SlideShare a Scribd company logo

Accelerating the Open Banking API Journey

S
Sheriff Shitu

The document discusses the evolution and challenges of open banking APIs, highlighting the need for banks to embrace innovation and customer-centric services amid increasing competition and regulatory pressures. While many banks have developed internal APIs, only a small percentage have fully transitioned to public APIs that offer new revenue streams and customer engagement opportunities. Successful implementation requires a thorough understanding of technology, compliance, and a strategic approach to collaboration with tech companies.

Technology
1 of 7
Downloaded 38 times
1
2
3
4
5
6
7
1 Accelerating the Open Banking API Journey Sheriff Shitu. 25th October 2016. When will “Open” and “Banking” finally play together? Well, not yet, and probably not until the Fintech community and cohorts come to terms with the reality that Banks are not innovation averse (at least not all). And that the shackles limiting their speed and agility are characteristic of any company born at their time, of their size, and entrusted with such responsibilities as protecting assets of other entities. Although Open Banking APIs represent the utopia that Fintechs and the tech industry as a whole have yearned for in a long time, it has always been notoriously touted as the end time for banks. Luckily, many banks have started to figure out how they could play in the new economy that awaits. They have started to realize that it is not so bad for them after all, and while this win-win scenario might be a more viable narrative for Open banking, we need to admit that the Banks need to be supported through the transition. Ubiquitous computing and consumerization of technology have changed many aspects of daily life. From social media customer service engagements to the remote access to room temperature settings prior to hotel check-in, consumer expectation from service delivery is rapidly changing and increasingly demanding. Companies are realizing that losing a customer is as easy as the installation of a new app. On the other hand, customer retention could be as costly as establishing an entirely new business unit just to create additional value to keep customers happy, even though to the customer, a new business unit simply means another software feature update. Inarguably, understanding the needs of customers and continually innovating rapidly to meet these needs is key to survival in today’s business world. Unfortunately, not every industry is prepared for such agility. In a world where almost all banking services are expected to be available without a visit to a bank branch, Banks have responded with sms banking, telephone banking, ATM banking, internet banking, mobile banking, social media banking, video banking, and even bot banking, all in a bid to meet customer demands. However, what happens when customers start to expect banking services to be available from devices, apps and services not
2 within the control of their banks? This introduces a whole new level of complexity surmountable only by deep understanding of Identity and Access management, Service oriented software paradigms, Cloud Computing, and IT security. Add other liabilities of preventing criminal or terror financing, regulatory compliance, and money laundering, then the complexity deepens and transcends the popular convenience vs security dilemma applicable to other industries. Banks have to speedily develop capabilities that are otherwise native to digitally born technology companies. Learnings from the API economy and Co-creation in other industries Opening up data and internal capabilities for third party consumption is no new phenomenon in many industries. In fact, organisations have willingly opened up to enable maximum reach beyond that of their own predefined markets. A train company for example which invests in train frequency and punctuality but does not make its train timetables available to consumer app developers or other third parties limits its potentials. In the same vein, where tickets cannot be purchased or managed from third party apps, the train company also misses out on revenue coming from apps like multi-modal journey planners which could otherwise offer a train ticket in addition to other transportation means to complete a customer’s entire door-to-door journey – a use case which the train company might not have ever considered. Another example is UBER’s application of Google’s Map API to power a business case that had no place in Google’s own roadmap, thereby earning them substantial and unforeseen revenues through the Google Maps Premium service. This seamless interconnectivity between disparate open systems of different companies is often made possible by APIs (Application Programming Interfaces). Once a company decides to open up internal systems via API for 3rd party consumption, two strategic changes occur:  The company establishes presence in a different position on its own supply chain, thereby becoming a business enabler with a B2B function.  Its target market widens with increasing addition of new business and consumer segments Two other strategic actions commonly noticed is a formation of a new unit dedicated to overseeing the business success of the Open API, and Co-creation. In achieving its commercial objectives, the API-offering business is often concerned with the success of its API clients in their respective applications and is therefore more willing to collaborate with them to develop outstanding business propositions and co-create to drive increased usage of the APIs. In the end, it is a win-win for both parties. A common criticism of Open APIs is that companies leave room for more intense competition for their own retail offerings. However, in such cases, the long term co-creation revenue potentials (given APIs are supported with carefully planned commercialisation models) often outweigh the perceived sacrifice. Even in industries where
