could have significant impact on a firm’s reputation.
PSD2/Open Banking rules are based on commendable principals of collaboration, openness and fair competition, and they present an opportunity for fintechs and banks to work together by creating unique, tailored solutions and services for their customers.
And while it may take some time for the industry to fully capitalise on its potential, PSD2 will democratise access to retail financial services – we all stand to benefit as a result.