APIs Perspective: Analysis of the PSD2 and Open Banking in Europe

Banking, which is a heavily regulated industry, is changing partly due to regulations and also due to new players and tech-led experiences they are bringing to the customers. Among these regulations, there is one such regulation that has the potential to change banking forever: Open Banking. Using Open Banking, the financial institutions can securely provide other FIs and TPPS with seamless access to, and communication with, customer data through open Application Program Interfaces or APIs, but how did open banking come into existence?

In late 2015, the European Parliament passed the revised Payment Services Directive 2 (PSD2), which brought clear guidelines and national laws to the EU countries which mandate banks – based on customer consent – comply with the demand for their APIs/customer data by licensed third-party players (TPPs) followed by an announcement by the CMA that made it mandatory for the nine largest UK banks to implement recommendations developed by the UK government-appointed Open Banking Working Group (OBWG) to open up their APIs for licensed third-party providers, thus implementing open banking by early 2018. Following Europe and the UK, other countries such as New Zealand, Australia, Brazil, Japan, Singapore, Korea, and the USA have also started working towards implementing Open Banking in their respective countries.

The objective of such mandates was for fostering innovation, increasing the competition to level the playing field in the financial services market, thus bringing enhanced value to customers in terms of the services they get. The mandates also ensured that third-party players (TPPs) get access to customers' online payment services and account information through APIs. In the below segment, we look at the functionality and the scope of the APIs which are provided by various banks in Europe.

In Europe, we studied 31 banks to analyze their API capabilities using Innopay’s API functional scope, which is based on the four core capabilities i.e., API Catalogue, API Documentation, Developer Usability, and Developer Community. The analysis shows that only 10 banks, i.e., Citi, Starling Bank, bunq, ERSTE Group, Santander, Piraeus Bank, BBVA, DNB, National Bank of Greece, and OP Financial Group have rich API functional scope while the rest of the banks studied have limited API functional scope.

We also looked at the banks to understand the number of APIs launched by them and their presence in European markets. Among the banks studied, Türkiye İş Bankası has launched the highest number of APIs in the continent (17). A few of the data points that the APIs give access to are campaigns, payment plans, repayment schedules, loans, credit scores, customer accounts, customers, etc. This is followed by ERSTE Group and DNB, which have launched 11 APIs in their respective markets; BBVA, HSBC, Lloyds Bank, and Barclays, which have launched 9 APIs each.

The potential of open APIs in banking is too significant to be ignored. These APIs create opportunities for players across the financial ecosystem to create unique and new customer experiences, which ultimately benefit the customer.

We have now started exploring APIs launched by banks and will continue doing so in our future analyses.