By Stephan Romeder, General Manager, Magic Software Europe

The European Commission’s revised Directive on Payment Services (PSD2) is expected to enhance consumer protection and convenience, improve the security of payment services and promote innovation and competition. PSD2, which is mandated to be implemented by January 2018, requires banks to make their customers’ data available by opening up their APIs, so that third-party FinTech companies can build their own applications.  A system integration tool can be significantly instrumental in cutting down the time-to-market with this type of wide-scale project.

Although some banks have already complied, such as the Danish Saxo Bank and the UK’s Capital One bank, there are other banks that have the following concerns about opening up their APIs:

1. Requirement for huge IT investment – For some banks, PSD2 poses substantial economic challenges as IT costs will increase due to new development costs and the need to potentially scale up their infrastructure to manage millions of transactions.  Modifications to meet new regulations can put a strain on legacy systems and budgets already pushed to the limit.
2. Fear of becoming a dumb pipe – Similar to when telecom providers were forced to open up their infrastructure and allow in new entrants, banks can lose market share to new players that have a competitive edge because they don’t have the same costly infrastructure as banks. They can gain consumers’ trust and steal banks’ customers after banks have exposed their data. Consumers are already accustomed to using financial services from companies other than banks, such as Paypal. Every fifth European consumer is willing to use financial products from Google, Facebook and Amazon, according to a recent survey.
3. Reluctance to lose control of the customer – Banks could lose out with the new tug of loyalty between banks and new financial services providers, once there is a new layer of banking services eliminating the need for depositors to interact directly with their banks.  Account Information Service Providers, or AISPs, will allow consumers to view all of their multi-bank details in one portal, consolidating account information in one place while offering valuable analytics and cross-selling opportunities.
4. Losing the race to develop the app  –The API itself is an information pathway and isn’t enough to provide new banking services. It needs to be employed by software, which tells the API what data is needed and then provides further processing. So, even though the API is open and free, new banking applications need to be developed with all the necessary system integrations. If banks want to compete and create their own applications they will have to move fast. Low-code solutions can help accelerate the process of system integrations and application development.
5. Security Concerns– In a world where data breaches are too commonplace, it’s not known what will be the impact of providing private financial information to various third parties and aggregators. Current privacy laws are being reviewed and technical standards are being developed. However, the process of developing security standards is already running late with the final deadline for implementing security guidelines going beyond the January 2018 mandated PSD2 implementation date.

PSD2 will have a considerable impact on the European financial ecosystem. However, the new directive on payment services will take time to implement since it will require investment by banks, a further ironing out of security standards, and the introduction of new business models. Given tools and strategies to accelerate adoption, banks can have an opportunity to design innovate payment offerings and take advantage of these technological developments themselves.  But they will have to move fast to turn the threat of open APIs into an opportunity, and to prevent themselves from being short-changed in the process.