While open banking was initially regarded by many as a typical compliance exercise, following the implementation of the Second Payments Services Directive (PSD2), banks are now shifting gears and going beyond the regulatory requirements by leveraging the benefits of open APIs to cater to customer needs and innovate open banking business models.
Open banking continues to be driven by the original regulatory objectives of increasing competition and accelerating innovation. Despite PSD2 focusing on only a part of the industry, and while the regulation has not had the impact many had hoped for, the concept of using open APIs has had a transformative impact on the industry as leaders in the market go beyond the regulation.
Initially, some account servicing payment service providers (ASPSPs) had a bumpy road and missed deadlines for changes to dedicated interfaces. Nevertheless, the financial services industry has indeed realised true progression, and players are already looking beyond open banking to what is being referred to as open finance—or Open X.
At the end of the journey, Open X could create an integrated marketplace with specialised roles for each participant, enabling a seamless exchange of data and services, and improving the customer experience and expediting product innovation. However, before banks accelerate open banking further, they need to ensure they have a resilient and scalable platform to suit this ecosystem. The cloud can—and is—providing that scalable platform. Finextra Research speaks to Stephan Schmidt-Tank, head of the Financial Services Specialist Team in EMEA, Amazon Web Services (AWS) and Sahana Hussain, director and global head of open banking technology, HSBC. They discuss the ways in which the cloud can unleash a raft of technical opportunities that not only result in more efficient, secure systems, but serve to address the needs of clients and traverse new technological territory.
Is open banking more than a compliance exercise?
With strategic tools like open banking now in banks’ arsenals, global regulators are seeing the advantages of giving customers power over their data—with third-party applications that allow data to flow efficiently, while keeping information secure.
Hussain begins by clarifying that the primary driver for open banking was to promote innovation using the application programming interface (API) economy, and doing so has paved the way for a new generation of financial products; giving consumers more choice and control over their financial lives; and driving competition in the financial industry.
The next phase for banks like HSBC, Hussain says, is to “Build out regulatory requirements into a more customer-focused, value-added proposition for the wider API ecosystem.” She adds: “This is not a one-off regulatory piece of work; it has been continuously evolving over the last few years. Technology is helping us to transform the whole financial industry and is providing new ways of banking in this era when customers are in full control with full transparency.”
Schmidt-Tank refers to UK challenger bank, Starling Bank (Starling), as an example of effectively harnessing new ways of banking. Having built Starling natively on the cloud, CEO Anne Boden recognised relatively quickly that the impending open banking regulation headed their way was a strategic opportunity.
Starling built their core banking natively in the cloud; launched a current account and frictionless mobile banking application, using a microservices architecture; and established a marketplace based on open APIs. Collectively, this created an unbeatable formula for an exceptional digital experience that allowed their customers to enjoy tailored banking products without unnecessary friction.
“The Starling marketplace is a launchpad for new payments and banking integrations that seamlessly work with Starling’s core banking,” says Schmidt-Tank. “This is a good example that shows the power of open APIs and that customers owning their data is an opportunity for banks to build better customer experiences and more variety, bespoke customer experiences, and new business models.”
Customers appreciate choice, and open APIs can provide this. In fact, according to a 2017 Accenture study, 67% of financial services customers say they would share more data with banks in return for new benefits. Sharing data, Schmidt-Tank explains, creates an opportunity for banks to use technology ecosystems and partnerships to diversify choice, by integrating fintech innovation into the traditional banking value chain.
He goes on to explain that banks can then aggregate data collected through open APIs to improve their understanding of customers. Building on this analysis, banks can leverage APIs to open new distribution channels and accelerate their continuous delivery of innovation.
Some have posited that missed deadlines for the earliest open banking mandates may signal that banks are either reluctant to participate in open banking—or see it as a threat. “Open banking is definitely not seen as a threat,” shares Hussain. She reveals, “The complexity of integrating a brand-new API ecosystem with banks’ existing platforms resulted in some delays to the challenging timelines during the early phases of open banking mandates.”
She continues, “It was not because they were not willing to take part. Banks wanted to make sure that the whole, complex ecosystem, infrastructures, and processes were ready to deliver.” She adds, “A few years ago, none of the banks were sharing data, and they have now changed their whole mindset and work very differently.”
Are banks looking beyond open banking to what is being referred to as Open X?
As financial institutions leverage what is available to them to offer customer-centric products and services, a transition from data silos to shared access; and from data owned by banks to data owned by customers is around the corner. This will further entrench what has already started in parts of the industry: a shift from product to experience; assets to data; ownership to shared access; and more options between building, buying, and partnering for banks.