3 there are genuine concerns of loss of customers to the smaller, more agile, and more customer-focused tech disruptors, open APIs offer incumbents a new revenue source, and a strategic option of inorganic growth through various kinds of alliances, mergers and even takeovers. After all, it is better to disrupt oneself than to be disrupted. The State of Open APIs in Banking In the banking industry, Open APIs are not yet common place. According to a recent research reported by Axway1 , although majority of banks have APIs in place, about 60% of them keep the API’s exclusively for internal use only (Private APIs). These APIs are not offered as a product to make banking services available to third parties and therefore offer no revenue opportunities whatsoever. The APIs connect to Core Banking Systems and act as interfaces for other Banking channels offered directly to the Bank’s predetermined customer segments. However, internal consumption of Private APIs is a first step towards understanding how APIs are best implemented, managed, and most importantly, monetised – a logical prerequisite to the business of Open or Public APIs. A further 20% of banks have gone further to develop a partner ecosystem where a few trusted partners have been invited to develop using the Bank’s APIs. These banks are often spotted hosting hackathons to facilitate engagements with developer communities. Dummy APIs (with anonymised data not connected to live systems) are made available during hackathons for developers and Partners to experiment with. Such events allow Banks to observe how their APIs will be used eventually if and when they become publicly available. Although all APIs made public during hackathons are usually withdrawn immediately after the event ends, this should be lauded as a braver move in the direction of Open APIs. A few Banks have conceived the potentials of Open Banking APIs as capable of surpassing the possible challenges. These Banks have opened up their Banking APIs to power banking and payments capabilities provided by third parties, thereby driving volumes of transactions through use cases championed by these third parties. Specifically, about 20% of Banks with some form of APIs are reported to have reached this final stage of going public with their APIs. Factors driving the adoption of Open Banking APIs As for Banks already exploring with either Partner or Public APIs, here are some driving factors:  Regulatory pressure: In the light of the EU’s PSD2 directive, the UK’s Open Banking Initiative, and other similar regulations already in effect or coming soon to other geographies, Banks cannot afford to sit back and just become a data exchange pipe or payment processing dummy. Some intelligence needs to be 1 https://www.axway.com/sites/default/files/report_files/axway_report_banking_apis_state_of_the_market_report_apidays.pdf
4 built around all capabilities to be consumed by third parties to ensure scalability and profitable monetization; Open APIs offer the best solution, arguably.  Competitive tension: In an industry as competitive as Banking, clearly, inaction is not an option. A mistake of delay could cost a major bank its competitive position. Competitive tension is therefore a major drive for some of the early adopters of Open banking APIs.  Sheer disruption: The Banking industry has recently seen the entry of digital-only players, boasting of more customer-friendly banking services, and looking to disrupt the industry with digital initiatives. Such players are usually adept at Open APIs and often have them as part of their offerings from inception.  Changing user needs: User needs of the digital age are very demanding and the gap between available Banking apps features and these needs are becoming wider. Some banks have found keeping up with customer needs in all use cases possible to be exhausting and are therefore empowering smaller but more agile tech companies with the capabilities required to cater to these use cases. Such empowerment is easily delivered via Open APIs. Challenges of Open Banking APIs If about 80% of Banks are yet to take the leap from Private or Partner APIs to openly available ones, then there are certainly some factors responsible for this inertia. In the customer’s eyes, the supply chain node which matters the most is the one that owns that provides the retail interface with which the customer interacts. In the Open banking world, App owners therefore hold so much power due to their position in the supply chain. They are not mere distributors but creators of continuous value for the customers and this intrinsic ability to learn and swiftly respond to customer needs make them endeared to customers whether or not they hold customer data. This could explain why the banks are resistant to
5 relinquish control of customer interfaces. Yet, unlike Banks, these tech companies catering to various diverse customer use cases have mastered the art of customer development – a term (coined by Steve Blank) which could loosely interpret as the evolution of products in tight accordance with changing user needs. A customer’s desire for an application which solves a particular user need (and which their bank does not support due to unavailable APIs) could easily trigger the switch of banking providers and thus the loss of a Bank customer anyway. It therefore can be argued that supporting these application providers and tech companies via Open APIs will be a more sensible option for the Bank to retain their customers. Business consequently is faced with the challenge of rethinking business models to ensure that such co-creation is as profitable for the bank (if not more) than actually owning the application interfaces designed for customers – this is