All You Need to Know About PSD2 & Open Banking

TABLE OF CONTENTS

What is PSD2?

We've removed the paywall on select articles during this current economic crisis. Become a member of the MEDICI Inner Circle and join us in the fight against the pandemic – we will donate 50% of the annual membership fees to COVID-19 relief efforts.


PSD2 is part of a global trend in banking regulation that aims to foster market competition, innovation, and security. In late 2015, the European Parliament passed the revised Payment Services Directive (PSD2) to disrupt the existing monopoly that the banks were holding. PSD2, which came into effect in 2018, replaced PSD, an earlier directive that created a single market for payments and the foundation for a Single Euro Payments Area (SEPA).

PSD2 is administered by the European Commission to regulate payment services and payment services providers throughout the European Union (EU). PSD2 mandates banks and other financial institutions to give third-party service providers (TPPs) access to consumer transaction accounts based on the account holders’ consent (for both retail and corporate customers). It establishes a clear and comprehensive set of rules that will apply to existing and newer providers of innovative payment services.

Main objectives of PSD2:

  • Contribute to a more integrated and efficient European payments market to enable greater choice and transparency of payment services
  • Create a level playing field for payment service providers, including new players
  • Make payments safer and more secure
  • Strengthen consumer trust by enforcing higher security to protect consumer data
  • Ensure better pricing for consumers

PSD2 has forced the banks to reconsider their position and business models. Many FinTechs, merchants, large consumer tech players, and banks themselves have been applying for licenses to operate in the capacity of these TPPs. TPPs are categorized as AISP (account information service provider) and PISP (payment initiation service providers):

  • Payment Initiation Service Providers: PSD2 allows regulated third-party PISPs to initiate payments directly from customer payment accounts (provided they have the customer’s consent).
  • Account Information Service Provider: Regulated third-party AISPs can access customer data (provided they have the customer’s consent) to provide an overview of a customer’s payment accounts with different banks in one place to better manage their finances (e.g., a mobile app).

Source: Open Banking

Customers will need to provide explicit consent for the usage of their transaction data. The EU’s General Data Protection Regulation (GDPR) requires that customers are made fully aware in a clear, concise, and transparent manner concerning how their data will be used and by whom.

What is Open Banking?

The global financial landscape is continuously evolving, but one concept that is inevitably standing out is Open Banking. Think of the business model shift that happened when Apple launched the App Store in 2008. It gave consumers the power to choose the applications they wanted on their smartphone tailored to their own lives. Open Banking has the potential to have a similar effect.

Changes in consumer behavior, regulatory changes, search for new business models, and the threat for digital ecosystems like Google, Amazon, Facebook, and Apple is driving banks to walk the path of Open Banking. Open Banking is a systematic paradigm shift in the way financial services are delivered along the entire value chain, providing access to consumer banking, transaction, and financial data from banks and other financial institutions through the use of application programming interface (APIs). API platforms are the technological backbone for the implementation of Open Banking. Through the use of these APIs FinTechs, banks and other companies can build new and innovative financial services and products, such as third-party PFM apps (personal financial management apps) that provide a consolidated view across all your accounts and streamlined lending where lenders can get the required data to acquire the ability to make informed decisions instead of manually gathering data and so much more.

With Open Banking, this data belongs to the account holder and not the bank. Open Banking will re-architect the industry by placing the end customer/business in charge of their data held by the banks and, more importantly, how they want to use banking services, with consumers/businesses required to consent to data sharing.

Open Banking can achieve the following objectives:

  • Foster greater innovation (new business model, adoption of more modern technologies) and competition in the financial services industry so that specialist providers/FinTechs can compete with banks on an equal footing.
  • Reduce transaction cost: Payments – by cutting out intermediaries like global card schemes and other regional intermediaries. Lending – with more transparency and quicker access to machine-readable information and data coming easily from various sources, due diligence can be more confident, which, in turn, can potentially bring down the cost of credit.
  • Boost financial inclusion, especially in emerging economies, by providing solutions to an underserved audience at a lower cost. E.g., access to credit at a reasonable price.
  • Ensure more security for all stakeholders; screen scraping has been a common but insecure way of sharing data. Open Banking, driven by security guidelines, can make data sharing secure. Also, customers/businesses will be in charge of their data and decide whom they want to share their data with and under what conditions.
  • Improve customer experience:
    • Provide a more straightforward comparison of products and services.
    • Flexibility to choose between innovative offerings provided by banks or third parties based on service quality, pricing, speed, and transparency.
    • New, innovative products like personal finance management, instant money transfer between bank accounts, and credit cards.

