Could the poor readiness of APIs put the success of PSD2 in jeopardy?

5 min read|Published July 04, 2019
Barcelona beach

A Tink analysis finds that none of the tested bank APIs released by the penultimate 14th June deadline meet the quality requirements laid out by PSD2 regulators – potentially creating a “cliff edge” scenario in September that compromises the financial services for millions of consumers.

As a third party with a PSD2 licence, we’re required to use all of the bank APIs by the final 14th September deadline. And in our attempt to integrate with 84 APIs – which span 2,500 banks, 12 European markets and 90% of customers in those markets – we found that none of them currently meets the regulatory requirements for integration. 

Some banks are welcoming our feedback on the quality of their APIs – and are working on addressing the issues. However, what should have been a seamless transition from the sandbox environments to the production ones has not been. And this reality risks derailing the vision of PSD2, and compromising the experience of millions of consumers. 

With less than three months to go until PSD2 is live, we are advocating for an extended transition period – to make sure that consumers can continue using the services they enjoy, and that banks have the time they need to improve their APIs – so the open banking movement becomes the success we all hope it will be. 

The hard numbers on APIs

The 14th June deadline was the penultimate milestone in the PSD2 countdown – and the point at which all bank APIs needed to move to production environments, so that third parties like Tink have the required three months to integrate before September. 

However, only 69% of production APIs from all major banks in 12 markets are available. 

More distressing though is that of that 69%, it has not been possible to integrate with any of them without encountering multiple issues that have resulted in manual intervention from the bank side. Through lengthy email threads, conference calls, and WhatsApp text exchanges with banks, we’re working together to sort out production issues – albeit slowly. 

Put simply: considering the reality we face, all parties involved would benefit from more time. 

A Tink analysis finds that none of the tested bank APIs released by the penultimate 14th June deadline meet the quality requirements laid out by PSD2 regulators – potentially creating a “cliff edge” scenario in September that compromises the financial services for millions of consumers.

Calling for a transition period

Introducing new technology, like these APIs, is a complex task and will need a series of releases to resolve issues and bugs.

So what are our options?

We believe the only way forward – when honestly facing up to the reality at hand – is for national authorities to create an extended transition period and encourage banks to provide a fallback mechanism, so third parties can continue to access data and deliver financial services. 

We know the banks want to provide high-quality APIs – and so do we. But we all need more time to get there. And third parties need to be able to continue providing the financial services on which they’ve built thriving businesses. 

The clock is ticking quickly

The fallback is the potential safety net. It requires the banks to allow third parties like Tink to continue accessing financial data the way we do today in the event that the bank APIs remain poor or absent. 

Given that 31% of production APIs are unavailable – with 26% missing entirely and 5% that can’t be accessed – and the unworkable quality of the ones that are available, having a fallback is essential so that companies of all types can continue to deliver the business-critical services their customers need.

But many of the banks have said they plan to apply for what’s called a “fallback exemption”. This means that if they can show their APIs have been “widely used” by and “designed to the satisfaction” of third parties (in the words of the European Banking Authority), they can qualify for an exemption and not be required to provide an alternative method for third parties to access PSD2 data. 

If 14th September arrives – and a bank has gotten its exemption – third parties will have no option but to use the API. But if the quality of the API is poor (as we have observed), the services that consumers enjoy today will be severely disrupted. This is the cliff. 

What we want – and what we believe all banks ultimately want – is time for all parties to continue the collaboration to make PSD2 and open banking a success. Otherwise, we could see major interruptions in the financial services that consumers have come to rely on – and a threat to the overarching vision of this movement. 

More in Open banking

EU Digital Identity Wallet

2024-11-19

12 min read

From authentication to authorisation: Navigating the changes with eIDAS 2.0

Discover how the eIDAS 2.0 regulation is set to transform digital identity and payment processes across the EU, promising seamless authentication, enhanced security, and a future where forgotten passwords and cumbersome paperwork are a thing of the past.

Read more

Loan application with Tink

2024-10-08

6 min read

Lending essentials: how enriched data solutions help lenders tackle constraints

Enhancing your affordability assessment with Tink’s data-enriched solutions helps you put an end to inaccurate data, prevent fraud in loan origination and stay compliant – read on to explore the benefits.

Read more

Tink Pay by Bank

2024-09-24

4 min read

Why Pay by Bank fits luxury retail like a glove

Pay by Bank offers a solution that addresses the potentially higher transaction fees and fraud risks while enhancing the customer experience for luxury retailers.

Read more

Get started with Tink

Contact our team to learn more about what we can help you build – or create an account to get started right away.

Rocket