one part of the puzzle that is yet to be fully deciphered. Worth noting also is the possibility of retaining and developing continuously Banking solutions already offered by the bank via their own digital channels while still offering Open APIs. Besides the business challenges discussed above, there exists technology and compliance challenges also, some of which are highlighted in the next section. Embarking on the Open Banking API journey As every bank has its own area of strength, structure, set of propositions, and technical configuration which forms its identity, implementing Open APIs and optimizing for profitability will not follow the same pattern for all. However, for banks that have taken the lead, here is a commonly identified roadmap: Phase 1 -- SOA overhaul of Legacy Systems: Firstly, Banks need an overhaul of legacy systems to achieve a Service Oriented Architecture (SOA). With the exception of new players, Core Banking Applications are powered by very old systems that have experienced hundreds and thousands of revisions over the years. Managing these core systems is not an easy task for banks. While a very tiny few are able to re-write their entire legacy systems, this is almost impossible at most Banks which have therefore achieved the SOA overhaul by creating an application layer that provides access to legacy capabilities via APIs. Phase 2 -- Scaling while complying: Secondly, opening up APIs for external access of third parties have implications of Privacy, Security, Regulatory compliance and Scalability which technology leadership have to consider delicately. Banks will have to review several thousand use cases brought forward by tech companies; many of which cannot be foreseen by the banks. API management will therefore need to be introduced to ensure that policies can be enforced with a degree of automation that supports scale of service as the bank learns. Phase 3 -- Commercialization of APIs: Finally, for business success, APIs have to be designed in ways to ensure commercialization vis a vis metrics, access policies, tiers and pricing that can be applied per API user.
6 As can be noticed in this roadmap, unlike the first milestone, the last two are usually not just up to a Bank’s Technology leadership to implement, and the non-collaborative custom commonly observed at Banks is partly to blame for the slowness in achieving Open APIs. Phase 2 requires additional skill in API security, Physical/Cloud infrastructure, and Compliance from Data protection, Regulatory and Privacy standpoints which the Banks might not immediately have. Phase 3 on another hand requires a high level of data-driven, agile product development in the Product management of the APIs as commercial products. These are not expertise that are immediately available at the Bank and will need to be developed over time or imported. The complexity of the latter 2 phases could require some level of collaboration with technology companies with Open Banking API or Open Financial Services API management expertise. Such partnership often becomes inevitable when building internally is too complicated and buying is unfeasible given the sensitivity to the Bank’s business and the requirements for ongoing development. Selecting an Open Banking API Partner For banks adopting Open APIs, there is a desire to do so with a clear plan for profitability, rather than merely becoming a pipe for account information transmission or an intermediary engine for payment services execution. However, whilst Banks agree to the need for an Open API Platform partner, finding the right one is challenging; Vendors are reported to be too quick to standardize API management platforms for productising, while many of the popular platforms are simply imported from other industries and do not necessarily meet the niche needs of Banking. Considerations when selecting an Open Banking API Platform:  An ideal platform should allow the Bank to open up banking services in a secure, controlled, flexible, and measurable manner.  The platform should report in fine details transactions initiated through various business/consumer uses of a Bank’s APIs  The platform should allow Banks manage access and access levels of 3rd party products connecting to Open Banking APIs  Security and Compliance teams should be able to set up and assign security and data access policies to connecting apps  Security teams should be able to Map API security profiles to internal security systems  The platform should provide a Sandbox that allows developers test apps against the Bank’s APIs  The bank should be able to define metrics which could inform monetisation as well as facilitate monitoring of API usage and performance
7  The Bank should be able to deploy APIs with a choice of Private or Cloud hosting while keeping data on premise  The platform should make provision for Rate Limiting and API traffic control  The banks should be able to setup pricing tiers and customer tiers  An ideal Banking API platform provider should have experience serving the Banking/Financial Services industry. In conclusion, the achievement of Open Banking APIs is a win-win for the Banks and the Technology industry (Fintech included). Accepting that the innovation starts from within the Banks and offering them the required support will be important for success. There are already clear signs that Open APIs have come to stay and will disrupt the Banking industry, pushing banks to devise new ways to reinforce their competitive positions while accelerating their Open Banking API journeys. Many banks have been said to have milestones set up in the coming months to achieve or at least progress on their Open Banking API roadmap. Although the 20% which have opened up their Banking APIs are still a very small number, their pioneering experiences are undoubtedly under close watch of the entire industry.

