Professional Documents
Culture Documents
Whitepaper - How To Develop An API Strategy For Open Banking
Whitepaper - How To Develop An API Strategy For Open Banking
Conclusion 28
About Fiorano 29
OPEN BANKING HAS CHANGED EVERYTHING
The banking world is changing at break- Open Banking powered Fintechs they
neck speed; in many cases tried and are now competing with. We think it is
tested business and operating B2C important that Banks fight back; in
banking models are being flipped on its most cases, they are in a better
head. position to develop more innovative
products and services based on Open
The onslaught of nimble, agile Fintechs to Banking data. Banks should view Open
win market-share by offering time- Banking as a driver to dig-deep into its
sensitive and contextually relevant systems and data goldmines and
products and services to traditional bank innovate. Part of this includes
user-bases is relentless. To make things introducing well thought-out and non-
worse, Fintechs are using Open Banking siloed (i.e., not dependent on a core
APIs provided by Banks to build the very banking ISV) API programs at the heart
propositions used to win customers. of their technology architectures and
using Open Banking as a springboard
The world is continuing to move away to commence full-scale API-
from overbearing centralized systems to capabilities, allowing banks to create
data-driven collaborative ones. Open relevant, data-centric products and
Banking provides the perfect hybrid services.
between the reliability and
trustworthiness of a big bank and the In this paper, we expand on specific
personalization, innovation, and agility of steps banks should consider when
a start-up. It is forcing incumbent banks developing an API strategy and
to relook at their roles and value provide an outline of what a target
propositions, which have not changed for Digital API Banking architecture should
decades. look like, supporting Open Banking and
beyond.
We all know Open Banking is disrupting
financial services, but what has taken According to Vantage Market
banks by surprise is the pace of growth research, the worldwide $37 Billion
and sheer scale of investment going into Open Banking market is expected to
grow at a CAGR of 23.98% through
2022-2028. Do not get left behind!
3
OPEN BANKING AROUND THE WORLD
4
ADVANTAGES OF OPEN BANKING
For consumers
Enhanced personalization
Open banking has demonstrated tremendous potential for hyper-personalization
of product and service offers, supported by aggregation of data from multiple
data sources, enabling tailored experiences according to customer-specific
scenarios.
With the implementation of open banking, customers are in control of their data.
In most countries where Open Banking is a regulatory mandate, one of the first
impositions by regulators is a ban on the widely prevalent and extremely unsafe
practice of screen-scraping. With Open Banking, data is shared only under explicit
time-bound consent conditions, currently based on a 90-day consent window.
Management and revocation of this consent is always in the control of end users.
In addition, Open Banking is built on token-based models for data exchange
which govern the sharing of data with trusted third parties.
Convenience
Open banking offers customers composite financial products, utilizing cross-
organization data and collaborations to deliver more-value and quantity of
relevant products and services, across end use-cases (e.g., Insurance data
sharing, BNPL etc.).
5
Better decision-making
Customers can choose the best financial products suited for them from various
Open Banking data powered choices and make data-driven, informed decisions.
Consumers can get further opportunities to better manage their finances through
innovative products that provide visibility, control, and timely financial advice on
optimizing the use of their finances.
Financial Inclusion
Open Banking has been established as a powerful tool to improve financial
inclusion, based on its underlying principle of secure, customer consented data
sharing.
6
FOR BANKS
Improved Engagement
Open banking APIs can help banks improve customer engagement and securely
meet the changing demands of existing and prospective customers. Banks can
use innovative models from open banking to moving beyond traditional banking,
to retain existing customers and convert prospective customers looking for
alternative options to manage their financial well-being.
Speed to Market
Financial Institutions will be able to spot many new market opportunities and
respond faster, gaining time to market advantages. Information availability can
create, and market bundled offerings that are difficult for independent providers
to match.
Innovation
Customer Stickiness
Banks who innovate based on Open Banking data will be able to increase
stickiness with customers, in both B2C (retail) and B2B (corporate) scenarios,
though B2B Open Banking use-cases are more related to use-cases such as
short-term lending and Trade Finance etc.
7
Risk Management
Market Expansion
Banks that are facing slow growth in their traditional businesses have been
looking to identify and develop new revenue streams. Open banking APIs expand
possibilities for growth, either by providing standard services to new customers or
by creating and distributing new product offerings.
