5 Benefits of Open Banking APIs
Open banking APIs (application programming interfaces) offer a wide range of benefits for a modern financial institution, from increasing revenue to reducing fraud risk.
Open banking is finding its way into Canada with the government working hard to set regulations by the tentative launch date of January 2024.
In the meantime, financial institutions like yours should start preparing. When open banking is introduced to the public, you should be in a position to roll out products and services faster than competitors and with minimal friction.
Below, we explain the meaning of APIs, the state of open banking in Canada, and how exactly open banking APIs can help your business.
What is Open Banking?
Open banking refers to using APIs to access financial data by third parties in a secure manner.
Customers expect faster, one-stop banking services. So far, customers have relied on third-party services that use screen scraping for non-core banking services like budgeting and financial decision-making.
Screen scraping leaves your customers vulnerable to multiple types of online threats. In a world rampant with cybercrime, your customers want a safer alternative, and that’s where open banking offers value.
With open banking, you can securely allow third parties to access your financial data. For example, suppose a fintech app offers AI-based investment advice.
To offer advice, it needs to look at your current portfolio. You can use open banking to allow the app to access your financial data securely without having to use screen scraping.
This model offers all parties a benefit — you can use the app faster, the fintech can operate with the bank’s license, and the bank can charge a fee for the customer data.
Open Banking in Canada
Open banking is currently unavailable in Canada. The government is developing a roadmap to introduce open banking in Canada safely.
According to the Final Report from the Advisory Committee on Open Banking, the government has established four groups to provide input on the four fundamental aspects of the open banking framework—accreditation, liability, privacy, and security.
The original target date to introduce open banking was January 2023. However, the committee is yet to reach a consensus on multiple aspects.
The Canadian government may take a while to implement open banking. But we’ll likely see key developments in the implementation process over the next few months.
The government has appointed Abraham Tachjian to develop the open banking framework for Canada.
Benefits of Open Banking APIs
While you wait for open banking regulations to become available in Canada, it’s best to prepare your API ecosystem, so you’re ready for open banking when it’s introduced.
Once you have a mature open banking API ecosystem that’s operational, you’ll benefit in the following ways:
Increased Revenue
As a financial institution, you can use open banking APIs to increase revenue in one or more of the following ways:
- Partnering with Fintechs offering innovative solutions: You can partner with Fintechs to offer innovative solutions without creating, managing, or innovating products and services in-house. The partnership allows you to offer services your customers expect and improve their end-to-end journey. Of course, these services also create new revenue streams for you.
- Selling to Fintechs: As a bank, you can add another revenue source by providing banking-as-a-service (BaaS), where third parties can connect to your database using APIs for a fee. Third parties can use this data to provide value-add services in addition to what regulators mandate.
- Optimize your marketing campaigns based on user data: Open banking, combined with data aggregation, provides deeper insights into customers’ behavior and choices. These insights enable you to position your products better and run personalized marketing campaigns, which can increase your overall revenue.
Banking as a Service (BaaS)
Open banking APIs and Banking-as-a-Service are often used interchangeably.
However, they’re fundamentally different. BaaS is a business model where banks integrate their services into a third-party’s product or service.
Fintechs and non-financial companies (NFCs) use BaaS to offer customers better digital banking services, like one-minute loan approvals, without getting their own banking license. This is made possible through open banking APIs.
BaaS is quickly gaining popularity as customer dissatisfaction with banks’ existing services grow. According to Deloitte, 2x ROAA (return on average assets) for banks focused on BaaS offerings.
A few ways you can monetize by proving BaaS include:
- Providing your banking license, technology, and products to other banks, non-financial companies (NFCs), and aggregators.
- You can partner with a distributor with excellent end-user relationships to offer innovative financial solutions.
- You can partner with an aggregator who acts as a provider-aggregator to provide an out-of-the-box solution by coupling the capabilities of multiple vendors.
Payment as a Service (PaaS)
Open banking APIs allow you to build faster, more secure bank rails. Once you implement open banking, you can enable users to make direct payments seamlessly without entering card details.
As a bank, you can use open banking APIs to increase payments’ transparency and scalability by leveraging individual transactions and bi-directional processing.
With open banking APIs, you can upscale your current payment methods like ACH (Automatic Clearing House Network) and wire transfers. APIs will also enable you to offer modern payment methods like Real-Time Payments (RTPs) and Pay-By-Bank when they become available in Canada.
Open banking also facilitates payment initiation service (PIS). When a merchant partners with a licensed third party, the third party can initiate a payment on behalf of a customer’s bank account using PIS.
PIS doesn’t require the customer or merchant to share any sensitive information. The customer simply approves a payment via the banking app with a secret pin or biometric authentication.
Just like any account-to-account transfer, the money is transferred directly to the merchant’s account within seconds.
Improved Customer Engagement
Open banking APIs improve customer engagement by streamlining the onboarding process and offering a one-stop solution for multiple needs.
For example, open banking APIs can allow biometric logins and authentication to minimize the time it takes your customer to access the account. Your users will be able to complete tasks faster without compromising data security.
With Canadians worried more than ever about the cost of living crisis in Canada, they’re carefully observing their money.
Typically, they’d need to source information from individual sources to get a full picture of their financial status in order to make sound financial decisions.
Open banking APIs can simplify the process by allowing third-party apps to automatically aggregate this information into a single app, improving customer engagement.
Reduced Risk of Fraud
Open banking APIs provide access to customer data, allowing more accurate risk profiling. Access to customer data allows incorporating verified identity information, account balances, and transaction patterns into your risk models.
The UK, where open banking has been available since 2018, has reduced card fraud significantly. In 2021, the UK reduced the losses from card fraud by an impressive £49.2 million.
