Gearing up to an era of Open Banking

This is just a beginning of an era where retail banking business models will be turned up-side down and banks will have to be up in their sleeves to respond to Open banking (UK, HK)/ PSD2 (EU) like changes at a pace never before. On one hand banks will have to respond to these changes swiftly and also manage cost pressure/shareholder expectations on the other hand to survive. Business models will evolve and there will not be single solution for all banks given the differences in terms of markets they operate in, diverse customer base, product offerings, IT architecture and most importantly the mindset of the staff/management to embrace these changes with an open mind . I have tried to articulate my thoughts on these latest trends based on my experience in recent past and also referring to some of the research articles. It will be great if you leave a comment or share your thoughts on this write-up.

Backdrop

The advent of Open Banking and PSD2 have certainly opened new avenues for FinTech companies who were vying for a level playing field for some time now. The very fact that FinTechs don’t carry the legacy technology baggage, they are poised to give the experience and services that customers are expecting these days. However, this premium experience will come at a cost to the customer as FinTech doesn’t operate on traditional banking model based on the interest rate spread and fee income.

If we look at this scenario from the banks perspective, so far banking industry have been moving forward with API-fication with a little cynicism or let’s just say with an intention of complying with the regulation. Most banks are worried about the challenger FinTechs taking the customers away from them and losing control of the customer’s data which wasn’t challenged for decades. CIOs of most of the big banks are worrying about the security risk involved in open APIs and the inherent reputation risk that comes along. Performance challenges posed by legacy systems is another headache that needs a strategic solution. To sum up, it’s a high cost of compliance leading to loss of revenue. What makes the situation further challenging is tech giants like Google, Apple, Facebook and Amazon (GAFA) eying a share of banking business. It is limited to Cards and Payment Wallets for now which are in line with their aspiration to expand their eco system. Then the series of questions arise like…Is it all over for traditional banks? Are regulators conspiring to end supremacy of banks in the retail banking world? Will banks become just a tunnel to route transactions from one end to the other? And many more. There are different views on this subject and these can be either termed as valid or otherwise depending on many factors. Perhaps, this my attempt to highlight two areas critical specifically from traditional banks’ point of view.

Mindset: Compliance vs tapping new revenue streams

As mentioned before, most banks are approaching Open banking/ PSD2 as one more regulation that they need to comply with. Open Banking and PSD2 are changing some of the ground rules. Fundamental shift being banks controlling Customer’s data to Customer choosing to share their own data stored on bank’s servers. This is giving nightmare to most banks as the gold mine of data which gave banks an edge over the start-ups is taken away. This also means that banks are bearing all of the cost and pain of storing this huge quantum of data for years and customers might just force them to share it with 3rd party with a click of a button.

Banks need to look at this as an opportunity to develop new products & services, retain its market share and finally build new revenue streams as part of evolving new market or should we call it a eMarket for banking products. Let’s first consider the customer segment who will go for the 3rd party services. One of the surveys in UK reflects high penetration (approx. 90%) of smart phones and around 45% population in the age group of 18-55 years using mobile banking app for their daily transactions. These are the customers with potential of higher revenue per account for banks. Now, banks have options to 1. Be a tunnel for transactions and customer data which means 3rd parties will design or bundle the products from multiple financial product entities and distribute, 2. Banks design, personalise and bundle the products as well from other competitors for 3rd party to distribute their own proprietary platform , 3. Banks develop a complete end to end eco system to offer specialised products of its own along with competitors to give the best personalised, competitive products and act as a distributor too. While 3rd option is highly desirable, it will be costly, time consuming and little heavy on infrastructure side. The very fact that there will be an early mover advantage, if banks take a pragmatic view of moving to 1st option in short term (basically complying with the regulation) and then move on to 2nd option medium to longer term. This will mean becoming more customer centric with personalised/ bundled product offering. For banks, it will mean lower cost of customer acquisition and opening up of new revenue stream in the form of fee-based services to 3rd parties (FinTechs) or for that matter sharing the profit per account. In shorter term, as banks strive to comply with the regulation, it may be at loss of some income, but steadily they will be compelled to move towards the new business model with different revenue stream like fee-based services or profit-sharing vs interest as a main stream of income. This is on similar lines of partnership between institutions like JP Morgan and Well Fargo with financial services platform provider Intuit for sharing the customer data. The services from banks could span across giving 3rd parties its expert services in the form credit risk assessment, AML checks, FATCA compliance, payment processing services through its gateway or KYC.