More Related Content

PDF
Global CIO Banking Summit - Workshop Cultural Changes to Survive Digital Disr...
Jeremy Brown
 
PPTX
Payments(paa s) – the new mantra and trends
Ramesh Kumar Nanjundaiya
 
PDF
Wall Street Mobile Technologies Conference, Bank's "Uber Moment" and Open Ban...
John Marx
 
PDF
Case Study: Open Banking, APIs and Digital Transformation—the Banco Original ...
CA Technologies
 
PDF
Open bank project api days-presentation-dec2013
Ismail CHAIB
 
PPTX
APIdays Open Banking & Fintech: Workshop - Financial Services Use Cases for APIs
Jeremy Brown
 
PDF
The Human Chain Open Banking - The Future of Payments White Paper V1.1
Brendan Jones
 
PDF
ThoughtWorks: Monetising Open Banking
Thoughtworks
 
Global CIO Banking Summit - Workshop Cultural Changes to Survive Digital Disr...
Jeremy Brown
 
Payments(paa s) – the new mantra and trends
Ramesh Kumar Nanjundaiya
 
Wall Street Mobile Technologies Conference, Bank's "Uber Moment" and Open Ban...
John Marx
 
Case Study: Open Banking, APIs and Digital Transformation—the Banco Original ...
CA Technologies
 
Open bank project api days-presentation-dec2013
Ismail CHAIB
 
APIdays Open Banking & Fintech: Workshop - Financial Services Use Cases for APIs
Jeremy Brown
 
The Human Chain Open Banking - The Future of Payments White Paper V1.1
Brendan Jones
 
ThoughtWorks: Monetising Open Banking
Thoughtworks
 

What's hot (19)

PDF
The API SlideShare for Bankers and Fintech Executives
MX
 
PDF
apidays LIVE Australia 2021 - API Economy in Financial Services by Siddhant A...
apidays
 
PPTX
Banking as a Service - An Overview
Srini Peyyalamitta
 
PPTX
Open banking-Future of Banking
farhan ali
 
PPTX
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
apidays
 
PDF
Global Open Banking Landscape
Biao Hao
 
PDF
Kash aziz sap forum may 11 2016 presentationv3.2
Baraa Arksousi
 
PPTX
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
apidays
 
PPTX
Open Banking APIs with case studies for senior stakeholders
Mimi Ajayi, PMC
 
PDF
API is the New Black for FinTech & Financial Institutions
Elias Gagas
 
PDF
HOW OPEN APIS WILL CHANGE THE FUTURE OF BANKING
figo GmbH
 
PDF
Open banking standards: The future of banks?
Initio
 
PPTX
The Global Influence of Open Banking, API Security, and an Open Data Perspective
Rogue Wave Software
 
PDF
Technology adoption patterns & trends - 2019 and beyond
Swarraj Kulkarni
 
PPTX
Kontomatik FinDEVr Presentation 2015
Kontomatik
 
PDF
APIs as a new Banking Channel
PaymentComponents
 
PDF
PSD2 & Open Banking
senakafdo
 
PDF
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Rogue Wave Software
 
PPTX
Open Banking - The Digital Transformation Opportunity in Disguise
WSO2
 
The API SlideShare for Bankers and Fintech Executives
MX
 
apidays LIVE Australia 2021 - API Economy in Financial Services by Siddhant A...
apidays
 
Banking as a Service - An Overview
Srini Peyyalamitta
 
Open banking-Future of Banking
farhan ali
 
APIdays Singapore 2019 - Introduction to essential elements of Open Banking F...
apidays
 
Global Open Banking Landscape
Biao Hao
 
Kash aziz sap forum may 11 2016 presentationv3.2
Baraa Arksousi
 
APIdays Singapore 2019 - Global Open Banking Frameworks and Standards: Luca F...
apidays
 
Open Banking APIs with case studies for senior stakeholders
Mimi Ajayi, PMC
 
API is the New Black for FinTech & Financial Institutions
Elias Gagas
 
HOW OPEN APIS WILL CHANGE THE FUTURE OF BANKING
figo GmbH
 
Open banking standards: The future of banks?
Initio
 
The Global Influence of Open Banking, API Security, and an Open Data Perspective
Rogue Wave Software
 
Technology adoption patterns & trends - 2019 and beyond
Swarraj Kulkarni
 
Kontomatik FinDEVr Presentation 2015
Kontomatik
 
APIs as a new Banking Channel
PaymentComponents
 
PSD2 & Open Banking
senakafdo
 
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Rogue Wave Software
 
Open Banking - The Digital Transformation Opportunity in Disguise
WSO2
 
Ad

Viewers also liked (13)

PDF
The rise of data - business value and the management imperatives
Sheriff Shitu
 
