Driven by a combination of competitive pressure and regulatory actions such as the revised PSD2 in Europe, banks are being forced to open up parts of their infrastructure (i.e. AIS and PIS APIs) and to operate in a world where the value chain is becoming more fragmented and the competitive environment more intense. As a consequence, a new world is arising in which PSD2 paves the way for significant changes.
In this new world, banks are obliged to share customers’ financial data with (non-bank) third parties through open APIs – upon customer consent – in order to create new services and a better consumer experience. In our last blog we talked about ‘a challenging perspective on open banking’. As a follow-up, in this blog we will share our deepened knowledge about unlocking value through the use of APIs.
For years, banks have been vertically integrated, covering all aspects of the value chain, from origination to servicing to risk and balance-sheet management. In doing so, banks could also benefit from the protection of regulatory restrictions for years (e.g. licensure laws, capital requirements, access to financing, regulatory compliance, security concerns,etc.). These restrictions have, for a long time, prevented non-banks from entering their market, while allowing competition between banks to flourish. However, all of that is about to change.
Give and take means mutual concessions and compromises. Which is also the case for the in- and outbound play. From an outbound perspective, due to PSD2, banks in Europe are compelled to make raw account data – for instance transaction history – available to licensed third party providers (TPPs) in a regulated and secure way via a set of standard APIs. TPPs, e.g. other banks, but also non-banks such as, retailers, telecoms, insurance companies, FinTechs, BigTechs, can then use those APIs to embed that information for improving the products and services they offer. A new opportunity arises which is no longer just about payments.
By taking on the new roles of Payment Initiation Service Provider (PISP) and Account Information Service Provider (AISP) introduced by PSD2, banks can create new products and services, and enable others to create new propositions, business models and great customer experiences that amplify the banks’ reach and distribution.
A PISP is any company that initiates online payments on behalf of the user, offering an alternative to the use of a card or online banking. Striking examples are PayPal, Tikkie and TransferWise, but we are likely to see even more innovation in the coming years (or even months), with services that bring a whole new dimension to payments, e.g. paying through instant messenger or instant payments.
AISP may, for instance, enable customers to see a single view of all their financial accounts, providing new insight into how to realise potential savings or avoid overdraft fees. In very concrete terms, customers’ financial information is visable in an external ‘aggregator’ app. For instance, BBVA shows customers’ information from their accounts at other banks directly on the mobile app’s home screen (being the financial aggregator). BBVA rolled out this feature last January, after PSD2 regulation was enforced. Contact with the customer is being handled via a third party and the bank increasingly loses the direct influence on the customer journey.
PSD2 also boosts ‘robo advice’ offerings, as it gives AISPs access to a much larger pool of data on which to base their recommendations. A company that is leading in this field is Personetics, which uses ‘cognitive banking’, to provide highly personalised financial advice to customers, powered by AI and predictive analytics.
A recent entrant in the field includes Bud, both an AISP and PISP. Being a licensed third party gives Bud and its banking partners API access to customer data from the nine biggest banks in the UK, on the request of users. The payment license means that, on a customer’s request, Bud can initiate a bank to bank transfer, allowing users to spend money in new ways and move money around their accounts via the Bud platform.
Through the outbound game, banks are able to build customer loyalty via new channels, monetize value streams, avoid becoming a commodity, increase time to market and boost innovation through offering new products and services. However, this does not come without risks. Apart from the fact that banks need to comply with regulations like GDPR and PSD2, opening up to third parties, entails risks such as loosing customer loyalty on their current direct channel, cannibalisation of own products, services and/or revenue, data loss, identity theft, data protection violations etc. Therefore, banks should carefully consider the advantages and disadvantages of the outbound play.
Another trend we see is the enormous increase in the number of open APIs used for the so called developer portals. Open platform banking may still be in its infancy, but forward-thinking banks, such as ABN Amro, ING, Rabobank, BBVA, HSBC, Deutsche Bank, and Nordea, are taking the first steps to create an open platform developer ecosystem, leveraging the ‘outbound play’. In exposing APIs to third party developers, banks will be forced to more rapidly innovate in order to meet the expectations of this demanding, real-time community. Therefore, the aim of these developer portals is to accelerate innovation by working more closely with external developers (being the complementors to their existing services and products). With a secure portal and sandbox environment, a developer community can generate innovative banking products and services.
