So what? As far as customers are concerned, how is there any difference between storing your debit card details with merchants you use regularly, and giving permission for your bank and said merchant to swap data to facilitate quicker payments? Basically there’s none in experience if you’re already a reasonably sophisticated online shopper.
For the businesses involved though – big change. Despite the IT complexity and cost to implement the changes, you will also notice that all the middle men are gone. The acquirers and the card schemes are disintermediated, and subsequently lose a significant revenue stream. Now there could be a customer benefit in that – if the merchant passes on the cost benefit. But will they, or will they take the margin?
However, now there are aggregators popping up, or Banks (such as Starling) who are aggregating Bank APIs for payments. If a business like Amazon doesn’t want to become regulated as a PISP and do the work to integrate all of the banks’ APIs, they could integrate through one of these aggregators – a single source of truth, if you will – and pay them a fee to directly charge the bank account. These banks/aggregators could take a fee for doing so – e.g. Amazon would have to pay Starling a fee to instruct a payment on Lloyd’s API, if they used us as an aggregator.
However, just before we get into that we wanted to answer a question that is asked a lot - “What exactly is the difference between PSD2 and Open Banking?”
In the Q3 2016, the Competition and Markets Authority (CMA) in the UK completed its Market Investigation into the retail banking sector, and found that older and larger banks weren’t having to compete hard enough for customers’ business, and as a result many people were paying more than they should and weren’t benefitting from new services. To address these problems, the CMA announced a mandate for the nine largest current account providers in the UK to implement Open Banking by early 2018.
Open Banking is a mandate in the UK that requires banks to build open Application Programming Interfaces (APIs) which will enable customers to securely share their bank data with third parties, ranging from transaction data to instructing payments via API. The purpose of these open APIs is to enable customers to securely access other products and services – other than those that their banks provide – should they choose to do so, and as a result have more options and transparency around those choices. It also enables new services to be built around this open data, notably aggregation services that allow bank products to be compared easily so consumers have more clarity regarding their options. By enabling customers to have significantly easier access to these third party products (and easier ways to view and compare products), there would be a natural increase in competition in the market and improve customer’s options.
This requirement from the CMA coincides with PSD2. A key goal of Open Banking is to be compliant with PSD2, which provides the legal framework within which the CMA requirements will have to operate.
However, initially, there were some distinct differences between the scope of PSD2 and Open Banking, particularly in the products included. As of November 2017, however, the Open Banking Implementation Entity (OBIE) announced amendments to the scope of Open Banking to broaden out the Open Banking solution to include PSD2 items “in order to deliver a fully compliant PSD2 solution” – which can be read in full here.
This is a massive change to the scope of Open Banking and a huge win for consumers.
Notably, this amendment broadens the Open Banking solution to include all payment account types covered by PSD2, which means that additional products are now included in the scope of Open Banking, such as credit cards, e-wallets, currency accounts, charge cards, prepaid accounts and payments enabled savings, deposit, loan and mortgage products, and comprehensively fulfills the functional requirements of PSD2. Additionally, Open Banking APIs will now also cover multi-currency products not covered under the original order, as well as corporate accounts.
The delivery of this has been organised across a series of six-month releases spanning 2018 to August 2019 and coinciding with the regulatory application of the regulatory technical standards (RTS).
This increased alignment with PSD2 materially improves the likelihood of adoption across the market and by consumers, who then have greater access to a broader range of products.
The rise of aggregators and challenger banks
There’s a great opportunity – for the consumer and the provider – with aggregators, and we’re regularly seeing new additions to the market. It’s still early days though so we’re yet to see the ones that will stick. Aggregators are being used in a number of different ways at the moment:
- To combine bank accounts (personal current accounts or business current accounts) from various providers
- To facilitate payment as an intermediary for an e-commerce shop and the source bank account
- To combine a selection of financial services products eg. pensions, insurance, investments
- To compare banks on key features, such as Overdraft Fees and Service Quality ratings.
The challenger bank market is also becoming an increasingly competitive space with new versions of banks appearing with different approaches. Many, like Starling, are incorporating a marketplace model, but also doing this in different ways. Some challengers choose to deeply integrate one third party per category of service (e.g. one insurance provider, one savings solution, etc), and on the on the other end of the spectrum there are price comparison sites that aggregate the entire market.
At Starling, we have a particular strategy to create a Marketplace Platform, in which third parties can easily integrate our public API and can also easily plug their APis into the Marketplace within the Starling app to offer their services to Starling users, ultimately creating a network effects platform. In this way, we can easily enable customers to have a range of options from providers across the market, and help them to easily and securely access those products. We’re able to do this given we’re a licensed bank, have open APIs, and have regulatory permissions to introduce our customers to third party financial products. Traditional banks are recognising the threat and are actively working to be competitive in this space though, as evidenced by partnerships such as the Bud and First Direct relationship. It’s a new world, and many are vying to be competitive in this space, so only time shall tell who becomes a contender in this arena.
What is the Account Information Service Provider?
Now we move onto the second big part of the directive – the AISP, which is the Account Information Service Provider. Whilst the PISP initiates payments across the ASPSP, the AISP consolidates information across multiple ASPSPs. OMG? Seriously?
Put simply, an AISP gives a name to something that does already exist, take for example Yolt in the UK and Mint.com in the US, can consolidate a customer’s bank account details from several different banks.
So imagine in the UK in a few years, you logon to a Money Supermarket or Yolt app, and see your Starling, Barclays, Lloyds and Santander accounts, all into one place. Yet again access to this would be granted using XS2A standards set by the EBA and you would not have to give your logon passwords to Money Supermarket. (See Diagrams 4 & 5)