As the requirement to conform to the standards of Open Banking increases, it is essential for fintech companies to have a solution in place to cater for such standards.
While working with customers across the industry, we have identified that there are four main pain points when trying to adopt such standards in a fintech company.
The first issue is the expertise, this is not just technical expertise but also subject expertise. A Fintech company needs to be compliant to the standards and for that there are two layers to this expertise:
– Standards: what are they, how are they impacting the flows of the bank? Are there any changes in the methods that currently are adopted by the fintech company? Are the security levels around transport, authentication, authorization, payload introspection enough and compliant? What services need to be exposed and how?
– Technical one, what technologies to use, how to integrate and reuse as much of what is already there with the new standards? What is the technical effort to deal with security, integration and transformation of communication to be able to create an end-to-end secure compliant solution?
Fintech companies in general focus their efforts on their line of business and technical architecture and expert IT services are a secondary field, rightfully so, designed to support the business. But these costs can heavily increase if, as IT standards such as the Open Banking ones that deeply couple IT and finance are more and more the norm.
Time to Market
The fintech world is driven by speed, this can be because of market advantage but also for compliance requirements, like in the case with PSD2 where banks are legally required to be compliant from the get-go, and when the standards were published and written to law, banks were forced to focus all their efforts to have a compliant system in a relatively short time.
Even if the standards are not an imposition from the region, as the standards are gaining traction, banks in regions that do not have such standards in the regional regulations might wish to get a step a ahead and apply them if not to have a significant advantage over the competition by allowing businesses to connect to their systems in a standard way already and show that they are the element of change in that region.
Having the infrastructure in place and the services and workflows available as well as being compliant with standards is a great advantage and is a step forward but there are other pieces to this puzzle that some companies might overlook. One of which is playground. This is extremely useful, and in some regions, it is required, for fintech companies to have a testing environment so that they can help with integration. Also, in cases like in Spain, such playgrounds should not just be available to ASPSP but also TPPs should have them because they must show and demonstrate that their systems are compliant with the PSD2 regulations to the auditing authorities.
Continuous delivery and business as usual
In the first pain point we discussed the requirement to have expertise, both related to the standard and to the technology part, but this is just one dimension, another dimension to consider is time: as time goes by, these standards will evolve, become more secure, more adaptive, and could become more complex. Moreover, the underlying technologies, API management software, authorization and authentication layers, will also evolve and possibly outright change.
All these changes need to be monitored and need to be addressed as they happen to guarantee a steady quality of service to the interested parties. There is nothing more detrimental for a business to find themselves obsolete and losing customers just because they fell behind the race of time.
At APIIDA, we provide such solution to all four points: we have created a solution pack that enables a quick and easy way to get compliant to the standards of the region.
Our PSD2/Open Banking solution was created at first with PSD2 in mind and evolved to include not just the UK Open Banking but also a mean to define one’s own Open Banking standard with ease. It provides out of the box set of APIs for external exposure and a set of APIs for internal management (of consents and authorization requests).
It also comes with a concept of mock setting, which is activated by default and does not require tweaking, which means that it follows very much the concept of plug-and-play. With minimal configuration setting, the solution, as soon as it is installed, will already provide services that any external TPPs or testers can call, and these will interface with an internal mock bank that will provide mock responses.
The solution then has some easily referenced places that can be changed to integrate with the ASPSP’s backend to create a complete flow from external to internal. The solution pack was also designed with full flexibility as we understand that not one size can fit all as all banks are different and they need and requirements vary, and for that flexibility was also a key word when developing the standard.
Finally, this is a solution pack that is maintained constantly, and so as new requirements and new standards are developed, they are applied to the solution, and the fintech using the pack would just need to download the new version and apply it to their infrastructure.
This Solution pack is a one stop shop for any ASPSP or TPP who wants to be compliant with any Open Banking standards. And our expert team helps with installation and integration to reduce time to market to mere weeks from a green field approach.