Finland’s biggest fintech start-up Enfuce provides full PSD2 compliance as a service to Finland’s largest financial services group, OP Financial Group, in the Baltic states. As a recognition of the high level of compliance and security of the service, OP Financial Group was granted an exemption from setting up fallback mechanism by the Finnish Financial Supervisory Authority (FIN-FSA).
After the PSD2 directive came into effect on September 14th 2019, banks and financial institutions had to offer and open their APIs for third-party providers. Since customers want faster, better and more secure ways to interact and control their financial services, there is an opportunity for banks to truly embrace PSD2 and respond to increasing customer expectations.
OP Financial Group, who acts according to the highest security and compliance standards, sought a partner that both meets and exceeds the regulatory and security requirements, and supports them to reach the opportunities that come from PSD2.
“The goal of the Baltic PSD2 project was to ensure compliance to the Second Payment Service Directive requirements in OP's Baltic business in Estonia, Latvia and Lithuania. The scope was to follow up the country specific requirements set by each operating country's PSD2 legislation, Competent Authorities and ensure the needed actions to meet the requirements.
Enfuce enabled us to comply with PSD2 and focus on utilizing the possibilities,” said Jari Jokisilta, Head of Development and Maintenance, Baltic Banking at OP Financial Group. Enfuce provides a turn-key PSD2 compliance service to OP Financial Group in the Baltics states, which includes back-office services such as full-audit trail, TPP Support, 24/7 monitoring, dispute handling and the development of the APIs according to the ever evolving regulation. By handling the technical complexities, OP Financial Group can focus on their core business and utilize the possibilities of the APIs.
“We were excited that the leading financial group chose us as their partner when they were looking for a fast and futureproof way of implementing and enabling the PSD2 capabilities in the Baltic states. Working with OP Financial Group has been a great experience and we’re proud that they meet all requirements by using our safe APIs, ” said Denise Johansson, CEO and cofounder of Enfuce.
In addition to the key security measures, Enfuce maintains a secure environment for all card information, holds the highest PCI DSS certificate (Level 1) and complies with the strict rules of FIN-FSA as a trusted outsourcing service provider to banks and financial Institutions. Enfuce’s strict security measures dovetails well with OP Financial Group requirements allowing for a well aligned partnership.
“Two years ago, when we designed the prototype of our PSD2 compliance service, I remember writing one specific KPI for the project, ‘Without any doubts, the service should meet all security and regulatory requirements, and future customers must be able to trust the service 100 %’. As OP Financial Group received an exemption from the fallback channel requirements, I see this as a proof of a successful delivery of our service vision and we are proud of this achievement,” adds Denise Johansson.
The PSD2 APIs were released in sandbox in March 2019, entered production for market phase testing in June 2019 and as of September 2019, all OP’s PSD2 APIs were available in production to licensed TPPs.