8
OPTIONS FOR BANKS
Open banking helps create innovative business models. Using APIs, banks can
transform themselves from a business to a platform, allowing the ability to
multiply value creation by enabling business ecosystems within and outside the
enterprise. While every bank chooses its own path, there are 4 broad options that
banks can adopt which are common across B2C (bank > customer) and B2B
(bank > corporate) scenarios.
Traditional Banking:
Customers
Channels
Product lines
Core systems
Traditional Banking
9
Comply Compete
Businesses expose selected (often Turn the tables. Banks consume
mandatory) services and data Open Banking data from other
through APIs to help the ecosystem financial institutions, like a fintech
develop new service offerings. would. Businesses can use APIs to
Normally relevant where Open access third-party services and
Banking regulations exist (e.g., UK, data, empowering themselves to
Europe, Canada, Bahrain etc.) develop new offerings in their
bouquet of services.
Customers Customers
Channels Channels
Open Open
Banking Banking
APIs Product APIs
Product
lines lines
Customer Intelligence
based on OB data.
OB Core
Core systems Data systems
Bank as
Traditional Banking AISP / PISP
Consented
Transactions
data from
other banks &
accounts
10
Collaborate Platform-play
As Open data sharing extends its In 2020, market capitalization of the
footprint to other sectors, Open top 4 payment companies overtook
Banking changes to Open that of the big 6 banks on Wall
Economies, and offers joined-up Street. Banks can follow a platform-
propositions built on data-sharing approach built around unbundling
across sectors. Examples include and re-assembling products and
insurance, pensions, healthcare, services through Open Platforms.
and utilities.
These platform plays can take the
shape of:
API Marketplace
Financial services hubs
Aggregated data APIs
Banking as a Service
Embedded Banking / Finance
Customers Customers
Fintechs /
TPPS
products & services
Complementary
Channels Channels
Open
Banking
Product APIs
Product
lines lines OB APIs
Other bank
APIs products
OB Core
Data systems Core systems
Bank as
Collaborator Bank as Marketplace
Consented
Transactions
data from
other banks &
accounts
11
ALL ROADS LEAD TO APIS
Whichever route you choose, one indisputable fact is that APIs are the channel for
all, are everywhere today, and without doubt have become omnipresent in
financial services.
APIs are the digital glue of modern banking, however while the number of APIs
used in banking is growing exponentially, these are not necessarily by banks
themselves.
BNPL
Open Banking
JP Morgan (embedded
Payments APIs
APIs)
12
It is high time that banks, especially those that rely on siloed vendor applications,
get a grip on their own API strategy. The API economy is disruptive, and those who
do not adapt to new, API powered business models will lose any competitive
advantages and get left behind.
While there is no doubt about the role APIs will play in driving the future of
banking, the unfortunate reality is that even today, many banks continue to rely
on a core-vendor centric API solution and do not have a well thought out API
strategy of their own. From the 2022 Cornerstone Advisors report, 33% of banks
had just deployed a core-vendors API solution and a further 19% do not have their
own API strategy.
2 Source: Cornerstone advisors survey of 200 U.S. based community bank and cfedit union executives, Q4 2021
Further, only 23% of executives said they are ‘very confident’ in their core vendors
approach to APIs. This is unsurprising since to gain a competitive benefit from APIs,
banks must think about their overall digital and API strategy as a whole and not
siloed strategies for individual projects, be that Open Banking or others.
13
BENEFITS OF AN API STRATEGY IN OPEN
BANKING
The hard work involved in making the necessary internal changes to adopt Open
Banking can be leveraged to generate new revenue streams by creating API
products. API products give corporate customers and partners freedom to utilize
your bank’s assets with the ability to build customizations as per their
requirements.
Collaborative Capabilities
Open Banking gives third parties access to your customer data, but why stop
there? You can build deeper relationships with your third-party service providers
by offering extra assistance such as development services, support staff or
additional functionalities. This enables your bank to create distinct value
propositions to entice new customers.
14
PREPARING FOR OPEN BANKING SUCCESS
The global open banking market is expected to grow from $15.13 billion in 2021 to
$19.14 billion in 2022 at a compound annual growth rate (CAGR) of 26.5%, and
further to $48.13 billion in 2026 according to forecasts from Globenewswire.
