PSD2 - Opening Doors For New Financial Services
Another pro-customer-oriented EU regulation, this time from the world of financial services.
As we already mentioned in the last article, today's piece will digress a bit from possible ways and approaches as how to understand customers and how to possibly get them on your side. Despite that we will still be very interested in their perspective, as we are going to focus on an EU customer-oriented regulation - The revised EU Payment Services Directive 2015/2366 (effective as of 13th January 2018), also known as PSD2 (Revised Payment Service Directive).
Customer are the focal point of this Directive that seeks harmonization across the financial sector as to open it to new players so that clients of financial institutions (i.e. almost everyone) can benefit from it. The next few paragraphs shall summarize what banks have had to prepare, and what new services are out there, as directive has encouraged a number of them; so we are interested what they can offer. While at it, we shall clarify for you a few shortcuts PSD2 is full of.
Already in 1994 Bill Gates said that while banking is necessary, banks are not. This is, of course, largely unimaginable and impossible in the near future, but thanks to PSD2, banks have to be more open to the outside world and thus let in new institutions to the market, which can start taking over not only their role. For instance, nowadays, online payments are mainly under control of card companies, through which we carry out all operations. During a regular scenario of shopping online, a user is always is transferred to a secure form after confirming the order, where she fills in her credit card details, while this data enables it to pay immediately. The risks associated with possible fraudulent operations and their remedies are borne by their providers.
This way enables web browsers to remember inserted data, or to store card details in some of the payment gateways. Yet, once we choose to pay by credit card, it is necessary to pass the so-called two-factor authentication (i.e. using two different methods of identity verification, most often it is a combination of data entered into the browser and a temporary code sent in a text message). This approach is called "strong authentication", which is to guarantee greater user safety in the online environment, and is also one of PSD2's leading points; so, it will not be possible to rule out. However, that doesn’t mean we’ll have to fish the phone out of our pockets every time we pay.
Shopping in PSD2 world will provide the merchant with the option to access the account and make the necessary transaction. Imagine you are shopping online; once again you approve the order and select the option of online payment. Yet, this time you won’t be redirected to the payment gateway as to fill in the card details, but you will be redirected to the Internet Banking Interface of our account. You will give the consent to the merchant's access as to be able to execute transactions we enter, and the payment will take place (here again, when granting the consent, you can expect a text message). At first glance, this is not a dramatic change, but the important thing that we will be able to give this consent only once, and each subsequent visit on the merchant’s site (e.g. Amazon, Mall.cz, eBay) will result in automatic payments. Another dramatic change is also eliminating the intermediary in the form of a card company, which takes commission for each operation. The role of such companies in online shopping will therefore dramatically decline.
Communication between/among banks and the rest of the world will take place through public APIs (Application Programming Interfaces - interfaces communicating with applications), which will be sending possible guidelines for operation with bank accounts to the registered institutions. APIs will not be able to call from any random place on the Internet, but it will always have to be a clearly recognized source of such requirements - so bank customers do not have to worry about their security. This principle is called XS2A, or " access to account ". The definition of API standards itself is then managed by EBA (European Banking Authority), which issues regulatory technical standards (RTS) so that communication to and from banks maintains a certain rules and order. It is more than commendable that Česká spořitelna is one of the leaders in terms of openness (according to the Innopay survey, see https://www.innopay.com/blog/innopay-open-banking-monitor-who-are-the-masters-in-openness/).
New Roles on the Market
So the question is, who will be able to perform such operations and to what extent? PSD2 defines three basic entities that relate to the described process (yes, other abbreviations ...). The first is PISP, or the Payment Initiator (Payment Initiation Service Provider) – i.e. the one who wants to issue a payment order. In the example above example it would be an e-shop, where you want buy new clothes, for instance. However, such a PISP needs a counterparty from which it will just request the payment.
Here comes another shortcut - ASPSP or Payments Provider (Account
Servicing Payment Service Provider). ASPSP must be licensed banking entities, which, at the moment are only the existing banks, but this set up will most likely change in the next few.
The last of the three is AISP, or Account Information Provider (Account Information Service Provider), which will be able to track the statuses of client accounts - the plurality of " accounts " is intentionally used here, as now we can view only the account statuses within one bank, i.e. through one internet banking. Naturally, all three entities are subject to the necessary regulation within their home countries.
Therefore, XS2A will apply generally, which will give the chance to new services to penetrate local markets, to ones are already exist, such as applications of monitoring and personal finance Spendee (www.spendee.com), Mint (www.mint.com) or Yolt (www.yolt.com) or deeper integration of PayPal (www.paypal.com). End-users will be able to view all of their accounts and the transactions through one interface and won’t have to constantly switch between individual Internet bankings. Yet, this doesn’t mean that such activity should be just a new market for new players, for example the already mentioned Česká spořitelna doesn’t keep it a secret they intend to provide services of such sort. We can also expect that younger banks such as AirBank and Equa Bank will not be waiting long to come up with the same. Card companies will be replaced in part by new intermediaries, who will want to build robust platforms in response to commoditization of banking products.
How Else Can We Benefit From It?
The expected use will be enhancing client’s profile once she will want to find a new provider of financial services. It will be mostly about scoring (client reviews) in negotiating the loan.
On the one hand, this will be more user-friendly way to pass the necessary basis for determining creditworthiness (in comparison with the transmission of account statements for the past x months), on the other hand it will be a more relevant source of information specifically for loan providers, since they will have guaranteed and true data for any arbitrarily defined time. This is one of the threats banks will be facing. They should respond by retention processes in such a way so that their clients do not run off for ((in some cases only seemingly) more advantageous offers of competitors' loans. It is necessary to remember that even though these operations are carried out online, they always require explicit consent of the user to grant access. This means process starters can be set up for such events, to help keep the client.
Another possible way is to take on the role of AISP, where, as expected, the choice of products and platforms is slowly but surely being saturated. However, it is still possible to expand the portfolio of services these platforms will offer. As in the above scenario of direct agreement to access a PISP account, a similar platform can be inserted as an intermediate step while AISP will have an overview of all client accounts, and the PISP will query this platform. In such a case the service may then provide, for example, syndicated payments made up of more accounts (e.g. CZK 10,000 from bank account A + CZK 15,000 from ban account B), as well as the possibility to combine these debit payments with a partial consumer credit (for example, you add + CZK 15,000, - from the online negotiated loan to the already comprised CZK 25,000 from the previous example). Similar platforms could then also function as online financial product comparison search engine.
How to Grab PSD2 as an Opportunity?
Finally, it is essential to add that all PSD2-related agendas will have an impact on the increase in IT investments, as all of the above interfaces will have to be managed and further developed. Likewise, PSD2 brings even more commoditization to the sphere of financial services, so the products of individual providers will be more interchangeable and it will be more difficult for them to reach their margins. It is therefore important to start thinking about how to build solid platforms that will act as distribution channels and bring value to the client in the form of comfort and savings (such as Uber does).
Platformization however, will be subject, which we'll look into in the later parts of our series. Next time, we will come back to customer communication, and talk about the issue of personalization, not only from the point of view of what it offers, but also in the meaning of what a company needs to do so that personalization makes sense in today's context.