One early lesson from the introduction of open banking in Europe is the importance of the API in determining how ambitious banks and third parties can be. If the aim is to create value-added experiences that boost customer loyalty and attract new revenue, it pays to choose wisely, says Todd Clyde, CEO, Token.
The success of open banking will ultimately depend on the difference it makes to customers. It’s one thing for people to be able to see all of their various account balances in one place. But if the process for moving money or managing payments remains largely unchanged, is this really much more than a gimmick? It will take something more to influence customer loyalty.
If banks want to maximise the payback from open banking, they must come up with new linked customer-centric services – which, ideally, they can monetise. Under open banking regulations, basic third-party account access must be provided for free. But if banks can build on this facility, they could set themselves apart in the market and develop new revenue streams, by providing richer data sets to third parties which they can charge for.
All APIs are not equal
The first thing to realise as part of this journey is that not all APIs (application programme interfaces – i.e. the software interfaces enabling the connections to banking systems) are equal. Although early adopters of open banking in Europe have developed APIs using current PSD2 open banking specifications, each bank has tended to apply them in its own way. This has created complexity as third parties try to gain access to different institutions’ data.
When combined with the general lack of a broader vision for open banking, this has led to a fairly lacklustre first generation of new customer experiences. Most financial institutions have settled for a rudimentary pipeline to allow other banks and third parties access to very basic customer account data, which they are duty-bound to do by PSD2 (the Second Payment Services Directive).
This entry-level, DIY approach has compromised the impact. Banks have incurred more cost and effort than necessary, while restricting their scope for innovation.
Beware being leapfrogged
The danger now is that next movers, including financial services innovators outside Europe, will step into the breach. They will cut straight to the interesting use cases with a next-level, standard API – one that is globally applicable, provides consistent system integration and data exchange with all banks, and which has been designed to support value-added services for consumers.
A typical service innovation might include providing the ability to manage personal finances more readily across diverse accounts, loans and investments with different institutions, using easy-to-adjust rules to rebalance funds, irrespective of where each account is held. Another might provide the flexibility to adjust recurring payments effortlessly – say, to a mobile phone contract or subscription service such as Netflix or HelloFresh – or complete high-value purchases or finance agreements instantly, using an on-tap ID verification/affordability assessment service.
Furthermore, offering banking access privileges to a range of other organisations (with customers’ permission) is something banks could charge a premium for. Retailers and brands looking to enhance customer loyalty would relish the ability to understand more about household budgets and consumer spending.
This broader data-sharing potential needn’t be seen as sinister, if those brands respond with more meaningful customer rewards. With an advanced API, it should be possible to create robust controls around all of these scenarios – including first-rate secure customer authentication, permissions management, and more. All of which are critical in building and maintaining consumer trust.
These are just some of the value-added consumer use cases that are opened up by an advanced, standards-based API.
The path to profit
Those banks that command an API advantage today have much to gain as innovative first movers in a next-generation financial services environment – by transforming the customer experience, and cementing and winning more business in the process. This is especially true at a stage when third parties are willing to pay for superior functionality and the ability to roll out their own superior experiences.
Banks that fail to seize the moment, by contrast, could see others commanding all the attention and applause. The latter might include newer challenger banks, or institutions in the Middle East, Asia, and Africa, which have been studying and learning from developments in Europe, and as a result hope to cut straight to the profitable opportunities.
The other risk from complacency and conservatism is that established banks give away free access to their crown jewels, before conceiving and formalising new revenue streams. Rather than lose any more ground now, European banks would do well to partner strategically to bolster their opportunities.
BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH
By Victor Acin, Threat Intelligence Analyst, Blueliv
Financial services firms are increasingly being told to embrace disruption in order to compete in a fast-evolving market. But this very disruption threatens to drive a new type of risk: the risk of data loss, service outages and fraud on a massive scale. The resulting hit to the bottom line and corporate reputation may undo all the good work that digital transformation has helped to foment.
As we enter a new decade, banks need to think carefully about how they respond to these mounting cyber-risks, without holding back digital innovation. Cybersecurity, with threat intelligence at its core, must be a central part not just of business strategy but also of corporate culture.