The following four things make open banking payments safer:
- Each payment uses strong customer authentication (SCA), which was introduced as a requirement in Europe by the revised Payment Services Directive 2 (PSD2) for ecommerce transactions in 2019.
- No sensitive information is required for any open banking use case.
- APIs pre-populate payment information.
- Open banking providers take care of onboarding the merchants as well as carrying out the necessary due diligence.
Read More: Open Banking in Canada: How Banks and Customers Can Benefit
Implementing Open Banking APIs with Blanc Labs
Familiarizing yourself with open banking APIs is critical to ensure you’re equipped with the right knowledge and tools when open banking becomes available in Canada.
The problem? It can feel daunting. Partnering with the right team can make the process a whole lot easier.
Blanc Labs, in partnership with Axway and Mulesoft, can help you build a robust open banking API ecosystem. We can answer any questions you have and take care of the end-to-end implementation process.
Book a discovery call with Blanc Labs to learn more about open banking APIs.
What is API Management?
Application Programming Interface (API) management has become an increasingly important aspect of modern business operations. With the advent of cloud computing and the need for digital transformation, enterprises are using APIs to enhance their existing applications, develop new applications, and drive innovation.
According to a study by Forbes, firms that used APIs saw 12.7% growth in their market capitalization over a period of four years. But using APIs is one thing and having an API strategy in place that can enable your business goals is another.
Proper management of APIs is imperative to support smooth business functioning. From startups to large enterprises, API management has become a critical component for businesses to remain competitive and meet the changing needs of their customers.
Whether you are a financial services provider looking to securely integrate third-party services, a retail giant seeking to improve your e-commerce platform, or a healthcare organization seeking to securely exchange medical data, API management can help you achieve your business objectives.
API Management Components
API management components are the building blocks that make up a comprehensive API management solution. These components work together to enable organizations to effectively manage their APIs and deliver value to their customers and partners. The primary components of API management include:
API Gateway
The API gateway is the component that sits at the front end of the API management architecture, acting as a traffic cop for incoming API requests. The API gateway is responsible for routing API requests to the appropriate backend services, applying security and access controls, and transforming data between different formats. The gateway also provides features such as caching, rate limiting, and request and response transformations.
Developer Portal
The developer portal is a platform that provides developers with the information and tools they need to consume and build applications using your APIs. A good developer portal includes detailed documentation, code samples, forums, and tools for testing and debugging. The developer portal is a key component of API management as it helps to foster a community of developers who can help you drive adoption and engagement with your APIs.
Reporting and Continuous Improvement
Reporting and continuous improvement are essential components of API management as they help organizations understand how their APIs are used, identify improvement areas, and make data-driven decisions about their API strategies. With the help of real-time analytics and usage reports, organizations can track key metrics such as API request volumes, response times, and error rates. This information can then be used to continuously improve the API management process and deliver a better experience to developers and end-users.
API Lifecycle Management
API lifecycle management is the process of managing the entire life cycle of an API, from design and development to retirement and deprecation. This includes tasks such as versioning, testing, and publishing APIs, as well as managing security and access controls. API lifecycle management helps to ensure that APIs are managed in a consistent and organized manner, enabling organizations to respond quickly to changing business requirements and deliver value to their customers and partners.
Benefits of an API Management Platform
API management platforms provide a number of benefits to organizations that are looking to leverage APIs to drive innovation and growth. Some of the key benefits include:
Improved Security
APIs provide businesses with various benefits such as accessing enterprise services from different devices, promoting innovation, and creating new revenue streams. However, using APIs can also pose risks to data security, which is why it is crucial to protect them with an API manager. API management platforms are essential to ensure the security of APIs as they monitor their usage and implement security protocols such as JWT, OpenID and OAuth. Additionally, API management platforms can provide extra security benefits by controlling access to applications.
Increased Agility
API management platforms allow organizations to quickly and easily expose their existing systems and services as APIs. This enables organizations to respond quickly to changing business requirements and create new opportunities for growth and innovation. With the ability to easily manage and scale APIs, organizations can quickly and easily adapt to changing business needs.
A good example of this is the Emirates NBD Bank. In an interview with McKinsey, senior bank executives explained how they were able to achieve effectiveness and efficiency by shifting to APIs. “We have enabled several strategic business initiatives as a result. One example is our digital onboarding, which is available on mobile phones for self-service and via tablet for assistance in our branches. “We have onboarded more than 100,000 customers with our new process, doing up to 85 percent with straight-through processing in less than ten minutes,” said Neeraj Makin, group head of international and group strategy. Today, the bank offers more than 800 microservices and have seen over a million interactions in the last two years.
Improved Developer Experience
API management platforms provide a centralized location for developers to access and use APIs. With features such as detailed documentation, code samples, and testing tools, API management platforms make it easy for developers to consume and build applications using your APIs. This helps to drive adoption and engagement with your APIs, which can lead to increased revenue and more opportunities for innovation.
Better Monitoring and Analytics
API management platforms provide real-time monitoring and analytics capabilities, allowing organizations to track the usage and performance of their APIs. This information can be used to identify areas for improvement, optimize performance, and make data-driven decisions about your API strategy. With a better understanding of how your APIs are being used, you can make informed decisions about how to optimize your API offerings and deliver a better experience to your customers and partners.
Monetization Opportunities
API management platforms provide organizations with the tools and capabilities to monetize their APIs. With features such as billing, usage tracking, and rate limiting, organizations can set pricing and usage policies for their APIs, creating new revenue streams and driving growth.
