It’s interesting, as an American (or at least as this American), to look at the European market from a distance and try to think about how companies might navigate the opposing regulatory forces of PSD2 and GDPR.
PSD2 is driving innovation
It’s been clear for some time that PSD2 is forcing banks to take an API-first approach to enabling customers to own their own financial data. An API-first approach brings many benefits to consumers, but also to the banks themselves:
- “Screen scraping” to get data from a bank is fragile and a negative impact to performance of banking websites.
- An API-first approach enables the banks to take their business to the customers, rather than have the customers come to their (app/site).
- Though many other markets are not regulated, global companies that develop PSD2 solutions will be well positioned to adapt as regulations happen in other market, and companies in EMEA that embrace PSD2-style changes in their business model will become global leaders in the market for financial services to younger consumers.
So, even forgetting “internal habits” and “the way it’s done today” challenges… what’s stopping banks from getting their API-first strategies going?
GDPR is scaring everyone
There’s a lot of hesitancy due to the uncertainty of GDPR.
Fines for GDPR non-compliance are high. Very high. In fact, some data-driven companies are simply not doing business in Europe until the compliance landscape becomes more clear. About a year ago, after two years of planning for GDPR, there were still more than 1,000 US news sites unavailable in Europe.
And, just recently the EU’s highest court ruled that organizations connecting to misbehaving companies can be held responsible for data misuse. Specifically, using Facebook’s like button opens a company up to being held responsible for the data Facebook collects.
It’s no wonder Apple is dipping its toes in the water to protect customer privacy.
On the one side PSD2 is forcing financial institutions to open up, on the other GDPR is making them very hesitant to doing so.
Ask any developer what the first step is in solving any sort of problem like this, and they’ll answer: “Create another layer of abstraction.”
In plain English: use APIs. And even as I write that, I’ve got an explosion of a picture in my head for what this means.
Why does an API platform help?
Each of these items could be a post of its own. For the time being, let’s get some food-for-thought:
APIs help companies modernize their IT infrastructure. An API approach enables new capabilities to be plugged into an infrastructure without a complex integration project helping companies move faster and deliver services more cost-effectively. A key takeaway from my experience with customers is, however, not to confuse modernization with innovation.
APIs help companies extend to new platforms. In an experience-driven world, the platform informs the experience. If you’re “writing once, running everywhere,” you’re definitely solving a problem but your customer is the developer who can do less work that way, not your end-customer who wants the best experience possible on their platform of choice.
APIs help companies innovate faster
One of my favorite tweets was one where people were complaining about Facebook not supporting a new iPad Pro format that had been out for three months. Three months! There’s a huge mismatch between people’s expectations and the reality of software delivery (especially in the enterprise space).
And my favorite benefit, since I’m really lazy an efficiency expert, APIs enable all your customers – consumers, partners, employees – to innovate with your digital assets. APIs allow people to find creative solutions to their own problems with your digital assets. This ends up being a very sticky use case, especially when the channel for your solution is through partners or to B2B customers.
What can companies do?
I have three recommendations based on my personal experience with customers:
- Consider the ROI model. Waiting for the customer to scream is not an ROI model. How can you re-frame a return-on-investment to enable projects to move forward with customer input, before the customer is ready to switch services?
- Integrate the technology conversation earlier in the business process. This may require “retraining” teams to work more closely together. However, you don’t want to be in a position I’ve seen many times, where the business asks for one thing, and development builds another, but the teams don’t come together until it’s too late.
- Find a place to start from the customer-point-of-view and work your way into the technology. Use the customer point-of-view (the job they’re hiring your company to accomplish) to break down barriers within the organization and identify digital assets that can be shared across silos. Then modularize the digital assets so that they can be used at scale wherever needed. This takes time but will eventually impact the ROI model in a positive way.
What NOT to do
Don’t implement APIs because you need to have APIs for PSD2 or some other technical architecture goals.
Create an API platform because you want to:
- Move faster
- Deliver a better customer experience
- Lower operating costs
- Lower security risk
- Increase compliance and oversight
It’s not about APIs themselves. It’s about the capabilities that they deliver when you build an API platform that enables the business to get closer to your customers.
What’s your organization’s digital maturity? Spend 5 minutes to find out.