Mon, 13 Jan 2020
4 months have passed since PSD2 ran into force. 4 months since APIs supposed to open up the market. What is the status now? How has the market evolved? Belfius was from the very beginning a big defender of APIs as an answer for secure data transmission in an Open Banking context.
We spoke to Arnaud Deputz, Director Retail Segment — Product Management Payments and Credits of Belfius and made an evaluation.
Part XVII of The Open Banking Interviews (see part XV, with Nathalie Knops, Head of Business Transformation at BIL).
In my point of view, the marked responded differently than I expected. In Belgium, we have done large investments to launch AIS and PIS on time and to put this into production together with KBC. From this point of view, it is clear that PSD2 led to accentuate the evolution of the banker’s mindset towards more openings on the outside world.
Besides that, there is not a lot going on right now in the market. I expected this to be different. It is always stated that you overestimate in the short term and you underestimate in the long term.
In the end, I expected this to be a competitive offering from the beginning, and that’s not yet the case. It’s moving slowly in the market, despite the opportunities PSD2 can bring.
In the end, we did not. The scope of PSD is quite broad, and there are a couple of functionalities that do not build on API’s but on screen scraping. Our goal is to in the end have those functionalities in full API.
It’s only some types of transactions, but in general, I think what is mostly playing here is the link between PSD2 and security, which is a whole other story with reverse engineering. The security of our clients’ data is the most important and then especially the password. That’s the reason for the API.
The importance of new functionalities and the added value for the customer cannot be associated with a threat for security, you cannot compromise on security. With the choice of some banks for reverse engineering, there is both the security aspect and the commercial aspect. As for Belfius, we will have no concessions whatsoever on the security for our clients.
Think about the message you as a bank give to clients: on the one hand, customers are not allowed to share personal data, on the other hand via reverse engineering we are asked to share that personal data. How will you give a clear message about such contradictories to your client?
For us, reverse engineering is out of scope of PSD2. If you build your functionalities via APIs, security is well guaranteed. The debate on reverse engineering goes further than the one for PSD2.
Let’s compare with mobile payments: the evolution from paying with a card to contactless payment, and then mobile payments, you see an evolution. As for PSD2, we also leap ahead. It’s not a success yet, in my opinion, mainly because the market is not ready. I’m also not convinced that the client is fully aware of the purpose of PSD2, its use cases and the benefits that they bring. The day will come that we will have an experience where we can benefit from all that is out there. We are in a learning curve.
It’s up to banks and Fintechs to develop the new features that will allow them to really take advantage of the opportunities offered by PSD2 in order to convince a majority of customers to benefit from them.
For me, this depends on whether the bank is a producer or a distributor; these are the two elements of exposing and consuming financial products. We need to evolve to a customer journey that gives added value, for instance, mortgages need to evolve to a “home package”.
With the API strategy, you can choose to build on your core or not, and that’s the question that we should ask ourselves: where do you want to go? And what is, in the end, your added value for the end customer? You can look at the competition and feel you need to offer similar functionalities. Another approach is to focus on your core business and strengths. And that’s what Belfius needs to build on. Continue to build on what core is for the bank.
We used to develop ecosystems, and what we learned is: building partnerships is hard. All parties see the trade-off: if the client comes to you, he doesn’t come to me. So, distribution, in my opinion, is how API banking can help the customer in his journey with products of services that are part of the bank’s core business.
On the other hand, we have the role of a producer, where we expose our products on other platforms. This is less obvious: it is possible to bring something to the market as a producer, but to do what? Stimulating diversification of the offers of our company or perhaps certain elements of the company?
With PSD2, you can bring risk-as-a-service for example. A bank is strictly regulated, and it has a good eye on your customers and their risks. Why not exposing this expertise to third parties? You can then become an expert in risk-as-a-service.
In my point of view, it’s a matter of where you want to go and deciding in which functionalities you want to invest and in which you will not. You need to learn and to see what is possible in the future. You need to build something with a vision, that is not only for your own clients.
Being a distributor is not that complicated, it’s a matter of choice. The part of being a producer is completely different because you need to build up case by case for companies that are interested in all clients, not only your own clients. When positioning ourselves towards others, of course, we need to have the philosophy: it’s for all their clients, not only for a part of their clients. That’s the difference.
The customer experience will evolve: the way clients communicate with their bank will happen in another way than today. That’s the journey to everywhere banking: the idea that you as a client communicate with your client solely for banking, but that banking is so intertwined in certain activities that you are no longer aware of the fact that you are communicating with a bank.
In my opinion, it’s the evolution of the business model. And it’s also the debate about “buy” versus “build”: is to see what does my customer want, where are we heading to, what is important?
Take any customer journey and look at what should be optimal for the customer. From all elements needed, some can be used via APIs, some building blocks need to be added. The missing building blocks can either to built by ourselves, or we can create a partnership, or we can build a new API, … and that is the evolution that I see.
It’s a new reflex that banks need to make: to start thinking in another way on banking to remain relevant. The principle of being a distributor or a producer needs to be kept in mind. Finally, it is not so much the technologies that are the problem, but rather the mentalities that must evolve in a sector known for a certain conservatism.
If our client prefers to consume banking products through an external platform or fintech, and this platform or fintech works with banks in the producer role, we risk losing the client. That was initially also the discussion concerning PSD2: to always be on the main screen of the client.
Back then, the idea was to make sure that if the client is thinking about banking that he’s thinking about Belfius. Today, it goes further: when the clients think about home, he’s should be thinking about Belfius. That is a serious challenge.
If some platforms become key for all activities related to the concept of “home”, and there is another bank that is integrated with those platforms, then you can ask the question on what stays with Belfius.
There are 2 discussions: PSD2 and beyond PSD2. For PSD2, if everyone works with APIs, there is no problem with security. The debate of data goes beyond PSD2: the customer needs to understand what will happen with his data. Think about reverse engineering: is the client aware that he gives his password to a third party, moreover a third party he does not know?
You click on “I agree and accept”, but there are 30 pages that you agree upon and accept, and that is for a good reason. The danger is that the client is not aware of the consequences. In the end, it is the client who decides, that we very well need to understand.
PSD2 announces the trend that will put the customer back in charge of his own data. It’s the customer who tomorrow will choose what they want to do with their data and with whom to share it. However, it is up to us to make sure that our clients are well aware of what this entails without needing a law degree.
The first thing that needs to be tackled here is security. There is more and more competition in favour of the consumer — and we get better insights into the customer, we can make better offers. And if this is secure, why not?
For me, PSD2, open banking, ecosystems, … were an eyeopener. We can investigate new functionalities, new technologies it will be interesting to see how they all come together in the future. But again, the building blocks are security, better use cases for the customer, and being relevant as a brand.
We need to realize that everyone is more or less doing the same thing today. In that sense, I think that Open Banking will enable more differentiation between experiences and it’s our job to be the best in class.
This story is part of a series of interviews with executives of the financial services industry.
The complete list of Open Banking Interviews can be found here.
Make sure you follow The Banking Scene on LinkedIn, and subscribe to our newsletter for the latest news.