The journey to Open Banking in the UK passed another milestone this week. The Competition and Markets Authority (CMA) in the UK published its “final order” to formally implement the reforms set out in a report from August 2016, with a strict timetable to banks to comply. Many in the industry are seeing some of the measures as a test run for the second Payment Services Directive (PSD2), Europe’s comprehensive new regulation for the payments industry which must be implemented in January next year.
The interesting part of the order from IDC’s perspective is the part about data sharing, which is designed to be compatible with PSD2. By March, the UK’s nine largest banks must have produced reference data in standardized format covering such information as branch and ATM location and product details plus customer eligibility criteria. By January 2018 the banks will also be required to produce transaction data sets. Eventually, service quality indicators must also be published in standardized formats.
The order still leaves a fair amount of latitude for the nine banks to develop the open API standard: it merely instructs them to set up an entity by February 16, plans for which are already well under way.
Nevertheless, we already have a clear picture of the CMA’s vision for retail banking in a digital world. Through a single portal, customers will have all the information they need to choose which financial products will be most suitable for them in financial terms and in terms of customer satisfaction. This should have the effect of driving up customer experience while putting downward pressure on prices, particularly alongside the ongoing effort to encourage people to switch their current account providers.
Combine this info with secure account access and transaction data and payment initiation by 2018, and all the ingredients are there for a powerful personal financial management platform which allows people to conduct their banking activities while also keeping an eye on whenever there is a more suitable product – or rather, in reality, having this done for them by artificial intelligence.
The nine largest banks, RBS, Lloyds, Barclays, HSBC, Santander, Nationwide, Danske, Bank of Ireland and Allied Irish Bank, have already been producing API’s for account aggregation and this has prompted a new breed of account aggregation providers which rely on API’s rather than screen scraping. Two examples are Cleo, which provides PFM services through the channel of Facebook Messenger and SMS, and Money Dashboard, which provides aggregation through a mobile app. Cleo in particular, offers advisory through a chatbot, likely foreshadowing many such services in the UK and Europe in the coming years.
A strategic problem
IDC will be keeping an eye on innovation in this space. Open banking is the theme of our annual financial services forum this year and we are also planning other research on APIs plus a close look at the new class of third party providers that will develop after PSD2 comes into force.
For the banks, the strategic problem is that the very bodies that are in charge of regulating them seem determined to loosen the bonds of loyalty (perhaps better described as “apathy”) between them and their customers. As we have written before, making it easier for customers to switch providers has been a driving force of regulation in the UK since the financial crisis, while PSD2 is moving in a similar direction by making customer data that was previously proprietary to banks available to any firm which spies a competitive opportunity.
The banks must therefore think through what their own position will be in a post-Open Banking, post-PSD2 environment. Staying competitive both on price and customer experience grounds will be a must. But how they decide to approach the third parties that move into the space, how proactive they can afford to be in terms of giving access to their customer base to Fintechs or other service providers, is the more interesting question going forward.
The likes of BBVA are already offering API access to third parties in a number of different areas, while challenger Fidor Bank in Germany is basing its business model around APIs. Inevitably, many banks will be thinking in terms of minimum compliance. We at IDC think this could be dangerous. However, it is likely to remain the case until we see the kind of “killer app” for financial services which, which for all the talk and promising candidates of the last few years, has not yet appeared. The Open Banking initiative and PSD2 may just produce it.