Top Use Cases for API Management
The global API management market is expected to grow at a CAGR of 34.5% and reach $41.5 billion by 2031. API management has a wide range of use cases across various industries and sectors. A few of the major use cases are:
Digital Transformation Initiatives
API management is an essential component of digital transformation initiatives as it allows organizations to expose their existing systems and services as APIs. This enables organizations to quickly and easily create new applications and services, and drive innovation in a fast-changing digital landscape. With the ability to manage and scale APIs, organizations can respond quickly to changing business requirements and drive growth.
Open Banking
Open banking is an emerging trend that is transforming the financial services industry. With open banking, financial institutions can securely share their customer data with third-party providers, enabling new financial products and services to be created. API management is a critical component of open banking as it provides a secure and controlled environment for exchanging financial data, helping to ensure that customer data is protected and that transactions are compliant with regulatory requirements.
Read more: What is Open Banking and is it available in Canada?
Data Security
Data security is a critical concern for organizations in a wide range of industries. With API management, organizations can secure their APIs and the sensitive data they carry with features such as authentication, authorization, and encryption. This helps to protect sensitive information and ensures that data is transmitted securely, reducing the risk of data breaches and protecting the reputation of your organization.
Compliance
Compliance is an important consideration for organizations in regulated industries such as healthcare and finance. With API management, organizations can ensure that their APIs are compliant with regulatory requirements, such as the EU’s General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS). This helps organizations minimize their risk of non-compliance and reduces the risk of costly penalties.
Custom API Management Solutions from Blanc Labs
At Blanc Labs, we understand the unique needs and requirements of our clients, and we offer custom API management solutions that are tailored to meet your specific needs. Our API management solutions are designed to provide enterprise organizations with the tools and capabilities they need to drive their digital transformation initiatives, secure their data, and ensure compliance with regulatory requirements.
If you are interested in learning more about the benefits of API management and how Blanc Labs can help you achieve your goals, we encourage you to book a discovery call with our team. Our experienced consultants will work with you to understand your needs and provide you with a customized solution that is tailored to meet your specific requirements.
Finding the right API Management Platform
APIs are an integral part of today’s digital world. They are used for secure data exchange, integration, and content syndication. As APIs become more ubiquitous in enterprise businesses, it becomes necessary to manage them efficiently.
Banking and Payments ecosystems are converging with Open Banking and Finance. Whether regulatory or market driven, these digital interactions are happening already – and growing exponentially. Doing APIs and API Management right are central to the growing interdependence and interoperability between Fintechs, Banks and Consumers. Stakeholders are demanding secure access to financial data to drive better customer experiences. A key enabler to that end are the systems that surround APIs.
What is API Lifecycle Management?
API Lifecycle Management is the process of building, controlling, distributing, analyzing, and reusing APIs. It also can include capabilities around intelligent discovery; one pane of glass visible across multiple API gateways and API management systems; bringing to life the visionary end state of monetizing and marketing all these capabilities to external parties to operationalize the concept of “API as a product”. Thus, there are many API Management solutions in the market offering a variety of features. But at the very minimum, an API Manager should allow users to do the following:
Discover APIs
Before you can more effectively govern their lifecycle, you need a simple and configurable tool to find, filter and tag all your API assets into a centralized repository. Simplify complexity and/or get better visibility and facts to position your organization to “open itself up” to the new business realities and opportunities emerging.
Design, build, and Test APIs
The API Management tool should provide everyone, from developers to partners, the ability to create APIs under a unified catalog and test their performance.
Deploy APIs
API Management tools should also allow you to publish APIs on-premises, on the cloud or in a hybrid environment. Additionally, the API Manager may give you a choice between managing the API infrastructure in the tool itself or on your own.
Secure APIs
By providing a central point of control, most API Management tools will ensure that you have full visibility of all your APIs across environments so you can mitigate any vulnerabilities.
Manage APIs
API Management tools should give you a central plane of visibility into APIs, events, and microservices. Most API management tools will allow you to govern APIs across all environments (on-premise, hybrid, cloud) and also allow you to integrate with other infrastructures, including AWS, Azure, and Mulesoft. A good API management tool should also provide multiple predefined policy filters to accelerate policy configuration.
Analyze APIs
An API Manager should give you real time metrics in a unified catalog. By providing data on the business performance or operations across your APIs, you can make better decisions leading to improved business results.
Extend and Reuse APIs
By giving you a single, unified catalog, an API Manager can eliminate duplication and extend the life of APIs through reuse.
The need for API Management
API management centralizes control of your API program—including analytics, access control, monetization, and developer workflows. It provides dependability, flexibility (to adapt to shifting needs), quality, and speed. To achieve these goals, an API Manager should, at the minimum, offer rate limits, access control, and usage policies.
Essential features of an API Manager tool
1. API Gateways
A gateway is the single entry point for all clients and is the most critical aspect of API management. An API gateway handles all the data routing requests and protocol translations between third-party providers (TPP) and the client. Gateways are equally important when securing API connections by deploying authentication and enforcement protocols.
2. Developer Portal
The primary use of the developer portal is to provide a hub, specifically for developers, to access and share API documentation. It is an essential part of streamlining communications between teams. Typically, developer portals are built on content management systems (CMS), allowing developers to explore, read, and test APIs. Other features of a developer portal could include chat forums for the internal and external developer community and FAQs.
3. API Lifecycle Management
As the name suggests, API Lifecycle Management provides an end-to-end view of how to manage APIs. API Lifecycle Management is a means to create a secure ecosystem for building, deploying, testing and monetizing and marketing APIs.
4. Analytics engine
The analytics engine identifies usage patterns, analyzes historical data, and creates tests for API performance to detect integration issues and assist in troubleshooting. The information gathered by the analytics engine can be used by business owners and technology teams to optimize their API offerings and improve them over time.