A developer portal and a sandbox environment allow banks to offer an open, yet secure and controlled, environment to external third parties to interact with the bank’s and customers’ data to generate innovative products and services. Banks that get this right, and eventually evolve into supporting a marketplace model, will significantly strengthen their outbound positions with early API dominance and an efficient ecosystem.
However, the degree to which banks step into the open banking game varies considerably. The majority of incumbent European banks simply offer those APIs required to comply with PSD2 mandates. Very few are moving beyond PSD2 by selling their specialised services to other parties through the use of APIs, consumer credit check services to FinTechs or identity management tools (like KYC) to smaller banks to enable their business.
The inbound play is where banks can easily incorporate product and service features from TPPs – that lie outside of their capabilities or risk appetite - into their own offerings in order to create a better consumer experience. Banks have for instance equal opportunity to both partner with TTPs by aggregating customer data and/or play the role of aggregator themselves.
Through the inbound play, banks will not only build a holistic view of their customers’ financial situations, but they will also be able to serve their customers with better quality insight and advice, which will boost engagement and loyalty levels. When banks for instance decide to become the ‘plug and play’ platform for SMEs, banks could offer their customers (being the SME’s) additional services that lie outside of their capabilities or risk appetite through the use (and integration) of incoming APIs, such as cashflow, invoice, payment, KYC services etc. (See figure 2).
One example of an SME platform is Funding Options, the SME aggregator which recently partnered with ING. The partnership with Funding Options will give Dutch businesses a platform where they can choose the best funding option for their business – even if they aren’t an ING customer. This platform will enable customers to compare what’s on offer and allow ING to make alternative sources of financing available to them quicker than before, beyond their own offering.
Another example is the partnership between Starling Bank, a digital challenger bank, and Raisin (UK), a successful European Fintech that provides a marketplace for consumers to earn more money on their savings. This partnership will enable Raisin to build on the range of solutions it offers savers and to expand the network of partner banks that participate in the marketplace. Additionally, the strategic partnership will at some point enable existing Starling customers to benefit from Raisin UK partner bank offers through Starling’s own marketplace.
Banks can also use the inbound play as a means to extend their own services beyond those traditionally offered by banks and to broaden their proposition beyond financial services to more complete customer journeys, such as mortgage, insurances, consumer goods, travel services. Can you for instance imagine how much easier it will be for a bank to underwrite a mortgage when it can easily access a homebuyer’s complete financial status?
However – triggered by drivers such as technological improvements and changing customer behavior – it will become easier for non-banks to gain customer trust through a partnership with a traditional bank. The contest is undoubtedly shifting from value being in the ownership of a payments relationship to being the platform through which clients interact. In this model, the challenge for the banks will be to remain the preferred partner rather than being reduced to a commodity product provider. Banks with the ambition for the inbound game will face challenges such as how to differentiate. Also these bank will need to deal with risks such as partnering with the wrong parties, reputational damage and not having the necessary curation capabilities.
The disaggregation of the banking value chain, including proliferation of partnership interfaces, is still in its early days, but the trend is quite clear: open banking will fast become an industry reality. Therefore, banks need to position themselves for success in a new environment and have to anticipate the likely customer impacts in order to find new customer touchpoints.
Done correctly, banks can exploit bilateral trade to thrive in this new world. This entails that banks could enjoy both the ‘inbound’ and the ‘outbound’ play, as banks could decide both to incorporate services beyond their own offerings by controlling the ‘incoming’ APIs requests, as well as providing TPPs access to the account information of their customers. However, there will be clear winners and losers, with the outcome largely determined by their own actions. Due to changing customer needs and regulations, the winners will be most likely those banks that embrace open banking and modernise their business model – for instance by enjoying both the in- and outbound play – and those that are accepting that the ‘ivory tower’ through which banks enjoyed a privileged position in the economy is a thing of the past.
Beyond question, opening up their models to external parties will naturally create risk for banks. Thereby, banks need to compete in a world where non-banks will also be able to create new touchpoints, gain trust and loyalty through financial services. To mitigate those risks and protect their ecosystem, banks must consider how to protect their internal environments, customer information and banking systems, without discouraging collaborative development. One way to do so is by choosing the right partners, defining the right level of openness, and by setting the right security measures. The big question is: what will truly drive customer engagement? Ultimately, banks will need to determine in what areas they can credibly operate as platform players and what role they will fulfill. Banks could play different roles in the outbound and inbound play of open banking. In our next blog, these roles will be further specified. Who will be leading the way in the open platform ecosystem, stretching beyond bank walls to better serve customers?
Source: The brave new world of open banking (Accenture, 2018)