What Open Banking Challenges Keep IT Leaders up at Night?
Financial institution CIOs and technology business leads are grappling with the transition to an open banking economy, fully aware it’s their job to bridge the gap between surviving and thriving.
Those strategists, enterprise architects and other leaders with the latitude to think about and act on where the organization should be headed realize if there ever was a time to develop strong organizational strategies, the advent of open banking and open application-programming interfaces (APIs) is that moment.
Open banking, at least in Europe and the U.K., began as a regulatory initiative to drive consumer choice and innovation. The goal was to improve the consumer experience through greater accessibility and competition, enabling fintech ecosystems as financial institutions open their data to third parties through those APIs.
As financial institutions achieve and maintain regulatory compliance, they're turning their attention to the opportunities the API environment offers. To some, that means digital transformation, new platforms and advanced technology that make consumers' lives easier.
During this transition to an open-API environment, I've spoken with CIOs, technology leaders and others in your position and learned you're optimistic about the potential of open banking. Still, it's easy to spot challenges that temper that excitement and keep you up at night.
Here are some of those challenges, as well as some solutions that might help you rest easy.
What is your nearest equivalent competitor doing?
It's only natural to look at what others are doing and think, "If they have new apps, collaborations and consumer experiences, then we better do the same."
It's one thing to copy, keep up and do the minimum on features, but as the pace speeds up and collaborations become the norm, financial institutions can find themselves in what may be unfamiliar territory. Creating apps means talking to developers. Creating APIs means developers are now a different type of partner for your organization. That can be a new experience for financial institutions that don't always speak the same language as the development community.
The solution boils down to mindset and communication. Internally, try to jump ahead a little in the development process. Create and promote a development advocacy program.
Externally, get used to working collaboratively by creating as many lines of communication as possible with developers, understanding that they work in a different way than traditional enterprises. They want real-time chats and short conversations, fast feedback and software updates in days and weeks, not months and years. Adjust to their needs, and you'll likely see the dividends.
What will happen when you open your APIs? Will your mainframe blow up?
Concerns about overloaded mainframes are well-founded because open banking marks a departure from the traditional ways people have accessed your services. Looking back at the evolution of access, it started with branch-only and then moved to call centers and the internet.
In each instance, financial institutions could control the number of staff, contact center agents or consumers with access. With open banking, you no longer have that capacity control because there now is the potential force multiplier of an unknown number of third-party providers that are required by regulators to be given unfettered access to your customers' data.
A great way to overcome that challenge is to employ a background strategy of reduce, reuse and recycle. Reduce the amount of information sourced directly from the mainframe and the number of times traffic can hit it. Reuse the real-time services you have but share them with other capabilities. And recycle by starting to break down the original mainframe completely so, eventually, there isn't one.
It's about taking what you had before, breaking it down and using the energy somewhere else.
How do you ensure you don't lose consumer data?
There are two avenues of concern: the fear of losing control of your customers' data to competitors and new security challenges in the open banking environment.
Both are legitimate. Fear of losing control of data you currently have stems from the real concern that someone else will do a better job understanding your customer based on the information available through third-party access.
The solution is to look within and develop additional capabilities at a place where you already engage with technology, like simple insights, analytics or even machine learning. Think of it this way: "We’ve got this problem to solve, one individual use case at a time," rather than, "We’ve got this data. What can we do with it?" Don't make the mistake of ignoring the wants and needs of the consumer.
As for security, all of the Second Payment Services Directive API specifications across Europe make it quite clear the fundamental security of API services is a critical factor in getting and staying compliant. That appears in defined protocols, ranging from how third parties are verified to the rules around secure customer authentication.
However, it's also important to prove to consumers, regulators and legislators that you are a good data citizen. Europe, for instance, has the General Data Protection Regulation, which incorporates rules that ensure personal data has certain rights associated with it, and no one can use it without the consumer’s consent.
If you want to perform effective analytics, you have to earn the right to have access. If you change what you do, you need an effective way to go back to your customers and ask if it's still okay to work with their data.
How do you develop new revenue streams under open banking?
In terms of getting and staying compliant, organizations are spending a lot of energy just getting to the baseline.
Enterprise architects and chief technology officers are genuinely aware of the opportunities open banking presents, but they're worried there hasn't been enough time to develop and nourish a strong strategy. That adds stress to strategy development and leaves leaders feeling like they're one step behind.
Overcoming that challenge often requires looking outside the organization to a trusted partner. Shift the energy and let your partner maintain the baseline of compliance so you can give yourself the head space to analyze your options and develop those new revenue streams. They are there, and you can find them once you redirect your energy.
Certainly, open banking poses challenges and opportunities to financial institutions and, more specifically, those on the front lines of technology. But stepping back and giving yourself a chance to develop the right strategies will close the gap between just getting over the line with compliance and taking a real step forward in how you do business.