PPT
A look at our API roadmap
David Haskiya
 
PDF
PMI-ACP Introduction (1PDU)
Frank H. Ritz
 
PPT
Prepare PMI PMI-ACP Exam BrainDumps
BonnieMojica
 
PDF
Enterprise API New Features and Roadmap
Salesforce Developers
 
PDF
WSO2 API Platform: Vision and Roadmap
WSO2
 
PPTX
Take Control of your APIs in a Microservice Architecture
3scale
 
PPTX
The Swagger Format becomes the Open API Specification: Standardizing descript...
3scale
 
PDF
Build and Manage Serverless APIs (APIDays Nordic, May 19th 2016)
3scale
 
PPTX
The Fundamentals of Platform Strategy: Creating Genuine Value with APIs
3scale
 
PDF
Open Bank Project workshop at API Days, Open BankIng and Fintech, London 2015
TESOBE
 
PPTX
A Connector, A Container and an API Walk Into a Bar: The Programmable World
3scale
 
PPT
Agile project management framework
stefanhenry
 
The rise of data - business value and the management imperatives
Sheriff Shitu
 
A look at our API roadmap
David Haskiya
 
PMI-ACP Introduction (1PDU)
Frank H. Ritz
 
Prepare PMI PMI-ACP Exam BrainDumps
BonnieMojica
 
Enterprise API New Features and Roadmap
Salesforce Developers
 
WSO2 API Platform: Vision and Roadmap
WSO2
 
Take Control of your APIs in a Microservice Architecture
3scale
 
The Swagger Format becomes the Open API Specification: Standardizing descript...
3scale
 
Build and Manage Serverless APIs (APIDays Nordic, May 19th 2016)
3scale
 
The Fundamentals of Platform Strategy: Creating Genuine Value with APIs
3scale
 
Open Bank Project workshop at API Days, Open BankIng and Fintech, London 2015
TESOBE
 
A Connector, A Container and an API Walk Into a Bar: The Programmable World
3scale
 
Agile project management framework
stefanhenry
 
Ad

Similar to Accelerating the Open Banking API Journey (20)

PDF
MTBiz January 2018
Mutual Trust Bank Ltd.
 
PDF
Oracle-Financial-Services.pdf
mario boxing
 
PPTX
Shift Money 2019 - Why Open API platforms provide the building blocks for inn...
Shift Conference
 
PDF
The Benefits and Challenges of Open Banking API for Fintech.pdf
Expert App Devs
 
DOCX
Rise of open source digital banking in creating value chain economies
Andrew Koh
 
PPTX
What Are Open Banking APIs
RashidMalik48
 
PDF
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
WSO2
 
PDF
Api testing for open banking operations
Zoe Gilbert
 
PDF
5 key points for Open Banking APIs
PaymentComponents
 
PPTX
2018 April 21st Vienna - Digital banking and mobile payments summit - Open ...
Dennis Van Allemeersch
 
PDF
Chances of open banking
Netcetera
 
PPTX
Unlock Open Banking with Definition-driven API Development
SmartBear
 
PDF
Webinar: Practical use-cases to monetize Open Banking APIs
Torry Harris
 
PDF
The Impact of Open Banking on Banking Software Development
ITIO Innovex
 
PDF
How to Win in the New API Economy
Sachi Sawamura
 
PDF
Open Bank Project API Days API Strat Berlin 2015
TESOBE
 
PDF
Payveris_Whitepaper The Case for API in Retail Banking
Wanda Gorges
 
PDF
Nationwide Building Society: Embracing Open Banking
Apigee | Google Cloud
 
PDF
opustechglobal-com-the-power-of-api-in-banking-.pdf
Opus
 
PDF
Which APIs? which business models - A real-world guide for African banks.
WSO2
 
MTBiz January 2018
Mutual Trust Bank Ltd.
 
Oracle-Financial-Services.pdf
mario boxing
 
Shift Money 2019 - Why Open API platforms provide the building blocks for inn...
Shift Conference
 
The Benefits and Challenges of Open Banking API for Fintech.pdf
Expert App Devs
 
Rise of open source digital banking in creating value chain economies
Andrew Koh
 
What Are Open Banking APIs
RashidMalik48
 
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
WSO2
 
Api testing for open banking operations
Zoe Gilbert
 
5 key points for Open Banking APIs
PaymentComponents
 
2018 April 21st Vienna - Digital banking and mobile payments summit - Open ...
Dennis Van Allemeersch
 
Chances of open banking
Netcetera
 
Unlock Open Banking with Definition-driven API Development
SmartBear
 
Webinar: Practical use-cases to monetize Open Banking APIs
Torry Harris
 
The Impact of Open Banking on Banking Software Development
ITIO Innovex
 
How to Win in the New API Economy
Sachi Sawamura
 
Open Bank Project API Days API Strat Berlin 2015
TESOBE
 
Payveris_Whitepaper The Case for API in Retail Banking
Wanda Gorges
 
Nationwide Building Society: Embracing Open Banking
Apigee | Google Cloud
 
opustechglobal-com-the-power-of-api-in-banking-.pdf
Opus
 
Which APIs? which business models - A real-world guide for African banks.
WSO2
 

Recently uploaded (20)

PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPT
Teaching material agriculture food technology
LiaRayya
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Approach and Philosophy of On baking technology
30anthuong17
 
KodekX | Application Modernization Development
KodekX
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Cloud computing and distributed systems.
kkkkkhan
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Teaching material agriculture food technology
LiaRayya
 

Accelerating the Open Banking API Journey

  • 1. 1 Accelerating the Open Banking API Journey Sheriff Shitu. 25th October 2016. When will “Open” and “Banking” finally play together? Well, not yet, and probably not until the Fintech community and cohorts come to terms with the reality that Banks are not innovation averse (at least not all). And that the shackles limiting their speed and agility are characteristic of any company born at their time, of their size, and entrusted with such responsibilities as protecting assets of other entities. Although Open Banking APIs represent the utopia that Fintechs and the tech industry as a whole have yearned for in a long time, it has always been notoriously touted as the end time for banks. Luckily, many banks have started to figure out how they could play in the new economy that awaits. They have started to realize that it is not so bad for them after all, and while this win-win scenario might be a more viable narrative for Open banking, we need to admit that the Banks need to be supported through the transition. Ubiquitous computing and consumerization of technology have changed many aspects of daily life. From social media customer service engagements to the remote access to room temperature settings prior to hotel check-in, consumer expectation from service delivery is rapidly changing and increasingly demanding. Companies are realizing that losing a customer is as easy as the installation of a new app. On the other hand, customer retention could be as costly as establishing an entirely new business unit just to create additional value to keep customers happy, even though to the customer, a new business unit simply means another software feature update. Inarguably, understanding the needs of customers and continually innovating rapidly to meet these needs is key to survival in today’s business world. Unfortunately, not every industry is prepared for such agility. In a world where almost all banking services are expected to be available without a visit to a bank branch, Banks have responded with sms banking, telephone banking, ATM banking, internet banking, mobile banking, social media banking, video banking, and even bot banking, all in a bid to meet customer demands. However, what happens when customers start to expect banking services to be available from devices, apps and services not
  • 2. 2 within the control of their banks? This introduces a whole new level of complexity surmountable only by deep understanding of Identity and Access management, Service oriented software paradigms, Cloud Computing, and IT security. Add other liabilities of preventing criminal or terror financing, regulatory compliance, and money laundering, then the complexity deepens and transcends the popular convenience vs security dilemma applicable to other industries. Banks have to speedily develop capabilities that are otherwise native to digitally born technology companies. Learnings from the API economy and Co-creation in other industries Opening up data and internal capabilities for third party consumption is no new phenomenon in many industries. In fact, organisations have willingly opened up to enable maximum reach beyond that of their own predefined markets. A train company for example which invests in train frequency and punctuality but does not make its train timetables available to consumer app developers or other third parties limits its potentials. In the same vein, where tickets cannot be purchased or managed from third party apps, the train company also misses out on revenue coming from apps like multi-modal journey planners which could otherwise offer a train ticket in addition to other transportation means to complete a customer’s entire door-to-door journey – a use case which the train company might not have ever considered. Another example is UBER’s application of Google’s Map API to power a business case that had no place in Google’s own roadmap, thereby earning them substantial and unforeseen revenues through the Google Maps Premium service. This seamless interconnectivity between disparate open systems of different companies is often made possible by APIs (Application Programming Interfaces). Once a company decides to open up internal systems via API for 3rd party consumption, two strategic changes occur:  The company establishes presence in a different position on its own supply chain, thereby becoming a business enabler with a B2B function.  Its target market widens with increasing addition of new business and consumer segments Two other strategic actions commonly noticed is a formation of a new unit dedicated to overseeing the business success of the Open API, and Co-creation. In achieving its commercial objectives, the API-offering business is often concerned with the success of its API clients in their respective applications and is therefore more willing to collaborate with them to develop outstanding business propositions and co-create to drive increased usage of the APIs. In the end, it is a win-win for both parties. A common criticism of Open APIs is that companies leave room for more intense competition for their own retail offerings. However, in such cases, the long term co-creation revenue potentials (given APIs are supported with carefully planned commercialisation models) often outweigh the perceived sacrifice. Even in industries where
