Open Banking APIs with case studies for senior stakeholders in under 10 slides
#innovation #futureofbanking #psd2 #digitalbanking #digitization #digitisation #digitaltransformation #investment #fintech #banking #payments #wallets #VC #tech #futuretrends #quickguide
Streamlining Python Development: A Guide to a Modern Project Setup
Open Banking APIs Overview for Senior Stakeholders
1. Open Banking & APIs
- Overview for Senior Stakeholders -
Mimi Ajayi
Digital Product Manager
20.Jan.2019
2. I will cover
• Open Banking: summary
• Open Banking: standard Customer Journey with APIs
• API ecosystem: typical flow of activities
• Case Studies: non-banking, banking
• API Considerations & Recommendations
Mimi Ajayi on LinkedIn, 15.Feb.2019
3. Open Banking - summary
OBIE
MAIN ACTORS
• Open Banking Implementation Entity (OBIE)
• Competition & Markets Authority (CMA)
• EU Payment Services Directive (PSD)
• Financial Conduct Authority (FCA)
CMA-9
Terminology
Criteria
Activities
Common Terminology
• ASPSP: banks, building
societies, credit card
companies, including CMA-9,
top 9 mandated banks.
• PSU: payment service user i.e.
customer
• TPP: third party apps customers
use for e.g. budgeting, SME
book-keeping, accounting,
capital or loan or tax services;
may be fintechs or
organisations authorised and
regulated by FCA
• Criteria & Activities: specific
and regulatory-driven per actor
Mimi Ajayi on LinkedIn, 15.Feb.2019
4. OBIE Requirements - API Flows
The standard
customer
journey in
simplified terms,
made up of these
3 Core Service
Requests using
APIs
Customer consents to:
• Account Information
• Payment Initiation
• Card Based Payment Instrument
API: Application Programming Interface
[a] one party’s computer program the
capabilities may be used by other computer
programs
[b] APIs are the prime tool for delivering
Open Banking
Mimi Ajayi on LinkedIn, 15.Feb.2019
5. Typical API ecosystem - Banking
PSU:
• registers with TPP & gives
Consent
• sends request via TPP
TPP*
PSU
TPP App using
Open Banking,
e.g. AISPs,
CBPIIs, PISP
TPP Developer in advance
• registers their App with
ASPSP Portal
• receives access credentials
• tests Endpoints, using uses
SOAP or REST
• confirms Live APIs
TPP App
receives
PSU
request
ASPSP forwards Confirmation to TPP
TPP processes data
for PSU, delivers to
PSU device
1. TPP App forwards PSU Consent,
Authentication and Request via API
2. ASPSP:
• receives TPP request with Consent
and confirms Authentication
• processes Endpoint
START
END
Mimi Ajayi on LinkedIn, 15.Feb.2019
6. API Case Studies: Non-banking, Banking
Government Digital Service (GDS) research:
• HMRC providing APIs to Payroll sector
CMA-9 Banks and other financial sector organisations:
• Own portal with API Exchange to register and authenticate
entities* meeting both FCA and OBIE criteria
• Developer Zone & Sandbox
• Knowledge Base and Resources to support Developers
Opportunities:
• Collaboration, Co-creation, Entrepreneurial propositions,
Innovation and Inclusive Design
• Legal Responsibilities to Vulnerable Clients: CMA-9 to
identify & protect
Mimi Ajayi on LinkedIn, 15.Feb.2019
7. Digital Banking API Considerations
API types
• Private
• Partner
• Membership
• Acquaintance
• Public
API business models
• API Marketplace
• Account Aggregators
• Independent Advisor
• Cross-industry collaboration
• Hackathons / Crowdsourcing
• Bank + Fintech collaboration
• Banking As A Service (BaaS)
• White Label Product Vendor
• Openness at the Core
Considerations lead to Recommendations …
Mimi Ajayi on LinkedIn, 15.Feb.2019
8. Digital Banking Proposition
API Strategy Recommendations
• Assess current state
• Considerations for future state
• API catalogue potential
• Monitoring Framework & OBIE Issues
• Account Privileges
• Updating Endpoints
• Managing Certificates
• FCA & CMA Scorecard: published on Monitoring,
Investigation, Resolving Issues, SLAs
• Culture of Continuous Improvement
• Keeping ahead of Customer Trends
Mimi Ajayi on LinkedIn, 15.Feb.2019
API: Application Programming Interface [a] a mechanism that allows the capabilities of a computer program to be used by other computer programs [b] it is the prime tool for delivering Open Banking
At the core of all Open Banking customer journeys is the mechanism by which the PSU gives consent to a TPP (AISP or PISP or CBPII) to access account information held at their ASPSP or to initiate payments from their ASPSP account.
In general, simplified terms, the consent request is initiated in the TPP domain (step 1 right). The PSU is then directed to the domain of its ASPSP for authentication (step 2 right). Then, once authentication is complete, the ASPSP will be able to respond to the TPP’s account information or payment initiation request and redirect the PSU back to the TPP for confirmation and completion of the journey (step 3 right).
TPP* must be registered with and authorised by Financial Conduct Authority (FCA) for OB activities, also enrol with OB Directory
AISP: Account Information Services are methods that consumers and companies can use to get a 360 degree view of their finances. Parties providing this tool are Account Information Service Provider AISPs
CBPII: Card Based Payment Instrument Issuer
PISP: Payment Information Service Provider
ASPSP: Accounting Standard Payment Service Provider i.e banks, building societies, credit card companies
Entities* using Bank’s own portal with API Exchange: other banks, fintechs, aggregators, product comparison platforms, budgeting and accounting providers, tax service providers, PISPs and CBPIIs which must meet FCA and OBIE criteria to register
As-Is state vs. considerations for To-Be state: API customer journey, pain points, SLAs, KPIs, KRIs and API Strategy
As-Is state vs. considerations for To-Be state: API customer journey, pain points, SLAs, KPIs, KRIs and API Strategy
As-Is state vs. considerations for To-Be state: API customer journey, pain points, SLAs, KPIs, KRIs and API Strategy
As-Is state vs. considerations for To-Be state: API customer journey, pain points, SLAs, KPIs, KRIs and API Strategy