The move toward open banking is no longer aspirational. It is inevitable for the modern financial enterprise.
Already, a new European Union directive is serving as a catalyst to transform banks into less of a black box of financial data and more into an accessible launching pad from which people and companies can plug in to a different kind of financial ecosystem.
The EU directive, called PSD2, requires banks to make customers’ financial data accessible on other portals. Under this new mandate, banks will still technically hold their customers’ money, but if, for example, I would rather check my balance, transfer funds or pay an employee using a third party that I authorize to access my bank account data, the bank will have to allow that authorization. This is one of the biggest changes in financial services in a generation.
While Europe is leading this revolution, the U.S. has no similar regulation on the table. But the seismic shift underway overseas should be a message to the U.S. banking sector: It can either move ahead early on this digital transformation, or domestic banks will simply get caught up in it.
Even though they do not face the immediate prospect of regulation requiring an open-banking policy, American banks should act as if they do, and voluntarily open up their customer data to third parties using secure application programming interfaces. If they don’t, they risk getting left in the dust by global competitors.
Just the anticipation of impending competition from PSD2 is already changing the way banks act in Europe. Institutions have begun to cross-sell products created by others, not just themselves. For example, Deutsche Bank has partnered with Deposit Solutions, a firm based in Hamburg, to offer customers a way to shop around different jurisdictions for higher interest rates. HSBC teamed up with the digital bank Monzo to allow account holders to efficiently settle dinner bills at restaurants in France and Spain.
But that is just the beginning of the transformation.
Banks that are more willing to quickly embrace open banking may get a leg up with the giant tech companies, and ultimately, position themselves as leaders in the new financial world.
Consider Facebook, for example. Already, the company has built a huge social graph connecting businesses and customers as well as people to people. What if Facebook could allow one-click shopping right on its site, much like Amazon does on its website? With bank APIs, Facebook could add that building block to its service. Imagine: Facebook Marketplace powered by JPMorgan Chase.
True, Facebook is based in the U.S.; however, the social network is a global company that serves the world. Facebook will not wait around for American banks to open up their APIs to build this marketplace; the company will move fast. This macro example is repeatable across any size tech company and any size bank that is willing to work with them to innovate.
Some financial institutions, such as Citigroup in the United States and Fidor in Europe, are already using their APIs to open up their data to an ecosystem of customers, third-party developers and other partners. But many banks are still entrenched in their traditional operating models. And, ironically, even banks that are trying to keep their data close to their proverbial vests are likely not protecting it as well as they think. For years, fintechs have been using a practice called screen scraping to gain access to banks’ screen display data and make use of it in their own applications. But open banking is the ultimate “if you can’t beat 'em, join 'em.” Banks should open up their data through sanctioned APIs rather than compel third parties to circumvent their artificial barriers.
Jumping toward the front of the open-banking line is not just a defensive measure. Banks that voluntarily embrace open banking by partnering with third parties can mitigate competition risks and at the same time offer customers a wider and more easily customized set of services. Easy access to third-party products on a plug-and-play basis means banks are no longer required to develop all of them on their own. Instead, they can offer a mix of internal and third-party products that integrate into a seamless experience for the customer, setting themselves up to drive customer loyalty.
For now, PSD2 is simply a milestone. In time, the directive will become the new normal.