2018 heralds the dawn of a new era for banks. The PSD2 (revised Payment Service Directive) is a directive that was born on the 12th of January 2016 when the European Commission decided to fill the gaps left under PSD1. This European directive became national law in the EU member states on 13 January 2018. It enables non-financial institutions to officially become part of the payment service market by offering innovating services and having access to customer banking data. Welcome to the new model: “Open Banking”.
The story so far?
Since 13 January 2018, a breach has opened in the payment services market. Clients’ payment account information can now be accessed by third-party providers (TPPs), a new term born in the PSD2 context referring to a certain type of Payment Institutions that provide a limited scope of payment services. More precisely, TPPs refer to Account Information Service Providers (AISPs) and Payment Initiation Services Providers (PISPs), the two roles introduced by the directive. Although TPPs were doing business long before the enforcement of PSD2, they were operating under legal obscurity. TPPs must now operate under a legally binding framework, finally legitimating their services.
PSD2 has a big impact upon traditional banking players. Account Servicing Payment Service Providers (ASPSPs) also commonly known as banks, are obligated to grant access to their customer payment accounts to any TPP that has preliminarily obtained authorisation from the competent regulatory authorities. Access to payment account information is obtained via dedicated Application Programming Interfaces (APIs), the technical specifications of which have been drawn up by the European Banking Authority (EBA). These changes may well disrupt the banking industry and be a substantial threat for banks. Newly accessible data could be exploited to introduce customers to more innovative services than banks can offer today.
What PSD2 is for?
Digital banking has become a daily habit for consumers. Customers’ needs are moving, mainly steered by technological innovations. Indeed, over the last few years the new generation (The Millennials) have become key Banking customers. Accustomed to user friendly digital services through their mobile phone or laptop, Millennials are mainly responsible for the changes that operate across industries. These services are mainly provided by digital giants such as US-based GAFA (Google, Amazon, Facebook, Apple) or China-based BATX (Baidu, Alibaba, Tencent, Xiaomi). The banking industry has been following that trend for years, with Fintechs landing on the market and proposing innovative financial services.
However, rapid innovations in the digital Banking industry were outpacing regulatory measures that were not sufficiently protecting end users against security risks inducted by the fast-growing fintech industry. As an example, 81% of French consumers said to be concerned about their financial and banking information. Therefore, it was the regulator’s duty to react and compensate for the lack of consumer protection. Limiting fraud while promoting innovation are the real issues being faced by PSD2.
Should banks feel threatened by Open Banking?
“Banking is necessary, banks are not” as stated by Bill Gates in 1994. Faced with this new challenge, banks as we know them must radically adapt their strategies to their changing environment. Failure to properly grasp and adequately respond to the impact of Open Banking could have serious consequences for their sustainability in the longer term.
Banks have been coping with the Fintech intrusion for nearly a decade. Open Banking gives banks a new challenge regarding Fintechs presence: now Fintechs will be regulated and legally protected, they surely will become more valuable. If they want to keep the interest of their customers, banks must adapt their strategies. And this is what they are currently doing. According to a PWC study, banks are already working along with Fintechs to create a ground-breaking industry, and most of them will build partnerships in the next 5 years and will strengthen their innovation strategies.
Unfortunately, Open Baking is likely to give birth to more critical threats soon. Leading tech companies have started to set foot in the banking industry since early 2017. In eastern Asia, WeChat Pay (Tencent Group) already counts more than 200 million users. Bearing in mind that Tencent Group is ranked world’s fifth market capitalisation gives a better understanding of the threat. For now, American GAFA and Asian BATX are not yet a danger for banks. But Open Banking will be a boon for these giants to conquer the market and grow even bigger.
How will be the Banking industry in the coming months?
The fight between Banks and Big Techs will certainly not happen without the Fintechs. The Bank / FinTech alliance seems to be the current strategy chosen by the banks to ensure they remain in the banking industry as a key player. However, banks can still rely on a major asset in their adversity with the Big Techs: the trust of their customers. And this trust is needed in a market where the consumer feels fragile.
Although banks still hold the most important asset in the Banking industry, things could change with the upcoming General Data Protection Regulation (GDPR). Indeed, GDPR will complement PSD2 on the banking market. This regulation will support consumer protection by securing their data. Where PSD2 offers an Open Data source, GDPR will ensure that the customer data is protected. Then what will happen when GDPR regulation comes into force on May 25th, 2018? How will banks face this new challenge? Will customers feel more comfortable sharing their data?
Follow Aurexia blog to stay informed!
 RSA statistics, 2018
 PWC, Global FinTech Report 2017
 Forbes, 2018