©2020 Aite Group LLC.Page 1
How to monetize APIs in the emerging world of open banking
Ron van WezelSenior Analyst
Nate DudekChief Technology OfficerPayveris
May| 2020
Sponsored by
TRUSTED BY 250+ FI CLIENTS
PARTNER NETWORK
INDUSTRY PARTICIPATION
INDUSTRY AWARDS
2018 Best in Show
2019 Best in Show(Backbase Collaboration)
Intelligent Digital Payments…Made Simple.
THE MOVEMONEYSM
PLATFORM
Simplify
Control
Extend
OPEN API | CLOUD BASED | DIGITAL PAYMENTS AND MONEY MOVEMENT HUB
©2020 Aite Group LLC.Page 3
AGENDA• Introduction to open banking
• Results of Aite Group’s API monetization study
• Recommendations
©2020 Aite Group LLC.
Introduction to open banking
©2020 Aite Group LLC.Page 5
Evolution of bank product/service distribution
Branch banking•Bank products
developed in-house•Physical distribution
delivered by the bank
Web banking•Bank products developed
in-house•Online distribution
(browser) delivered by the bank
Mobile banking•Bank products
developed in-house•Distribution via native
apps delivered by the bank
Open API banking•Products either
developed in-house or sourced from other financial service providers via APIs
•Distribution via open APIs, creating an ecosystem of third-party developers
The use of APIs allows a bank to decouple its internal environment (resource layer) from the customer-facing apps (client layer). The distribution of bank products is changing to an "API first" model as the next step in the evolution of bank distribution models.
©2020 Aite Group LLC.Page 6
Open banking will transform any business area of the financial services space, with payments being impacted the most
• Following the EU example of PSD2 and GDPR, regulators around the world are mandating consumer access and control over their own data. This is changing the closed “custodian” model of banking to an open banking model.
• Open banking regulation allows third-party access to bank accounts, opening opportunities for new entrants to innovate and compete with incumbent banks.
• Open APIs enable banks and PSPs to connect with an ecosystem of fintech partners, distributing bank products through this new channel. This will help them deliver superior customer experiences and extend client reach.
Consumers will own their data and control its use
Bank distribution model is changing to “API first”
Open banking will increase competition by new players
• In Europe, PSD2 will create innovative account-based payment models using payment initiation services (PIS). PIS look attractive to merchants as they provide faster funds and irrevocable payments, and likely at a lower cost than card transactions.
PSD2 may transform European payments
Networks are opening up to external developers • Networks make core payment capabilities available to third-party developers through APIs.
APIs are the new corporate rails
• APIs are the de-facto channel that banks use to connect to their corporate clients.
©2020 Aite Group LLC.Page 7
APIs exist at different layers
• System layer: lowest level APIs that allow clients to develop and fully tailor their own customer experiences.
• Process layer: bundle of system APIs + orchestration. Simplified access.
• Experience layer: packaged API that provides a full service, e.g., account opening API with a single call for KYC and other services to provide the full customer lifecycle.
Large banks tend to develop in-house and use the system level APIs. Fintechs use more the process and experience levels.
©2020 Aite Group LLC.Page 8
Global open banking initiatives
Source: EY, Aite Group
©2020 Aite Group LLC.Page 9
Poll: your view on the adoption of open banking
©2020 Aite Group LLC.Page 10
Source: Aite Group
App market Distributor Aggregator
• Expose bank services through open APIs to third-party developers
• Create ecosystem around bank services
• Charge API calls or revenue share if third party brings clients
• BBVA app market, Starling Bank Marketplace
• Integrate/bundle external financial services with own offerings
• Deliver best-in-class products with partners
• Revenue share from service providers; new customers
• N26 partnering with TransferWise, Vaamo, Raisin, and others
• Aggregate multiple APIs from financial service providers into a single API
• Reduce complexity and improve time to market for TPPs
• Service and transaction fees
• Token.io, Figo, TrueLayer, Yodlee
• Offer open banking platform, including APIs to other financial institutions
• Enable banks to accelerate their digital strategy
• Subscription fees, transaction fees
• BBVA, Fidor, SolarisBank
Banking as a service (BaaS)
Description
Value
Business model
Examples
Open banking business models
API monetization study
©2020 Aite Group LLC.Page 12
Background for the study
• Aite Group developed a study with global banks and technology companies on API monetization models. This study provides insights into the main API monetization models that are used within the financial industry and outline best practices of how the contractual agreements around the use of APIs are structured between companies in the value chain.
• The goal of this research was to better understand how open banking and application programming interfaces (APIs) can be monetized, i.e., which fee/revenue share models are available (such as subscription, volumetric, license and maintenance models).
• Such agreements include examples in which multiple parties are involved, e.g., a bank licensing an API from a provider, and a company consuming this API from the bank to serve its customers.
©2020 Aite Group LLC.Page 13
Digital payments are the priority for API monetization
• Payments domain is highest priority. Many respondents ranked payments as the number 1 monetization opportunity. Regulatory compliance (e.g., PSD2) presents primary trigger. Digital consumer was also ranked highly. There was less demand for branch transformation APIs.
• Consumer APIs are leading, but commercial is the new frontier. Today’s focus is on the monetization of consumer APIs, but increasing demand is expected for commercial applications. Monetization of commercial APIs also provides higher ROI.
