Open banking: Going from vision to execution

By now, open banking has become the talk of the town in the banking industry. However, going from strategy to execution is the tricky part. Moving too fast without sufficient understanding your surroundings may result in unforeseen consequences, and on the other hand playing it (too) safe may result in a never-ending strategic analysis of what you could have, would have and should have been done. In order to get started, one must be able to refine and restrict the scope, focus and deliver.

An open banking strategy is in its simplest from centered around two principal roles.

1. Integrating third party API to either consume and/or present data or offer third party services through your platform
2. Allowing third parties to consume data and/or build products and services on top of your platform

While most banks are likely to pursue both roles in parallel, a balance between the two is imperative to maintain sufficient focus. This requires a clear understanding of which ecosystem position one is best suited to take. Both in terms of customer value, but also a realistic assessment of prerequisites to take on any given ecosystem role. This includes both internal and external factors such as addressable market size, potential partners, regulatory requirements as well as internal factors such as scale, stakeholder expectations and core capabilities just no name a few.

At the heart of open banking lies your API-platform. Should you build or buy? Next in line is to assess your underlying architecture. Are your core systems fit for fight? How will a potentially exponential increase in API request affect stability and cost of operations?

Opening up also comes at a price. Unprotected APIs could provide a backdoor to data and critical systems open for criminals and individuals with malicious intent. Without proper security, API weak points can expose customer data, backend system access, and even monetary systems to unauthorized access, opening up for several operational risks to both systems and businesses as a whole.

Do you have a data strategy in place? Hoarding data without purpose increase complexity and diverts attention from utilizing the data already in place.

Governance is equally important. Do your organization have the necessary legal frameworks, onboarding processes, risk assessment procedures, and other control functions in place to handle third-party connections? Following on that note, are they scalable enough?

These are just some of the key questions to make sure you have under control before moving from spreadsheets and powerpoints into the real world.

A good way to get started is to look for low-hanging fruits that may result in tangible actions. I prefer to keep things simple when possible, so I thought I would compile what I called a playbook for open banking based on examples from other banks and financial institutions. There are no lack of case studies on how Facebook, Amazon, Alipay, and Wechat has built vast digital ecosystems around their platforms. While these are fascinating examples, they are not necessarily transferable to your current reality.

One intriguing example was how USAA collaborated with Coinbase to include cryptocurrencies in their product offerings. Not only was this a fairly straightforward integration due to well-documented APIs at Coinbase, but a team of our employees had developed a prototype of the exact same functionality at an internal hackathon. However, simplification was needed to shorten time to market and reduce complexity. Instead of offering a full-fledged digital wallet for cryptocurrencies, we limited the functionality to show the account balance at Coinbase only and chose not to offer any trading possibilities.

After proving our capabilities to integrate third-party functionality, the natural next experiment was to allow third parties to access our APIs. Being customer driven, the natural next step was to give our customers access to develop their own applications.

If you’re already a customer, sign up at https://utvikler.sbanken.no and get started. If you for some strange reason are not already a customer, customer onboarding only takes a couple of minutes.

Having taken the first step towards open banking it was in good lean startup spirit (build-measure-learn) time to go back to the drawing board with some newly acquired knowledge based on real-world experience.

Even though the technical implementation of PSD2 has been delayed, and Norwegian banks are not required to open up until the second half of 2019, Sbanken, Sparebanken Vest, and Sparebanken Sogn og Fjordane are getting ahead of the curve and are making PSD2 happen long before it is required by entering a collaboration where customers will be able to view their accounts and balance across the competing banks.

We hope to set an example of how banks can collaborate to compete and hope more banks will follow in our footsteps. By doing this now, we are leveraging APIs to create both customer value as well as a competitive advantage rather than waiting until it is required of us to open up our APIs under PSD2.

Last week we followed up by letting customers would view their student loans in our online bank. Having the ability to view outstanding student debt side-by-side with mortgages and other loans gives our customers for the first time the possibility to view their total debt in one place.

By integrating to the Norwegian State Educational Loan Fund through our API-platform, this marks an important step towards giving our customers the ability to take the best financial choices for the future.

The possibilities are vast, and perhaps the biggest challenge is to be able to choose what not to pursue. While open banking today may be perceived as something going on at the side of the existing business, we are approaching an inflection point where we treat open banking as a natural component of banking in a digital age.