Catalyst or threat?

Catalyst or threat? The strategic implications of PSD2 for Europe’s banks

Executive summary

The adoption of the revised Directive on Payment Services (PSD2) has set the stage for open banking in Europe. By providing standardized access to customer data and banking infrastructure, PSD2 will lower the barriers for entry to third-party providers and financial technology companies (FinTechs), and it will stimulate the development of new business models and a wide range of new banking services. In this way, PSD2 will be a catalyst for both disruption and strategic renewal in Europe’s banking markets.

Europe’s consumers have started to embrace the kinds of services and companies that PSD2 will foster. A PwC Strategy& study on PSD2, conducted in the first quarter of 2016, suggests that 88 percent of consumers use third-party providers for online payments, which indicates that there is a large, primed base of customers for other digital banking services.

Nevertheless, the overall response of Europe’s bankers to PSD2 is one of uncertainty: Although 68 percent of bankers fear that PSD2 will cause them to lose control of the client interface, many of them remain unsure how to respond to the new directive. As a result, they are adopting a defensive, wait-and-see stance that is risk averse.

In contrast, there are a few banks — and more third-party providers and FinTechs — that are embracing the possibilities of open banking and pursuing strategies aimed at winning a leading role in the future. They are not waiting until the implementation of PSD2.

In this report, we bring together the attitudes and behaviors of banking customers, the mind-set and concerns of bankers, and the responses of first-mover banks and FinTechs to analyze the implications and ramifications of PSD2 for Europe’s banks. And we offer five strategic options that banks can consider to expand their offerings, better serve their customers, and grow their market share and revenues.

With the adoption of PSD2, an irrevocable shift to open banking in Europe has become inevitable. Europe’s banks cannot afford to wait for the official PSD2 implementation date in 2018 to formulate a strategic response.

Europe’s open banking mandate

On October 8, 2015, the European Parliament adopted the revised Directive on Payment Services (PSD2). It requires Europe’s banks to offer third-party providers greater access to customer data and payment infrastructure, and gives banks until 2018 to comply with its mandates. Depending on how banks choose to respond, the new directive can be either a catalyst for jump-starting the development of valuable new business models or a threat that will spawn serious competitive challenges.

The European Parliament adopted PSD2 to make it easier, faster, and less expensive for consumers to pay for goods and services, by promoting innovation (especially by third-party providers), enhancing payment security, and standardizing payment systems across Europe. PSD2 uses three mechanisms to achieve this: First, it expands the regulatory purview of the European Union (E.U.) to include new kinds of providers, such as payment initiation and account information services. Second, it imposes limitations on transaction fees and stricter rules on refunds to lower transaction costs for consumers. Third, and the most disruptive, it requires European banks to open their payment infrastructure and customer data to third-party providers of financial services.

Although the technical details of PSD2 have not been fully specified yet, banks will most likely have to use application programming interfaces (APIs) to provide access for third-party providers (see Exhibit 1). These standardized interfaces are powerful facilitators and drivers of digital businesses — beyond their use in the exchange of data, APIs allow companies to adopt a modular approach for quickly and cost-effectively creating and scaling new businesses. For this reason, the pace of API development and use is accelerating in numerous industries.

Exhibit 1: PSD2 gives third parties access to data and payments via APIs

PSD2 gives third parties access to data and payments via APIs

Uber, for example, quickly grew from a small startup to a global company by integrating partner capabilities via APIs. It uses the Google Maps API to locate customers and track drivers, Google’s Cloud Messaging API for instant messaging, and PayPal’s Braintree API for payment. In addition to using third-party APIs, Uber also has developed its own API and provided it to other companies to extend the reach of its services. For instance, OpenTable, the online reservation network, incorporates Uber’s API in its app to allow customers to arrange travel to and from restaurants when they make a reservation. Companies such as Amazon, eBay, Facebook, Salesforce, and Twitter also have successfully used APIs to bolster their capabilities and build their businesses.

Until recently, the use of APIs and the exchange of data in the banking sector was limited. This was partly because of the dictates of regulation and security, and partly because banks have been hesitant to loosen their hold on customer data and infrastructure. But the adoption of PSD2 creates a new playing field.

