PSD2 became part of national law as the first phase of implementation was completed on January 13, 2018, when banks were obliged to allow access to their customer data.
In the coming 18 months – the next two phases are expected to be implemented by the third quarter of 2019 – banks will be looking at how they can get their services up to standard, and how they can compete with the arrival of third-party providers (TPP).
Although the first deadline has passed, the level of compliance seen was not universal.
|Amit Dua, SunTec|
For some, the slow movement might have been from a lack of clarity on the rules, not reluctance to cooperate.
Bob Stark, vice-president of strategy at treasury management systems company Kyriba, says: “There is some confusion about what banks are required to do to achieve minimum compliance.
“Most participants, including prospective account information and payment service providers, look forward to the opportunity to deliver a greater array of services to corporate CFOs and treasurers.”
And for others, small steps had to be taken first to bring the internal operations up to standard.
|Mark Ranta, ACI|
Mark Ranta, head of digital banking solutions at payment solutions provider ACI, says: “Change in the banks moves slowly. The start date was the first step to meet the regulations. There had to be the change in the infrastructure as the ecosystem evolves.”
SunTec’s Dua adds: “Few banks have been working out how to make PSD2 work to their advantage while they have been working towards the compliance standards. But expecting all of them to do that by the January 13deadline would be like redecorating the living room while the kitchen is on fire.
“Eventually every bank will need to decide if it wants to be a utility player or a full customer-experience owner.”
McKinsey released the white paper ‘PSD2: Taking advantage of open-banking disruption’in January,looking into how the banks were responding to the regulation and the possible consequences of not acting fast enough.
Respondents to the McKinsey survey were divided on their views of who will be the beneficiaries of PSD2, with responses split between smaller ‘attacker banks’ that are more agile, and the larger banks, which are better resourced and able to develop their own ecosystems.
ACI’s Ranta believes, now that the first deadline has passed, the established banks have to start moving to make headway.
“Banks did not have lots of time from the announcement of the regulation to the live date,” he says. “Banks were able to meet the deadline, but it was only by doing the underlying work to be compliant. Now there is time for proof of concept and beta testing.”
The combination of regulations coming into play this year has held some banks back, especially as they seem to create conflicting tensions between the opening up of data and the need for greater customer privacy.
Ranta says: “The arrival of the rules on GDPR [general data protection regulation] makes it seem like the regulators make their decisions while in two separate rooms. Banks need to keep GDPR in the back of their minds regardless of what they decide to do as their next step.”
However, dragging their heels on their next steps could self-inflict long-term damage on the banking industry.
The McKinsey report outlines that in Europe, if access to account systems are combined with Sepa instant credit transfer, it could mean substantial costs for businesses acquiring card issuers or already issuing themselves.
“In a large European market, the threat posed by new service providers offering account-to-account solutions could potentially place €50 million to €100 million of bank revenues at risk.”
There are real concerns about the amount of business that could be lost.
Dua says banks need to rethink their role and look at their position as part of an ecosystem. He suggests they position themselves more as service providers, aggregating the various services that customers need and allowing these companies to provide them via the open-banking platforms.
However, they need to keep sight of catering for both the B2B and the B2C aspects of the business.
Dua adds that banks should be looking into how they can monetize PSD2, and what fees they can charge the third parties in relation to their size or the specificity of the customers they can provide.
To this end, the McKinsey report calls for banks to evaluate the business opportunities of PSD2 and to assess if the best value for them comes from focusing on their retail or their corporate customers.
“On the corporate side, executives consider multi-account management, transaction management, and cash management/cash pooling as the use cases with the highest potential impact,” it states.
The report is also clear on the gains that are possible, stating: “Developing a state-of-the-art cash management solution tailored for SMEs and mid-size corporates could generate €15 million to €30 million in additional revenue for a leading European bank (depending on the bank’s customer base).”
Bharat Bhushan, CTO of banking and financial markets at IBM UK & Ireland, says corporates are aware of how they could gain from PSD2, and want to see progress.
“The beneficiaries of PSD2 – the retailers, utility providers, travel and transport companies and government departments – are eagerly awaiting the arrival of payment utility functions that they can simply plug in and provide their customers with a choice of making direct payments whilst reducing their card processing fees at the same time.”
Bhushan says there could be another payments format that is likely to gain traction in the near-term.
“Currently, the little known Request to Pay is likely to revolutionize the payments industry,” he says. “Some of these new payment styles may be embedded within merchant apps.”
Although the banks might feel like they are fighting against the TPPs for their place at the table, the European banks should not underestimate the possible advantages they could glean from being agenda-setting globally.
“The Spanish and the Nordic banks have taken the lead on what they can cover following the deadline,” says Dua. “Both regions have been high on innovation, have a small population, compared with the US or China for example, and therefore from the word go consider the entire global market as their oyster when it comes to doing something.
“The customers are already known to be tech-savvy and open to new banking ideas.”
IBM’s Bhushan adds that there is already other regions watching with interest in how this will play out.
“Whilst the UK and European markets are adjusting to this huge change, regulators from afar consider the UK and European markets to be trail-blazers and want to follow suit,” he says.
“For example, the Australian government is moving closer to implementing open banking.”