The Green Sheet Online Edition
May 28, 2018 • Issue 18:05:02
change is coming, slowly
The ways consumers shop and pay for purchases have been in flux for years. Credit and debit cards continue to replace cash and checks as preferred methods of payment, and many experts expect card payments will give way to new and faster ways to pay. Not any day now, but eventually.
"It will move slowly," said Niranjan Ramaswamy, Vice President, Product Management, Bank Solutions, at banking technology firm Fiserv Inc. Banks first need to start thinking in terms of new partnerships, revenue models and technology investments needed to support these changes, he said.
"You have to think in terms of 10 to 15 years from now," added Rod Hometh, Partner at RPY Innovations, the payment company formerly known as RocketPay. In an era when technology advancements are discussed in terms of months, not years, 10 to 15 years can seem an eternity. Yet initial steps toward this eventuality are occurring already with the emergence of application programming interfaces (APIs), particularly in places like the United Kingdom and the rest of Europe where open banking and related regulatory edicts have become hot-button issues.
UK, EU push for openness
Open banking is the moniker hung on a new service model that makes it possible for customers to authorize nonbanks they do business with to access their bank accounts in support of payments and other financial transactions. "It's about extending banking to nontraditional places," Ramaswamy said.
Collaborative data sharing is pretty widespread already, thanks to APIs, intelligent conduits that banks use to support seamless integrations with third-party digital applications, such as financial management programs for mobile banking. Open banking takes the process a step beyond simple data exchanges to support account-to-account payments, often in real time.
The term "open banking" was coined in the United Kingdom where a new set of regulations took effect in January 2018 that mandate the sharing of customer-authorized account information between different commercial entities to effect payments and other transactions. To be part of the new open-banking scenario in the U.K., companies need regulatory approvals.
January also marked the start of the European Union's revised Payment Services Directive (PSD2). PSD2 puts forth a similar mandate and associated regulations in member countries.
Both initiatives are expected to provide more competitive options for banking and payments in those markets.
"Though PSD2 and open banking are chiefly viewed as regulatory requirements, they represent a significant opportunity for banks to partner with trusted third-party providers to integrate financial services into their customers' everyday lives, while also driving more innovation inside the banks," said Ken Paterson, Vice President of Special Projects at Mercator Advisory Group.
Imran Gulamhuseinwala said this is "a major step toward giving the customer real ownership and control of their finances and data. Gulamhuseinwala is Trustee of the U.K.'s Open Banking Implementation Entity (OBIE).
PSD2 is "another step towards a digital single market in the EU," said Valdis Dombrovskis, Vice President for Financial Stability, Financial Services and Capital Markets at the European Commission. "It will promote the development of innovative online and mobile payments, which will benefit the economy and growth."
Banks see opportunities
The opportunities presented by open banking have not been lost on large global banks. Bankers worldwide are readying their institutions for an open banking future, said Alan McIntyre, Senior Managing Director for Banking at Accenture. In fact, all but one of the executives at global banks surveyed last year by Accenture said their banks were planning major investments in open banking by 2020, McIntyre stated. Sixty-six percent indicated they expect open banking to help create new revenue streams; 90 percent expect it to drive incremental revenue grow of up to 10 percent.
"Unlike banks in Europe where it is mandated by regulation, those in North America and Asia Pacific have the luxury of deciding if, how and when they will implement open banking, and we expect many will do so as a way to more easily offer integrated financial services to customers," McIntyre said.
ACI Worldwide's 2018 Global Payments Insight Survey: Retail Banking offered similar insights. It found a willingness among 73 percent of banks to open up their APIs to third-party developers. Mark Ranta, Head of Digital Banking Solutions at ACI, noted there are "different levels of openness. … I think what you'll see in the U.S. is less of a willingness to be completely open."
Barclays Bank was the first global bank to divulge plans to bring open banking to the U.S. market. Barclays disclosed in April 2018 that it was partnering with PayPal Inc. to enable customers of the two behemoths in both the United States and the U.K. to easily manage money and make payments across account platforms.
"The U.S. and the U.K. are our two biggest markets, where we share millions of customers with Barclays," Gary Marino, PayPal's Chief Commercial Officer, said in a statement. Ashok Vaswani, Barclays U.K. CEO, added, "Barclays is becoming a digital company and I believe this strategic partnership with PayPal will provide the first of many new developments in which we join up with partners to enhance digital journeys."
Mastercard, meanwhile, made a significant move toward open banking with its 2017 purchase of U.K.-based Vocalink. Vocalink runs the technology that underlies real-time payment systems in the U.K., Singapore and the system launched in 2017 by The Clearing House, based in New York. "We have the opportunity to extend everything that we've accomplished with cards to bank account-based payments and redraw the lines of what's possible in commerce," Michael Miebach, Mastercard's Chief Product Officer said in heralding regulatory approval of the acquisition.
