The latest EBA Opinion calls for the removal of obstacles that obstruct TPP’s access to accounts for open banking services. Here’s our take on the most important bits of the Opinion, and what it means for banks and TPPs alike.
The EBA has resolved some of the biggest questions in relation to PSD2 APIs, after documenting its opinion on the practices of banks and the obstacles caused. This is Tink’s summary of the most significant implications.
With the September PDS2 deadline now visible in our rearview mirror, what is the status of the bank APIs in Europe two months later? Well, we still face big challenges as an industry to make sure the technical environments improve. But what we’ve seen is an encouraging shift in terms of collaboration and cooperation with some of Europe’s biggest banks.
Since before PSD2 became law, we have been working at a European level to advocate for the changes that are now becoming core to the open banking movement. And it’s because we see a future in which the banking and financial services industry takes a major leap into the future. Here’s the role we’ve played – and why it matters.
In our final analysis of PDS2 APIs, we’ve found that none are compliant with the PSD2 requirements and obligations – the same result we reported from our last evaluation in June. And with less than a month before the final deadline, it is the millions of banking customers across Europe who will suffer the consequences.
It has felt in recent months as if the entire industry is mobilised to meet next month’s final PSD2 deadline. But forgotten in all the talk of SCA requirements, fallbacks and EBA clarifications is the monumental human effort that is being made deep in the offices of third parties and banks to create and align on an entirely new way of working.
Ultimately, everyone involved in this march to September – banks and third parties alike – is in the business of meeting the needs of customers. And yet, they could be forgotten if the majority of banks’ PSD2 APIs continue to offer just one authentication flow – the dreaded web redirect. It’s a method that kills innovation, destroys the customer experience, and could threaten the success of this open banking movement in which we’ve all invested so heavily.
We raised the alarm bells earlier this month that the banks’ production APIs are far from ready – a reality that could threaten the services that millions of consumers enjoy. If they remain poor, then the success of PSD2 could hinge on a safety net that’s built into the regulation. But with no clarity around what this safety net should look like or how it will be applied, there is a real risk it won’t provide the security it was intended to.
A Tink analysis finds that none of the tested bank APIs released by the penultimate 14th June deadline meet the quality requirements laid out by PSD2 regulators – potentially creating a “cliff edge” scenario in September that compromises the financial services for millions of consumers.
Today is the deadline for all banks to have their production APIs ready, and the first day for all third parties to officially start integrating with them. But having spent the last three months rigorously testing more than 100 bank APIs in their sandbox environments, we can conclude this: the APIs available up to now are far from ready, lacking the quality and maturity they need – offering a sobering preview of the condition of the production APIs due out today.
This is the second piece in our ongoing series called Tink Thinks: Inside the EBA, where we explain and comment on the business of the European Banking Authority’s (EBA) PSD2 API Working group, which is helping to ease the implementation process ahead of the September deadline.
By Tomas Prochazka and Ralf Ohlhausen
One of the two biggest PSD2 deadlines just whizzed by on 14 March without much fanfare – and more importantly – without the compliance of 41% of the European banks we surveyed in 10 markets. Many will point fingers at those who failed to comply. But what it really highlights is that despite deep pockets and plenty of resources, the demands that PSD2 places on banks are monumental.
This is the first piece in our ongoing series called Tink Thinks, where we explain and comment on the business of the European Banking Authority’s (EBA) PSD2 API working group, which is helping to ease the implementation process ahead of the September deadline.
Australia is known for many things, including its natural wonders, and (potentially daunting) wildlife. In the fintech world, it will also soon be known for its own version of open banking. One that is inspired by Europe, but with an Aussie twist.
With the introduction of PSD2 (the second Payment Services Directive), we are now entering a new era of open banking. At the customer’s request, EU member states will be forced to open up their customer data and payments infrastructure to third-party providers.