Now, European banks must open their data and infrastructure to fulfill regulatory requirements. Even though the professed focus of PSD2 is on payments and access to accounts, its ramifications extend far beyond that limited area. In addition to using APIs to achieve compliance, Europe’s banks and third-party providers will be able to use them far more strategically. They could add third-party capabilities to their core business offerings via APIs, thereby creating and testing new models and concepts faster and driving down their cost of innovation. They could bolster their cross-selling efforts and extend their reach into new markets by providing their APIs to third parties. And they could use the consumer behavior and preference data that accrue from these activities to develop the insights needed to create additional new consumer products and services.

This report, which includes the results of our study of the strategic ramifications of PSD2, explores the current market situation from the perspectives of European consumers and banks. It also offers our perspective on how Europe’s banks can transform the looming threat of sectoral disruption and the emergence of new competition into a catalyst for expanding their offerings, better serving their customers, and growing their market share and revenues.

Security and convenience will drive consumer adoption

Our survey confirmed that the use of third-party providers for digital payments is already standard behavior among European consumers. Further, it suggests that consumers will patronize third-party providers that leverage PSD2 to expand their existing payments businesses (as the volume of digital transactions continues to grow in coming years) and to launch digital offerings in new markets, such as personal financial management.

Eighty-eight percent of the survey’s respondents already use third-party digital payment services, such as PayPal1 and Sofort, and nearly three-quarters of them know that these services are not affiliated with their banks. In addition, 85 percent of respondents rate the security of these alternative payment services as “high” or “very high,” and 82 percent “agree” or “strongly agree” that companies such as PayPal and Amazon can handle cash transfers as reliably and safely as their banks. In short, third-party payment services have earned consumer trust.

The degree to which third-party providers can capitalize on this high level of trust in their payment services will be an important factor in determining the competitive threat they pose to banks. If they can combine high trust levels with proprietary consumer behavior and preference data, third-party providers could create a solid foundation for expanding beyond payments into other services, such as account monitoring and personal financial management, that banks have traditionally offered.

Current consumer attitudes and behaviors with regard to digital banking services beyond payment are more nuanced. First, far fewer consumers are using non-payment apps: Only 32 percent of the survey respondents are using apps provided by their banks, and only 11 percent are using nonbank apps. Security concerns are the primary eason for the low adoption rates of these digital banking services: 34 percent of respondents who are not using financial apps said they would “certainly” or “likely” adopt them if their security concerns were eliminated.

Second, despite the substantial lead that banks enjoy in non-payment apps over third-party providers, they cannot rest easy: The survey also revealed that users of third-party apps tend to use them for more value-added activities than the users of bank apps (see Exhibit 2). The reasons, from the consumer perspective: Third-party apps offer a compelling user experience (easy navigation, few keystrokes, automation, and fast response times), and they are convenient, allowing consumers to manage accounts with different banks from one point of access with minimal manual entries. This suggests two possibilities when PSD2 opens up banking data and infrastructure: Banks could find themselves in a disadvantaged position relative to third-party competitors, or they could seize the moment and design more convenient and compelling products and services.

Exhibit 2: Users of nonbank apps tend to engage in more value-added activities than users of bank apps

Users of nonbank apps tend to engage in more value-added activities than users of bank apps

Most bankers are playing defense

Our interviews with senior executives in 30 leading banks across Europe reveal a mixed, but mostly negative, perception of PSD2. A large majority (88 percent) of the executives believe that PSD2 will affect their businesses, but they are far less sure about the specific implications and ramifications of PSD2 or what their response to the directive should be.

Many bankers are attuned to the disruptions in their sector. Slightly more than half of the executives told us that their banks have launched or soon will launch strategy initiatives. Yet substantially fewer of them have a clear sense of what role PSD2 could or should play in these initiatives, and how it might support new business models that enable enhanced customer relationships, collaboration with partners inside and outside the industry, product and service innovation, and/or competitive pricing strategies (see Exhibit 3).

