The EU certainly has it backers, and it certainly has its detractors, but one thing everyone can agree on: even prior to the founding of the European Union in 1993, when it comes to technological innovation in consumer financial services, Europe has always been the leader. For example, the smart card was introduced in Europe over three decades ago, while Americans still viewed plastic as something reserved for credit cards and children's toys. The EMV chip card for debit and credit transactions was introduced in the EU member countries a decade and a half before it came to the USA. Now, EU PSD2, or Payment Services Directory 2, is scheduled for implementation in 2018, and it threatens to stand banking in the European Union on its head.
Open API's are at the core of PSD2. The key word is open. While API's are designed to allow internal or external parties access to data, they can be controlled by the companies who have custody of that data. For example, a company might allow a business partner access to its data, or it might publish an API so that a software program it purchased would be easier to integrate. But an open API is a horse of a different color. An open API allows any approved outside party to access data. PSD2 mandates that all banks in the EU publish open API's.
This means that customers will be able to do their "banking" through outside entities. For example, if you want to pay a bill online today, you can link your bank account to the payee to handle the payment through your bank. With open API's, a third party would be able to handle the payment without using your bank as an intermediary. Perhaps you want to pay a bill while you're on Facebook, without leaving Facebook - the bank's open API and Facebook's technical prowess would make this possible. The backers of PSD2 hope that this will open up the world of consumer financial services to innovators and start-ups, and will encourage further technological evolution in the world of finance. But will this actually be the result? Read on…
There are some legitimate security concerns about the open APIs. Since so many outside vendors would have access to customer data, there is the worry that bad actors will end up crashing the party, so to speak, and steal sensitive information. To that end, the European Banking Authority (EBA) has established security guidelines for PSD2 that aim to prevent this kind of larceny, including a tight regulatory protocol for entities that want to become PISPs (Payment Information Service Providers.) There will be no information free-for-all on the EBA's watch. This strict regulation regimen is essential, as the security issue could ultimately decide the feasibility and the success or failure of PSD2.
While we may view PSD2 in terms of payments, open banking will go much farther. It will enable a new breed of vendor, the AISP, or Third party Account Information Service Provider. AISPs will be able to offer a wide variety of services directly to consumers. For example: let's say you'd like a comprehensive analysis of your banking and spending habits, but you have accounts in several banks. Since all of the banks you use will have open APIs, a third party AISP would be able to access all of your accounts and provide you with sophisticated personal financial analytics, the kind formerly available only for businesses. This is precisely why backers of PSD2 are excited. They see the open banking concept as a way to stimulate innovation and bring more players into the game. In a sense, they see it as a major step forward in the democratization of financial services providers, or, in plain terms, a way to wrest the banking business away from banks.
Is PSD2 good for the banks?
That depends on who you ask. Some see it as a "headache for everyone," while others praise it as a clarion call for financial services innovation. Meanwhile, the best brains at the EU see it as another step in the eventual de facto unification of Europe, as Europeans' historical aversion to banking with non-domestic financial institutions will crumble in the face of irresistible multi-country service offerings. On the other hand...
While PSD2's intentions may be good, there is the old saying "The road to hell is paved with good intentions" to consider. While the goal is to stimulate the creation of smaller, more innovative companies, PSD2 may be just what the technology behemoths like Google, Facebook and Amazon (among others) are looking for. These companies have virtually unlimited capital to invest (they wouldn't even have to pay for research and development, they could just dominate through acquisition) and the type of universal presence and credibility that could make banking their next conquest. This will certainly weigh large in determining the ultimate value of PSD2.
PSD2 promises to have a major effect on the European financial services industry. The EU's embrace of open banking will surely be closely observed, and if successful, copied throughout the world. PSD2 could end up being just another complicated exercise in a technology that only a few benefit from, or it could, in fact, be the catalyst for a truly integrated worldwide financial system.