Get ready to welcome the ‘new banking platform’

Most financial services organisations today are focused on building an API strategy and/or platform, and view the marketplace as a potential project for the future.
Michael Brink
By Michael Brink, Chief technology officer of CA Southern Africa
Johannesburg, 04 Sept 2020

The “new banking platform” is driven by application programming interfaces (APIs) that sit between a bank’s backend services and the front-end experiences provided by the bank plus third-party providers (TPPs).

This new platform empowers banks to employ new business models, providing infrastructure for TPPs and new use cases, such as acting as a trusted identity and authentication provider for TPPs, while also adapting to emerging technology disruptors, such as blockchain.

By leveraging an API-driven platform, banks can increase customer satisfaction, expand into new markets, future-proof their IT infrastructure and accelerate time to market of new products and services.

Other issues driving the move to the new banking platform are compliance and regulatory directives: regulations such as the Payments Service Directive 2 (PSD2) and the General Data Protection Regulation (GDPR) – mainly European-focused − with SA’s Protection of Personal Information Act delivering data privacy controls to the local market.

As these protocols go from draft standards to required mandates, the fact is that most banks and financial enterprises will be forced to open up their data and capabilities to meet these requirements.

Some banks will do so via the least amount of effort; for example, creating an ad hoc, single-use API, but this will not enable them to scale that effort to comply with future regulations or create new product and service innovations.

Banks are more than capable of making deeper investments into creating innovative new capabilities that deliver competitive advantage.

In terms of the South African market, efforts are already under way; for example, in the first quarter of 2019, Nedbank launched an open banking API platform.

The objectives of these regulatory guidelines remain clear and that is to enhance consumer protection and convenience, improve the security of payment services and promote innovation and competition. However, the implications for payments industry participants are complex and broad.

The biggest impact for banks will be the strategic outcomes of the fact that they will be required to open up access to account data to third-parties at the request of customers, to support both account information and payment initiation.

Regulations: Attitude is everything

Of course, instead of stressing over regulatory compliance, one can take an entirely different approach to PSD2 and GDPR, and view it as an opportunity to support a larger digital transformation strategy by building a “new banking platform” around APIs.

The bulk of financial services organisations today are focused on building an API strategy and/or platform and view the marketplace as a potential project for the future. Leading businesses in other industries have proven that opening-up APIs to a partner community and monetising an API marketplace can lead to new and lucrative business opportunities.

One example is retail, where the exponential rise of open commerce APIs reflects how the industry is looking for new ways to make use of their data and connect their systems. This will enable them to create great experiences for their customers and employees, drive new revenue channels, and gain competitive advantage.

In the banking sector, in addition to helping banks increase compliance, scalability, innovation and competitive advantage, this new banking platform empowers entirely new business models and use cases, which expand in scope and capabilities as banks increase their API maturity level.

Most banks are already capable of developing ad hoc APIs − often driven by regulatory compliance constraints. These APIs digitise simple transactions; eg, balance checks or transfers, and make them available for third-party use.

Many banks have developed top-tier APIs with numerous capabilities and are integrating it with select and trusted partners. While the API itself enables the connection, the requisite SLA agreements, documentation and support must be managed “offline”.

These are examples of APIs that extend bank services to trusted partners:

  • Digital payments such as online, smartphone/wearables, Internet of things.
  • Transfers between institutions.
  • Account data and transactions made available in third-party applications; eg, personal finance sites or apps.

Many banks have had success with some integrations and are now looking to roll them out to a larger community of partners via a portal or marketplace. These offer basic capabilities to those wishing to create new use cases and they not only provide the backend for existing user experiences, but infrastructure for new ones as well, with standardised processes around SLAs, support and so on.

Let’s unpack the APIs that foster unlimited third-party connections, leading to the development of innovative new products and services. These include loyalty programmes; peer-to-peer lending – or transfers where banks act as a clearing house; and using the bank as a trusted identity/authentication service.

Furthermore, banks are more than capable of making deeper investments into creating innovative new capabilities that deliver competitive advantage.

In conclusion, as banks move away from a transaction-based, monolithic configuration to a more customer-centric approach, they’ll be better positioned to react to new regulations and digital market trends.

Moreover, if they are to stay ahead of competitors and ever-evolving customer demands, banks must be able to deliver new, high-quality services faster than ever. By turning common functions, like authentication, access control and risk management, into modular microservices, banks can homogenise and accelerate the deployment process and achieve economies of scale.