Banks operating on legacy architecture will find it increasingly difficult to compete in an API-driven business environment, says Hans Tesselaar, executive director at BIAN.

There are three key acronyms that have topped the agenda in banking technology discussions in recent years – APIs, PSD2 (Payment Services Directive II) and DLT (Distributed Ledger Technology). Although DLT is challenging these other concepts for media interest, the technology is still in its infancy and not yet powerful or cost-effective enough to justify its implementation within mainstream banking – particularly as a replacement for the core banking systems currently in place. With that in mind, I don’t expect to see major headlines here until significant developments arise.

APIs and PSD2 however, will continue to dominate the banking agenda this year and beyond. The key difference with these topics, which both play into the open banking agenda, is that they enable banks to innovate with the systems they already have in place. Under PSD2, a fundamental piece of payments-related legislation in Europe, digital disruption will accelerate and contribute to the re-shaping of the retail banking industry across the region. Through this initiative, we are already seeing the start of more a more competitive, collaborative and innovative banking industry.

The two key motives behind PSD2 are increased competition and therefore greater customer choice. These objectives will be achieved by facilitating market entry for regulated non-bank players and driving increased transparency and customer protection. This new ‘sharing’ culture will be underpinned by open APIs, which are compliant with the SWIFT ISO20022 open banking standardisation approach. This is recognised and compatible with banks universally and will facilitate these institutions to open up their payment services to third party payment service providers.

When one door closes, many more open

The requirement to open up data to third parties is one of the most hotly discussed elements of the PSD2 regulation, and a worrying concept for many banks, who fear the competition from flexible, tech-savvy challengers.

This development will of course increase competition as intended, but it will also present significant opportunities for banks to grow new revenue streams, capture customer ownership and progress towards an extended ecosystem. As well as facilitating collaboration with FinTech companies or broader tech organisations, developing and opening APIs will finally give banks the opportunity to adopt cloud-based solutions, enabling them to operate a more streamlined and cost effective model.

It’s become evident that the banking industry will need to build new functionalities not only to comply with the regulatory requirements but also to be able reap the benefits outlined above. APIs are a relatively new concept, and remain mysterious in function to many. There is often a misconception that APIs are just sat dormant behind the scenes waiting for someone to cut a ribbon and declare then ‘open’. The reality however, it is significantly more complicated, tied up with banks’ tangled and archaic systems. This was evidenced through a recent spot survey by BIAN, in which over 60% of respondents expressed concerns that banks will struggle to open up their APIs because of the “current state of banks’ core architecture.”

A time for change

The age-old spaghetti-like systems that banks have been relying on since the dawn of technology are finally putting a spanner in the works when it comes to innovation. Financial institutions are now faced with the costly and expensive next step of untangling their old and inefficient infrastructure in a bid to streamline their core banking processes before they can even think of opening up their systems to newcomers. Then, in order for open banking to work, each API should be designed to sync up with the core architecture. There are more cost-effective ways of reaching the same goals. In many cases the bank puts an API handler between the API World and their “legacy”backend. Sometimes such solutions are referred to as “Service Fabric”. There are some good examples available implemented by BIAN members.

The problem at the moment is that every bank is defining its own set of APIs, thereby hindering connectivity, which sort of defeats the object of PSD2: openness and transparency with data. Only a limited set of participants in the Financial Services Industry are aware of a universally adoptable reference model or taxonomy to lay out clear standard definitions for all the various banking business functions. Without such a model, it’s almost impossible for banks to visualise the different information flows within all the banking capabilities within their model, let alone how these are connected and which should be taken up for API enablement.

When the bank is sufficiently API enabled, the next steps that banks will need to take will be to decide whether to keep these various business capabilities in-house, or simply consume them off the cloud as and when required.

The problem they face right now though, is without clear sight of what they have in play, how can they possibly move ahead? Agreeing on and adopting a global standard and model for APIs will be crucial in taking this innovation forward and allowing banks to realise their full potential.

PSD2 came into effect on January 13th this year and despite forewarning from the Competition and Markets Authority for banks to be ready for open banking, six of the nine largest UK current account providers were not. Five of these asked for an extension on the deadline, with one other missing the cut-off completely. More than anything, it shows that in order for financial bodies to be compliant, they must undergo a significant overhaul. Although this will cost them in both time and money, it will leave them in a much healthier shape than they have ever been.

My hope is that the real shift that we see in 2018 will be one of mind-set, in terms of banks’ approach to innovation. In short, they should be thinking about customers first, then business, then technology. All updates and change must come from market demand.