Open Banking is a way of facilitating data sharing and not an app or product. Thus, it will take customers a while to see a tangible impact of Open Banking only after a number of solutions that augment value to consumers and businesses get implemented. Open Banking will push some of the passive, reactive banks to ramp up their tech efforts; it will also pave the way for several new services and business models which banks can adopt. Here are a few Open Banking use cases:

  • Providing inter-bank payment facilities and bill payments
  • Analyzing the financial behavior of the consumer
  • Aggregation of product information from different banks on to a single platform
  • Banking-as-a Service
  • Effective disbursement of lending/micro-lending products
  • Analyzing cash flow (businesses)
  • Wealth advisory
  • Digital onboarding

The Open Banking onset started when the Competition & Market Authority (CMA) in the UK was investigating the supply of retail banking services to personal current account customers and small-and-medium-sized enterprises (SMEs). In 2016, it was concluded that there was a need to improve competition in retail banking and financial services. Several changes were proposed, and “Open Banking” went into effect on January 13, 2018, as a regulation in the UK.

The CMA announced a mandate for the nine largest UK banks (also known as CMA9 banks) – HSBC, Barclays, RBS, Santander, Bank of Ireland, Allied Irish Bank, Danske Bank, Lloyds, and Nationwide – to implement recommendations developed by the UK government-appointed Open Banking Working Group (OBWG).

In many geographies, Open Banking has gone hand in hand with data privacy and protection laws. GDPR & PSD2 in EU, PDP & AA in India, and CDR & Open Banking in Australia are examples. Based on the UK’s Open Banking and the EU’s PSD2, different jurisdictions around the world are adopting their own versions of Open Banking either in the form of regulations or as guidelines for the market to adopt.

Pros and cons of Open Banking on key stakeholders

Source: Open Banking Report 2018

Potential opportunities and business models

With Open Banking, banks could be relegated to the role of a utility and lose control over customer interactions as non-banking organizations embrace the open API economy. Therefore, they face a stark strategic choice. Do they want to become another utility providing commoditized, “white label” banking products and services, or do they want to maximize future shareholder value? A proactive approach is a best-case scenario. Here are some potential opportunities and business models across the ecosystem that are emerging out of Open Banking:

  • Account Aggregators: Banks/FinTechs/other third parties can launch their own account aggregation services by dashboarding their customers’ and non-customers’ various bank account details. E.g., HSBC Bank has launched an account aggregation platform by partnering with a FinTech startup ‘Bud.’ By capturing their account data, banks can also provide PFM, spend categorization, and savings tools, which will enable them to engage with their customers on newer dimensions.
  • Payment Service Providers: Third-party providers, based on customer consent, can directly execute payments and collections between financial services providers without depending on intermediaries such as card schemes, i.e., between wallet and banks, between banks and e-commerce and other applications.
  • Banking-as-a-Service: Termed as the “Uberization of Banking,” companies can offer white label banking suits with various core functionalities in the form of APIs to various external solution providers. With this model, banks retain stakes in product and service development, as well as distribution, by acting as a market intermediary and facilitating activity among customers, producers, and distributors.
  • Ecosystems: Ecosystems could be Open Banking’s final development stage. Open Banking APIs are the starting point for new-age networked banking. Banks can complement their digital services and provide services to affiliated partners and other beyond banking services to offer comprehensive end-to-end financial services. This can create a new experience for the customer, much like the App Store. Customers can choose which partner solutions they want, and the bank becomes the navigator of their own services and other third-party products and services via APIs. Some banks such as Starling Bank, N26, and Monzo have adopted this model and are seeing increasing success. 
  • Bank API Portals: Traditional or challenger banks that have direct-to-customer models but also offer their products and services as APIs to third-party players such as FinTechs, which use them to build innovative services propositions. 
  • Financial Infrastructure API Companies: To accelerate the Open Banking strategy, financial institutions are also investing in financial infrastructure API companies. There are over 150+ financial infrastructure API companies with some prominent ones mentioned below:

Source: Financial Infrastructure API Companies Are Coming of Age

How countries are putting Open Banking into practice

Following Europe and the UK, similar aspirations for Open Banking are now being seen worldwide. These broadly fall into two categories: market-driven and regulatory-driven. Since the drivers for Open Banking vary across geographies, it would be inaccurate to favor either of these models. The regulatory model supported by well-defined standards seems to have worked well in the UK, starting to see positive results in the EU.