There is no one rule for all traditional banks and therefore depending on the size of the brand, business strategy and investment appetite each bank will be required to take an approach which yields higher positive impact on the bottom line.

IT Landscape: Refactoring to become flexible

There are two undeniable facts about most of the incumbent banks. First is, a lot of banks have core banking application running on legacy or combination of legacy systems for multiple products and some new age platforms more so on channels side. Evolution of new market for banking products will require frequent changes at a faster pace to offer features like dynamic pricing, product personalization, etc. This may prove to be a challenge with legacy applications with siloed product/ transaction data. In order to overcome this issue, there should be an objective effort to break-down functions which would be accessed more frequently to be parameterized or culled out as microservice from the legacy. Netflix did set the precedent by moving from monolith to microservices architecture, but the fact to highlight here is that it was multi-year program and banks have more dimensions to consider for such overhauling transformation. Though, microservices architecture reduces the time to production, it comes with certain challenges which need to be addressed right in the beginning of the journey. Consistency in terms of security and connectivity between services developed by different teams is paramount. Complexity in monitoring and management of microservices increases with the number of microservices deployed in production. Microservices strategy should be in line with the business model that a bank decides to adopt from any of the 3 options discussed above.

Second is about banks not being able to use available data effectively for so many years to offer better products and insights to yield higher returns to its customers. In fact, the focus has been to mastering the digital customer journeys for as many products and services as possible.  Data have been siloed per product or by lines of business and consolidated into a warehouse with a significant lag which proved to be of no use in making a real time offer or as an input into decision systems. The new scenario will bring in multitudes of data points that banks have today with sheer increase in sources. At the same time, the third parties will expect a quick retrieval of small chunks of datasets more frequently. Therefore, banks will have to put in place a data strategy which is in line with the increased storage capacity, integrated data across product lines with an ability to retrieve it real time in smaller chunks at a higher frequency. The quality and availability of data will also drive the fees that banks can charge in the new banking world.

Finally, concept of different applications exchanging information is not new. Banks have woken up to the extensive usage of APIs to expose its services. Any organization is split into manageable business units with some overlapping functions. Large multinational banks may end up having a lot of duplicity while developing the APIs. Also, legacy architecture may drive the suitable API model for the organisation which may lead to duplicate efforts if not articulated as a strategy at the organizational level. More over unlike normal development cycle of develop, test, implement and support, there are additional phases of releasing the APIs to shelf, track consumption, make changes as required and take APIs off the shelf. A dedicated product manager role for APIs at organizational level is becoming quite common these days placing higher level of importance and emphasis. Gartner, in one of their reports predicted, that by 2022 highest number of cyberattacks will be on APIs underlining the importance of security.

Performance is another factor which is being discussed and highlighted with number of transactions being projected manifold with the advent of Open Banking. In my view, the channel and points of payment initiation is bound to change. Having said that, instead of unprecedented spike in volumes, it will be a steady increase over a period of time. If banks put in place channel specific strategies and work smartly to distribute the load then even with legacy architecture without significant investment, dealing with realistic increase in volumes is possible. Culling out data into a staging database for non-value transactions and pointing APIs to this staging database will significantly reduce the burden on the core banking applications. This will also give an opportunity to distribute the security risk at multiple stages. Again, there is no single right or wrong solution and a lot will depend on the vision at the leadership level, commitment to become nimble and mindset of the people executing the strategy.