During the Global Payments Day 2021 conference, leading FinTech industry experts analyzed global changes in the field of open banking, and also told why it is important for banks to open their API
PSD2 and open banking: what banks need to prepare for today in order to survive tomorrow.
European banks and fintech companies are starting to move towards open banking with their payment solutions. However, as it turned out, not all banks' APIs meet PSD2 requirements. And the European Trade Association demanded to postpone the implementation of the directive norms related to the introduction of stricter rules for authenticating customers when making online payments on various Internet platforms.
However, despite the dissatisfaction of some European organizations, on September 14, a new PSD2 standard - Strong Customer Authentication (SCA) - came into force in Europe. This requirement represents a change in the authentication of users who intend to make online payments.
Thus, as it turned out in practice, it is difficult to comply with all the requirements of the directive. Maxim Glotov, Senior Lawyer and Coordinator of FinTech and Digital Transformation Practice at the international law firm BakerMcKenzie, at the Global Payments Day 2021 conference spoke in more detail about global initiatives in the field of open banking, and also outlined the practical aspects of the implementation of PSD2 in Europe.
New payment business models
According to Glotov, one of the most interesting trends in the creation of new business models in the payment market is the example of BigTech. Today, big tech companies like Amazon, Google, Facebook, Apple provide their own payment solutions. These companies use their own networks and the huge amounts of data of many people they generate.
Thus, innovations in the services of tech giants - Google Pay, Amazon Pay, Apple Pay - are based on existing payment systems. And platforms like Ant Financial's Alipay or Tencent's WeChat Pay use separate payment infrastructure, such as mobile e-commerce platforms, instant messengers.
Glotov emphasized that the key business models are AISP (Account Information Service Providers) and PISP (Payment Information Service Providers).
These are not classic payment models, because they have nothing to do with the client's money, but are information intermediaries. From the point of view of regulators, they are trying to ensure the safety of data. Since in this context it is very important that the data for authorizing users is protected
Among other important business models, Glotov noted the following:
Implementing PSD2: Practical Aspects
According to Glotov, some of the important approaches are financial monitoring and legislation on money laundering. The European Commission has begun to change its vision that online payments are risky.
Now, if you look in detail at the documents of the European Commission, it says that new business models are not risky. It is necessary to consider each business model separately, and evaluate it in each specific case also separately.
Maxim Glotov
Coordinator of FinTech Practice and Digital Transformation at BakerMcKenzie
The second aspect is cybersecurity. Statistics from the British financial regulator show that cybercrime increased by 187% in 2018. Therefore, you need to think about how to ensure the security of online payments. And the Second Payment Directive pays a lot of attention to this issue.
Another aspect is the differences in the regulation of banking and non-banking institutions.
They also understand this in Europe. For example, in the UK, new business models used to be light touch when regulation was light. Now these rules are getting stricter
Maxim Glotov
Coordinator of FinTech Practice and Digital Transformation at BakerMcKenzie
Open banking: how is the situation in the global market
Maxim Glotov presented a map of the world that demonstrates the global "movement" in the field of open banking.
Global changes in the field of open banking.
Accordingly, there are some countries where banks must open their APIs, and there are exclusively market initiatives. Ukraine falls into the first category.
In addition, Ukraine can be attributed to a narrower group of countries along with Albania and North Macedonia, which are trying to adjust the process of opening API banks in accordance with the requirements of the European Union. To do this, they are going to adapt their legislation to EU legislation.
There are some countries, such as Israel, that oblige to open the API only for AISP, that is, not for all participants. There are regulators that implement soft regulation: when banks are not obligated to open API. Brazil can be included in this category.
Maxim Glotov argues that in the UK and Europe, the standard for open banking is very different.
In Great Britain it was developed by representatives of a narrow group of banks, and in Europe - by the Berlin group. The European standard offers more options. Therefore, it may turn out that in practice these APIs will be very different for each bank. Therefore, this is bad news for fintech companies, because they will have to adapt to different APIs. And in the UK, this standard will be the same for everyone.
Dmitry Storozhik, CEO of Golden Dimension, named the priorities for banks that will begin to open their APIs and interact with fintech companies.
So, the main ones are:
Not all banks have a budget for the creation of a separate division of specialists who would be engaged in the development of new types of products. Interacting with the fintech industry can solve these problems. So, the bank can simply buy out any technology, sponsor the development of one or another company. And if the product needs technical support, it is enough for the bank to sign an agreement with the developer and receive this service on an ongoing basis, without involving its own IT department.
Dmitry gave an example of the successful interaction of Universal Bank with the fintech industry. He showed the table of leading banks in terms of the volume of attracted deposits in the first half of 2019. The second place in this rating is held by Universal Bank, ahead only by the state-owned Oschadbank.
If we talk about the payment market, the directive does not yet particularly concern its activities. However, the National Bank is carefully studying it, and is preparing to implement the requirements of the European Commission.
PSD2 and open banking: what banks need to prepare for today in order to survive tomorrow.