Despite these promising opportunities, traditional banks have been slow to adopt
Open Banking, or even a proper API strategy, often doing the bare minimum for
compliance, and not considering how a bank can leverage Open Banking for
competitive differentiation such as building data management, analytics, and
agile partnerships capabilities centered around customer value.
Some essential things banks should consider when preparing for Open Banking
success include:
Agile. Cloud-first. API-first: Unlike traditional banks that have been built-up
around monolithic, closed, and proprietary systems, predominantly not API or
cloud-ready, and operating in batch-modes, Fintechs are data-first and
extremely focussed on the consumer experience, convenience, and data-based
value propositions, terms not common in traditional banking.
Leverage partnerships: Banks that are used to finding all the answers internally
are realizing they can offer go to market with new products and services when
collaborating with ecosystem partners through APIs.
15
Data Custodianship
Data is a cross-functional asset whose value will increase over time, and banks
must manage it efficiently through robust frameworks for collecting, sorting,
integrating, and maintaining data, including custodianship, consent, and privacy
considerations. From an Open Banking standpoint, banks must invest in data
management and intelligence capabilities to generate actionable insights from it.
16
Sustainable and non-siloed API ecosystems and competencies are built on the
following key principles:
Product and Service MVPs as APIs: API first. Think beyond legacy API models
of internal vs. external APIs, public vs. Pvt., and have your business users
change their fundamental thinking to be API-first and around business
value. Start building new PoCs and MVPs as APIs.
Fail Fast: Discover > Build > Run > Socialize APIs: The Fail-fast philosophy
takes an iterative-approach to developing new ideas, based on the premise
of getting feedback on Minimum Viable Products early to validate or
invalidate them. In today’s world where the lines between banks and
technology companies is blurring, strong API development capabilities and
a similar approach towards APIs are critical. Fiorano’s cloud-native and
high-productivity lead model and visual tooling complements this well,
allowing API testing and iteration to be an integral part of the Fail Fast
process.
Secure & Scale: Multiple principles, security and data governance best
practices are to be followed to ensure the APIs you build and the APIs you
use are secure, reliable, and available, spanning content-integrity, data-
integrity and IAM-centric authentication and authorization, which offers
separation of concerns based on zero-trust, least-privilege principles. It is
important that your chosen API platform supports standards-based models
for securing APIs and their contents based on industry models including FAPI
(OpenID), OAuth2 & FIDO2 for Open Banking. And beyond it for new models
around Digital, programmable money, CBDCs, DLT and Web3.
Operationalize and Govern: Your API platform should also support proper
governance of your APIs, at a minimum covering centralization,
discoverability, API contracts, re-usability, automation, tracking and
deprecation at both project / programme levels.
17
3rd Party Channels
API Monetisation
(Internal/Public)
Developer Portal Developer API Internal API API Metering API API
Portal Sandbox Gateway & Monitoring Security Composition
API Sandbox
Core
Systems
Banking Payements
Core
A B
18
COMMON CHALLENGES FOR BANKS
So, you’ve decided on the role your bank wants to play in Open Banking, you’ve
worked out your API strategy and have started to build and deploy your Open
Banking APIs. That’s amazing!
Paving the way for competition: All over the world, financial services are
continuing to be disrupted by pure digital entities (fintechs, neo banks and
digital-only banks) who are producing innovative and highly engaging financial
products and services built on real-time data models. Most large, leading banks
on the other hand are burdened with legacy systems and technical debt.
Modernization is slow and they face ongoing risks of increased customer churn
and dropping market share with more pressure on profit margins.
19
Mapping Open Banking to Strategic Vision
Open Banking is a journey to new opportunities, and banks must map their
strategy with their long-term digital goals. Open banking is the right and often a
quick first-step to digital transformation initiatives. Banks will have to analyze the
depth they need to move and plan for technology and infrastructure to support
the business in products and growth, in the process reviewing their technical debt
and updating technology stacks to respond to opportunities with agility.
Open banking holds tremendous potential for innovation in the financial sector.
But it also has its challenges for banking institutions.
When adopting Open Banking, banks often underestimate the impact on existing
back-office systems.
There are some critical elements to consider here. While Open Banking effectively
introduces one more channel for consumers to interact with banks (in this case
regulated 3rd parties) it also places considerable strain on existing systems.
To illustrate, based on the latest statistics from YouGov UK, 28% of surveyed
customers in the UK access their bank account at least once-per-day, 33%
once-per-week, and 8% accessing only once-a-month.