Exhibit 3: Assessment of PSD2 impact on banks

Assessment of PSD2 impact on banks

In our talks with bankers, it became evident that there are three distinct schools of thought with respect to PSD2:

  • The threat school sees PSD2 as an exercise in compliance and tactical response. In this school, PSD2 is a driver of cost, not revenue. Moreover, the new level of competition stimulated by PSD2 is expected to mainly require a tactical response, perhaps in the form of lower prices, to defend the customer interface.
  • The wait-and-see school views PSD2 as a not-yet-ripe chance to better serve customers and extend market reach. In this school, it is too early to tell how PSD2 can be used to create value. Thus, the proper response is to comply with the directive, and wait and see what happens when the changes it mandates are in place.
  • The catalyst school sees PSD2 in the broader context of the fundamental disruption that is under way across the global financial sector. It perceives the directive as yet another of the catalytic forces that are providing momentum to the inexorable move toward open banking. This school believes that the time for responding to PSD2 is at hand — indeed, some say it is already passing.

The catalyst school represents the only viable approach to PSD2. Because the directive mandates open banking, Europe’s banks should respond by formulating business models that embrace collaborative relationships with new partners and the exchange of data via APIs. Otherwise, banks will be vulnerable to service commoditization and competitive marginalization.

Six business models for a new era in European banking

To illuminate the kinds of business models that could be used to more effectively compete in an open banking environment, we examined first-mover banks and financial technology companies (FinTechs) that have already begun creating API-powered, data-fueled businesses. From among them, we chose six companies — Buddybank, Number26, Treefin, Satispay, Open Bank Project, and Figo — that are leveraging APIs and the advent of open banking in different ways (see Exhibit 4). Collectively, they illustrate the range of possibilities inherent in the changes mandated by PSD2.

Exhibit 4: Six API-powered business models are emerging in banking

Six API-powered business models are emerging in banking

Buddybank’s modular mobile model

Buddybank, a subsidiary of Italy’s UniCredit, will be accessible only on iOS smartphones. Billed as a bank that is “always at the customer’s side,” Buddybank will offer conventional banking products, such as accounts, credit and debit cards, and loans, as well as lifestyle services such as restaurant and travel reservations.

Buddybank is being built on a lean, stand-alone architecture, which will allow for fast, low-cost expansion. The front end and API are being created for mobile use only by an Italian developer. The architecture will enable the company to quickly and easily provide banking services through connections with partners.

“With the help of APIs, we will build a bank in just 12 months,” says Angelo D’Alessandro, founder of the startup. “And we will continue at this pace by partnering with the best and continuously innovate our offering. With an initial investment of €50 million [US$55 million], we expect to attract 1 million customers within five years of our launch in January 2017.”

UniCredit’s Buddybank proves banks can be FinTechs too

In February 2016, Italy-based UniCredit announced the formation of wholly owned startup Buddybank. With the move, UniCredit, one of Europe’s largest banks, sent a clear message that it also intends to be one of Europe’s most innovative FinTechs. “Buddybank will be UniCredit’s ‘molecular’ bank, exclusively for smartphone users,” says Angelo D’Alessandro, founder of the startup, which is scheduled to begin operations in Italy in January 2017. “Its name encapsulates its ethos: To be a buddy is to always be at the customer’s side, ready to help and give good advice,” he says.

Buddybank plans to offer modular current accounts, innovative credit and debit cards, and instant and contextual personal loans. In addition, there will be a 24/7 concierge service, accessible via Webchat and phone, to assist with tasks like restaurant reservations, taxi hailing, and travel planning. According to D’Alessandro, “Buddybank wants to offer clients a single and secure point of access” for everything relevant to their lives.

Core banking products are offered in an innovative way to create the best customer experience. “Basically, they are the platform for extending our services well beyond classical banking products,” says D’Alessandro.

Standing up a bank in one year sounds like an impossible task, but Buddybank plans do just that using a modular approach. It is being built on a lean, stand-alone architecture and application programming interfaces (APIs) that will enable the company to partner with and connect to other service providers, such as credit card companies and car-hailing services.