5. API monetization and marketing
API management tools can provide a framework for pricing and packaging APIs for partners and developers. Monetizing APIs involves generating revenue and keeping the API operational for consumers. Through usage contracts, you can monetize the microservices behind APIs. An API management tool will offer templatized usage contracts based on predefined metrics, including the number of API calls. This empowers innovative external players to help drive your business in ways you have not dreamed up yet – and still do it securely.
How successful is your API management?
Now that we know the features of an ideal API management software, how do you evaluate its success for your API efforts? Here are a few ways to track your progress:
Speed
How rapidly can you launch your APIs to meet your business goals? Latency and throughput are ways to measure the speed of deployment. Other areas to measure speed would be onboarding and upgrading APIs.
Flexibility
Flexibility is the breadth of options available to developers when adopting APIs. The greater the flexibility, the higher the cost and effort to manage the API.
Dependability
How available your APIs are to developers. One way to measure dependability is downtime. Quota is another way to restrict how many API calls can be made by a developer within a certain timeframe. Enforcing quotas makes API management more predictable and protects the API from abuse.
Quality
Stable APIs with consistent performance reflect higher quality. It is a way to measure a developer’s satisfaction with the API.
Cost
The above four factors contribute to cost. If your API management software provides a better view of all your APIs, it will reduce duplication and costs. Reuse of APIs is another way that you can save costs.
How are you managing API complexity?
If you are a business leader concerned about how to meet market demand through the creation and deployment of APIs, or you would like to monetize and reuse your existing APIs and reduce costs, then you need structured API management.
In partnership with Axway, Blanc Labs offers a way to manage your APIs to bring maximum business value. Axway’s API Management Platform enables enterprises to manage and govern their APIs for developing and applying their digital services.
Book a discovery call with Blanc Labs to learn more.
Blanc Labs and Axway partner up to provide integrated open banking solutions for all
Axway (Euronext: AXW.PA), a leading provider of open banking built on the Amplify API management platform, is proud to announce its partnership with Blanc Labs, a trusted financial service and healthcare innovation partner.
While the largest banks are already well along their digital journey, many others are still tasked with competing in what can feel like an uneven playing field. Financial institutions must have a clear strategy for implementing, governing, monetizing, and marketing APIs to ensure a frictionless customer experience and better business results.
“We want to help all banks – anyone who has something to bring to the table – to strategize and compete in the open banking arena,” said Eyal Sivan, Head of Open Banking at Axway. “They will thrive as they embrace open APIs, build on trusted customer relationships, and meet their customers’ needs wherever they are.”
“At Blanc Labs, we help our clients achieve extraordinary results by accelerating their digital transformation journey,” says Blanc Labs CEO Hamid Akbari. “APIzation will enable secure data interoperability within the financial services ecosystem. Open banking and Banking-as-a-Service pose a disruption challenge as well as a massive growth opportunity for banks and fintechs.”
The specialized solutions offered by Blanc Labs together with Axway make API integrations more efficient and cost-effective thanks to universal API management. Benefits of the unified API platform include:
- Increased productivity as developers easily find and repurpose APIs, eliminating duplication of efforts
- Less technical complexity by unifying and simplifying API services across the organization
- Stronger security thanks to a unified, vendor-agnostic view of all APIs
- Faster legacy system upgrades through an API-first layer, which simplifies the addition of new services
- More robust governance through centralized documentation for multiple developer teams
“Partnering with Axway, a pioneer in API management and the open banking space, is a natural fit for us. Out-of-the-box support for open banking and common data standards will significantly reduce the cost of building next-gen financial services and will accelerate time-to-market for our clients,” Akbari adds.
As banks gain confidence with Axway and Blanc Labs open banking solutions, they can move from optimizing processes and keeping up with industry standards to unlocking new business models, discovering richer customer data insights, and building highly personalized services to delight their clients.
Learn more about the Axway-Blanc Labs partnership and how they can help banks fully participate in the growing open banking ecosystem, here.
About Blanc Labs
Blanc Labs is a preferred partner for enterprises looking to digitize and build the next generation of technology products and services. To help companies rapidly deliver on their digital initiatives, Blanc Labs has developed expertise and bespoke solutions in a wide variety of applications in financial services, healthcare, enterprise productivity and customer experience. Headquartered in Toronto, Blanc Labs serves the Americas through operations in Toronto, New York, Bogota and Buenos Aires. For more information on how Blanc Labs is building a better future, visit www.blanclabs.com.
About Axway
Axway enables enterprises to securely open everything by integrating and moving data across a complex world of new and old technologies. Axway’s API-driven B2B integration and MFT software, refined over 20 years, complements Axway Amplify, an open API management platform that makes APIs easier to discover and reuse across multiple teams, vendors, and cloud environments. Axway has helped over 11,000 businesses unlock the full value of their existing digital ecosystems to create brilliant experiences, innovate new services, and reach new markets. Learn more at axway.com.
5 Factors to Evaluate Open Banking Readiness in Canada
By Steven Chung and Rishi Khanna
Open banking’s first phase is almost upon us. Now more than ever, banks will need to address their digital and core systems if they wish to participate and gain from the new banking regime. The need for seamless digital experiences, especially post Covid, is shaping customers’ expectations from banks and financial institutions too. Roughly $416 billion is up for grabs and if the prediction holds true that open banking adoption will increase by 76% in the next three years, then incumbents should begin preparing themselves without delay.
What is Open Banking?
Open banking is a way for financial services customers to securely share their financial data with other financial institutions and third-party providers using APIs governed and regulated by universally accepted protocols. Open banking exists in several countries around the world including the UK, Australia, Brazil, and Singapore.
