PSD2 has created new possibilities for innovation within the European payments market that extend beyond the financial sector. A broad range of players, with or without a payments background, can leverage the opportunities of this legislation. Such players face two key decisions. Firstly, they must choose whether to obtain a PSD2 licence themselves or re-use a licence from a licenced service provider. Secondly, if they choose to obtain and maintain a licence themselves, they'll have to decide how to connect to banks to access the data and functionality that banks are obliged to open up: either by building and maintaining their own API connections or by using an API aggregation service provider.
For both key decisions, it is not always clear what degree of effort the options entail and what the relevant considerations are. We have explored the challenge of obtaining a licence in a previous blog. In this blog, we examine the most important criteria that are relevant in these decisions and the considerations that come with these criteria. We’ll first explore the licensing decision before moving on to the decision on API aggregation.
THE DECISION TO OBTAIN A PSD2 LICENCE RELIES ON SIX CRITERIA
For licensing, the organisation has to make the following decision: either obtain and maintain its own PSD2 licence or re-use a licence from a licenced service provider. We have identified six main criteria that influence this decision-making process:
- Time-to-market is key in many propositions. Getting a PSD2 licence can be a time-consuming exercise, whereas a licensed service provider can provide you with PSD2 services the very next day. If you need to market a proposition quickly, a licensed service provider will enable you to do so.
- Obtaining the appropriate licence will take time and effort and may therefore be costly in comparison to using a licensed service provider.
- Besides costs, obtaining and maintaining a licence requires capabilities in licensing and regulationsthat may not always be readily available within your organisation.
- One of the benefits of having your own licence is the control you have over the functionalities you need for your business case. A licensed service provider may not provide the flexibility in governance, development and operations that your organisation requires for a successful proposition.
- Having your own licence also reduces complexity in liability mitigation, as involving more parties in your customer service implies additional legal frameworks and lengthier processes to resolve disputes.
- Lastly, using a licensed service provider also has an impact on the customer journey, as under PSD2 the user provides consent to the licensed party in the bank environment. Seeing the unfamiliar name of a licensed service provider instead of your organisation’s name may cause confusion among consumers and even distrust in your services.
The decision to use an API aggregation service provider depends on five criteria
If you have chosen to obtain a PSD2 licence, you will then have to decide on how to connect to the banks’ APIs. In the case of API aggregation, you will need to make the following decision: either build and maintain your own API connections to banks, or source API aggregation services from a technical service provider. Please note that if you have decided not to obtain a licence, you will not be able to connect to the banks’ PSD2 APIs as there is no licence to base the access on. We have identified five main criteria that influence the API aggregation decision:
- Due to the low level of standardisation between banks’ APIs, building and maintaining connections will involve a significant amount of time and effort. Using an external service provider to aggregate the API connections to banks can reduce the time-to-market of your proposition.
Given the focus and scale of external service providers, costs are expected to be lower using an external service provider.
Besides time and effort, obtaining and maintaining the necessary API connections requires specific technical capabilities. The degree to which these are present differs per organisation.
Control is one of the main benefits of connecting to banks’ PSD2 APIs yourself. An external service provider may not provide the flexibility in data, development and operations that is required for the success of your proposition.
Besides control, connecting to PSD2 APIs yourself reduces complexity in liability mitigation, as including more parties in your service offering implies (extensive) legal contracts and indirect customer interaction.
INNOPAY can help you with your business case
The possibilities of PSD2 are increasingly being explored by new players outside of the traditional financial market. INNOPAY can help you gain insights into the key decisions on which your PSD2 XS2A business case relies.
INNOPAY has extensive cross-sectoral experience in enabling organisations to reap the full potential of the opportunities opened up by PSD2. Our consulting services range from defining PSD2 strategies and identifying actionable opportunities, to assisting organisations with obtaining their PSD2 licence and selecting the most suitable API aggregation provider.
Reach out to us for help or if you are interested in finding out what other opportunities PSD2 could offer your organisation.
Disclaimer: Ultimately it is up to the National Competent Authority to decide whether exemptions on a technical service provider apply and there can be different opinions between NCAs and the European Banking Authority. This article reflects our expert view on the current overall applicable regulatory interpretations, but any advice on the applicable regulatory scope requires a case-by-case analysis.