Digital technology also will enable Buddybank to identify its customers within seconds. New customers will be able to open accounts in only a few minutes and quickly apply for and secure loans. Further, the Buddybank app will provide financial management services, such as automated saving plans. “If a customer is planning to run in the New York City Marathon, she may concentrate on the physical training and leave Buddybank to take care of the monthly order to save the necessary amount,” says D’Alessandro. “Buddybank may even plan the trip.”

With an initial investment of €50 million (US$55 million), Buddybank targets the acquisition of 1 million customers in the first five years after the 2017 launch.

Number26’s modular bank model

Number26 is building the first mobile-only, pan-European bank. Convinced that consumers want a single digital platform for all their banking needs, the Berlin-headquartered bank, which launched in France, Greece, Ireland, Italy, Slovakia, and Spain in December 2015, is taking a modular approach to building a FinTech hub by integrating APIs from a number of partners.

To counter competitive threats from both existing banks and other FinTechs, Number26 plans to quickly and continually adapt its offerings to ensure that its customers can always access the best products. “We believe that we have a first-mover advantage,” explains Alexander Weber, the mobile bank’s head of strategy. “Others will need considerable time to catch up — and we will not stop moving in the meantime.”

Number26 is striving to offer a “simple and fun” customer experience. “Currently, we have an average four contact points per customer per week, and we use each contact point to learn more about our customers’ preferences and desires,” says Weber. “We have a very good understanding of the customer and constantly work on becoming more customer-centric. And this will remain true even as we expand our offering.”

Number26 aspires to be the first all-digital pan-European bank

In February 2013, Valentin Stalf and Maximilian Tayenthal founded Germany-based Number26 to remake the banking customer experience for the digital era. By April 2016, 15 months after the launch of the FinTech’s app-based bank, European consumers in eight countries had used smartphones and computers to open more than 160,000 accounts with Number26.

“We want to build the first pan-European bank,” says Alexander Weber, head of strategy for Number26, which is named for the 26 small blocks that make up a Rubik’s Cube. Customers can open a bank account and get credit cards online in minutes with the help of the video function on their phones. Transactions are confirmed as they occur via push notifications. One-click money transfers can be made to individuals via email or SMS, and cash transactions can be made at thousands of retail points. Customers can manage every aspect of their accounts through the app’s dashboard.

Number26’s customers pay no fees for these services. Revenue comes from the providers of the products and services that populate its platform. “We’re convinced that our customers do not want to deal with multiple finance apps,” explains Weber. “They want one platform that is convenient and offers access to a range of products. Consequently, we are in the process of building a FinTech hub.”

The hub integrates offerings from partners (such as one that manages and secures its customer accounts and another that handles its money transfers) via APIs. This modular approach lets Number26 quickly evolve product offerings. It also allows the company to focus its full attention on the customer experience.

Number26’s ability to build a compelling customer experience and a pan-European brand will become increasingly crucial as the mandates of PSD2 stimulate the competition in Europe’s banking sector. But the FinTech, which is processing more than 1 million customer transactions a month, believes that it can hold on to its first-mover advantage among digitally savvy consumers.

The borderless bank, which now has 140 employees, has raised more than €12 million (US$13.2 million) in funding from investors. Number26 has also earned a spot on FinTechCity’s 2016 FinTech50, a list of the hottest European businesses transforming financial services selected each year by a panel of experts.

Treefin’s API-powered personal financial management (PFM) solution

Germany-based Treefin is using APIs to offer customers single-view access to their capital investments, insurance policies, and bank accounts. APIs enable the company to integrate multiple data sources into its free digital finance app, which works across devices.

Bringing the user’s assets together will enable Treefin to analyze and make suggestions for optimizing individual financial returns. In this way, the company hopes to become a leading independent, trusted financial advisor for the digital age. “Say a customer is drawing on an expensive overdraft facility for an extended period,” says CEO Reinhard Tahedl. “We could recommend looking into short-term credits as an alternative.”

PSD2 will enable Treefin to expand its service area across Europe. “We see the biggest potential in leveraging data — that means bank data and additional data — securely and in a fast way via APIs,” says Tahedl. “This will give us a chance to deepen our customer relationships. If companies don’t use data to better understand client needs and to provide real solutions, their clients will stay away — not just from branches, but from any channel.”

