To many, the impending Second Payment Services Directive (PSD2) legislation, going into effect September of 2019, means increased competition and the threat of an upsurge in customer switch rates for banks and financial institutions. Despite the recent hype, there is opportunity for banks to turn this obligation into business opportunities within the corporate space.
PSD2 was adopted by the European Union (EU) in 2007 to provide a foundation for a single market for payments and create safer and more innovative payment services. This brought greater transparency and information to consumers and made payments quicker (next-day) throughout the EU. Lines were drawn between consumers and payment institutions regarding payment liabilities, refund rights, and execution times. The updates coming in March will expand PSD1’s reach and modernize the legislation. New payment types and initiation services, which were previously unregulated, will be brought within the PSD scope to level the playing field among service providers.
PSD2: Key changes from PSD1
- Scope for payments now includes non-European Economic Area (EEA) currencies for intra-EEA payments and payments in to and out of the EEA.
- Shared (SHA) charging must be applied to all payments in the EEA, irrespective of currency.
- Complaint handling must be standardized.
- Regulatory technical standards around strong customer authentication using two independent authentication elements will be required.
- Banks will be obligated to share access to customer account data through open APIs with third-party financial services including payment initiation service providers (PISPs) and account information service providers (AISPs).
Turn compliance into revenue
Banks have typically focused on PSD’s retail customer impact. The focus has been on compliance first, innovation later. Instead of viewing it like that, banks can combine the two to create new revenue streams. This shift in thinking and merging of compliance with innovation gives banks a chance to improve innovation and create solutions that corporate accounts will pay for. Here are some examples of how banks can go beyond compliance and create dynamic solutions for corporate accounts.
- Provide extended APIs with services not covered by PSD2
Retail customers are reluctant to pay for bank services. On the other hand, corporates will and already are paying for bank services. Today, many enterprise systems run in silos. Management of actual cash position, cash, and reconciliation each run on multiple, single bank interfaces. This creates cumbersome, inefficient processes. Relying on intermediaries, such as the Society for Worldwide Interbank Financial Telecommunication (SWIFT) code, becomes increasingly costly when multiple banks are involved. Screen scraping, the current de facto standard for automating and extracting financial data, is riddled with risk due to its unencrypted storage and unauthorized use of customer data, which opens the door to cyber attacks and privacy breaches.
Here, banks have the opportunity to act as a concentrator for transaction data from any of their customer’s banks. This provides a single view of balance and transactions and provides data to back-office applications such as reconciliation. Extending APIs with services not covered by PSD2 to corporate accounts can improve and enhance business processes, reduce intermediary involvement to cut costs, and mitigate financial risk by fostering a secure environment for storing and using customer data.
- Establish a PISP service
A PISP service conducts payment transactions on behalf of a customer from their bank. As stated above, retail customers are reluctant to pay for bank services, which is why third-party providers will be the winners of retail wallets. However, banks can benefit from this model if they become a third-party provider for corporates. By establishing a PISP offering, banks can become the customer’s single payment initiation interface across all their bank relationships in the EEA. The combination of balance data and payment initiation is powerful. Targeted point-of-sale offers and other pooling and sweeping-type services allow banks to capture a slice of the P2P (peer-to-peer) transaction revenue while increasing customer loyalty. While data breaches continue making headlines, consumers remain hypersensitive about who and how their personal data is shared. Many would rather continue doing business with a financial institution they already trust versus risking privacy and security with a new startup. Acting as the gateway to these processes prevents the bank from becoming a passive payment pipe as the P2P lending market heats up.
- Create a marketplace for FinTechs that provide services for corporate accounts
Banks can offer their customers access to greater levels of data and different types of transactions, which are not mandated under PSD2 through extended chargeable APIs. By creating an innovation zone, or API sandbox, financial institutions can onboard FinTechs and technology vendors to develop solutions customized to their needs.
An API sandbox connects banks with FinTechs to rapidly experiment and test minimum viable products that lead to a new and diverse set of digital-native services, adding significant value to the innovative ecosystem. The infrastructure (see Figure 1) enables easy collaboration to help banks turn creative ideas into working prototypes faster, tested earlier, and brought to market rapidly at a reduced development cost, while in parallel, reducing the compliance risks that typically come along with working with FinTechs.
Large banks and financial institutions that traditionally viewed smaller FinTechs as threats are partnering with them to keep up with the pace of technological change. Banks should view this as the next step forward as digital transformation continues to reshape the future of business.