embracing psd2 and the era of open banking€¦ · embracing psd2 and the era of open banking...
TRANSCRIPT
Embracing PSD2 and the era of Open BankingComply, Compete, Innovate
June 2017
kpmg.com/uk/openbanking
The issue and impactWhat? and Why?
Disruptive EU and UK regulatory changes are forcing the banking sector to allow access to their customers, creating significant opportunity and challenge for all players.
EU PSD 2 (Jan 2018)
— Enables customers to grant a third party permission to:
– Access custom account information
– Initiate payments on behalf of customers
— Applies to all payment transactions where one payment service provider (PSP) is in the EEA also brings new types of PSP’s into scope
— Requires Secure Customer Authentication (SCA), as defined by the EBA Regulatory Technical Standards (RTS)
UK CMA Open Banking
— Order on nine largest banks in the UK to provide access to banking data via a standard Application Programming Interface (API)
— There are also additional provisions to improve competition for consumers and small to medium enterprises
When?
January 2018 is the critical milestone for both PSD2 and Open Banking, however there are further regulatory considerations such as EU General Data Protection Regulation (GDPR), the fourth AML directive and the EBA standard on Secure Customer Authentication (SCA).
By January 2018, organisations will have had to analyse the impact on their business, chosen a strategy, defined requirements, designed and implemented solutions and be able to demonstrate ongoing compliance.
PSD2
Feb 2017EBA Draft Final RTS issued
2017
Open Banking
31 March 2017Reference information made available via API
Fourth Money Laundering Directive (AML/ATF)June 2017
PSD2
Q3/Q4 2017EU Commission to approve final EBA RTS submission
2018
PSD2
13 January 2018Deadline for PSD2 implementation
Open Banking
Q1 2018Deadline for full API remedy implementation
General Data Protection Regulation (GDPR)May 2018 GDPR places much more control of use of data in the hands of the customer
Electronic Identification and Trusted Services (eIDAS) September 2018
Open Banking
Q3 2018Service quality indicators to be made available via an open API
PSD2
September 2018 – Q1 2019RTS Secure Customer Authentication Applies
2019
© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
The competitive responseHow? and Who?
The HM Treasury PSD2 impact assessment highlights that over 1599 institutions may fall into the scope of a Payment Service Provider (PSP) under PSD2.
All PSPs will be required to provide access to third parties. These third parties may use customer account information to provide value add services, or use payment initiation to give customers a seamless payment experience. This presents a real risk of disintermediating banks from their customers.
Account InformationService Provider (AISP)
© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Customer
AISPPaymentAccounts
Third Party
Payment Initiation Service Provider (PISP)
PaymentAccounts
Customer
PISP
Third Party
Fintech Traditional BanksSocial Networks UtilitiesTelcos Network DisruptorsChallenger Banks Tech CompaniesOnline Retailers Traditional RetailersAggregators/Comparators
Potential Third Parties
Customer
AISPPaymentAccounts
PaymentAccounts
Customer
PISP
Third PartyThird Party
Fintech Traditional BanksSocial Networks UtilitiesTelcos Network DisruptorsChallenger Banks Tech CompaniesOnline Retailers Traditional RetailersAggregators/Comparators
Assessing your position - Comply, compete or innovate?
All banking and payment institutions need to be cognisant of the opportunities but also tackle the challenges presented.
KPMG has developed a readiness diagnostic tool to help you look across your different organisational competencies and assess how you’re competing.
We assess across the key strategic dimensions and also against a framework that considers compliance, competition and innovation strategies.
PSD2 is live in Jan 2018, how ready are you?
1© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
Document Classification: KPMG Confidential
As an organization we view PSD2 and Open Banking as a regulatory requirement and have defined a regulatory action plan. Although we recognize the disruptive elements, at this stage we do not have any ambitions to leverage this industry wide change at a competitive level.
Comply
We have defined an Executive sponsored strategy to defend ground against new challengers and heritage institutions seeking to disintermediate us from our customers. We have identified elements of our operational functions that may need to change but have not assessed our organisational design and interdependencies in their entirety.
Compete
Organisations dealing with PSD2 and the related CMA Open Banking order need to respond to the regulation and opportunities and counter the challenges presented.All organisations need to consider three elements in their response:
Our organisation has a strategy to extract a competitive advantage from this change. Open Banking is an opportunity to assess and re-align our operating model and technology capabilities to this new strategy, ensuring we are able to respond as an agile and innovative organisation.
Innovate
Regulatory Action Planning
Strategic Planning
New World Operating Models
Next Generation Technology
Risk Management Ecosystem
This diagnostic is targeted at Executive teams to give them a rapid view of their competitive positioning.If you would like to hear more please contact us using details overleaf.
The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation.
© 2017 KPMG LLP, a UK limited liability partnership and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. All rights reserved.
The KPMG name and logo are registered trademarks or trademarks of KPMG International.
CREATE CRT079537
John HallsworthPartner Banking Management Consulting
KPMG in the UK+44 (0)20 7896 [email protected]
Tom CollinsDirector
Banking Risk Consulting
KPMG in the UK+44 (0)11 3231 [email protected]
Simon WalkerPartner
Banking Risk Consulting
KPMG in the UK+44 (0)11 3231 [email protected]
Jurgen WagnerAssociate Director
Banking Management Consulting
KPMG in the UK+44 (0)20 7694 [email protected]