Market-driven: Countries like Singapore and India do not have compulsory Open Banking regulations, but the policymakers are introducing a range of measures to promote and encourage the uptake of Open Banking. In Singapore, the MAS and the Association of Bank published a Finance-as-a-Service API playbook and launched a regulatory sandbox for experimentation between FIs and FinTechs. The US has also opted for a market-led approach, and there is no government-sponsored Open Banking policy. Many progressive financial institutions are leaning into open API-based business models to fight back data aggregators’ insecure practices of screen-scraping. India has had a very different and intriguing approach to Open Banking. Unlike many other geographies where Open Banking and instant payment initiatives are running in parallel, India instead launched Open Banking with payments on what is known as the Unified Payments Interface (UPI). It is now widely considered the best real-time payments network worldwide. After the large scale success of UPI, India has launched an Account Aggregation framework, which is its first foray into consent-based financial data sharing (though this is not a regulatory mandate in India).

Regulatory-driven: Countries like Hong Kong and Australia have gone down the path of a regulatory-driven approach. The HKMA published the Open Application Programming Interface Framework for providing guidelines and time frame for deploying Open APIs. The framework has a four-phase approach to the implementation of various Open API functions. The HKMA has made it a regulation for Hong Kong’s larger banks to comply with the Open Banking regulation and provide Open APIs. In Australia, Open Banking was introduced as part of the Consumer Data Right (CDR) by the Federal Government of Australia. The CDR will allow consumers to share their data with authorized third parties they choose. The critical difference is that CDR is a data policy initiative and not just a financial services initiative; it will be extended to other sectors like telecom and energy sectors, to begin with. Japan has introduced a “soft” Open Banking regulation. The FSA has amended its Banking Act to establish a framework for regulating electronic payment service providers, where banks were required to publish their affiliation and cooperation with third parties. Banks in Japan can charge fees to disclose customer data, unlike the UK’s Open Banking and PSD2.

Barriers to adoption of Open Banking

  • Lack of customer awareness: Customers need to be educated to familiarize themselves with the concept and generate buy-ins. Consumers will need time to become aware of and understand the benefits. It is ultimately the ability to engage customers that will determine the success of Open Banking.
  • Cost of transformation: For some banks, the incremental cost to enable, roll out, and maintain Open Banking is a barrier to adoption, especially if they do not have a strategic view; it’s not clear how much they can profit from this.
  • Legacy systems: Banks’ core and legacy systems have become complicated over time and can make interoperability with Open Banking APIs a challenge.
  • Data security and fraud: Open Banking relies on data sharing. When it comes to Open Banking, banks are particularly concerned about data security and customer privacy because they can be held liable resulting in hefty fines and a loss of customer trust. Concerns over fraud and data security inhibit customer adoption.
  • Data sharing anxiety to competitors: Banks are faced with a dilemma on how much customer data they should expose to make Open Banking meaningful, but without losing control over customer data and product cannibalization.
  • Better entrenched competition: Today, banks face competition by FinTechs, neobanks, and technology giants like Amazon, Google, and Facebook that are improving existing financial services by enhancing capabilities, improving convenience, or lowering prices and fees for consumers. Banks that don’t proactively think about their strategy could face eroded market share, increased customer churn, and increased pressure on margins.

Success Factors – Open Banking

Open Banking is still a relatively new development, and it will likely take some time to observe its full impact on financial services. Gaining consumer trust is the most vital element for realizing the true potential of Open Banking. Regulations are a catalyst and can create a conducive environment for innovation and customer reassurance. However, it is ultimately the ability to engage customers that will determine the success of Open Banking. Ecosystems and the digital economy could be the ultimate expansion of Open Banking!