Why PSD II could be the final straw to bad leadership and unblocks internal resistance to real banking innovation finally

David M. Brear Co-Founder & CEO

19th October 2015 • 5min read

Our CEO, David Brear, talks everything PSD 2 for HotTopics. Legislation is usually brought in to reduce stupidity amongst individuals, or groups exhibiting behaviors that may cause harm. PSD 2 is no different in terms of its purpose and overall need to exist.

The European Commission has tried to foster innovation and filter banks toward more inclusive ways of working. PSD, miData and a number of other “carrots” meant to foster innovation have been used with limited success.

Banks have treated all of these as purely compliance driven; tick box exercises, and tend to deliver the bare minimum to meet legislation. With regulators and governments now losing patience with banks, we now have the “go to your room” moment; PSD 2.

[vc_row][vc_column column_width_percent="100" overlay_alpha="50" gutter_size="3" medium_width="0" shift_x="0" shift_y="0" z_index="0" width="1/1"][vc_column_text]

Can you legislate against stupidity?

[/vc_column_text][vc_column_text]Legislation is often aimed at ensuring stupidity isn’t held against the individuals or groups exhibiting the behaviors that caused the local or global governing bodies to take such drastic steps as create law. Take for example the most recent law put in place by the UK government aimed at parents/guardians of children. To some grumblings in the press parents/guardians are no longer allowed to smoke cigarettes or eCigarettes in a car with anyone under the age of 18. Now for me this is legislating against stupidity. What parent/guardian/grandparent would consider that containing a child in a sealed tiny space and slowly poisoning them a sensible thing to do? Crazy huh? But you can sit at any traffic lights in your car and see this practice happening. So because of this the governing bodies have taken steps to protect the children from their parent/guardians stupidity. There are many examples of this. You can’t drink and drive a car; you can’t drink alcohol in public places to the point of ruckus and you can’t do a bunch of things that as adults people really should know better than doing anyways but laws are needed to stop them. PSD II is no different in terms of its purpose and overall need to be. The European Commission have tired a number of times to foster innovation and open the banks to working in better and more inclusive ways but without success. PSD, miData and a number of other “carrots” to foster innovation have been used with all but very limited success to change anything. Banks have treated all of these as purely compliance driven, tick box exercises having delivered the bare minimum to meet the letters of the legislation. Like naughty children doing their homework on the bus on the way to school know all too well, doing the bare minimum wont get you anywhere but in trouble longer term. Trust me on that one my report cards always read “good but should be trying a lot harder” and I should have. With regulators and governments now losing patience with banks for this and a number of other issues we now have the “go to your room” moment; PSD II.

PSD II: Purpose and impact

After years of treating regulations as the bar for customer experiences the quality of change happening in banks has become critical. We have billions being spent with the returns being at best compliantly underwhelming from most with only a few exceptions that you can count on one hand. PSD II is different from previous regulations that have come before it and has the potential to create clear ‘Winners’ and ‘Losers’ in the payment services market. PSD II will impact financial institutions already operating within the scope of the Payment Services Directive of 2009, but also extends to operators of e-commerce marketplaces, gift card and loyalty schemes, bill payment service providers, public communication networks, account access services, mobile wallets and anyone who receives payment by direct debit. PSD II has been the subject of consultation and debate within the European Commission since 2013. Negotiation and compromise revisions extended until January 2015. Once adopted, member States will have two years to bring PSD II into national law. The new directive seeks to extend and clarify some of the provisions of the first directive, while also fostering payment innovation, particularly in mobile, and harmonizing some of the national interpretations. Key elements of the directive include opening access across the industry to payment processing services, as well as to the customer accounts held by banks. Did you get that? Opening access to payment processing and customer accounts? The legislation recognizes a market demand for payment service providers (PSPs) granting third parties access to their online payment services in a regulated and secure way. This is Third Party Payment (TPP) service provision in the directive’s terminology. Also, under the ‘Access to Accounts’ (XS2A) rule, it will force banks to facilitate access via an API to their customer accounts and provide account information to third party apps if the account holder wishes to do so. If you work for a bank and you read that last two sentences and didn’t utter an expletive let me just say that this creates a range of new service opportunities for new entrants, those already in the financial services ecosystems and also if they choose to for the banks themselves. Its clear that this goes now way beyond compliance and the potential impact of these changes could be ground breaking.

“So what?” and then “so what do we do?”

So what? Like the naughty children I described earlier a lot of European banks are focusing their efforts on why this should not be allowed to happen to them. They have played through the scenarios in this one and the impacts that it could have and found a few issues: [/vc_column_text][/vc_column][/vc_row][vc_row][vc_column column_width_percent="100" overlay_alpha="50" gutter_size="3" medium_width="0" shift_x="0" shift_y="0" z_index="0" width="1/1"][vc_column_text]

1) Banks cannot address these changes as a compliances project:

Making the changes needed as part of PSD II will require the banks to do something that they are inherently terrible at doing; working across multiple significantly separate business units. Only with clearly mandated collaboration across the business model owners, technology departments and the compliance/legal teams will banks come close to address their minimum requirements. This is going to be really tough to get right.