According to Schmidt-Tank, PSD2’s narrow focus on payments and account information has only been a starting point, and some forward-looking banks have already taken hold of opportunities and tools to create new business models.
Schmidt-Tank uses German fintech firm, Solarisbank (which has a banking license), as an example of this. Their business model, he shares, is based on offering over 180 Restful API endpoints that provide frictionless banking services as modules to non-banking enterprises, or even other banks. "There is also an opportunity to monetise APIs: Nasdaq makes a decade’s worth of historical tick data accessible to its customers via their Cloud Data Service," he notes, adding, “The kind of analysis you can run is unimaginable.”
He predicts that the concept of open APIs will also move into other segments of the banking industry. “We expect open banking to have an impact on corporate banking,” he says, “because it also allows banks to connect seamlessly with customers by integrating transactional services into the ERP systems. That means treasurers can make executing transactions out of the ERP system easier, reducing the complexity of linking and exchanging data between siloed systems.
Similarly, he adds, the wealth management and insurance sectors could also benefit from a richer understanding of customers. “Open finance is already happening today,” Schmidt-Tank notes, “and it is expanding in many ways.” Providing the HSBC perspective, Hussain adds that the strength of open banking’s current API marketplace provides a strong foundation for further expansion.
“The next step is the extension of the services to include mortgages and loans into the Internet-service product offering and create a holistic aggregator or platform that the customer has the visibility of,” she says, sharing HSBC’s vision. She continues, “And, in turn, a full understanding of their financial products and the ability to make the right decisions.” She concludes, “I know we are not there yet, but that is what we can start moving towards over the next couple of years. If we have a standardised approach when exposing APIs and agree on security models, we can expand on API offerings and move from open banking to Open X easily.”
In the end, Open X could create an integrated marketplace, with specialised roles for each financial player, in order to enable a seamless exchange of data and services. Hussain believes that a common set of API documentation—which is the set of information required to work with a given API—would be beneficial, as it would allow partners, third-parties, and fintech firms to explore those APIs and release inventive, new products.
The next action for open banking’s progression, Hussain elaborates, is “interlinking with the partnership model” and “creating a premium set of services” on top of existing regulatory APIs, which will be “unique for a specific use case.”
How can banks ensure they have a resilient and scalable platform for Open X?
Open banking is not just payments initiation and confirmation. Open APIs can be used strategically, but often on-premises legacy systems create limitations on the capabilities and possibilities of open banking—making it difficult to aggregate and analyse high volumes of data on existing systems that are less agile. This can lead to a lengthier time to market.
With millions of transactions a day, a resilient and scalable platform is required, and this is where cloud technology can prove useful, Hussain explains, expanding up and down as demand grows or falls. At HSBC, demand has surged over the last two years, especially in the UK and European markets, but the cloud has given the bank the flexibility to create an infrastructure and application-deployment blueprint and a highly secure platform that is available today.
Adapting APIs in real time is cumbersome on legacy systems, as they are difficult to scale and providing the highest level of data security can be a challenge. “This is a paramount priority for the industry and for AWS, as banks need to be able to adhere to all applicable regulatory requirements, not just the open banking requirements,” says Schmidt-Tank. He adds that, in order for this to work, banks need to be able to scale and develop secure APIs quickly and connect to tools that allow for fast aggregation and analysis of high volumes of data.
Reiterating that security comes before scalability, Schmidt-Tank states that this is where AWS has built its business. “Amazon has spent over a decade building one of the world’s most reliable, secure, scalable, and cost-efficient web infrastructures to run Amazon.com. And that's the experience we bring to AWS customers when it comes to implementing high levels of security around scalable APIs.”
AWS also offers a portfolio of advanced security services that go beyond what any organisation could do itself. This, combined with the incredible scalability of their cloud offering, means that it has never been easier to collect, store, analyse and distribute data. This is particularly advantageous for financial institutions that need to stream petabytes of data in real time into the cloud, for example, to authenticate credit card transactions initiated through APIs.
In the end, agility is key. Noting how—with a portfolio of over 175 API-based services available at one’s fingertips—new ideas become new solutions faster, Schmidt-Tank states: “Open banking allows you to build unified APIs across multiple microservices that can interact with third parties faster. These third parties can connect to the APIs through the AWS cloud in a simpler way. Banks can scale these APIs on demand, pay only for what they consume, and build modern serverless architectures to process data."