Digital goes mainstream
According to PwC, financial institutions are increasingly migrating infrastructure to public cloud systems, as “digital becomes mainstream” in 2020. These investments are helping to create the more user-friendly services that customers are demanding today. With fintech innovators often leading the way, lenders have invested heavily in mobile app-based services at the front-end and more streamlined processes for opening accounts and other laborious tasks. In the future, it’s predicted that AI and robotics will become commonplace, and that blockchain will disrupt.
However, PwC also warns that amidst all this change, cybersecurity will be one of the top challenges facing financial institutions in 2020. The truth is that financial institutions have always been a main target for hackers — after all, they guard huge volumes of highly sensitive data, as well as money. And as they build out more digital infrastructure, cyber-risk increases unless proper controls are put in place.
What does cyber-risk look like?
The bad news is that hackers have developed multiple ways to get what they want. A typical financial institution’s attack surface covers not just core banking IT systems, but also customer accounts and the wider payment ecosystem. That’s a lot to protect.
Humans are often perceived as the weakest link in the security chain. That’s why attackers target banking customers in raids aimed at accessing their back accounts. Phishing emails, automated tools which try huge volumes of breached passwords (known as credential stuffing), and malware are some of the most popular mechanisms for account takeover. In fact, earlier this year Blueliv’s threat researchers noticed a 283% increase in activity linked to Trickbot, one of the key botnets used to spread a banking Trojans designed to compromise customer accounts.
Humans are also targeted inside banks themselves. Phishing emails sent to employees are a common first step in potentially sophisticated multi-stage attacks designed to illegally transfer huge sums of money or steal large data troves. Other threats to banks and their customers come from ransomware and DDoS, designed to extort money and deny critical services, and attacks aimed at harvesting payment card details — either from POS systems in retail and hospitality outlets or from e-commerce sites.
Money, money, money
If any indication were needed of the riches to be gained from targeting financial institutions, it’s the relatively large number of sophisticated attack groups that have emerged over recent years. The Carbanak/Cobalt gang is believed to have stolen $1.2 billion from over 100 banks in 40 countries, installing malware internally via phishing emails which either dispensed cash via ATMs or facilitated illegal SWIFT wire transfers, for example.
Others include Dridex, the group behind one of the most prolific banking Trojans ever created, and the North Korean state-backed Lazarus Group, which is thought to have been responsible for the audacious $81 million cyber heist at Bangladesh Bank.
As for the victims of such attacks, there’s a host of potential knock-on effects that can undermine financial stability and customer confidence. There are costs associated with: investigation and remediation of the incident itself; customer notification and possible credit monitoring; and business interruption, if services are taken offline. Legal costs may follow if customers take their bank to court and there may be follow-on fraud attempts to tackle. Then there are the less immediate impacts such as regulatory fines, declining share price, damaged reputation and customer churn.
The latter risk is particularly acute given the UK’s new Open Banking environment, in which a new breed of fintech start-ups are entering the market. More than ever, banks have to prove that they can offer their customers value, and keep their data and finances safe.
What happens next?
The bad news is that attacks are on the rise. The number of cybersecurity incidents reported to the FCA jumped by 1000% between 2017 and 2018. But there are things financial institutions can do.
A layered approach to security is required, promoted from the top down by engaged executives. Company-wide security awareness training is also essential: even by spotting and reporting phishing emails more effectively, staff could transform from being the weakest link to a formidable first line of defence against attacks. Tried and tested incident response plans are also essential: it’s inevitable that hackers will eventually target an organisation, so best be prepared.
Most importantly, banks need to improve their threat intelligence. Systems powered by accurate, real-time data from multiple sources can enhance decision making, improve the resilience of existing cyber-defences, automatically block attacks and support incident response. They can also scour dark web marketplaces to alert security teams if customer card data or user logins are about to be traded by cyber-criminals.
With this in place, banks can move from a reactive to a proactive security posture, hunting down those who seek to do them harm, cancelling cards and resetting passwords before an attack can even be monetised. Collaboration within and between organisations is also key. The bad guys are past masters at sharing information and expertise to get what they want. It’s time the security teams within our banks did the same.
THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY
U Htoo Htet Tay Za, Managing Director, AGD Bank
Myanmar’s economy is one of the fastest growing in Asia and presents a dynamic business environment for international investments and business. But it is not without its problems. High interest rates, fluctuation and instability of the local currency vs the dollar exchange rate can all present difficulties.
The lack of a centralized scoring system has led to problems with verifying credible candidates for access to finance options. With many companies indebted to banks and unable to repay their overdrafts this has led to high non-performing loan ratios. There is a real need for companies to agree a timetable to repay these loans, as this affected the long-term security of the banking system.
Opportunities provided by new technology
There are 53 million people in Myanmar and by 2030 and the smart phone user rate is constantly increasing. The digital technology sector in ASEAN could be worth up to US$625billion, which represents 8% of the region’s entire GDP. To reach this, our region must establish cohesive regulatory frameworks for the delivery of new services, which includes the development of Fintech.
Banks and financial institutions play a key role in the transformation in market economies. Fintech is largely an untapped market within the ASEAN region. This is where the financial sector should focus its opportunities and increase awareness and understanding of digital banking, e-commerce and online business.
Is cash still king?
In an economy where 99% of all estimated transactions are cash, the future of banking still lies in digital. Only 23% of adults have a bank account which presents some challenges to the finance industry in Myanmar. Branch penetration across all banks in Myanmar is less than 10 percent which equates to 3.8 branches per 100,000 people, with the global average a lot higher at 11.7 per 100,000.
However, smart phone penetration is at its highest rates, with an estimated 80% of adults having access to the internet. Data usage across the country on a par with more developed European countries. This leads to a strong shift towards the digitisation of products and services from banks throughout the country.
In countries such as China the increase of smart phone penetration has driven the requirement for more mobile payment options, and I’d see the development in Myanmar to be similar. Smart phones have opened new avenues of integration to financial services such as new apps and services.
Digital wallets and lifestyle mobile apps, like Onepay, are on the rise and enable the unbanked population to perform mobile transactions. Most banks in Myanmar are seeing the change and creating their own versions of e-wallets, such as KBZ Pay, MAB Mobile and Onepay supported by its banking partner AGD Bank.
Digital wallets offer a lot more security for their users, as there’s no need to carry large amounts of cash around. Mobile, or digital, wallets also help the unbanked population establish a credit rating in order to access finance. For example, AGD Bank use the data from their usage to establish credit scores for future use, or similar to use the data to cross-sell other banking products.
But retail businesses and merchants are benefitting too from the development in new technologies. Both electronic and physical merchants are now all accepting card payments through Visa, Mastercard, UnionPay or MPU. With applications like AGD Pay, the first QR payment application in Myanmar it has opened access to more access to mobile transactions.
The rise of new technologies in Myanmar has led to a new trend of mobile payments, with explosive growth of mobile and internet penetration that is making a huge impact on the financial services sector. Merchants will be able to offer users a secure and easy way to pay for goods and services as well the ability to add or withdraw cash to and from their e-wallet.
The future of banking
Banking in Myanmar is constantly changing, and I expect this to continue in the future. It’s looking good and I predict that we’ll be seeing an increasing amount of the population gaining access to financing.
In June 2019, International banks were granted licences to begin retail banking in Myanmar, and whilst I don’t necessarily see International banks opening loads of branches as it’s a very long process to get the licence, I think they’ll start looking to local banks to start new partnerships.
Whilst the opening of International bank branches will present some competition for local banks, we don’t see it being with our retail customer base. Local banks have the knowledge and a solid branch base which benefits our customer relationships going forward.
The Myanmar banking system has always had the willingness to develop and invest in new technology and we’re already seen
AGD bank is already seeing a strong shift to the digitalisation of products and services and I expect this to continue for some time.
BANKS UNDER ATTACK: HOW FINANCIAL INSTITUTIONS CAN PROTECT DIGITAL GROWTH
By Victor Acin, Threat Intelligence Analyst, Blueliv Financial services firms are increasingly being told to embrace disruption in order...