Treefin seeks to be the go-to app for personal financial management

Founded in December 2014 by Andreas Gensch and Reinhard Tahedl, Germany-based Treefin aims to give European consumers a holistic view of their personal finances through a single app. The company’s app aggregates insurance, banking, and investment accounts and displays them on a dashboard that users can install across devices.

Says CEO Tahedl: “We believe that consumers lack an easy-to-understand overview of all their financial-services products,” and Treefin wants to fill that space.

Once Treefin aggregates a user’s accounts, the company can analyze the user’s financial position and identify opportunities to enhance it — through cost savings, better risk management, or enhanced earnings. Then Treefin can direct the user to an independent advisor or a comparison portal.

“Say a customer is drawing on an expensive overdraft facility for an extended period,” says Tahedl. “We could recommend looking into short-term credits as an alternative.”

Treefin intends to act as a consumer advocate. It will not sell financial products or services directly to app users or accept commissions on sales made to users. Instead, the company intends to generate revenue by providing leads to banks and insurance brokers. The company is also considering the introduction of a fee-based premium version of its app that will offer enhanced functionality.

“We want to be the trusted counterpart for our users in all questions relating to financial services,” explains Tahedl. “Therefore, we must be an independent service. We provide basic analyses that are easy to understand and that show a clear need for action. However, we do not push specific products. We aim to be an aggregator and act as an intermediary.”

Treefin’s rigorous data privacy policies reflect its concern with becoming a trusted advisor to its users. Users own all of their data, and the company strives to make the terms and conditions governing how Treefin uses the data easy to understand and always accessible on any device. Treefin believes that PSD2 will enable the company to expand its service area from Germany to across Europe.

In the first quarter of 2015, Treefin concluded a seed round in the mid-six-figure range with investments coming from finance, IT consulting, and industry. Since the app went live in Germany in October 2015, it has attracted several thousand users, and it currently aggregates 150 million customer deposits and more than 15,000 insurance contracts.

Satispay’s API-enabled payment solution

Italy-based Satispay is a free app that its customers can use to send money through person-to-person (P2P) technology and make payments to registered brick-and-mortar and online merchants. Its target is the small, repetitive payments, such as those made at coffee shops and fast-serve restaurants. It intends to capture them at scale by providing its app users with value-added convenience and its merchant partners with low transaction fees.

Satispay does not aspire to create a platform for other services. Rather, it plans a closed application service that is easily integrated into third-party networks and apps, as well as the point-of-sale systems of merchants. “We expect to use the new PSD2 standards and services to simplify the integration processes,” says CEO Alberto Dalmasso. “The key factor is to guarantee a client identification process that is simple and standardized.”

Satispay foresees PSD2 adding users to its API-enabled payment app

As PSD2 opens up banking infrastructure throughout Europe, Satispay is betting that it will find it easier and easier to expand the network of consumers and merchants that will make its payment app a ubiquitous feature on smartphones across the region.

“PSD1 has already facilitated and standardized payment transactions,” says the FinTech startup’s cofounder and CEO, Alberto Dalmasso. “PSD2 will make it even easier for us to create a better user experience for our app, thereby facilitating both adoption and usage, and making our service increasingly attractive to merchants.”

Dalmasso and his colleagues at the 3-year-old, Italy-based FinTech are striving to build a base of 15 million users for the free Satispay app by 2020. The app uses P2P technology to allow users to quickly and easily make mobile payments to brick-and-mortar stores and to each other. Moreover, Satispay’s payment-acquiring functionality can be easily integrated into third-party apps.

Satispay’s target market is brick-and-mortar businesses that handle small, repetitive payments for purchases often made in cash — gas stations, retailers, cafés, restaurants — as well as e-commerce merchants.

Satispay attracts users by enabling them to make cashless payments without fees. It attracts business customers by charging them no fees for payments of less than €10 (US$11) and a low, fixed fee of €0.20 per transaction for larger amounts. “Our focus is on simplicity and frequency of use,” says Dalmasso, who counts 75,000 users of the app, making six transactions a month on average.