The Benefits of Open Banking
Open banking is pushing banks to innovate and play nice with Fintechs. In the UK, where open banking launched shortly before COVD-19, the use of Fintech applications for money management rose by 20% for adults and 50% for young adults. Banks, as trusted custodians of customers’ data, can take advantage of the new Fintech technologies that have sprung up as a result of open banking to deepen customer relationships and retain them by providing valuable insights on their personal or commercial finances instead of just facilitating transactions.
5 Factors to Assess Open Banking Readiness in Canada
The first phase of open banking in Canada will begin in January 2023. Many banks and credit unions are in the midst of preparing themselves for open banking. But just how ready are they?
Here are 5 Factors recommended by Blanc Labs to evaluate if you are ready for open banking:
Factor 1: Your core and digital banking systems are up to date
Your financial institution’s core and digital banking systems are scalable, compatible with other new technologies. You have web-banking and mobile banking platforms for retail and commercial customers. Most processes are automated, minimizing manual intervention. The core banking and digital channel systems are cloud-native.
Factor 2: You have identified business use cases for open banking
You have identified use cases for open banking at your institution and you would now like to invest in an API-led ecosystem to monetize your data. Open banking use cases could include Account Aggregation, BNPL (Buy Now Pay Later), and Tax preparation.
Factor 3: Your organization is united in reaching its transformation goals
You have a non-traditional approach to growth and view open banking as a strategic imperative towards creating new lines of revenue for your business. As such, you have budgets dedicated to open banking efforts. You are looking at ways to improve how to use your data through TPPs (third-party providers) to create relationships with other financial institutions and non-banking entities and turn them into new offerings for your customers.
Factor 4: Your API-ecosystem is mature
Your organization has been creating APIs for internal and external consumption for some years. There is a standardization and documentation around maintenance, governance, security, and management of APIs. There is visibility over the entire API catalogue and tooling to track and monitor API performance. You participate in agile data partnerships with Fintechs, which means your onboarding processes are thorough, but quick.
Factor 5: You can operationalize APIs and use them as products
That leads us to the final step. Your organization can support third-party use, both in terms of system bandwidth as well as security. Your systems can take high traffic load. You are primed to use API-as-a-Product.
Do you have an Open Banking strategy?
Still unsure? Apart from readying the underlying enabling technology considerations, Open Banking is fundamentally a business decision and a discussion about how to best compete and win in the new banking environment. Here is a handy Digital Maturity Assessment from Axway that can help you figure out what stage you are at and what to do next. Blanc Labs in partnership with Axway offers an Open Banking Strategy Workshop that can help you:
- Define your financial institution’s goals for growth
- Analyze the current state of your organization and what you need to meet your long-term goals
- Identify challenges that you need to beat to ensure you can take full advantage of open banking
- Zone in on use cases that will give you the biggest ROIs and the fastest time to value
Book an Open Banking Strategy Workshop with Blanc Labs to learn more.
Open Banking in Canada: How Banks and Customers Can Benefit
By Bob Paajanen & Steven Chung
Exactly a year ago, the Department of Finance released the final report from the Advisory Committee on Open Banking. It set an ambitious 18-month roadmap for Open Banking implementation in Canada. With 2023 just a few months away, it is crucial that financial institutions understand the advantages of open banking and the possibilities it can bring, not just for themselves but also for their customers.
What is Open Banking?
Simply put, Open Banking is a way for business owners and customers to share their data with their financial institution (and connected third-party providers or TPP) securely using APIs governed and regulated by universally accepted protocols. Customers will have full control over how much and with whom they would like to share this data. They will also have a unified view of all their balances, credit cards, mortgages, investments, and any financial transactions across all banking entities. For this reason, open banking is also sometimes referred to as “consumer-permissioned data sharing” or open finance.
Open banking started in 2016 with European governments pushing for more open financial data and laying the foundations for banking evolution. The EU’s second Payment Services Directive (PSD2) was a powerful legislation that made an impact on the UK’s Competition & Market Authority (CMA) which mandated that nine of the country’s largest banks develop an “open banking standard” and enable customers to share data with Fintechs and third parties.
Open banking is now present in several parts of the world, including Australia, Brazil, India, and South Korea, where it is government-led, and in countries like China and the US, where it is primarily market-led.
Data Sharing in Open Banking
Before open banking, banks would share data with third-party providers (TPP) or applications using a process called ‘screen scraping’, where data is taken from one app through user details, copied and pasted for another purpose. A good example of this might be a typical finance aggregator app that sends a bot to the bank’s website on behalf of the customer and uses the consumer’s bank login and password to access all their financial information. About 3.5 to 4 million Canadians currently use apps that employ screen scraping. Until now, these TPPs did not have a formal relationship with banks and had access to more information than was necessary. Banks often were unaware of which data was scraped, yet they would be accountable if and when there were data breaches.
With new regulations around data sharing, banks will now share only relevant data with TPPs, with the customer’s consent, through APIs or application programming interfaces. Customers will no longer have to share their banking credentials with the TPP. Thanks to this change, many Fintechs that offer open API-led data-sharing networks have come to the fore.
As we move closer to 2023, several incumbents and challenger banks are partnering with data aggregators that provide API-led data-sharing networks, which will allow customers to securely share their data with several Fintech applications and provide them with financial insights in real time. Recent examples include EQ Bank’s partnership with Flinks, CIBC’s participation in the MX network and RBC’s partnership with the Plaid and Yodlee networks.
Why is this happening? An example will illustrate the opportunity and upside for industry participants. When a customer or their Fintech requests data from multiple financial institutions, aggregators like the entities named above will be able to monetize and sell via subscription the data to each financial institution. This can generate insights around where customers are at risk, or have relationships with other financial institutions, even though the details will be masked. Better customer profiling can be driven from empirical data through this data sharing model.
