Facing PSD2 in the Cloud

  • Jay Hibbin, Regional Sales Director – financial services EMEA at CenturyLink

  • 24.03.2017 09:00 am
  • PSD2

The 2018 implementation date for the second Payment Services Directive, or PSD2 as it’s more commonly known, is fast approaching. A growing number of conversations are currently taking place around whether this represents an opportunity for tech companies, fintech start-ups, merchants, and challenger banks to share in the success of the traditional banks.

PSD2 will require banks to provide third parties, such as those mentioned above, with access to their customers’ account information (with explicit permission), through the use of application programme interfaces (APIs).

There is an opportunity for account information services (AIS) providers to act as consolidators under PSD2, utilising the fact that most people will have more than one bank account, bank loan or credit card. By gathering data on these multiple accounts and their respective terms, an AIS could then send an SMS to a customer suggesting that, if they moved their money to another account, they could save money. Monitoring a customer’s spending in this way could help an AIS become more pro-active, and better able to provide more useful information and value-added features.

Security is important, of course, and new rules around data protection will be required. However, while it may be true that third parties will be able to access a bank’s customers’ data, they will first need the specific permission of these customers to do so.  It’s worth noting that the EU General Data Protection Regulation (GDPR) will also come into force in 2018. While its focus is on the protection of data, both the GDPR and PSD2 consider the customer to be the key priority.  To comply with both directives will, therefore, require a business to explicitly explain just what it is offering.

Challenges and opportunities

Driven by competition rather than compliance, this “open banking” directive is something the industry has never before seen and, as a result, it will undoubtedly create a significant shift in the nature of banking as we know it.

The aim of PSD2 –to increase customer choice regarding financial services – has led to an understandable fear amongst banks that it will spell an end to customers’ loyalty to one financial provider; something once practically guaranteed.

Indeed, there’s been a lot of talk around how fintechs and tech companies are poised and ready for the opportunity to break down the long-held consumer loyalty held to traditional finance providers. However, while the landscape will open up to a wealth of new players offering genuine solutions for providing a better service to customers, it’s not all bad news for the old guard; PSD2 represents an opportunity for banks too.

Consider the cloud

For traditional banks to compete with the fintech start-ups snapping at their heels, it’s important that they continue to innovate in their thinking and learn from their younger counterparts, and moving the development of new products to a cloud based platform model can be a critical step in doing so.

Challenger banks such as Metro Bank and Atom, for example, have successfully utilised the cloud to speed up time to market for new products. Traditional players should be following suit, and considering the cloud for key projects where the quick implementation of a viable product is key to success.

The cloud is a key way for banks to remain agile. Using advanced orchestration and management systems enables them to quickly and securely deliver innovative software to customers. And any project in an R&D or developmental phase, or that is quick to develop, is perfectly suited to a cloud platform.

Indeed, any standalone product, such as a payment service provider or mobile payment solution, that sits outside core banking legacy systems, even if it interfaces with them, could potentially be migrated to a cloud service model.

By doing so, banks will then be able to operate the IT for their latest service offerings in a similar way to their fintech counterparts.

Choosing the right environment

There’s no such thing as a “one-size-fits-all” approach to the most suitable environment for a move to the cloud. While multiple public and private clouds have their place, the key is in choosing the best execution venue for each application, and operating these under a single hybrid IT model.

The cloud boasts transparency into cost, flexibility and agility, but there has been a high-level view in the boardroom that the public cloud is cheaper than traditional managed services. However, when it comes to costs, banks must take the workload and usage patterns of the operation into consideration as these will all play a part in containing the overall cost. For example, if a system runs 24 hours a day, 365 days a year, rather than only needing to scale up on a particular time of day, month or year, the usage pricing model can mean that it will ultimately cost more than originally expected.

Add customer data to the mix, and security then becomes a major concern.

While public cloud is suitable for workloads requiring huge computing power, that need to scale at continued pace, and that have the ability to easily flex, it can sometimes be harder and costlier to secure to the required standard than a private cloud. The latter option is, therefore, used more often when holding highly sensitive customer data and needing to comply with internal governance and external regulation.

However, by combining the public cloud’s utility benefits of flexibility and elasticity with the privacy of a dedicated private environment, a hybrid cloud offers the best of both worlds. For this reason, it will soon become more commonplace for banks to require multiple cloud providers, with a strategy that encompasses both public and private options. But, although this will ultimately offer greater flexibility and efficiency, it will be a large task for CIOs who should look to add a managed service layer in order to keep complexity to a minimum.

Laying foundations for the future

Banks will undoubtedly face an increased level of competition following the introduction of PSD2. No longer able to rely on the vast amount of customer data they hold as a point of difference, banks will need to find ways of using that data to their own advantage. If they don’t, they’ll miss out on a huge opportunity.

Banks should start giving thought to the type of services and data they want to move to the cloud, the type of hybrid cloud environment they want to move it to, and the steps they need to take to make this happen.  By preparing now for the seismic shift that PSD2 represents, banks can ensure they have the agility that’s needed to remain competitive and keep their customers happy.

Related Blogs

Other Blogs