Given the likelihood that banks will opt for a dedicated PSD2 interface and the fact that there are around 5,000 competing financial institutions in the euro zone, it is clear that a certain level of standardisation and harmonisation will be necessary. This becomes even clearer when we consider that the aim, in line with the regulations, is to facilitate the development of new financial services in a digital economy, services based on access to account information.
Some standardisation initiatives have been driven by the banking industry and are currently being evaluated with the knowledge of EU legislators. The European Central Bank, based on the report of the European Retail Payments Board (ERPB), “Final Report of the ERPB Working Group on Payment Initiation Services”(Nov.2017), also concluded that it was appropriate to evaluate the most relevant initiatives in order to define a market standard. As a follow-up to this decision, the creation of an evaluation group within the European Payments Council (EPC) was encouraged. The EPC is a non-public organisation that represents the banking industry and to which most national banking associations belong. It is made up of representatives from the various interest groups, such as payment service users, banks, TPPs, fintech companies, technology providers and the European Banking Authority (EBA). This new evaluation group is looking at certain sectoral initiatives with a view to selecting those that could be considered “market-driven initiatives” or, in other words, de facto standards..
These initiatives tend to differ in three key areas (The Paypers , July 2017 - “Open Banking and APIs – a new era of innovation in banking”):
1. Scope of "openness": ranging from PSD2 compliance only, to enabling banks and TPPs to take advantage of the business opportunities presented by new business models;
2. Scope of "standardisation": ranging from purely technical and functional requirements, to a full set of operational and governance rules for operating XS2A transactions at scale;
3. Scope of “collaborative endorsement”: ranging from individual bank-driven efforts, to initiatives that are backed by different interest groups on a national, regional or pan-European level.
With a few exceptions, these initiatives can be adopted and implemented by any bank in the euro zone. The following are considered the most important and are therefore the ones being evaluated:
- Berlin Group NextGenPSD2: This initiative is led by nearly 40 institutions, banks, banking associations, card issuers and payment processors. Its aim is to build a set of APIs that facilitate the relationship between TPPs and banks in a secure and efficient way. It provides the mandatory functions as well as some optional ones. It does not include implementation or testing environment services.
- Latest version 1.0.0 (8 February 2018)
- URL: https://www.berlingroup.org/nextgenpsd2-downloads
- Open Banking UK (OBUK): Driven by the Competition & Markets Authority (CMA) and sponsored by the country's nine major banks (Barclays plc, Lloyds Banking Group plc, Santander, Danske, HSBC, RBS, Bank of Ireland, Nationwide and AIBG), this initiative has a strong commitment to promoting innovation and competition in financial services in the UK. It has contributed to this by delivering application programming interfaces (APIs), data structures and security mechanisms for customers to share their financial data easily and securely. Available since 13 January 2018, new functionalities are expected in the future. It also provides an API for conflict management, a list of authorised TPPs, and centralised sandbox capabilities.
- Latest version: 2.0.0 (2 March 2018)
- URL: https://www.openbanking.org.uk/standards/
- Stet PSD2: This initiative was launched by the main French clearing house, STET, and is supported by contributions from the country’s largest banks: BNP Paribas, Groupe BPCE, Groupe Crédit Agricole, Banque Fédérative du Crédit Mutuel, CIC, Banque Postale, Société Générale, Caisse des Dépôts et Consignations, Crédit Mutuel, ARKEA, HSBC France and OCBF. These institutions will not be forced to implement the solution. It is working towards convergence with the Berlin Group NextGenPSD2 initiative to build a pan-European standard. The initiative focuses on the requirements of the standard and does not provide a testing environment or implementation services.
- Latest version: 1.3.0 (10 April 2018)
- URL: https://www.stet.eu/en/psd2/
- Polish Bank Association (ZBP): Spearheaded by the Polish banking federation with participation from the country's commercial banks and TPP organisations, the aim of this initiative is to reduce the costs of implementing the standard. It is working in parallel with the Berlin Group initiative to establish common guidelines. The initiative focuses on the requirements of PSD2 and its Regulation Technical Standards (RTS).
- Latest version: 1.0.0 (17 April 2018)
- URL. https://polishapi.org/en/#docs
- Slovak Banking Association (SBA): This is the Slovak Banking Association’s standardisation initiative for implementing the PSD2 guidelines. It addresses the requirements of PSD2 and its RTS and focuses on data security.
- Latest version:1.0.0 (27 November 2017)
- URL: http://www.sbaonline.sk/sk/projekty/slovakbanking-api-standard/
You can find a more detailed comparison of these five initiatives in the ERPB report "Final Report of the ERPB Working Group on Payment Initiation Services" mentioned above.
According to the EPC’s calendar, the final evaluation will be made public at the end of June 2018. The EU authorities are in favour of financial institutions implementing pan-European standards rather than individual initiatives, to support the development of cross-border market solutions.
Beyond the EPC’s evaluation, other significant initiatives that have emerged from the payment service providers are:
Given the deadlines, if they have not already started, the banks cannot delay the start of work much longer. Before deciding which interface they are going to release to the market, it would be worth their while reflecting on what their digital strategy is going to be, whether to opt for a purely regulatory approach (PSD2) or for open banking to share customer data and be an active player in the resulting business. In other words, whether to consider open banking as a threat or an opportunity. In other words, whether to consider open banking as a threat or an opportunity. .
As a result, some banks are developing in-house API factories, the most relevant being BBVA and Nordea Bank with their API Markets. These factories include the technology to publish their APIs as well as the processes to be used by TPPs, including security, anti-fraud controls and invoicing. The consulting firm Accenture stated in a recent post, “Canada, be open about open banking”, that “7% of bank revenues are expected to come from open banking activities by 2020”.
After the strategic decision, choosing, developing and implementing the interface and its documentation, as well as the test environment, are the most pressing tasks required to deliver full PSD2 compliance, especially if the aim is to avoid the costs of implementing a fallback system. Xeridia is also working to help financial institutions address the exciting challenges that these regulatory changes present.
Lucia Caballo is a Functional Analyst at Xeridia.