Open Banking and Digital Transformation
Nearly every, if not all, industries are going through a digital transformation. Long before open banking, many Fintechs had begun unbundling financial services. This trend has only accelerated thanks to open banking. In Europe, for example, TPPs grew from 100 to 450 in between 2019 and 2021. Financial services are now being restructured around “jobs to be done” rather than just products, creating better experiences and value for customers. Open banking will lead to two major outcomes when it comes to data: Interoperability and Automation. By making financial data interoperable, new customer value propositions could be created that offer better access and user convenience thereby creating new revenue streams for the bank. Once customers get a clear and unified view of their financial position, automation rules could take over to help with better decision-making to manage daily finances. This will make it possible for banks to cross-sell products and services without the customer ever leaving the bank’s ecosystem.
How Open Banking Benefits Financial Institutions
It is obvious to see the customer benefits of open banking. But what about financial institutions? One of the major reasons why open banking is seen as a catalyst by many governments and markets, is that it will boost growth and increase economic efficiency. One report from McKinsey estimates that the adoption of open banking could result in “1 to 1.5 percent of GDP in 2030 in the European Union, the United Kingdom, and the United States, to as much as 4 to 5 percent in India.” Another study reveals that $416 billion in revenue is up for grabs for those financial institutions that are agile enough to jump in on the opportunity.
Hyper-targeting and faster onboarding
A more holistic view of an individual or SMB’s finances means that banks too can make more customized offerings to their customer. Open data sharing will also make it easier and faster for customers to switch accounts, purchase new products or get approved for lines of credit.
Reduced operational costs
A lot of data remains in physical documents and disparate digitized sources. An open financial data system will ensure that the data is held digitally in a centralized location and make it easier for banks to adopt automation methods, thereby cutting operational costs. This is especially true for mortgage underwriting, where intelligent data processing and management can save between $7,000-9,000 per mortgage application. Here are more reasons banks can benefit from automating data intake and processing.
Better security
Fraud accounts for $4.5 trillion per year, which is equal to about 5% of global corporate revenue. Open banking may introduce a single-use digital token system compared to screen scraping, which is risky and open to misuse. Bad actors will have little to no access to customers’ login information during transactions, thereby reducing the risk of data breaches. Data sharing in real-time, could also provide a better view of suspicious activities and build predictive models to mitigate fraud.
Lead Generation
Banks acquire information from TPPs, such as credit bureaus, about potential customers during lead generation or mortgage origination. In the US, for example, nearly 50% of loan originators depend on third parties for information related to credit, KYC, and property valuation, costing banks up to $80 per application. Open data sharing enabled by APIs could potentially reduce the cost of acquiring this information and make it available securely to more financial institutions.
Are you ready for open banking?
Digital transformation has changed the way banks engage with their customers. With open banking, we are at the pivotal moment where customers can choose the services and products that work best for them, while banks and FintTechs can come up with innovative new ways to engage with them. Opening up banking systems can be a daunting change for banks that have operated through a linear chain thus far. Blanc Labs, in partnership with Axway Open Banking, offers a step-by-step approach for banks to:
- Build on existing infrastructure to reach their open banking goals faster
- Unlock the potential of their existing data to create new business opportunities
- Create a security layer for identification and consent to comply with the latest open banking standards
- Discover, Manage, govern, market and monetize their APIs
Book a demo or discovery session with Blanc Labs to learn about the impact of our Open Banking solutions.
Open Banking API Challenges: 4 Areas That Need Intervention
By Steven Chung and Bob Paajanen
As financial institutions find their way into the digital world, they face competition from several non-bank forces, including FinTechs and Big Tech companies like Apple, Google, and Amazon. FinTechs and Big Tech have begun rewriting the rules for the finance industry creating new ways of banking and new revenue streams. By offering speed, innovation, and unbundled financial services, digital non-banking entities are luring away customers from banks and credit unions. Open banking promises financial institutions an entry into the changing banking ecosystem by tapping into third-party application programming interfaces (APIs). But without the right strategy, banks may find themselves saddled with high costs, low time to value, vulnerable data systems, and no ROI to show.
API Challenges
As API adoption grows, so does the concern around how these APIs will be built or bought; how they will be managed; and the security and privacy risks that they present.
API Standardization and Documentation
The biggest concern around API adoption is standardization with more than 52% of organizations finding it a challenge. Unfortunately, there is no universal identity management framework which means that companies must rely on their developers to build their own management systems. Without proper documentation or style guides, different teams of developers within the organization may come up with varying standards for how the APIs are built and consumed, leading to issues with integration and management. The ‘State of Software Quality: API 2021’ study by SmartBear found that 54% of respondents pegged “accurate and detailed documentation” as the second most important characteristic they needed in an API as an API consumer, ease of use being the topmost. Yet, close to 40% of the respondents did not use API management software or were using an in-house API management tool.
API Security
As banks use more APIs to enable digital businesses and provide web and mobile experiences to customers, the chances of security breaches also go up. There have been several incidents of API attacks and data leaks this year alone. API security is made worse by the fact that many organizations lack an inventory of the APIs they create or use from third parties. Research firm Gartner found that the common theme among many of the API breaches was that “the breached organization didn’t know about their unsecured API until it was too late.” Sadly, there is no tool that will automatically discover vulnerabilities in the APIs. Implementing API threat protection and access control will require endpoint security (processes, infrastructure, and protocols). Without an API management platform in place, this will present further challenges.
“By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications.”
Gartner (2021)
API Governance standards and privacy regulations
Government-dictated compliance frameworks around APIs are still some time away for Canadian financial institutions. This means that developers at banks and credit unions must rely on varying standards, including security standards, when it comes to how API integrations will work and be used. Without governance standards, financial institutions run the risk of exposing themselves to fraudulent third parties and exposing customer information in ways that could be used against their interests.