  • 3. 3 there are genuine concerns of loss of customers to the smaller, more agile, and more customer-focused tech disruptors, open APIs offer incumbents a new revenue source, and a strategic option of inorganic growth through various kinds of alliances, mergers and even takeovers. After all, it is better to disrupt oneself than to be disrupted. The State of Open APIs in Banking In the banking industry, Open APIs are not yet common place. According to a recent research reported by Axway1 , although majority of banks have APIs in place, about 60% of them keep the API’s exclusively for internal use only (Private APIs). These APIs are not offered as a product to make banking services available to third parties and therefore offer no revenue opportunities whatsoever. The APIs connect to Core Banking Systems and act as interfaces for other Banking channels offered directly to the Bank’s predetermined customer segments. However, internal consumption of Private APIs is a first step towards understanding how APIs are best implemented, managed, and most importantly, monetised – a logical prerequisite to the business of Open or Public APIs. A further 20% of banks have gone further to develop a partner ecosystem where a few trusted partners have been invited to develop using the Bank’s APIs. These banks are often spotted hosting hackathons to facilitate engagements with developer communities. Dummy APIs (with anonymised data not connected to live systems) are made available during hackathons for developers and Partners to experiment with. Such events allow Banks to observe how their APIs will be used eventually if and when they become publicly available. Although all APIs made public during hackathons are usually withdrawn immediately after the event ends, this should be lauded as a braver move in the direction of Open APIs. A few Banks have conceived the potentials of Open Banking APIs as capable of surpassing the possible challenges. These Banks have opened up their Banking APIs to power banking and payments capabilities provided by third parties, thereby driving volumes of transactions through use cases championed by these third parties. Specifically, about 20% of Banks with some form of APIs are reported to have reached this final stage of going public with their APIs. Factors driving the adoption of Open Banking APIs As for Banks already exploring with either Partner or Public APIs, here are some driving factors:  Regulatory pressure: In the light of the EU’s PSD2 directive, the UK’s Open Banking Initiative, and other similar regulations already in effect or coming soon to other geographies, Banks cannot afford to sit back and just become a data exchange pipe or payment processing dummy. Some intelligence needs to be 1 https://www.axway.com/sites/default/files/report_files/axway_report_banking_apis_state_of_the_market_report_apidays.pdf
  • 4. 4 built around all capabilities to be consumed by third parties to ensure scalability and profitable monetization; Open APIs offer the best solution, arguably.  Competitive tension: In an industry as competitive as Banking, clearly, inaction is not an option. A mistake of delay could cost a major bank its competitive position. Competitive tension is therefore a major drive for some of the early adopters of Open banking APIs.  Sheer disruption: The Banking industry has recently seen the entry of digital-only players, boasting of more customer-friendly banking services, and looking to disrupt the industry with digital initiatives. Such players are usually adept at Open APIs and often have them as part of their offerings from inception.  Changing user needs: User needs of the digital age are very demanding and the gap between available Banking apps features and these needs are becoming wider. Some banks have found keeping up with customer needs in all use cases possible to be exhausting and are therefore empowering smaller but more agile tech companies with the capabilities required to cater to these use cases. Such empowerment is easily delivered via Open APIs. Challenges of Open Banking APIs If about 80% of Banks are yet to take the leap from Private or Partner APIs to openly available ones, then there are certainly some factors responsible for this inertia. In the customer’s eyes, the supply chain node which matters the most is the one that owns that provides the retail interface with which the customer interacts. In the Open banking world, App owners therefore hold so much power due to their position in the supply chain. They are not mere distributors but creators of continuous value for the customers and this intrinsic ability to learn and swiftly respond to customer needs make them endeared to customers whether or not they hold customer data. This could explain why the banks are resistant to
  • 5. 5 relinquish control of customer interfaces. Yet, unlike Banks, these tech companies catering to various diverse customer use cases have mastered the art of customer development – a term (coined by Steve Blank) which could loosely interpret as the evolution of products in tight accordance with changing user needs. A customer’s desire for an application which solves a particular user need (and which their bank does not support due to unavailable APIs) could easily trigger the switch of banking providers and thus the loss of a Bank customer anyway. It therefore can be argued that supporting these application providers and tech companies via Open APIs will be a more sensible option for the Bank to retain their customers. Business consequently is faced with the challenge of rethinking business models to ensure that such co-creation is as profitable for the bank (if not more) than actually owning the application interfaces designed for customers – this is one part of the puzzle that is yet to be fully