Author |
|
Tony McLaughlin Managing Director in |
Merchants are looking for frictionless electronic collections directly from bank accounts and wish to benefit from cost, fraud and chargeback reduction.
Fintechs seek open access to banking infrastructure on an even playing field and the removal of constraints in developing innovative financial solutions.
If PSD2 is to contribute to an efficient digital payments market in Europe then it must operate as a well-functioning, standardized market solution. This is a challenge because of the way in which PSD2 delivers RTP. Each bank must provide PSD2 access in a compliant way, but there will be no central clearing system for RTP in Europe in contrast with countries such as India.
Individual banks may be more interested in their own compliance and competitive impacts than in the overall functioning of the EU digital payments market. Banks are concerned that PSD2 will lead them to the same fate as telecommunications companies who saw their expensive infrastructures commoditized by Over the Top (OTT) service providers.
PSD2 thrusts banks unwillingly into a dangerous labyrinth full of threats and with no clear way through. If the prevailing mindset is one of threat rather than opportunity, then banks may do the minimum to achieve compliance and we may not end up with the efficient digital payments market that Europe needs
In the mythical labyrinth the surest way to be eaten by the Minotaur was a strategy of minimum compliance, a lesson that banks would do well to heed as they consider how to adapt to PSD2 and the new world of open, real-time banking that it represents.
Global Context
PSD2 is one instance in a world of payment innovations that all point towards the same destination. As such, PSD2 is a test case to see how well banks can rise to the strategic challenge of open, real-time banking.
• Faster Payments: Instant retail payments schemes are proliferating all around the world. In India the Unified Payment Interface (UPI) is one of many government-backed initiatives to promote electronic payments. Faster payments is coming to every market, including the United States.
• Disruptive Technologies: Fintech investment in the payment space is exploding and novel technologies like Distributed Ledger Technology (DLT) and cryptocurrencies have captured the attention of even the most conservative central bankers.
• Application Programming Interfaces: Banks are beginning to embrace Application Programming Interface (API) technology internally and externally. We are moving into a hyper-connected, API-enabled economy.
• Embedded Payments: In China, Alipay and WeChat are plugged into the retail banks through API and host-to-host connections with the ability to debit and credit bank accounts in real time. They are embedding payment services seamlessly into a highly connected ecosystem of ‘life’ services.
Looking across these developments we can form a picture of what the future looks like – batch processing gives way to real time and closed systems become easily accessible components on hyper-connected networks. In future years we will read the PSD2 business school case studies in which banks will either have risen to the challenge, or not. One thing is clear - to survive and prosper in the era of open, real-time banking, financial institutions must move significantly beyond compliance.
PSD2 Compliance
With implementation of PSD2 around the corner many banks are well into their compliance projects while others await uncertainties in the regulations to be cleared up. It appears that many financial institutions are in compliance mode. There are two major issues with this:
• The sum of the parts does not equal a whole: The sum of thousands of banks becoming compliant does not necessarily lead to a useable overall system for the intended users.
• The Minotaur lurks: Individual bank compliance with PSD2 does not address the competitive issues resulting from the market change. Banks need to look above their own compliance projects to deliver answers to the first issue. If PSD2 results in a patchwork of non-standard access mechanisms that deliver a poor customer experience then the regulatory objectives will not be met and further action may be expected. PSD2 market structure issues will need to be addressed in order to avoid this outcome. It is important that we have a clear vision of what a well-functioning PSD2 solution looks like because answers to the deeper competitive issue lie beyond this first order of business.
PSD2 Market Structure
PSD2 must deliver a harmonized single point of entry for merchants wishing to collect from consumer bank accounts. What emerges from the individual bank compliance projects must work for the users of payment systems.
It is worth comparing PSD2 implementation to UPI in India: PSD2 achieves RTP by encouraging each bank to publish APIs, while UPI achieves the same outcome through a national clearing system. In UPI there is a single standardized entry point (the “U” stands for “Unified”). In the PSD2 case, it is expected that multiple Third Party Providers (TPPs) will create these single entry points for merchants.
The extent to which potentially thousands of bank APIs will be standardized and whether national or other aggregation points will arise is unclear at this time. It does not appear to be desirable that multiple TPPs each connect to thousands of different underlying APIs; indeed this will disadvantage smaller fintech players. It is to be hoped that banks implement standardized APIs to comply with PSD2. Furthermore, aggregator service providers will need to come forward to provide PSD2 as a harmonized market solution.
Banks have two possible strategic responses to PSD2. One is to achieve minimum compliance at the level of the individual bank with no regard for resulting market structure or usability for merchants and consumers. While this response may be an effective delaying tactic, the resulting regulatory intervention is likely to be draconian.
The other option is to look at developments across the globe and accept the coming of open, real-time banking as inevitable. A truly strategic response that works for PSD2 will stand banks in good stead for challenges to come.
PSD2+
At the level of compliance, banks need to connect with peers across Europe to deliver a simple, harmonized PSD2 experience for payment system users. Market structure issues need to be addressed, but this is merely necessary and not sufficient as a strategic response.
Every bank should have a PSD2+ project in addition to a compliance project. The PSD2+ team will drive the bank to embrace and benefit from open, real-time banking. Here are some of the areas where banks can lean in:
Point of Sale (POS) – PSD2 is seen by many as a solution for e-commerce but to be truly effective it must also reach into the POS world, which is 30 times larger. Banks should find standardized ways to deliver PSD2 at the POS.
Credit for the buyer – There is a clear opportunity for banks to deliver credit on top of a PSD2 transaction. In the e-commerce environment there can be both “Pay Now” and “Pay Later” buttons, the latter of which books a loan on the bank’s books. Banks should agree standard API calls to enable this additional transaction type.
Complementary Services - There are a wide variety of additional services that banks might creatively layer on top of a PSD2 transaction, such as purchase insurance and loyalty schemes. Again, banks can collaborate to standardize these API calls.
These are only some of the ways in which banks can deliver not only the intended benefit to the European digital marketplace, but turn PSD2 from threat into commercial opportunity. The Minotaur’s jaws await those who approach market change with a compliance mindset. The lessons from PSD2 will also apply globally in this new era of open, real-time payments.
This article is for information purposes only and does not constitute legal or other advice. The information contained in this article is believed to be accurate, but Citi makes no representation or warranty with regard to the accuracy or completeness of any information contained herein. Citi is not liable for any consequences of any entity relying on this article.