API Reliability & Performance
To support new functionalities and user experiences, developers in financial institutions are relying more and more on third-party APIs, APIs from business partners, and from other business units within the enterprise. Many of these APIs are licensed from providers that also look after their daily operations. Due to the composite nature of these applications, an outage with one third-party API can impact any application that is using that API. As of April 2022, there were close to 7.8 million failed API calls in the UK according to Open Banking Implementation Entity (OBIE). The financial entities with the most failed calls are the big banks including Barclays, Lloyds, and HSBC. Frequent API errors create a negative impact on customer experience and may lead to discontinued product use.
Is your bank ready to adopt open banking?
API integrations are a necessity as we move towards an open banking system. Financial institutions must have a clear strategy on how they want to implement, govern, monetize, and market APIs to ensure a frictionless customer experience and better business results.
Blanc Labs has partnered with Axway to provide specialized solutions that make API integrations and management more efficient and cost-effective. Benefits of our unified API platform include:
- Increased productivity, as developers are easily able to find and repurpose APIs instead of duplicating efforts or wasting time searching for them.
- Less technical complexity by unifying and simplifying API services across the organization
- Better security through a unified view of all APIs
- Faster upgrades of legacy systems through an API-first layer allowing you to add new services more easily
- More robust governance through centralized documentation that multiple teams of developers can reference
Book a demo or discovery session with Blanc Labs to learn about the impact of our API solutions for banking.
Are your APIs causing more pain points instead of solving them?
Now, more than ever, banks are looking at ways to modernize their core technology to meet customer demands for speed, personalization, and seamless digital experiences. For the banks, a large part of that involves securely exposing customer data to third-party systems and consuming data from them. A simple example of this is using your bank credit card to pay with an app such as Google Pay or Apple Pay. For this data exchange to take place, banks build their own application programming interfaces (APIs) or use third-party APIs to interact with other systems. From a digital transformation viewpoint, APIs are indispensable in making banking services more open.
A study on APIs in banking by McKinsey found that nearly 70% of the surveyed banks planned to double the number of internal and third-party APIs and triple the use of public APIs. However, not all API integrations are successful. Close to 40% of the banks mentioned above did not have an API strategy or were still evaluating APIs. Mismanagement of APIs only increases operational issues, decreases productivity, pulls up costs, and delivers incremental results at best. Here we explore five API integration challenges and how to overcome them.
API Integration Challenges
Put simply, APIs are supposed to make it easy for disparate systems to work together. But poor integration can have the opposite effect, leading to silos, duplication of efforts, and rising costs. Some of the API integration challenges include:
- Technological Complexity
- High Costs
- Security Risks
- Time Consumption
- Varying systems
Technological Complexity
API integration is not an easy process. In fact, of all the digital transformation initiatives, API integration may be the most daunting. The reason for this is that integrating APIs requires an overhaul of the bank’s core systems. Understandably, many banks and credit unions are reluctant to change their core systems in one go as seen in the chart below. Yet, 75% of banks state that the number one reason for focusing their corporate banking strategy on APIs is “improving internal corporate banking processes, workflows and product management.”
To carefully integrate APIs while upgrading core systems at a pace that is suited to the bank requires a team of experts including highly skilled developers that come with a heavy price tag.
High Costs
Hiring a team of experts to execute APIs is only one part of the cost of integrating APIs. The question for many financial institutions is one of build or buy as this requires significant financial resources, a dependable developer ecosystem, as well as a strategy to monetize these APIs so current costs may be justified. Building a single API can cost upwards of $10,000 (as of 2020) depending on the complexity of the integration and the times it takes developers to build it. Buying APIs may come at a lower cost. Either way, there is no getting around the expense of building APIs and integrating them with core systems.
Security Risks
In Canada, the number of stolen records went up by 4,379% between 2015 and 2020. A data breach in Canada costs approximately $6.35M CAD. The use of APIs is reliant on web-based applications, which means that they are more open to threats from hackers and ransomware. Add to this the fact that a data breach can severely damage the reputation of an organization. API integration projects require hiring a team of security experts as well as updated security protocols.
Time Consumption
Setting up an API connection and integration module can take anywhere from a few weeks to months. This is the time when the development team will learn the logic and architecture of your platform and work to reduce bugs, among other things. Financial institutions that choose the wrong API solution may find that they are losing out to the competition by coming in last.
Varying systems
Within APIs and API systems, there are all kinds of architectures and software. Every system has its own logic and therefore each integration has its unique challenges. With every new system that developers work with, they need time and expertise to integrate APIs with those systems. Therefore, with multiple integrations, the process does not get faster and only becomes more complex
How to overcome API integration challenges
API integrations are a necessity as we move towards an open banking system. Financial institutions must have a clear strategy on how they want to implement, govern, monetize and market APIs to avoid high costs, duplications, and incremental gains.
Blanc Labs has partnered with Axway to provide specialized solutions that make API integrations more efficient and cost effective. Benefits of our unified API platform include:
- Increased productivity, as developers are easily able to find and repurpose APIs instead of duplicating efforts or wasting time searching for them.
- Less technical complexity by unifying and simplifying API services across the organization
- Better security through a unified view of all APIs
- Faster upgrades of legacy systems through an API-first layer allowing you to add new services more easily
- More robust governance through centralized documentation that multiple teams of developers can reference
Book a demo or discovery session with Blanc Labs to learn about the impact of our API solutions for banking.
4 Ways APIs Can Improve Your Bank
by Bob Paajanen and Steven Chung
With the urgent need to catch up with FinTechs and appease customers, there is a lot of discussion today around digital transformation in banks and how technology can improve both the customer experience and the bottom line. The word API is thrown around, but few understand the tangible impact of how APIs can improve your bank. In this article, we break down what APIs can do and the areas in which they can significantly change the ways in which banks operate.