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column column_width_percent="100" overlay_alpha="50" gutter_size="3" medium_width="0" shift_x="0" shift_y="0" z_index="0" width="1/1"][vc_column_text]

2) PSD II has the potential to fully expose the problems that legacy banks have in their technology platforms:

Not a bank on the planet hasn’t had a debate within the deepest darkest basements that they keep their technical teams about “Shouldn’t we be investing in an open API architecture and working with external parties to deliver some of this change we can do?”. Quickly those conversations turn to API strategies and controls and in other than a very enlightened few Europeans banks have lead to a statement along the lines of “why would we do that? Wont we lose control?”. We have to remember here that control is a very hard thing to give up and that banks need to properly motivated to make such a leap. Most banks wouldn’t have any APIs in place at all if they didn’t have to just ship from the mothership over the last 5 years’ direction and deliver mobile banking to keep up with the jones. Setting up APIs in legacy banks with legacy core banking systems and legacy architecture and legacy people is no easy feat. Only the most enlightened banks have progressed high enough up through all of their issues in a Maslow’s hierarchy of needs style quick sand to be able to now engage in this type of self actualization but they now have no choice in the matter. The thing they could never justify or create the business case for but actually would be a catalyst for significant and wholesale change in their organizations in both the speed and quality of their offering is to become a governing body mandated thing. Ouch.

3) PSD II has the potential to expose how slow and costly banks change processes and low customer experience bars are:

When you compare a bank operating costs and controls to that of industries who have made bigger leaps into controlling their costs then you see that the comparison is like night and day. Comparing your speed to market when your market is like an iceberg isn’t really going to give you a reflection of good. These changes coupled with technology now lowering the barriers of entry to new lows means that banks change processes and costs will be being compared to startups and FinTechs. Banks testing processes on their own run significantly costlier and time consuming that most startup development cycles! This difference will become obvious as a furious pace and only get worse as more banking startups like Mondo, Starling and Atom show that they are setting themselves up as start-up banks not bank start-ups like TSB, Metro and a number of others.

Opportunities for banks and opportunities for others

Having played through all the scenarios on this matter on the market there are huge amounts of opportunities for banks to take advantage of if they step up their efforts in the right direction. There are significant opportunities for banks for potentially becoming a TPP themselves, aggregating other banks products into their offerings, leveraging a whole range of external APIs for purposes of development and innovation as well as all the potential benefits and revenue that could be generated through added value data plays. While all these are significant equally though there are as many opportunities for new entrants and existing people within the financial services ecosystem. A great scenario that I have been told by an ex colleague of mine is this; imagine you’re are a large aggregator in the UK who has established yourself in the psyche of millions of the British public for saving them money and offering them opportunities and simplicity of choice. Through PSD II you can quite easily evolve your offering to the millions you have registered already to be a good and simple personal financial management tool, enabled through the APIs the bank has to expose, that aggregates all of their accounts with all the banks. No screen scraping, no issues with 2FA access etc. just using the API the bank is mandated to give you. Beyond this simple service you can give a full view of the market opportunities that the customer can take advantage of at the point that its relevant to them. A full market view when your savings rate changes at the click of a button? A reminder of the mortgage rate changing and a prompt to do so to ensure you’re maximizing your potential of your finances? This kind of financial management tool becomes something truly game changing in the space and worryingly for the banks through PSD II is highly likely. For many of the startup banks the ability to become famous for “banking” in a highly fragment and expensive to market to customer base over the next few years is going to be tough but for someone already in the market and with as much money to spend as the banks do on marketing then this could be a serious judgment day moment for the banks. Imagine what this would do to the inside of a bank? How would NPD (New Product Development) be impacted? How would revenue and teams be needed to be restructured?

Barriers to opportunities for banks

While there are still significant opportunities for the banks in this space there are major barriers although most of them are internal. As I said above the biggest challenge to banks being able to embrace this ahead of being have to is themselves. I constantly sit in organizations that are preoccupied with maintaining the status quo and the changes that PSD II require demand very different thinking. Security concerns, ones of control, technology legacy and generally a hope that all this will get over turned in the courts will limit the banks ability to make change happen in this space. For FinTechs and startups this will not be an issue but an incentive.

End Game

The banks have been stupid. Innovating themselves has been seen as being too hard, too costly and too scary for most with innovation being relegated to a “centre” or a “team” to focus on. Truly PSD II has the potential to be the end game of end games for banks who do not get out ahead of the regulation and make the needed changes to both their operations and customer offerings. Legislation against stupidity works in many cases. It will be interesting to see if the banks get away with this one.

[/vc_column_text][/vc_column][/vc_row]