The resulting total average number of calls to Core Banking per 100 user
per-month are:
{ 28 x 31 } + { 33 x 4 } + { 8 }
= 868 + 132 + 8 = 1008
20
In comparison, with Open Banking, if the same 100 users gave AIS (account
information, read-only) access to 10 regulated fintechs each, based on 90-day
tenure long-lived consent (each fintech / TPP having the ability to request AIS APIs
4x times every-day), the resulting API calls to bank Core Banking systems would
instead, over the same 30-day period be:
{ 100 x 10 x 4 x 31 } = 124,000
1,008 calls (pre-Open Banking) per month vs. 124,000 calls per month with Open
Banking for the same 100 customers.
Standardized integration patterns: With data and records that power Open
Banking APIs most often being hidden away in monolithic (sometimes
proprietary) core-banking systems that are not API-ready, to effectively deliver
Open Banking, banks need to factor separate internal and external API
environments for private and public / open APIs. Without a standards-based
integration, microservices, and API pattern that banks can call-upon to isolate
and separate these layers and functions, further complications arise.
Cost of Compliance: With access to mandatory Open Banking APIs often being
free for regulated Fintechs / TPPs, the cost of compliance often lands 100% with
the bank / ASPSP.
21
Data Privacy & Consent
The word ‘Open’ in Open-APIs, Open Banking and Open Finance is sometimes
mistaken as denoting an inherent relaxation of security. The majority of Open
Banking APIs are in-fact safer than normal APIs and represents a safer way of
banking.
Consent: One of the key pillars of Open Banking is customer consent. The
customer is always in control. With Open Banking, time-bound access (normally
90 days) for AIS information access is explicitly assigned to specific accounts, for
specific accounts, against time-stamped consent, under Strong Customer
Authentication (SCA).
22
FIORANO OPEN BANKING
Due to their dependence on legacy systems, banks must seek solutions that allow
them to reuse and repurpose existing technology stacks and seamlessly integrate
new components with their core-banking systems.
-BCB (Brazil)
Developer
OAuth 2.0
portal
23
Core-Banking Integration
Customers
Channels
Bank as
AISP / PISP
Consented
Transactions
data from
other banks &
accounts
24
Our Compliance Accelerator Customers
Open APIs
API Gateway
Developer
OAuth 2.0
portal
Model 1:
Customers
Fintech /
TPPS
Model 2:
Open APIs
OAuth 2.0
for Authentication,
portal
Gateway
Open Banking
Management. Country Directory
DCR &
Fiorano API Management SSA
(External)
Trust ecosystem
Single Sign
provided by centralized On
25
FIORANO UNIFIED BANKING API PLATFORM
Fiorano’s API platform allows a bank to quickly introduce the usage of APIs across
internal and external layers and provides a standards-based approach for banks
to incorporate APIs ubiquitously across the enterprise.
Fiorano’s API toolset delivers beyond the standard feature-sets required by a bank
to meet Open Banking and broader, Digital Banking imperatives.
Fiorano’s API platform allows a bank to quickly introduce the usage of APIs across
internal and external layers and provides a standards-based approach for banks
to incorporate APIs ubiquitously across the enterprise.
Fiorano’s API toolset delivers beyond the standard feature-sets required by a bank
to meet Open Banking and broader, Digital Banking imperatives.
26
It offers bank users with a core-ISV independent API tool kit
Standards based
No vendor lock-in
Full architecture for API Banking & Open Banking, with distinct environments for
internal APIs (e.g., composite BIAN APIs and atomic ISV specific APIs) and
external APIs (e.g., partner APIs, Open APIs) with monetization capabilities
27
CONCLUSION
Banks and financial institutions need to first choose the role they want to
play and look at underlying core API capabilities in a long-term and strategic
manner (i.e., for a Bank, with Open Banking, bare minimum compliance
should not be the goal).
1 https://www.konsentus.com/resources/the-world-of-open-banking/
2 https://www.crnrstone.com/whats-going-on-banking-2022
28
ABOUT FIORANO
Enabling Change at the Speed of Thought
With its cloud native integration and application construction platform, Fiorano
enables companies to transform their legacy systems into modern digitally enabled
businesses.
Fiorano operates worldwide through its offices in 9 countries and network of partners
across the globe.
Drop us a line:
www.fiorano.com
info@fiorano.com