THE ROLE OF NEW TECHNOLOGY IN DEVELOPMENT OF MYANMAR’S BANKING INDUSTRY
U Htoo Htet Tay Za, Managing Director, AGD Bank Myanmar’s economy is one of the fastest growing in Asia...
WHY 2020 IS THE RIGHT TIME FOR FS MODERNISATION
Chris McLaughlin is chief product and marketing officer at Nuxeo Few would argue against the notion that the UK...
WHAT DOES 2020 LOOK LIKE FOR P2P LENDING?
By Roberts Lasovskis, Investment Platform Lead, TWINO It’s a new year; time for resolutions and forward planning, positivity and...
WHY MAKING MONEY ON YOUR MOBILE IS EASIER THAN YOU MIGHT THINK
Aaron Brooks, Co-Founder of Vamp For Millennials and Generation Z, becoming a social media influencer is an increasingly desired...
DIFFERENTIATION – THE KEY TO THRIVING IN A SATURATED MARKET
Graham Glass, CEO of Cypher Learning What has enabled Cypher to continue to grow in an increasingly saturated market?...
WILL BLOCKCHAIN REVOLUTIONIZE FINANCE?
By Ken Timsit, ConsenSys Over the last 10 years, researchers, software developers, start-ups, and large companies have been conducting...
FIVE FINANCIAL SERVICES TRENDS FOR 2020: BIGTECHS SWOOP IN, BANKS GO ON THE OFFENSIVE AND CRYPTOCURRENCY STALLS
Rahul Singh, president of financial services at HCL Technologies We’ve just finished a very exciting decade in financial services, with new...
COMBATING INSURANCE FRAUD WITH MACHINE LEARNING
By Georgios Kapetanvasileiou, Analytical Consultant at SAS Most insurance companies depend on human expertise and business rules-based software to...
DELIVERING SUCCESSFUL IT SYSTEMS THROUGH THE POWER OF PARTNERSHIPS
By Mike Smith, Executive Director, Virgin Media Business (Direct) Is there anything more frustrating than finding out your bank account...
BATTLEFACE RECEIVES INVESTMENT FROM FINTECH VENTURES FUND
battleface Inc., a rapidly growing tech-enabled insurance startup focused on providing travel insurance products for unconventional travellers worldwide, announced today...
VANQUIS BANK PARTNERS WITH HOOYUTO DIGITALISE KYC PROCESSES
HooYu KYC digital journey deployed during the customer lifecycle on a risk-based approach Leading customer onboarding and KYC technology...
WHY NEOBANKS ARE ON THE RISE IN THE UK
New research by SmallBusinessPrices.co.uk analyses how neobanks are on the rise and why they’re so popular amongst consumers compared to...
RECOLLECTING 2019 CRYPTOCURRENCY TRENDS & LOOKING FORWARD TO 2020
Marie Tatibouet is the CMO at Gate.io It has been a bold and progressive year for the digital asset...
WILL HONG KONG REMAIN THE JURISDICTION OF CHOICE FOR OFFSHORE BANKING?
Hong Kong has traditionally been seen as a tax haven and the financial hub of Asia, if not the world....
HOW CHARITIES CAN MEET TOMORROW’S DIGITAL CHALLENGES?
By Steve Georgiou, Business Consultant at Xpedition Charities are under constant scrutiny for how they handle their finances. Budgets...
RECALL YOUR REPUTATION: HOW TO HANDLE PRODUCT RECALLS
By Alex Balcombe, Partner at Harris Balcombe John Lewis, Tesco, and Hotpoint have all been in the news in...
THE WORLD’S MOST ENTREPRENEURIAL COUNTRIES PERFECT TO START A BUSINESS IN
Latona’s has analysed The Global Entrepreneur Monitor data to reveal the world’s most entrepreneurial nation. Analysing each country by a...
MENDIX SUPPLIES RABOBANK WITH LOW-CODE PLATFORM TO BUILD NEW CORE ONLINE BANKING APPLICATION
New online portal leverages low-code’s speed and flexibility Mendix, a Siemens business and the global leader in low-code and...
RETIREMENT ANNUITIES AND THEIR ADVANTAGES EXPLAINED
By Gerard Visser, Financial Planning Consultant at Alexander Forbes There are a number of ways to save and a...