What is an API?
An API or Application Programming Interface allows disparate systems to communicate with one another. Think of APIs as waiters at a restaurant—they take your order and relay that order to the kitchen. The kitchen prepares your order, and the waiters bring it back to you. The waiter here is a middleman that relays important information that is within the framework of the menu (defining what information should be shared) in a format that is understood by the kitchen (structured data).
The most common examples of APIs include “login using Facebook” or “login using Google” which use APIs to connect your Fb and Google accounts to a third-party website.
The use of APIs increases flexibility, increases efficiencies and therefore improves the user experience.
What are banking APIs?
Banking APIs are specific to banking software. Since the pandemic, the demand for APIs has grown as customers expect real-time 24/7 support across all banking functions. Using APIs can allow the bank’s systems to talk to one another thereby providing the customer with a unified and seamless banking experience.
The use of banking APIs is up from 35% in 2019 to 47% in 2021 and another 25% of banks and credit unions plan to invest in APIs by 2022.
Using APIs not only connects legacy systems to one another but gives financial institutions the opportunity to reimagine how their operating model works, what the customer journey should look like and how they would like to interact with customers. Indeed, the use of APIs today, according to PYMNTS, could be compared to getting the “proverbial plumbing in place to enable new digital experiences.”
APIs and the future of Open Banking
Open banking is a system where banks enable their financial data to be securely accessible to third parties with the use of APIs. Using APIs gives financial institutions access to new banking technologies such as digital lending, online mortgage approvals, digital payments, account opening, engagement tools, analytical tools and a host of other functionalities, while also empowering customers to have more control over their data.
What can APIs do for your bank?
There are many types of APIs created for a variety of functions. In this article, we will focus on four of the most common types of banking APIs and how they can help in your digital transformation and modernizing efforts. These are:
- Integration
- Connectivity
- Platform Banking
- Innovation
Integration
Banking systems set up even five years ago are now considered legacy systems. Such legacy systems don’t usually communicate well with newer technologies. Failure to keep up with the consumer or regulatory demands of today may render the bank obsolete. This is where APIs come in. Instead of replacing legacy systems—a time-consuming and expensive process—APIs can help legacy systems communicate with new software at a fraction of the cost and twice the speed. A good example of APIs integrating banking systems would be providing a branch locator (using mapping software like Google Maps) on the bank’s mobile app.
With advancements in technology and frequently updated regulatory requirements, integrating legacy systems with newer technologies is no longer a choice but a necessity.
Connectivity
As services such as personal financial management become more automated across various functions within the bank, there is a growing need for better governance of user data, including customer checking and credit history.
Because APIs also regulate the information that they share between systems, they can filter out relevant information to a third party without disclosing every detail. They can also time how long the information will be available to a third-party program. For example, credit history may be available for only 30 days.
APIs available today, especially REST APIs(or web-based APIs), are lightweight, faster, more scalable, and offer real-time connectivity, making them a perfect use case for mobile applications.
Platform Banking
Many non-bank businesses such as FinTechs today opt for the banking-as-a-platform strategy, where APIs are used to connect the non-bank business to a bank. With the use of APIs the non-bank business can use the bank’s license and regulatory framework, thereby offering banking services without being banks themselves. This means lower operations costs, which they can pass on to the customer in the form of lower fees and better rates. Banks on the other hand can take advantage of the newer technologies offered by the FinTechs to improve their service offerings without having to build them themselves.
An example of this is Tangerine Bank, a no-branch “bank” that offers banking services like savings and checking accounts using Scotiabank’s banking license to operate. APIs allow seamless, real-time connectivity for Tangerine customers, allowing them to access their banking information on their mobile app.
Innovation
The ability to plug-and-play innovative technologies means that banks can now offer a variety of new products while creating better efficiencies at the back end. Using APIs, banks can circumvent an overhaul of their legacy systems, improving bits and pieces at a time. This will save banks both money and time. APIs also allow banks to integrate products and services in a modular way. This gives them a wider choice of vendors, and with that comes better control of price, quality, and delivery.
Banks need not always depend on third parties to add on new products and services. If they decide to go their modernization route themselves, they can use APIs to standardize the process and add tools without making drastic changes to the underlying system—something that most banks prefer.
APIs can also help connect one banking system to another. For example, an API can connect the lending workflow with a customer’s personal banking workflow. This connection can provide better efficiencies, reduce manual work, and improve employee satisfaction. APIs can also integrate automation tools such as end-to-end journal entries, loan document processing, and report creation on top of legacy systems, saving time and cost. A 2019 report by Accenture predicted that banks would see a productivity gain of US$ 59 billion by 2025 thanks to automation. This number is probably higher in the context of the pandemic, which forced banks to automate and modernize their processes even more aggressively.
Current Challenges with API integration
While many banking institutions recognize the benefits of APIs, integrating them into the banking system is not without its challenges. This is especially so when you have multiple teams across geographies using a variety of API tools and vendors. This leads to duplication of efforts, further complicates the system and therefore leads to a loss in productivity. Using the right API platform can take care of these issues while giving the additional benefit of security and governance.
Integrate APIs in your banking system with Blanc Labs
APIs offer an exciting future for banks. It is imperative that banks take advantage of new technological products and services and leverage open banking, so they are not left behind in the race with FinTechs and other competitor banks.
Blanc Labs offers APIs that unify all ledgers and functions so that banks can get a true 360-degree view of their customers and help banks upgrade systems to meet regulatory standards.
Book a demo or discovery session with Blanc Labs to learn about the impact of our API solutions for banking.