Banking, which is a heavily regulated industry, is changing partly due to regulations and also due to new players and tech-led experiences they are bringing to the customers. Among these regulations, one such regulation has the potential to change banking forever: Open Banking. Using Open Banking, the financial institutions can securely provide other FIs and TPPS with seamless access to and communication with customer data through open Application Program Interfaces or APIs, but how did open banking come into existence?
In late 2015, the European Parliament passed the revised Payment Services Directive 2 (PSD2), which brought clear guidelines and national laws to the EU countries which mandate banks – based on customer consent – comply with the demand for their APIs/customer data by licensed third-party players (TPPs) followed by an announcement by the CMA that made it mandatory for the nine largest UK banks to implement recommendations developed by the UK government-appointed Open Banking Working Group (OBWG) to open up their APIs for licensed third-party providers, thus implementing open banking by early 2018. Following Europe and the UK, other countries such as New Zealand, Australia, Brazil, Japan, Singapore, Korea, and the USA have started implementing Open Banking in their respective countries.
The objective of such mandates was for fostering innovation, increasing the competition to level the playing field in the financial services market, thus bringing enhanced value to customers in terms of the services they get. The mandates also ensured that third-party players (TPPs) get access to customers' online payment services and account information through APIs. In the below segment, we look at the functionality and the scope of the APIs which various banks provide in Europe.
In Europe, we studied 31 banks to analyze their API capabilities using Innopay’s API functional scope based on the four core capabilities, i.e., API Catalogue, API Documentation, Developer Usability, and Developer Community. The analysis shows that only 10 banks, i.e., Citi, Starling Bank, bunq, ERSTE Group, Santander, Piraeus Bank, BBVA, DNB, National Bank of Greece, and OP Financial Group, have rich API functional scope. In contrast, the rest of the banks studied have a limited API functional scope.
We also looked at the banks to understand the number of APIs they launched and their presence in European markets. Among the banks studied, Türkiye İş Bankası has launched the highest number of APIs in the continent (17). A few of the data points that the APIs give access to are campaigns, payment plans, repayment schedules, loans, credit scores, customer accounts, customers, etc. This is followed by ERSTE Group and DNB, which have launched 11 APIs in their respective markets; BBVA, HSBC, Lloyds Bank, and Barclays have launched 9 APIs each.
The potential of open APIs in banking is too significant to be ignored. These APIs create opportunities for players across the financial ecosystem to create unique and new customer experiences, ultimately benefiting the customer.
To learn about Prove’s identity solutions and how to accelerate revenue while mitigating fraud, schedule a demo today.
Keep reading
Discover how injection attacks allow fraudsters to bypass identity verification by injecting malicious data, highlighting the critical threat of these sophisticated attacks on digital security flows. Learn to identify and defend against these evolving methods that hijack trust and compromise user accounts.
Learn how to design a seamless user onboarding experience with best practices and real-world examples.
New legislation is being proposed to use online age verification, requiring websites with adult content to implement "commercially reasonable" methods to verify user ages, signaling a significant shift in digital access and content regulation.