deciphered. Worth noting also is the possibility of retaining and developing continuously Banking solutions already offered by the bank via their own digital channels while still offering Open APIs. Besides the business challenges discussed above, there exists technology and compliance challenges also, some of which are highlighted in the next section. Embarking on the Open Banking API journey As every bank has its own area of strength, structure, set of propositions, and technical configuration which forms its identity, implementing Open APIs and optimizing for profitability will not follow the same pattern for all. However, for banks that have taken the lead, here is a commonly identified roadmap: Phase 1 -- SOA overhaul of Legacy Systems: Firstly, Banks need an overhaul of legacy systems to achieve a Service Oriented Architecture (SOA). With the exception of new players, Core Banking Applications are powered by very old systems that have experienced hundreds and thousands of revisions over the years. Managing these core systems is not an easy task for banks. While a very tiny few are able to re-write their entire legacy systems, this is almost impossible at most Banks which have therefore achieved the SOA overhaul by creating an application layer that provides access to legacy capabilities via APIs. Phase 2 -- Scaling while complying: Secondly, opening up APIs for external access of third parties have implications of Privacy, Security, Regulatory compliance and Scalability which technology leadership have to consider delicately. Banks will have to review several thousand use cases brought forward by tech companies; many of which cannot be foreseen by the banks. API management will therefore need to be introduced to ensure that policies can be enforced with a degree of automation that supports scale of service as the bank learns. Phase 3 -- Commercialization of APIs: Finally, for business success, APIs have to be designed in ways to ensure commercialization vis a vis metrics, access policies, tiers and pricing that can be applied per API user.
  • 6. 6 As can be noticed in this roadmap, unlike the first milestone, the last two are usually not just up to a Bank’s Technology leadership to implement, and the non-collaborative custom commonly observed at Banks is partly to blame for the slowness in achieving Open APIs. Phase 2 requires additional skill in API security, Physical/Cloud infrastructure, and Compliance from Data protection, Regulatory and Privacy standpoints which the Banks might not immediately have. Phase 3 on another hand requires a high level of data-driven, agile product development in the Product management of the APIs as commercial products. These are not expertise that are immediately available at the Bank and will need to be developed over time or imported. The complexity of the latter 2 phases could require some level of collaboration with technology companies with Open Banking API or Open Financial Services API management expertise. Such partnership often becomes inevitable when building internally is too complicated and buying is unfeasible given the sensitivity to the Bank’s business and the requirements for ongoing development. Selecting an Open Banking API Partner For banks adopting Open APIs, there is a desire to do so with a clear plan for profitability, rather than merely becoming a pipe for account information transmission or an intermediary engine for payment services execution. However, whilst Banks agree to the need for an Open API Platform partner, finding the right one is challenging; Vendors are reported to be too quick to standardize API management platforms for productising, while many of the popular platforms are simply imported from other industries and do not necessarily meet the niche needs of Banking. Considerations when selecting an Open Banking API Platform:  An ideal platform should allow the Bank to open up banking services in a secure, controlled, flexible, and measurable manner.  The platform should report in fine details transactions initiated through various business/consumer uses of a Bank’s APIs  The platform should allow Banks manage access and access levels of 3rd party products connecting to Open Banking APIs  Security and Compliance teams should be able to set up and assign security and data access policies to connecting apps  Security teams should be able to Map API security profiles to internal security systems  The platform should provide a Sandbox that allows developers test apps against the Bank’s APIs  The bank should be able to define metrics which could inform monetisation as well as facilitate monitoring of API usage and performance
  • 7. 7  The Bank should be able to deploy APIs with a choice of Private or Cloud hosting while keeping data on premise  The platform should make provision for Rate Limiting and API traffic control  The banks should be able to setup pricing tiers and customer tiers  An ideal Banking API platform provider should have experience serving the Banking/Financial Services industry. In conclusion, the achievement of Open Banking APIs is a win-win for the Banks and the Technology industry (Fintech included). Accepting that the innovation starts from within the Banks and offering them the required support will be important for success. There are already clear signs that Open APIs have come to stay and will disrupt the Banking industry, pushing banks to devise new ways to reinforce their competitive positions while accelerating their Open Banking API journeys. Many banks have been said to have milestones set up in the coming months to achieve or at least progress on their Open Banking API roadmap. Although the 20% which have opened up their Banking APIs are still a very small number, their pioneering experiences are undoubtedly under close watch of the entire industry.