March 25, 2019

Since last Friday authorized third parties (TPP) have been testing API efficiency of Polish banks. The EU directive obliges banks to provide TPP with access to their customers’ data. The factual implementation of PSD2 will take place in September, when TPP will be allowed to use banks’ APIs (production stage). Open banking will bring about fierce struggle for customer loyalty, both with fintechs and among the banks. Moreover, competition from internet giants, the so-called GAFAA (Google, Amazon, Facebook, Apple, Alibaba) is lurking around the corner. Adam J. Kępa, our VP and Head of Growth, shares his thoughts on the issue.


Banks in the European Union have released documentation and interfaces (APIs) for testing to authorized third parties (Third Party Provider, TPP). This requirement arises from EU directive PSD2 (Payment Services Directive 2), which formally came into force in Poland on January 13, 2018. For the next three months, banks will consult with fintechs to confirm correct operation of the developed interfaces and identify possible areas for improvement. Banks will have another three months, ending September 2019, to introduce final corrections. They have to be ready to share fully functional APIs with fintechs and other banks by September 14, 2019. From then on, with customers’ consent, third parties will be able to access their bank accounts, initiate and make payments on their behalf as part of open banking scheme. On that day, ‘banking data’ is going to leave banks with the full sanction of the law for the first time in history. Third parties (TPPs) will have to protect customers’ banking secrecy just like traditional financial institutions.

1. Safety first

The PSD2 directive provides for banks to introduce Strong Customer Authentication. This means that banks have to convince their customers to use two-stage identity verification (SCA). Starting from September 2019, a customer logging in to their bank account will have to use at least two independent methods of authentication. Each of these methods will have to come from one of the three categories of safety features: knowledge (passwords, PIN code), possession (payment card, phone) or biometrics (fingerprint, retina or iris scan).

Strong Customer Authentication will require more time to log in or to make a transaction. Therefore, in the initial phase of deployment, SCA may degrade user experience by moving away from ‘one-click payment’. Therefore, banks need to make sure their customers understand that these new requirements help protect their money and data from theft or leakage.

Some banks in Poland were ready to open their systems before the final date and released data via API before the statutory deadline. Many still need to continue modernizing their IT systems before the regulations become effective. This kind of change requires a restructuring of the integration layer. It is responsible for providing data between banking systems and external systems, and has its own business logic which enables customer service across multiple channels at the same time, providing relevant data in real time, at the right place and time.

2. Struggle for loyal customers

Studies show that open banking will translate to the improvement of customer service and customer experience quality. In the 2019 Ovum ICT Enterprise Insights report 75% of EU banks confirmed that PSD2 will allow them to increase innovation through cooperation with fintechs. Moreover, 83% of respondents said they had a clearly defined strategy for their interfaces and sharing customer data with TPPs.

Forced by the directive, banks are changing for the better. Moreover, the vast majority of them are implementing new strategies because open banking offers a chance to improve the quality of service for bank customers. As shown by the Polish Banks Association and KPMG study published last week, banks enjoy enormous trust as compared to the rest of competitors (41% of respondents).

UK experiences with the implementation of open banking indicate that banks should see the next year as the time to look for new ideas and new partnerships, especially in the eCommerce market. This will give them a chance to take care of the customer, whose loyalty is likely to grow when the bank starts providing services at a higher level.

Good quality of service in digital channels is extremely important. For example, 52% of UK customers have changed service providers over the past two years due to their poor quality. With innovations such as behavioral analysis, artificial intelligence and big data, banks can identify the preferences of each customer and offer them services in line with their individual needs and lifestyles. In the world of open banking, they will have more and more data to make that happen. Used effectively, this data will be a great basis for building close relationships with individual customers.

3. Global giants join the game

The Polish Banks Association and KPMG study cited above indicates that as many as 40% of banks in Poland perceive other banks as their competitors in the first year after PSD2 implementation. But in the perspective of a few years, the majority of respondents (53%) believe that GAFAA companies will become more active and will become their competitors.

Banks should expect a clash with a very dangerous opponent. When PSD2 actually becomes effective, in six months’ time also the global giants will be able to offer financial services using customer data released by banks. Research conducted by Accenture shows that 41% of X and Z generations would be happy to consider moving to financial services provided by GAFAA.

Competition from small, innovative fintechs may turn out to be completely unthreatening the moment online giants enter the battle for consumers’ money. Their experience in designing ultra ergonomic services backed by millions of A/B tests to improve UX, and the enormous potential of the whole mass of data about users which they already have are true ‘weapons of mass destruction’.

Wise use of big data and effective forecasting, so that the customer feels genuinely cared for by the bank in many different aspects of their life are no longer just interesting new features. They will soon become financial institutions’ ‘to be or not to be’.

Learn it. Know it. Done.


This article was also published on websites: