“End users have a real need for open banking”
14.10.2019
Interview for Netzwoche of 2 October 2019
Open banking is a hot topic in the fintech world. The EU’s Payment Services Directive (PSD2), which regulates security and the opening-up of interfaces in the bloc, has been in force since mid-September. Adrian Berger, Ergon’s Managing Director Finance & Telecom Solutions, discusses the state of play for open banking in Switzerland.
Where does open banking’s greatest potential lie?
Adrian Berger: Its greatest potential relates to increased benefits for end users. Solutions that concentrate on a specific use case will be able to achieve this better than established approaches and this boosts customer utility. In addition, customers would be able to choose from a wider range of options as third-party providers (TPPs) will also be able to offer financial services.
What risks do financial service providers face if they open up interfaces?
For banks, I see risks with respect to their business model as well as operational risks. Open banking may mean that banks lose the client interface, as end users can make use of the institution’s “infrastructure” while conducting their customer interactions with a third-party vendor. We have seen what this can lead to in the telecom sector, for example. Here, the split between single-source suppliers operating their own infrastructure and firms that are successfully providing telecom services without their own infrastructure is already commonplace.
And the operational risks?
When a bank works with third-party vendors it has to trust that these take just as much care of sensitive banking data as the bank itself. This raises the question of how the bank deals with its liability risk when a third party fails to meet this obligation.
How do things look on the security front?
Security is one of the key considerations with PSD2. As per this legislation, security in the area of online transactions has been enhanced within the EU to a standard already practised in Switzerland. Two-factor authentication of a user has become compulsory and certain technological protocols, such as mTAN, have been categorised as unsafe and are set to be replaced. The biggest challenge in the security field concerns the ‘consent management’ that the bank has to provide. It’s a question of solving the ‘which accounts may I access as a customer?’ issue in as user-friendly a manner as possible.
Why is Switzerland not following up on the PSD2 idea?
With PSD2, liability, and, thus, the operational risk, rests with the banks. TPPs have a duty of care but are ultimately not liable. Legislation like this would meet with stiff resistance from commerce, special interest groups and political factions here, so it’s a non-starter.
What are the core challenges when setting up interfaces for financial service providers?
The technological challenges in providing interfaces are easily solved. All financial service providers need to decide is which version of the APIs they are going to choose. I think difficulties are most likely to arise around security – in ensuring that only authorised TPPs can have access, on the one hand, and in implementing consent management on the other.
What “open banking” lessons can Switzerland learn from other countries?
End users have a real need for open banking. So, it has become a topical issue in Switzerland as well and a range of projects have been rolled out to make open banking possible in our country, too.
How is the “Open Banking Project” going to win over financial players to the idea of open banking?
With a broad-based range of services and the conviction that open banking can be successfully implemented – even in the absence of statutory requirements.