By : Andy Brown
October 02, 2017 06:00 AM
The revised Payment Services Directive (PSD2) is a major milestone in the ongoing evolution of the European banking industry. It provides the legal framework for open banking, formalizes the relationship between banks and fintechs, and enables greater access to customer account information and payment systems.
NCR teamed up with Payments Cards & Mobile to explore this subject in-depth in the report ‘PSD2 and Europe’s Open Banking Mandate – Challenges for Banks and Fintechs’. A webinar will follow at 14:00 UK time on Tuesday October 3rd – register here.
One of the biggest potential consequences of PSD2 is that, for the first time, we will see a pan-European open banking market. It is the key enabler of borderless banking and payments, giving third-party providers (TPPs) the ability to access account data and bank infrastructure.
This will be facilitated by application programming interfaces (APIs), technology that is already commonly used by the likes of Google and Facebook to share data and connect with third parties.
These are exciting changes that could open up many opportunities for providers and customers alike. Fintechswill have more scope to develop integrated service models for consumers and businesses, while established banks will enter a new era of innovation and collaboration, which they must be ready to embrace.
A strong focus has been placed on security, with PSD2 mandating the rules for strong customer authentication. Consequently, customers should have access to an unprecedented array of services, without any compromises in security.
As far as challenges are concerned, there is some uncertainty surrounding the final element of PSD2 – the proposed regulatory technical standards (RTS) on strong customer authentication and secure communication. In June 2017, the European Banking Authority published a press release stating that it disagreed with some of the European Commission’s proposed amendments to the draft RTS, even though it supported what the Commission was trying to achieve with the changes.
There are other key challenges inherent in PSD2, such as the need for established financial institutions to move on from certain legacy technologies and operating models. TPPs and fintechs must register with financial authorities and acquire a license according to PSD2 regulations, and also come up with strategies to access the various systems and infrastructures of different banks.
There remains a level of uneasiness around PSD2 among some European banks. One of the concerns for businesses is that the proliferation of APIs and more open account access will reduce their control over the client interface. Some banks are seeking to limit risk by adopting a defensive, ‘wait-and-see’ attitude.
Others have taken a more proactive approach and accepted the fact that change is inevitable. With many fintechs also recognizing the importance of the regulatory and compliance tasks that banks undertake, the scene is set for positive, productive collaboration.
We have already seen some real-world examples of PSD2 and open banking concepts in action.
In May 2017, BBVA opened up eight of its own APIs to companies, start-ups and developers, facilitating the integration of customer data with third-party products and services. The following month, Berlin Group, a European payments interoperability coalition, announced a single standard for API access to bank accounts.
Other early moves include Barclays’ Pingit app for bill payments and P2P transfers, and SlimPay, a UK-based online direct debit service that allows users to make regular payments for subscriptions.
If PSD2 has the desired effect, innovations such as these could provide a glimpse into the future of the European banking industry. With businesses innovating and collaborating, and customers showing a willingness to try new approaches to managing their money, it could be a bright and exciting future indeed.