Banking API Standardization Considered By UK Treasury

U.K. banking is soon to feel the brunt of API disruption with moves by the Treasury Department to commence an agenda that will create standardized APIs for the industry.

The move is part of a wider U.K. government agenda aimed at ensuring that citizens have better access to their consumer data. The government has previously encouraged banks, energy companies and utilities, and telcos to provide consumers with greater accessibility to their personal data in machine-readable (i.e., API-enabled) formats.

After some empty threats to legislate to ensure consumer rights to personal data held by businesses, the U.K. Treasury is trying a different tack: the chancellor of the exchequer (the U.K.’s national treasurer) issued an Autumn Statement this month with financial policies for the year ahead. According to section 1.171, "the government is keen to enable more innovation around bank data and will launch a call for evidence on how to deliver standardized application programming interfaces in the banking industry."

Industry analysts have been foreshadowing the disruptive forces facing banking for some time. Gartner analyst Kristin Moyer wrote in June that “new competitors are using open banking technologies (like APIs and app stores) and ecosystems (like partners and third-party developers) to disrupt the industry faster than ever before. For example, nonbank APIs from Amazon, PayPal, Zillow and others are two to five years ahead of retail and commercial banking APIs. Continuing on a path of isolation will lead to dwindling market opportunities and customer irrelevance for banks.”

Adrian Hausser, CEO of PayX, which provides advice to global financial and banking institutions, spoke last month at API360 in London to propose a way that banks can reinvent themselves by reorienting to become platforms that are able to make use of the transactional data they collect in Big Data sets all the time.

A recent study by the Open Data Institute and Fingelton Associates found that globally, some banking institutions already recognize and are responding to the disruption created by APIs, but banks in the U.K. "by and large" have yet to do so.

This is the "race to remain relevant" that Moyer argues needs to occur:

Open banking is the self-service discovery, provisioning and creation of new business models and services by ecosystems inside and outside the bank. APIs, apps, app stores, developer/partner ecosystems and other technologies provide CIOs with the ability to enable mobility and innovation, increase product and service accessibility, and create new business models.

Paddy Ramanathan, Managing Partner at Digital Confluence, sees great potential in a move toward open banking APIs. Writing on LinkedIn, he sees four opportunities that will emerge when banking APIs become the new normal:

  • “Exposing APIs and expanding community of digital developers will enable banks to innovate at scale”: As Hausser advocates, Ramanathan hopes future banks will enable an ecosystem of developers to create new products that leverage banking functions and transactional data.
  • “Monetized APIs and data will represent a significant source of revenue”: Ramanathan quotes industry sources that estimate the value of commercializing financial data in the region of $300 billion per year.
  • “Distribution of services will become ubiquitous”: Ramanathan believes banks will be able to return to relevance by being able to leverage third-party apps to meet end customers where they are, rather than remaining the monoliths that customers must come to as a destination.
  • “Overall risk in the system will go down with a connected financial ecosystem reducing losses and cost from fraud and defaults”: Ramanathan hopes that open banking APIs will mean better fraud detection and suspicious activity monitoring, and more efficient and accurate regulatory reporting, and that data-based risk assessments will reduce costs and strengthen security.

Some of these changing trends are already evident. Marc Torrens, CTO at consulting firm Strands, spoke at the International Predictive APIs and Analytics Conference last month in Barcelona, Spain, to demonstrate how APIs are enabling the firm to create innovative predictive and recommendation engines based on transactional data made available via banking APIs.

At, Marc Torrens showed how Strands uses banking APIs to create new personalization and predictive products.

Torrens quoted Spanish bank BBVA’s CEO, Francisco Gonzalez, who echoes Hausser’s take on the industry. Gonzalez said that banks have a significant advantage: “the vast array of financial and nonfinancial data we accumulate.”

This view of open banking is also the model behind the Open Bank Project. Speaking at API Strategy and Practice in Amsterdam earlier this year (and as highlighted by Axway’s Mark O’Neill at the recent APIdays in Paris), Ismail Chaib from the Open Bank Project demonstrated that banks are able to utilize Open Bank’s APIs to “foster a customer-centric open innovation system.”

At API Strategy and Practice, Ismail Chaib showed how the Open Bank Project is helping banks create new innovative products by using open banking APIs.

While the Open Bank Project is creating a model and selling it to banking customers, the U.K. Treasury is investigating the potential of moving toward a more regulated approach that insists on open API standards.

Independent Integration and APIs consultant Chris Wood believes the U.K. government will face several hurdles as it tries to progress this agenda. Having previously worked with Visa Europe, Wood identifies five potential barriers facing the U.K. government as it moves toward an open banking API standard:

• U.K. government projects are notorious for poor requirements, scope creep and lack of governance over suppliers.

• U.K. retail banks have complex and aging back ends with complex integration challenges. Many banks are also paranoid on data security.

• Complexity of U.K. banks' internal processes generally matches their technology challenges. The aggregate of this will make delivery across the industry challenging.

• Regulatory compliance (Data Protection Act, Payment Card Industry Data Security Standards) will need to be addressed in a sustainable manner. 

• Whilst this was prompted from an external report, any government support might be rendered null and void next year, and support this year could be electioneering.

However, Wood also suggests three ways the U.K. government could succeed:

• By ensuring a sensible, concise scope and many small, incremental deliverables.

• By doing the design up front and well. Solving the regulatory and data security issues will allow the banks to follow guidelines rather than engage in their own design process (which will takes a long time). They also need to solve the process issue. A standard API that each bank implements is one thing. How is access governed? Who can call the API? When? What life cycle does access being granted follow? Is there a subset of resources that anyone can mine that is not deemed “personal”?

• Ensuring government support lasts beyond next May.

With governments increasingly interested in mandating machine-readable data formats for business and their own departments, as interest grows in consumer rights to personal data (as is happening simultaneously in the health care sector), and as industries like banking are themselves trying to reorient in the face of massive disruption, a new strength of APIs is becoming clear. The trends that can be seen in the banking industry in regard to APIs reflect a new kind of benefit of API-enabling industries: to foster intraindustry data portability, whether it be government-regulated or industry-provoked.

Be sure to read the next Banking article: InnovaChallenge MX 2014 Announces Winners