2018 is the year when new regulation ushers in a new era in terms of how we handle and think about data. Increased automation will also enable businesses to generate unprecedented amounts of data but the real focus will be on the new approach to customer data security and privacy (under the General Data Protection Regulation/GDPR), as well as the new approach to ownership and access to customers' bank account data, under the revised Payments Services Directive (PSD2).
Payments providers in the EU will start making the transition tomorrow, 13 January, to the new PSD2 rules. The essence of PSD2 is that banks will be obliged to allow customer-authorised third-party payment service providers (generally known as TPPs) to access data from the customer bank accounts, in order to provide services such as aggregated account-viewing platforms, or payments management and initiation services. It's hoped that this opening-up of account data to third parties, often referred to as 'open banking', will stimulate innovation and competition in the payment services sector, as fintech companies (the TPPs, which can include start-ups as well as the global tech giants such as Amazon et al) will be able to provide account-information services to compete – but also collaborate – with traditional banks.
As CTMfile wrote yesterday, PSD2 is expected to be more of a step-by-step transition throughout 2018, rather than an overnight big bang for financial services.
Challenges for banks
PSD2 engenders a number of challenges for banks. For one, they are required to invest in and build application programme interfaces (APIs) to enable the TPPs to access the bank customers' account data. In other words, they are responsible for developing the interface that allows TPPs to access and interact with data provided in the customer's online bank account.
There's also the huge shift in mindset, from being the proprietorial and exclusive owners of a large and invaluable set of customer data, with all the responsibility of security and privacy that comes with that, to allowing that data to be accessed and used by all authorised TPPs. This increased transparency into customer data is a complete game-changer, notes Guillaume Pousaz, founder of Checkout.com, in this blogpost.
Of course it's not just about transparency but about a real loss of exclusive access to customer data for banks. It's not unreasonable to think that many banks are concerned about losing their one-on-one interface with their customers. But there are also opportunities for incumbent banks to innovate for themselves (thereby gaining access to customer data from other banks) or to collaborate with fintech companies to create new streams of revenue and develop customer loyalty by offering new innovative services.
Corporate treasurers are also likely to benefit in the long-run, as new account aggregation platforms come on the market to offer improved interfaces for managing a large number of multi-bank accounts in one place.
PSD2: what should we expect on 13 January?
The short answer is 'not much'. While PSD2 could bring changes in the long-term (more competition, collaboration and innovation), in the short-term it's more of a transition than a big bang
9 facts to clarify how PSD2 will affect security and e-payments
A fact sheet published by the European Commission explains how the payments directive will pave the way for innovation and enable a safer payments environment for consumers and businesses
Banks face PSD2 compliance challenge before 2018
Few banks are ready for the revised EU Payments Services Directive (PSD2) and just 9 per cent were in the implementation stage of the new PSD2 requirements earlier this year