The European Fintech Alliance has fired another broadside in its tussle with the financial services establishment over PSD2, raising fears that banks will develop substandard APIs as a way to fend off competition.
Specifically, the alliance of 74 fintechs, challenger banks and fintech associations is unhappy that the Regulatory Technical Standards on strong customer authentication and common and secure communication under PSD2 allow banks the possibility to be exempted by their National Competent Authority from having to accommodate licensed Third Party Payment Services Providers (TPPs) to access accounts via the so called fallback option in case of malfunction of the API.
"This is indeed a novel approach - we are not aware of any other case when new competitors in an industry have been obliged to rely on a specific API controlled by the incumbents," says a statement.
The latest missive is part of a long-running struggle between the fintechs and banks over the shape of PSD2 after authorities decided last year to outlaw screen scraping in favour of bank-led access to client data under APIs.
The alliance makes clear its fear: that banks will deliberately minimise the functionalities and information available in their APIs as a way to stymie the TPPs.
With this in mind, it says that the EC, EBA and ECB have a "heavy responsibility" to "ensure that any API offered by banks has the adequate functionalities and performance, and works in practice" if they want the objectives of PSD2 to be realised.
The alliance has set out what it calls the key API requirements in four areas: authentication, information, performance, and consent management. You can read the detail here.