In order to extend its reach, this FinTech doesn’t aspire to create or control an ecosystem, such as Apple Pay. “Satispay is a closed application that can be easily integrated into third-party software,” says Dalmasso. “We expect to take advantage of the new PSD2 standards and services to further simplify the integration processes. The key factor is to guarantee a client identification process that is simple and standardized.” These integration processes are streamlined and simplified through the development and use of APIs.

Satispay has raised €8.5 million in funding over several investment rounds.

Open Bank Project’s app and API marketplace

Berlin-based Open Bank Project (OBP) was founded by Simon Redfern in 2010. OBP has created an open source API platform and a community of developers, which banks can use to quickly and securely create new products and services. It also runs an app store, which gives banks access to third-party applications and services. And most recently, it has introduced an off-the-shelf API solution that banks can use to become PSD2-compliant.

OBP’s open source platform offers numerous benefits to banks, according to Ismail Chaib, the COO of boutique software engineering firm Tesobe, which initiated OBP. “First, the OBP solution is a rich set of APIs covering everything from access to accounts to geo-location and transaction data,” he explains. “Second, it is developer-friendly — offering interactive documentation and software development kits in multiple languages. Third, it gives banks access to a broad community of developers who are already busy working on APIs.”

Open Bank Project connects developers and banks on an open source API platform

Open Bank Project (OBP) is a Germany-based API provider and app store that enables financial institutions to quickly and securely build and enhance their digital offerings. It connects banks to third-party developers, applications, and services through an open source, API-based platform.

“We provide an open API solution that banks, developers, and other companies can use to build innovative applications based on a bank’s customer data,” says Ismail Chaib, COO of boutique software engineering firm Tesobe, which initiated OBP.

OBP also operates a technology provider and app store, white-labeling the OBP platforms and sandbox for financial institutions. The OBP API platform is installed between a bank’s core system and the third-party apps designed for use with the API. This allows banks to connect to apps that offer a better experience to their customers without having to invest time and effort to ensure compatibility.

“The bank not only gets a ready-made solution, but it doesn’t have to define which data to open up and it doesn’t have to maintain APIs,” says Chaib.

OBP’s platform also enables developers to write apps that can be used by many banks. Thus, many parties can gain the benefits from a more open environment for innovation, greater choice in products and services, and enhanced app quality.

“The OBP solution is not just a single API,” says Chaib. “It is a rich set of APIs covering everything from access to accounts to geo-location and transaction data.” It also recently introduced an off-the-shelf API solution that banks can use to become PSD2-compliant. In the near term, OBP is working to improve its PSD2 solution, to deploy its technology in more banks, and to continue building its developer community.

Figo’s banking-as-a-service platform

Figo is a Germany-based B2B banking service provider that is offering a platform for the exchange of bank data and functionality via its banking API. Specifically, Figo’s API consolidates data from numerous financial sources, such as banks and credit card companies, and provides third-party companies, banks, and FinTechs access to that data. In addition, Figo is offering its customers an API designed to fulfill PSD2 requirements, giving banks an alternative to building the regulation-required APIs in-house.

Operating in Austria and Germany, Figo plans to expand across Europe. The company’s strategy is to be a prime banking service provider. Its value proposition includes its PSD2-compliant solutions, independence, noncompetitive neutrality, and the reach and scale of its network of developers. Currently 750 developers are working on Figo’s platform, which manages 43 million API requests a month.

“Our aim is to provide our customers with high-quality services via a central, safe, and regulatory-compliant platform,” says CEO André M. Bajorat. Compliance mainly refers to IT security, data protection, and other PSD2 license requirements. “This offering could go beyond data and functionality API. We could also see ourselves running an app store under the company name or a ‘white-label’ store in which banks and other developers can publish their products and services.”

Bajorat believes that B2B and B2C customers will increasingly look to aggregators, such as Figo, to shop a broad selection of banking service solutions. “Banks may still hold account relationships and provide products, but they will be in a more competitive situation, and they will need to ensure that their products and services are best in class and that their infrastructure functions flawlessly,” he says.

