In the highly complex and sometimes emotional world of European Payments Regulations, nobody know who to sympathise with. Should people be more understanding of the large banks who are facing swathes of new compliance obligations? Or should the public offer most condolences to Fintech firms who recently have been visibly upset by plans of the European Banking Authority (EBA) to outlaw a technology which is known as screen-scraping and allows copying of data from targeted websites.
On the one hand, there is a mature industry, delivering complex financial services, facing huge costs as a result of regulatory requirements aimed at increasing competition for safe and easy online payments. On the other hand, the antiquated banking sector is facing an existential challenge because of the same regulatory ‘nudge.’
>See also: Collaboration between banks and fintechs is key to survival
Last week a coalition of 60 Fintech companies published a well-written manifesto. The ‘Future of European Fintech Manifesto’ argues a) the EBA does not really understand what PSD2 is for, and (b) the EBA is wrong to think that screen-scraping techniques are not safe, secure and perfectly reasonable. As such, the sector is in for some very lively debate and lobbying over the coming months before the PSD2 Regulatory Technical Standards are formally adopted by the European Commission.
Meanwhile, the European banking industry seems to be moving stoically (admittedly some with infinitesimal velocity) towards API-based connectivity. These initiatives support banks’ PSD2 obligations to provide access to customer’s accounts and services to Third Party Providers (TPPs), including to members of the Fintech community. These may even support completely new services that TPPs may be asked to pay for. So, on balance, the banks may be getting a better deal from PSD2 than they’d originally feared.
>See also: Why it’s time to reimagine banking in this digital age
The industry was already preparing for a ‘fuzzy’ regulatory period between the PSD2 go-live date slated for January 2018 and the EBA RTS coming into force 18 months after their agreement. This ‘fuzzy’ period will likely see a range of arrangements. While some banks will have APIs ready, many will not.
At the same time, fintech firms specialising in screen-scraping will probably take advantage of the regulatory impasse whilst they work out whether to re-engineer their systems, alter their business plans or accelerate their exits.
>See also: Lloyds Bank’s £1.75BN bet on the future of banking
Meanwhile, it’s worth sparing a thought for ‘you and me’. The PSD2 initiative has been created for the customer, in order to simplify our financial dealings and make them more transparent. But above all, most of us still seem to value security. So perhaps the EBA has got the balance right, both in terms of security, and in terms of encouraging a competitive financial services industry.
As for screen-scraping (a term the coalition would prefer to be described as “Direct Access”), perhaps we are due a good debate about the rights and wrongs of hovering up information built by other businesses. Perhaps this is the warm-up for the debates soon to follow: Who’s information is this anyway? What is fair use? And how should consent be managed and revoked?
Sourced by Lu Zurawski, solutions practice lead, consumer payments EMEA, ACI Worldwide
Nominations are now open for the Tech Leaders Awards 2017, the UK’s flagship celebration of the business, IT and digital leaders driving disruptive innovation and demonstrating value from the application of technology in businesses and organisations. Nominating is free and simply: just click here to enter. Good luck!