PSD2 OpenAPI, will the savior slaughter Fintech?
I have been planning to start writing articles for the general audience through a blog for a long time now. I have prepared a plenty of topics, though the ambition to start writing always fell behind. However, the last few months eventually paid off. Unfortunately, in the wrong sense though. Before we dive into the topic, I will dedicate the following paragraph to introduce myself. Should you not be interested, please feel free to jump directly to the topic. Be careful though, since it has not left me without emotions.
My name is András Szabolcsi and I have been engaged to programming and IT for more than 20 years. Some would say: a real geek. Perhaps I’ve always been a bit of a geek, even though I never considered myself to be one, as I grew up next to the beautiful Hungarian “sea”, Balaton. My career got decided somewhere between building my own analogue telephone and having my first Intel 286 computer. I was not going to be an economist, an architect, a driver or teacher but a programmer– even though I was not aware of it that time. My relevant professional education took place at the Budapest University of Technologies and Economics and later in Sydney, Australia. In the past thirteen years, and even today I have dealt with the planning and developing of account management systems for banks and large enterprises. I feel myself exceptionally lucky, as IT is not only my occupation but my hobby as well (I know many would argue with me about that).
Back to the topic, as I have mentioned previously things paid off in the wrong way. I promise we will get there later.
Reading the news, I noticed that several articles were dealing with the topic that initially 10 then 17 and finally 20 Hungarian banks have started their OpenAPI, in accordance with the PSD2 regulation. I have been following the Hungarian and international markets for a long time to see how certain financial institutions manage the question of API. To make a long story short, the real essence of PSD2 is that every bank and account management provider is obliged to provide API for their offered services, account information and they need to make transactions through API possible. The intention of the legislator is to allow new players enter the European market and to develop new Fintech solutions for account management services.
My eyes brightened up when I finally saw the list of Hungarian banks who finally opened their gates and made it possible to read their documentation. Pretty little websites everywhere, so Fintech–ish. It is so unfamiliar for large banks to have such a clean appearance. Even IT specialists would clap their hands. Finally, the new world has arrived. I would like to add that the bigger the bank the less information is available on the topic, but let’s not get stuck here. Non–professionals already click rapidly away from the website, thinking it is a done deal. They think everything goes great with the implementation of PSD2, everything is going to be fine for average users. Fintech is finally coming, everything is going to be free of charge and they will be able to see their 3 different accounts from 3 different banks on a single mobile app. And the requested loans of course. What an idyllic dream, isn't it?
Me, being the forever–curious IT cowboy I am, spared no pain and checked explicitly the API of 10 Hungarian banks out of 20. Sadly, this was the part where confusion and later anger kicked in. The APIs simply have nothing to do with each other. Just to mention the simplest example, just for account balance query there are 7 different implementations, not to mention that the forms of queries all differ (XML/JSON) from each other. My personal “favorite” is that next to the account balance field appears a “precision” field as well, which tells us how many decimals must be cut off from the balance value. As an IT specialist with 13 years of experience with account managements systems behind me, I do get the intention on both the implementation’s and legislator’s side as well. My initial anger rapidly got replaced by some sort of constructive approach, but a question still keeps my mind busy: why this way?
So, here we are on the edge of going live with PSD2 and OpenAPI and almost every bank has/will have OpenAPI. But here comes the tricky part: every one of them will have a different structure. Personally, I see a serious risk in diverse implementations. In the worst case we may have to wait several years for the market to develop an expensive aggregator solution which will be able to cover whole Europe and provide the currently needed services for Fintech companies.
And now here I am, trying to figure out what to do with 17 different solutions and how to implement them into our system. It doesn’t matter I know national and international aggregator companies quite well (some of them even have the necessary licenses), none of them can provide a solution, which for instance could connect the account of a Hungarian and a German customer to our system at the same time. If today someone has this aggregator solution, do not hesitate to start advertising it on the market, as it would be very much needed. Meanwhile, everybody is celebrating and business is waiting for me to work wonder.
Is PSD2 regulation really capable of saving the innovation? Or is it going to be another “Enterprise” solution that we will look down on in 10–20 years’ time? Will there be a way out by any chance? Is there going to be an aggregator company which connects every European bank into one common API, solving all transformation problems and development risks?
To sum up, the whole point behind PSD2 regulation is a great idea, but the implementation at this current stage brings in enormous IT risks to the lives of already overwhelmed IT specialists, and can raise development time even more.