David is the Chief Thinker at Think Different Group Ltd. He is a FinTech Strategist, Speaker, Scholar & Writer.
David has a rare set of technological & personal skills curated from working in Financial Services from Digital Agency, Client, Systems Integrator, Analyst, Management Consultancy & Research.
Having transformed the digital landscape for a number of banks & insurers, David is now working as strategist & advisory to banks looking to take their Digital Transformation to the next level. Boiling it down, & in his own words, David is just “an eloquent nerd trying to make banks better”.
Legislation is usually brought in to reduce stupidity amongst individuals, or groups exhibiting behaviors that may cause harm.
Take for example the most recent law put in place by the UK government aimed at parents/guardians of children.
To some grumblings in the press, parents/guardians are no longer allowed to smoke cigarettes or eCigarettes in a car with anyone under the age of 18.
Now for me this is legislating against stupidity.
What parent/guardian/grandparent would consider containing a child in a sealed tiny space and slowly poisoning them a sensible thing to do?
Yet when sitting at most traffic lights, this practice can be seen happening.
Because of this, governing bodies have taken steps to protect children from stupidity.
There are many other examples of this. You can’t drink and drive; you can’t drink alcohol in public places to the point of ruckus, and you can’t do a bunch of things that as adults people really should know better than doing.
PSD 2 is no different in terms of its purpose and overall need to exist.
It feeds in to countless attempts by The European Commission to foster innovation and filter banks toward more inclusive ways of working.
PSD, miData and a number of other “carrots” meant to foster innovation have been used with limited success.
Banks have treated all of these as purely compliance driven; tick box exercises, and tend to deliver the bare minimum to meet legislation.
Like naughty children doing their homework on the bus to school know all too well, the bare minimum wont get you anywhere, except for in trouble longer term.
Trust me on that one.
My report cards always read “good but should be trying a lot harder” and I should have.
With regulators and governments now losing patience with banks, we now have the “go to your room” moment; PSD 2.
PSD 2: Purpose and impact
After years of treating regulations as the bar for customer experience, the quality of change happening in banks has become critical.
Billions are being spent on at best, compliantly underwhelming returns.
And PSD 2, being different from previous regulations, holds the potential to create clear ‘Winners’ and ‘Losers’ in the payment services market.
PSD 2 will impact financial institutions already operating within the scope of the Payment Services Directive of 2009, but will also extend to operators of e-commerce marketplaces, gift card and loyalty schemes, bill payment service providers, public communication networks, account access services, mobile wallets and anyone who receives payment by direct debit.
The new directive seeks to extend and clarify some of the provisions of the first directive, whilst fostering payment innovation, particularly in mobile, and harmonizing national interpretations.
Key elements of the directive include opening access across the industry to payment processing services, as well as to the customer accounts held by banks. Did you get that?
Opening access to payment processing and customer accounts?
The legislation recognizes a market demand for payment service providers (PSPs) granting third parties access to their online payment services in a regulated and secure way.
This is Third Party Payment (TPP) service provision in the directive’s terminology.
Also, under the ‘Access to Accounts’ (XS2A) rule, it will force banks to facilitate access via an API to their customer accounts and provide account information to third party apps, if the account holder wishes to do so.
If you work for a bank and read that last two sentences without uttering an expletive, let me just say that this creates new service opportunities for new entrants, those already in the financial services ecosystems and if they choose, for banks themselves too.
It’s clear that this goes way beyond compliance, with groundbreaking potential impact.
“So what?” and then “so what do we do?”
So what? Like the naughty children I described earlier, a lot of European banks are focusing their efforts on why this shouldn’t be allowed to happen.
They have played through the scenarios and impacts, finding a few issues:
1. Banks cannot address these changes as a compliances project:
Making the changes needed, as part of PSD 2 will require banks to do something they are inherently terrible at; working across multiple separated business units.
Only with clearly mandated collaboration across different business models, technology departments and compliance/legal teams will banks come close to addressing their minimum requirements.
This is going to be really tough to get right.
2. PSD 2 has the potential to fully expose the problems that legacy banks have in their technology platforms:
Every bank has had the debate within their technical teams along the lines of:
“Shouldn’t we be investing in an open API architecture and working with external parties to deliver some of this change?”
Those conversations quickly turn to API strategies and controls.
And apart from a few enlightened Europeans banks, the result of the argument is usually “why would we do that? Won’t we lose control?”
After all, control is a very hard thing to give up. Banks need to be properly motivated to make such a leap.
Most banks wouldn’t have any APIs in place unless they had to deliver mobile banking to keep up with everyone else.
Because setting up APIs in legacy banks with legacy core banking systems, legacy architecture and legacy people is no easy feat.
Only the most enlightened banks have been able to progress through their issues to be able to engage in this type of self-actualization.
Now however, they have no choice.
The thing they could never justify, or create a business case for, is to become a mandate.
3. PSD 2 has the potential to expose how sluggish and costly banks change processes are, as well as how low customer experience bars are:
When you compare banks operating costs and controls to other industries making bigger leaps, the differences are shocking.
Because comparing speed to market when your market is like an iceberg isn’t really a fair reflection.
With tech lowering barriers to entry, banks change processes and costs will now be compared to their more agile startup counterparts.
And if you consider that retail banks testing processes alone cost more and are more time consuming than most startup development cycles, the differences will become even more salient.
4. These changes could see banks start to lose control of their customers.
Customer disintermediation, for a long time has been the over hyped doomsday scenario that strikes fear into the hearts of all good boardrooms.
This scenario is on its way. And the protection banks previously took for granted is starting to erode.
Opt-in services are helping customers leapfrog legacy services, and this could be catastrophic for banks’ abilities to talk to customers, cross and upsell to them as well as maintaining relationships with customers.
Opportunities for banks and opportunities for others
Having played through all the scenarios, it seems banks need to take advantage of the opportunities if they are to take a step in the right direction.
Retail banks have significant opportunity to become a TPP themselves, aggregating other banks products into their offerings, leveraging a whole range of external APIs for purposes of development and innovation.
Other benefits include the revenue that could be generated through added value data plays.
Consider this scenario; imagine you’re a large UK aggregator whose brand has been instilled into the psyche of the British public.
You’ve saved them money, and provided simplicity of choice.
Through PSD 2 you could quite easily evolve your offering to the millions registered already via APIs the bank has to expose, aggregating all of their accounts alongside other banks, just through using the API the bank is mandated to give you.
You can give a full view of relevant market opportunities for customers to take advantage of, like savings rates that change at the click of a button, reminders of changing mortgage rates etc.
This kind of financial management tool becomes something truly game changing in the financial space, and should worry retail banks, because with PSD 2 it is highly likely.
Barriers to opportunities for banks
While there are still significant opportunities for banks in this space there are major barriers, although most of them are internal.
I constantly sit in on organizations that are preoccupied with maintaining the status quo.
PSD 2 will demand very different thinking.
Security concerns, ones of control, technology legacy and generally a hope that all this will get overturned in the courts will limit retail banks ability to make change happen in this space.
For Fintech startups this will not be an issue, but an incentive.
Retail banks have lacked foresight, seeing innovation as hard, costly and scary.
PSD 2 has the potential to be the end game for banks that do not distance themselves far from regulation minimums.
Legislation against stupidity works in many cases. It will be interesting to see if the banks get away with this one.