Figo believes open APIs are the future of banking

When Germany-based Figo was founded in 2012, its initial business plan focused on a consumer app that would allow users to access their bank, credit card, and financial accounts all in one place. But Figo soon realized that the API it was developing to power its app held the key to a different market. Instead of competing with banks and other FinTechs to become the preferred financial app among Europe’s consumers, Figo — the name a derivation of “finance on the go” — refocused and transformed its API into a “banking as a service” platform for its former competitors.

“As we aim to become Europe’s first regulated banking service provider, we facilitate the exchange of bank information by leveraging APIs,” explains CEO and cofounder André M. Bajorat. “Our API consolidates data from numerous financial sources, such as banks and credit card companies, and provides access to that data.”

Figo’s API already connects its customers’ businesses to more than 3,100 banks and financial-services providers, which collectively represent more than 55 million individual bank accounts in Austria and Germany.

The company expects banks and other players in Europe’s banking sector to be fully occupied by the heightened competition for consumers that PSD2 will generate. As a result, they will need aggregators, such as Figo, that can provide products and services, and infrastructure that operates without a hiccup.

Offerings “could go beyond data and functionality APIs,” says Bajorat. “We also could see ourselves running an app store under the company name or a ‘white label’ store.” Becoming a provider of APIs brings with it a risk of commoditization, but Bajorat is confident that Figo can successfully manage that risk by creating a high-quality platform — it has a community of 750 developers working on that platform. Currently, Figo is fulfilling 43 million API requests a month in Germany and Austria. And it plans to be doing business across Europe soon.

The companies above each embody a different strategic rationale and generate value in a different way, but each is also an example of a first-mover FinTech or bank that has already embraced open infrastructures and APIs. As customer-centricity, innovation, and time-to-market become ever more important, companies like these — that are able to successfully adopt API-driven and partner-based strategies — will increasingly move toward center stage.

Choosing the right strategy

Open infrastructures will drive digital businesses for years to come, and they will continue to blur the boundaries between industries. Banking is already experiencing the disruptions this has caused. The leading banks of the future will be those that can frame a timely strategic response to this disruption. They will holistically address customer needs by developing modular solutions that use APIs to connect data, products, and services drawn from across the financial-services sector, and other sectors as well. In doing so, they will capture customer insight and transform it into ever more compelling solutions.

There is no universal answer to this strategic challenge (see Exhibit 5). Not every bank will have the capabilities and structural preconditions necessary to build a full-fledged digital platform, for instance. But this does not mean that they should not or cannot use APIs and open infrastructures to create value.

Exhibit 5: How will your bank generate value in an era of open banking?

How will your bank generate value in an era of open banking?

PSD2’s mandates are set to take effect in 2018, but banks do not have the time to wait and see what the implementation will bring. Instead, they should treat the new directive as a catalyst to begin formulating a differentiated and value-generating strategic response of their own as soon as possible — a response that fits their unique value proposition, capabilities, and service offerings.

The only truly relevant question for European banks at this juncture is whether they will choose to lead and shape the future of open banking or be reduced to regulation-bound providers of commodity services to other, more visionary companies.

Methodology: The PwC Strategy& PSD2 study

In the first quarter of 2016, after the adoption of PSD2, Strategy& undertook a comprehensive analysis of the new directive to answer the following questions:

  • What is the likelihood that consumers will adopt services offered by nonbank competitors?
  • How do Europe’s banks perceive the effects of PSD2?
  • How much new competition — from FinTechs and other nonbank players — will arise from PSD2?
  • How can banks benefit from the opening of data and standardized interface mandated by PSD2?

To gain the customer perspective on the above questions, a representative survey of 1,000 consumers in Germany was conducted. To capture the industry perspective, we interviewed senior representatives of 30 leading banks in eight countries (Austria, France, Germany, Italy, Netherlands, Spain, Switzerland, and the U.K.). Further, the perspectives and case studies of a representative group of European FinTechs that are already leveraging APIs and data in innovative ways were researched and compiled. The findings were analyzed and evaluated by regulatory, digital, and strategy experts at Strategy&.


  1. PayPal operates under a banking license, but because it is not a traditional account-holding bank in consumers’ minds, we define it as a third-party provider here.