European banks and fintech companies are starting to move towards open banking with their payment solutions. However, as it turned out, not all banks' APIs meet PSD2 requirements. And the European Trade Association demanded to postpone the implementation of the directive norms related to the introduction of stricter rules for authenticating customers when making online payments on various Internet platforms.
However, despite the dissatisfaction of some European organizations, on September 14, a new PSD2 standard - Strong Customer Authentication (SCA) - came into force in Europe. This requirement represents a change in the authentication of users who intend to make online payments.
Thus, as it turned out in practice, it is difficult to comply with all the requirements of the directive. Maxim Glotov, Senior Lawyer and Coordinator of FinTech and Digital Transformation Practice at the international law firm BakerMcKenzie, at the Global Payments Day 2021 conference spoke in more detail about global initiatives in the field of open banking, and also outlined the practical aspects of the implementation of PSD2 in Europe.
New payment business models
According to Glotov, one of the most interesting trends in the creation of new business models in the payment market is the example of BigTech. Today, big tech companies like Amazon, Google, Facebook, Apple provide their own payment solutions. These companies use their own networks and the huge amounts of data of many people they generate.
Thus, innovations in the services of tech giants - Google Pay, Amazon Pay, Apple Pay - are based on existing payment systems. And platforms like Ant Financial's Alipay or Tencent's WeChat Pay use separate payment infrastructure, such as mobile e-commerce platforms, instant messengers.
Glotov emphasized that the key business models are AISP (Account Information Service Providers) and PISP (Payment Information Service Providers).
These are not classic payment models, because they have nothing to do with the client's money, but are information intermediaries. From the point of view of regulators, they are trying to ensure the safety of data. Since in this context it is very important that the data for authorizing users is protected
Among other important business models, Glotov noted the following:
- The issuer of the card-based payment instrument. That is, payment service providers that do not have access to a user's account can issue payment card instruments for a particular account. After that, they will be able to make payments using the card of the corresponding account with the consent of its owner.
- Virtual banks. Online banks without a network of branches that offer their services remotely using Internet banking or mobile banking.
- Electronic money institutions.
Implementing PSD2: Practical Aspects
According to Glotov, some of the important approaches are financial monitoring and legislation on money laundering. The European Commission has begun to change its vision that online payments are risky.
Now, if you look in detail at the documents of the European Commission, it says that new business models are not risky. It is necessary to consider each business model separately, and evaluate it in each specific case also separately.
Maxim Glotov
Coordinator of FinTech Practice and Digital Transformation at BakerMcKenzie
The second aspect is cybersecurity. Statistics from the British financial regulator show that cybercrime increased by 187% in 2018. Therefore, you need to think about how to ensure the security of online payments. And the Second Payment Directive pays a lot of attention to this issue.
Another aspect is the differences in the regulation of banking and non-banking institutions.
They also understand this in Europe. For example, in the UK, new business models used to be light touch when regulation was light. Now these rules are getting stricter
Maxim Glotov
Coordinator of FinTech Practice and Digital Transformation at BakerMcKenzie
Open banking: how is the situation in the global market
Maxim Glotov presented a map of the world that demonstrates the global "movement" in the field of open banking.
Global changes in the field of open banking.
Accordingly, there are some countries where banks must open their APIs, and there are exclusively market initiatives. Ukraine falls into the first category.
In addition, Ukraine can be attributed to a narrower group of countries along with Albania and North Macedonia, which are trying to adjust the process of opening API banks in accordance with the requirements of the European Union. To do this, they are going to adapt their legislation to EU legislation.
There are some countries, such as Israel, that oblige to open the API only for AISP, that is, not for all participants. There are regulators that implement soft regulation: when banks are not obligated to open API. Brazil can be included in this category.
Maxim Glotov argues that in the UK and Europe, the standard for open banking is very different.
In Great Britain it was developed by representatives of a narrow group of banks, and in Europe - by the Berlin group. The European standard offers more options. Therefore, it may turn out that in practice these APIs will be very different for each bank. Therefore, this is bad news for fintech companies, because they will have to adapt to different APIs. And in the UK, this standard will be the same for everyone.
Dmitry Storozhik, CEO of Golden Dimension, named the priorities for banks that will begin to open their APIs and interact with fintech companies.
So, the main ones are:
- the bank will be able to increase the distribution channels of its products and increase its client base;
- having access to the services of third-party companies, banks will be able to better develop trends in the financial market;
- it will be easier for the bank to understand the needs of its client and more effectively use the already existing volumes of data.
Not all banks have a budget for the creation of a separate division of specialists who would be engaged in the development of new types of products. Interacting with the fintech industry can solve these problems. So, the bank can simply buy out any technology, sponsor the development of one or another company. And if the product needs technical support, it is enough for the bank to sign an agreement with the developer and receive this service on an ongoing basis, without involving its own IT department.
Dmitry gave an example of the successful interaction of Universal Bank with the fintech industry. He showed the table of leading banks in terms of the volume of attracted deposits in the first half of 2019. The second place in this rating is held by Universal Bank, ahead only by the state-owned Oschadbank.
If we talk about the payment market, the directive does not yet particularly concern its activities. However, the National Bank is carefully studying it, and is preparing to implement the requirements of the European Commission.
