Open for business: Best practices to implement open API
With the advent of open API banking, the banking world stands on the cusp of dramatic changes in both its value chain and partner ecosystem. This calls for a radical rethinking and bigger steps towards an open API-banking world.
Serious deliberations dominate the discussion over merits and pitfalls of open APIs as the banking community looks for a unilateral direction based on the technology’s evolution. Investments continue to come in with many strategists considering best approaches; amidst uncertainties, the European Union has taken a bold early step by declaring its Revised Payment Service Directive (PSD2). This lets us to look at the European banks executing a pilot project of sorts for the rest of the world.
While no surefire strategy informs open API banking implementation, these best practices can increase the chances of success:
Data Sharing: Banks must first consider what data to share with the external world. Banks need to anticipate what kind of data they need to share with different third-party entities, particularly account information service providers (AISPs) and payment initiation service providers (PISPs). Banks can then expose a data layer of 360-degree customer view, extracted from their different sources to the third-party entities.
Data Security: Sharing a bank’s data with third-party service providers is a tough task to undertake—especially when taking security into account. This makes for one area where banks are skeptical of the open banking model’s prospects for success. Banks will critically examine which security protocols to implement as they manage data sharing, while keeping in mind any and all compliance regulations that govern them. Security concerns must also address the differences in handling of private and public APIs.
Management of APIs: Banks need an organized API management strategy in place—and hence the right tools as well. Under API banking, the world is moving from Simple Object Access Protocol-based APIs (SOAP) to Representational State Transfer APIs (REST). Thus, tools must convert existing SOAP APIs into REST APIs. Bigger banks may possess their own in-house solution for APIs; other banks might opt for an API management provider instead.
Test and Publish: Banks can conduct a Proof of Concept (PoC) to learn and realize the APIs in sandbox (pre-production) environments and then run a pilot project for one product or branch to assimilate findings in real time. When successful, the same can be published to the larger world. Thus the risk will be largely mitigated, though more time will be consumed.
New Business Avenues: It’s prejudicial to assume that the open API concept will apply to existing products and services. Banks must persist in seeking new opportunities and new business models where they can execute open API strategy. This may unfold new channels of customer service or new business options.
API Monetization: The successful and frequent use of open APIs will lead to new monetization opportunities for many niche APIs. Monetization features may find their way into APIs nowadays, but the true monetization opportunity will blossom when customer engagement exceeds a particular threshold value.
This is certain: Open API banking will fuel the next leap in banking services. This holds true even though fear exists that the non-banking organizations will embrace the open API banking economy—and in the process relegate banks to the role of utility service providers.
The million-dollar question banks now face is whether they will allow themselves to inherit a diminished role, or scale up to lifetime service and advice providers for their clients. Of course, banks will try to achieve the latter.
Ultimately, those banks that set the right governance model will lead the industry from maximum potential to maximum realization. The future, quite literally, is wide open.
Want more Banking Strategies? Sign up for our free newsletter!