Polish API – the open banking standard

The PSD2 directive in Poland comes into force with a delay. The draft of the local version of the Act was submitted to the polish Parliament at the very end of January. Due to the threat of sanctions, work must be carried out quickly. The Parliament of the Republic of Poland will deal with the amendment of the Act in February. And it is expected that, the final document will be announced in the second quarter of 2018. Symultaneusly, team of experienced IT architects develops the Polish API standard, according to which they are supposed to open all the banks in the country.

Delays appear not only in Poland. The British market, which announced the project of its own Open Banking Standard before the start of the work of the European Commission on PSD2, also exceeds the deadlines in the implementation schedule. The final shape of technical standards for the Act (RTS) is already known, the expected publication of the document is to take place in March 2018. The European Commission has set a “transition period” for compliance with RTS, separate from other PSD2 guidelines, in force since 13th January this year.

 Read more  PSD2 RTS – Regulatory Technical Standards for 2nd Payment Security Directive

Universal API project for the entire Polish banking industry appeared under the conduction of the Polish Bank Association. Only a few European countries (including United Kingdom and France) have decided to take similar approach. In discussions about the sense of this idea, main benefits that arise are significantly lower implementation costs for institutions subject to mandatory API configuration.

The draft public API standard for the banking sector in Poland was submitted for public consultation on January 17, 2018. By the end of January, the industry reported more than 300 project remarks, along which it will be possible to improve the standard.

The entire European market is waiting for this document. Fintechs in the UK complain that due to delays in legislative processes they are losing the expected revenues. Payment operators, loan systems, insurance companies and telecoms are all in the queue for data from the banks’ APIs. The e-commerce industry has already invested heavily in infrastructure, ultimately using new customer data.

The PSD2 Directive started in Europe from January 13 and its provisions should already be used, but the technical requirements for open application interfaces (APIs) have not been finally adopted by the European Parliament. The RTSs will take effect 18 months from the date of their publication, which – according to the Financial Supervision Authority – will take place in March 2018. At that time, business entities should already prepare for new functions, enabled by the Act: account operators, payment service providers, aggregators and service comparison service providers.

 Read more:  GDPR: 5 most important law changes and their consequences for banks.

As corporate architects we understand perfectly well that the integration process is long and consumes many organizational resources. In the meantime, other regulations are threatening with financial penalties, with most important in 2018 amendment to the General Data Protection Regulation (GDPR), imposing new obligations on business entities in the scope of security, storage and management of user data. The EU’s GDPR Act enters into force in May 2018.

As for banks, they are not idle either. Without revealing many details to public, they have been preparing for months for a new reality, where the monopoly on financial services will be taken away from them. In the survey conducted among European banks by the Deloitte agency, sector plans related to PSD2 are bold: aggressive customer acquisition policy, additional premium API, API as products, non-payment services (up to 30% of banks plan to introduce them). What is more, banks expect the biggest impact of the PSD2 directive only in the next few years.

Read more:  Biometric authentication, FIDO standards and our money security

Financial institutions have differentiated budgets for their regulatory activities and this obviously affects the progress of work.  In the referenced Deloitte report, Polish banks declared the largest (just behind the Czech) budgets for activities related to compliance among the countries of Central and Eastern Europe – even 5 million Euro only on PSD2.

At the same time, they were the largest group in this part of the continent when it comes to the strategy including cooperation with the fintech sector and other TPPs. Polish banks seem more innovative than Western banks and are already collaborating with technology companies on a large scale, creating breakthrough products (such as BLIK transfers to phone numbers).

It can therefore be expected that the final shape of the Polish API will be so open and thought-out, that polish banking will become a competitive challenge for banks in the Union. And it will continue to set new trends in financial technologies.

 Read more  Open API and open banking – 7 products ideas