Banking technology firms are in the game, too. ACI has been promoting its portfolio of solutions for support of open banking strategies, and in May 2018 it revealed that a large Hungarian bank, Erste Bank Hungary, had signed an agreement to implement those solutions. In April, Fiserv introduced FinKit for Open Banking. That solution includes access to pre-built PSD2 and open banking APIs, and supports ongoing compliance through API version control, release management and distribution, Fiserv said.
Fraud and other risks
The path to open banking offers new opportunities, but it also presents perils. For example, it "puts banks at risk of becoming back-end transactional players, with their products and brands buried deep in another transaction," said McIntyre. Inherent risks also come with broadening access to bank accounts by customer-approved nonbanks. "The big question is whether consumers will be willing to share their financial data with outside companies which they've typically been hesitant to do because of privacy and security concerns," McIntyre said.
Hometh added, "There has to be increased security over what exists today. It has to be really locked down."
Ann Cairns, Vice Chairman of Mastercard, delved into this in a recent blog post. "It is vital that the most robust safety and security technology is deployed in enabling the development of the new ecosystem of open banking interactions between banks and third parties," she wrote. "The imperative for all those that operate in this space is ensuring that, as technology evolves and behaviors change, the way we pay is frictionless, convenient and secure."
Regulators are keen to ensure the move to open banking incorporates protections, particularly for consumers. PSD2 and the U.K.'s open banking rules both include consumer protection provisions, along with customer authentication and data and transaction security requirements. PSD2 also includes a ban on merchant surcharging of consumer credit and debit card purchases. The surcharging ban also applies to business-to-business direct debits and credit transfers, but not to B2B credit and debit card payments.
The U.S. Consumer Financial Protection Bureau published a set of principles for protecting consumers who authorize nonbanks to access their bank accounts for payments and other banking transactions. In a statement issued in 2017, the CFPB said that "while consumer-authorized data sharing promises great benefits to consumers, there are many consumer protection challenges to be considered as these technologies continue to develop."
The published principles drive home this point. They do not promulgate binding rules, but rather set a "vision" for protecting consumers and other stakeholders, the bureau said. The principles touch on data access, data scope and usability, control of data and informed consent, payment authorizations, data accuracy and security, and dispute resolutions related to unauthorized account access.
Merchant, consumer demand mixed
Consumer demand for new banking propositions exists, as evidenced by ongoing adoption of mobile options for banking and payments. A 2017 survey of U.K. consumers by the international consultancy Deloitte found 58 percent of those with mobile banking apps could be persuaded to switch to a mobile-only bank for the ability to perform more banking transactions on their mobile devices. That survey also found consumer openness to accessing bank accounts via third-party interfaces. Forty-nine percent of U.K. consumers said they would trust doing this through a digital payment company; 43 percent said they would trust accessing their bank accounts through a retailer.
This could bode well for retailers. "If a company uses Open Banking APIs to process payments instead of cards it could save a lot of money," Gavin Scruby, CIO of SmartDebit, a leading UK provider of bill-pay services, wrote in a recent blog post. Ranta agreed it is possible, stating, "It's not near term. However, there will be a point in time when it will be."
A 2017 Accenture survey of payments executives at large European retailers found nearly one third expected to be using APIs to interface directly with bank systems to access consumer bank accounts once Open Banking and PSD2 took effect. Other ways they plan to use APIs include accessing financial information to tailor products and generating POS offers and discounts.
"Open banking is an opportunity for retailers to provide a better customer experience through flexible payment initiation and faster refunds, and to increase cash flow by bypassing card networks and fees, and reducing fraud and chargebacks," Jeremy Light, Vice President of EU Strategic Accounts and former Director at Accenture said in discussing the findings
However, a survey of Tier 1 and Tier 2 retailers in the U.K., published by Consult Hyperion in January 2018, found fewer than one in two (48 percent) were even aware of the PSD2; just 16 percent were hoping to "take advantage" of the new regulations.
US will be a laggard
As the Barclays-PayPal deal and Mastercard's ownership of Vocalink illustrate, the move to open banking in Europe will impact the U.S. marketplace. "Huge global banks like BofA [Bank of America] and Barclays are not going to want to have separate systems for the U.S.," Hometh said.
But the lack of regulatory edicts and the sheer size of the U.S. market – with over 10,000 banks – points to a long adoption curve. The experiences of Zelle, a bank-controlled mobile payment app launched last year to compete with PayPal's Venmo, validate this. One year on, only about 100 banks have signed on to participate, according to Early Warning Services LLC, the banking consortium that owns and operates Zelle. In the first quarter of 2018, Zelle carried 85 million transactions worth over $25 billion.
Mobile payment options like Zelle could catch merchants' fancy, particularly those looking to steer customers to low-cost payment options. But what they appear most interested in, Ranta suggested, are omnichannel solutions. "Merchants want unified connections. They don't want separate apps for ecommerce, mobile payments and brick-and-mortar," he said.
Patti Murphy is Senior Editor of The Green Sheet. Follow her on Twitter at @GS_PayMaven or email her at firstname.lastname@example.org
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.