NEW data on the problem of API drift – most production APIs are not built as designed  Learn more >

APIContext Guides
New to the API economy? Learn what APIs are and why they’re so important.

Detailed guides to using APIContext to solve critical business problems.

What is PSD2
(and what does it have to do with APIs?)

A new European Union directive has come into force that will eventually change the way people bank as we know it. It’s called PSD2 (Revised Payment Service Directive), and it will open up the way banks do business. It will also create new companies for processing payments. 

If you are in the banking or financial sector, it’s important to understand what PSD2 means for your industry, and how to react to it and become compliant with all of the regulations that encompass it.

PSD2 Active API Performance Monitoring

The nuts and bolts of PSD2

PSD2 makes it mandatory for banks to open up their records to third-party companies. And in many companies – particularly the UK – they must do so in a standardized format. This will allow third-party companies to see an overall picture of a given person’s financial state.

As it is now, if you have two or three bank accounts, it can be nearly impossible for a third-party company to see your full financial picture. With the advent of PSD2, it will now become very easy for them to do so.

The method of making banking data open and transparent is achieved through the use of APIs. This means that banks need to develop accurate, well-functioning APIs in order to be compliant.

This will be a great benefit for people who bank in different countries. For example, imagine you are from the UK but move to France. Currently, France would have no information on your banking history. This would make it very hard for them to determine whether or not they should grant you a loan – or even let you open a bank account at all.

With PSD2 in place, a French bank would be able to look at your file and see exactly what money choices you have made in the last couple of years. This would give them the information they need to help them decide whether or not to provide you with a loan.

Of course, this also has the added benefit – for the bank – of making more careful and reasonable choices about who to make loans and other financial tools available.


SPEAK TO OUR TEAM ABOUT PSD2 COMPLIANCE MONITORING

Cutting out the middleman

Payments will also be radically simplified under PSD2. Currently, when you try to buy something online, the information goes to a middleman, who then goes to Visa or MasterCard, who then sends the “yes” or “no” information back.

Having a standardized system in place will eliminate that middleman, and instead allow you to pay for the item directly from your bank account.

Banks, of course, will have to create APIs to make this possible. That is expected to happen at some point in 2020.

Looking forward

The biggest effect of PSD2 will be in the long term. Internet-only banks will be founded. They will be able to use the open data to decide who to open a bank account for. They will develop APIs in order to make all of their transactions open and apparent.

By not having to own commercial real estate in order to offer banking services, they will put a lot of pressure on traditional banks to find other ways to make profits. This will be disruptive to the banking and financial sector as a whole.

The challenges of monitoring

With 27+ regional regulators all with different remits and the European Commission not setting any actual performance or quality bars PSD2 is also going to to present some interesting challenges for monitoring and API providers. You can download our White Paper on this in our download zone – simply fill in the form on this page.

APIContext for Fintech

Learn more about our offerings for banks, ASPs, TPP and other financial service providers

Rankings for APIs

Check out our financial services rankings for leading PSD2 APIS from the major vendors.

Ready To Start Monitoring?

Want to learn more? Check out our technical documentation, our API directory, or start using the product immediately. Sign up instantly, and monitor your first API call in minutes.

Cloud tech psd2

PSD2 is driven top-down by the European Commission and the European Banking Authority (EBA). But it is built bottom-up by the banks and other service providers themselves. And the Commission/EBA don’t regulate PSD2 providers. It’s the “national competent authorities.” In other words, it’s the regulator in each country. Unlike the UK, where the CMA9 regulations are defining what the banks must do, PSD2 leaves things entirely in the hands of the banks and related businesses.

This creates an immediate problem. There might only be one set of regulatory technical standards for PSD2, but there are more than 30 national competent authorities interpreting the standards. Providers will have to ensure that they comply with the interpretation of the standards in each of the countries they wish to operate in.

And one thing that can be guaranteed – if there a single standard with multiple authorities attempting to interpret it, there will be at least as many interpretations as there are authorities. Worse still, if we are to believe the EU on this issue, the enforcement and compliance mechanism will be based on arbitration and complaint handling by the national bodies.

This sounds like a recipe for chaos.

What needs to be done?

As ever, the best solution is to approach the problem from both ends. Given that the Commission and the EBA want to create an effective single market in payment services, hopefully the EBA will steer the national competent authorities towards exactly how the regulations should be interpreted.

Pan-European industry bodies, such as the Berlin Group, can  influence both the EBA and national regulators to adopt consistent best practice across the continent.

Furthermore, the EBA, national competent authorities, trade organizations, banks, service providers and other stakeholders should be searching constantly to discover what works well in open banking for all parties. For instance, in areas like service performance and quality monitoring,we can work to disseminate this knowledge through the industry to minimize the problems caused by different countries adopting widely different approaches.

Full Transparency.

The banks we work with are already seeing this challenge. They want to understand not just how well their services work, but how they can measure the other services they are going to be integrating to. They recognize that it’s not enough to have an understanding of what their server logs say, but to have a full and transparent view on what their services are actually doing and what the services they have to integrate to look like.

This goes beyond self certification – without clear and completely transparent standards used and agreed upon between partners on what constitutes good performance and the buy in of the national bodies, PSD2 will be a very painful process.

Obviously, at APImetrics we see ourselves as a part of the process, but more importantly, if we didn’t exist, somebody would need to invent us.

Photo courtesy of Aaron Poffenberger


CONTACT US ABOUT OUR BANKING SOLUTIONS

Read more about PSD2 and our banking solutions here.