The new rules will protect consumers better when they make payments, promote the development and use of innovative online and mobile payments and make European payment services safer: European Commission Press Release.
The changes have sparked some lively conversation within the industry. The key to understanding the changes are the words “innovative online and mobile payments”. PSD2 is an important trigger for industry collaboration and will create extraordinary opportunities for banks to rethink the services they provide to their customers and to create new business opportunities.
But before we get to that, here’s a quick summary of PSD2’s main changes.
The key change that PSD2 brings is that it requires banks to provide information about their customers’ bank accounts to third parties via Application Programming Interfaces (APIs). Customers can thus grant third-party service providers access to their bank accounts. This change has three major implications.
First, access to bank accounts enables Account Information Service Providers (AISPs) to expand their services and provide more functionalities. AISPs are companies that provide, for example, personal finance management or investment advice based on a consumer’s individual spending patterns. Thanks to the APIs, new services that allow the collection of data from different banks can now be built.
Second, PSD2 enables retailers to directly ask consumers for permission to use their bank account information and to draw money from the account whenever a consumer wants to make a payment. In technical terms, the retailers can apply to become Payment Initiation Service Providers (PISPs). And it’s not only retailers that can apply to become PISPs: for example, Internet giants from Amazon to Apple, large restaurant and hospitality companies, and financial software solution providers will also benefit.
Third, PSD2 also calls for stronger authentication processes (such as the use of at least two-factor authentication) when customers are proving their identity online (for example to sign-in to a secure service). Banks are thus in a good position to offer authentication as a service, when reliable authentication is required.
PSD2 comes into play amidst an increasing wave of investment into FinTechs who seek to disrupt the way financial services are provided. The setting between FinTechs and incumbent banks has to date been overwhelmingly dominated by Us vs Them attitudes, where startups brag about disrupting the whole industry and incumbents boast how their industry is different and not there for the taking. PSD2, however, enforces the industry to re-think whether there is a better, more synergistic approach that could be taken to bring added value to both camps.
Banks need to think two strategic directions when deciding on their response to PSD2:
The bare minimum response is to comply and defend; to ensure compliance to PSD2 by offering the mandated APIs and nothing else and keep on maintaining the banks’ existing product and service portfolio, but for one’s own customers only. This defensive approach requires the least amount of changes to the status quo, but also does not create any new business opportunities. It is also an approach that – if defending against disruptive forces proves unsuccessful – will leave the bank with a too high operational cost base to stay competitive in the long term. Hence, we urge banks to take a different stance.
Banks can also choose to use PSD2 as a stepping stone towards a platform business model. Platform business models used by highly successful digital giants and startups such as Apple, Google, and Uber to mention a few are built around leveraging third-party innovations by offering third parties APIs to a business and technology platform and a surrounding business ecosystem. This highly scalable – and profitable – business model will unquestionably come to disrupt banking, as well, as it has already done to high tech (Apple), media (Google, Facebook) and transportation (Uber) among others.
Using PSD2 as a stepping stone towards a platform business model would mean banks focusing on opening the API set mandated by PSD2 but combining that with significantly stronger 3rd party developer support that is required by the directive. Driving cost efficient development through well designed and documented APIs, striving for standards in defining them, offering developer tools and support services – all key elements of a successful platform strategy.
By taking this approach to PSD2 enables a bank to start learning valuable lessons about platform business models, start building a partner ecosystem, and help find opportunities to streamline their non-core product offerings by replacing them with 3rd party products.
A full fledged ‘open banking’ platform strategy extends well beyond the API scope of PSD2 and calls for much more radical re-thinking of a bank’s offering portfolio and thus business model and earnings logic. While we don’t believe that many incumbent banks are yet willing to push their strategy this far, we recommend banks to use PSD2 as a controlled catalyst for this change.
Finally, PSD2 also opens banks the opportunity to accelerate into new market space by offering their current (and new) services and products to customers of other banks – to be disruptive FinTech players themselves.
Consider, for example, DNB’s Vipps or Danske Bank’s MobilePay. These peer-to-peer payment apps have garnered the interest of millions of customers in a span of a couple of years. With PSD2, these apps can be easily extended to cover majority of Europe instead of Nordics only. The same approach can be applied to multiple other product and service areas: e.g. mobile and Internet banking interfaces, financial solutions for small companies, and personal finance management to name a few.
As banks will increasingly embrace API and platform strategies – either through further regulative efforts such as PSD2 or by proactively developing towards a ‘open banking’ platform business – the opportunity to create more sophisticated products and services for other banks’ customers will grow exponentially.
For many years now, the focus of digital disruption has been on media and technology. Today however, many see the financial industry as the next sector to face change. PSD2 will undoubtedly accelerate innovation in the field of financial technology and billions of euros of venture capital has already flowed into FinTech.
Instead of dismissing FinTech startups as competition (and basically repeating the same mistakes that Telco operators made in the early 2000’s), banks should strengthen their core offering while keeping a watchful eye on the market and seeking to partner with the most promising companies to improve their own products and services and to coin new ones. Partnering is also a means to reduce your own R&D costs.
Combining the reliability and stability of banks with the raw, innovative power of startups can significantly benefit customers. New innovations will translate to enhanced customer relationships, where customers can enjoy a larger portfolio of services that smoothly share information with each other.
As we have seen, PSD2 is a great chance, ripe for picking. It’s a fantastic opportunity to construct new products, services and even business models. As customers we get to enjoy a more open, digital finance landscape, where the current divide between banks and startups will disappear. In order to translate this changing landscape into new revenue, you should approach PSD2 with open arms – not just by complying to regulation. Let’s approach the changes with the spirit of cooperation and make 1+1 equal more than 2.