• APIs may be packaged together to provide a service, for instance a banking-as-a-service platform will provide a combination of digital commercial, account opening and payments APIs to fintechs.
Source: Aite Group interviews with digital banking executives, October to November 2019
2
3
3
5
1
1
1
1
2
2
1
1
2
1
2
1
1
2 Branch Transformation (re-imagining,restructuring the branch)
Digital Lending (as differentiated fromdeposits)
Digital Consumer (i.e., B2C)
Digital Account Originations (onlineaccount opening)
Digital Commercial (i.e., B2B2C)
Digital Payments (any moneymovement for payment purposes)
Q. What are the API domain categories in banking you are monetizing?(N=9)
Priority 1 (highest) Priority 2 Priority 3 Priority 4 Priority 5 Priority 6
©2020 Aite Group LLC.Page 14
Subscription/volumetric models are the preferred API monetization models
• Volumetric/subscription model is the leading model for banks and solution providers. This means a fixed subscription fee with tiered volume-based pricing (for cloud-based services).
• Solution providers often require multi-year commitments from their clients, true “pay as you go” contracts are rare.
• Banks see APIs as a delivery channel for bank products, their strategy is not to monetize their APIs but leverage them as critical delivery channel for data and services most desired by their clients. While the delivery channel (i.e. API) itself is not monetized the underlying data, product, solution or service is monetized.
• Pricing needs to be simple, don’t implement a separate pricing scheme for each API.
• Cross-selling/revenue share models are emerging. Banks claim a share of revenue to 3rd party access to customer data, or they share revenue with financial partners when banks resell their products. However the industry is used to traditional volume-based pricing models and companies still have to catch-up with new API monetization models.
Source: Aite Group interviews with digital banking executives, October to November 2019
1
1 1
1
Cross-selling
License &Maintenance
Freemium
Subscription/Volumetric
Number of responding banks
Q. Which business models does your organization use (or plan to use) to generate revenue from APIs (identify all that apply)?
(Banks N=3)
Priority 1 (highest) Priority 2 Priority 3
1
1
5
2
1
1
1
1
Cross-selling
Freemium
License &Maintenance
Subscription/Volumetric
Number of responding fintechs
Axis
Titl
e
Q. Which business models does your organization use (or plan to use) to generate revenue from APIs (identify all that apply)?
(Fintechs N=6)
Priority 1 (highest) Priority 2 Priority 3
©2020 Aite Group LLC.Page 15
Backend Efficiencies and Cost-Savings
DIGITAL BANKING MOBILE BANKING 3RD PARTY
BILL PAY
BILLPAY
BACK OFFICE
MONEY MOVEMENT
FRAUD MANAGEMENT
A2A
A2A
BACK OFFICE
MONEY MOVEMENT
FRAUD MANAGEMENT
P2P
P2P
BACK OFFICE
MONEY MOVEMENT
FRAUD MANAGEMENT
DIGITAL BANKING MOBILE BANKING 3RD PARTY
BILLPAY A2A
P2P
P2P
BACK OFFICE
MONEY MOVEMENT
FRAUD MANAGEMENT
Open APIs
Loan Payments B2B
Exposing banking services in APIs can eliminate the need for employees to manage multiple disparate products –recognizing cost and operational efficiencies on the back-end and ability to provide better, faster customer service
Product Centric API Centric
©2020 Aite Group LLC.Page 16
Backend Efficiencies and Cost-Savings
Integration and maintenance cost-savings are also commonly recognized as part of a platform strategy:
• Third-party developer self-service portals put the tools in the hands of the integration partner, which can require fewer resources, decrease the complexity of an integration, and reduce time-to-market for new solutions.
• The natural flexibility, configurability, and extensibility of an API-centric approach can lower the costs of complex one-off customizations with partners or service providers.
©2020 Aite Group LLC.Page 17
Poll: your view on ROI for API deployment
©2020 Aite Group LLC.Page 18
Multi-party partnership models are increasing API adoption
Multi-party partnership models (e.g., B2B2C)- yet immature- are emerging, and drive API adoption:
• Technology vendors license their APIs to banks and other consumers of their APIs. The bank may freely use the API for internal purposes, but the vendor wants to control the use of the API with third parties. The contractual arrangements include IP rights, terms of use, indemnification, and privacy policy. The terms and conditions will be passed on by the bank to the third party.
• The commercial arrangements made by technology vendors are bilateral, i.e., between the vendor and the bank, and between the bank and the third party. It is considered too complicated to have multi-party commercial contracts.
• Banks may offer their own APIs freely to customers and their preferred third parties. The API itself is not monetized but is considered a delivery channel for the bank’s services.
• New models are appearing that didn’t exist 4-5 years ago. Multiple APIs from multiple providers are packaged in a single license for a fintech to use and develop an app. For instance, Morningstar, FX and bank APIs packaged together to provide an investor experience.
©2020 Aite Group LLC.Page 19
Multi-party partnership models are increasing API adoption (cont.)• When banks have to share data for regulatory-based APIs, they have no choice and are more flexible. But
for whatever goes beyond regulatory compliance, the bank is the owner of the data and wants share of results.
• If fintechs develop apps for purchase which are enabled by a company’s APIs, these apps may be licensed directly to purchasers, or licensed to purchasers by the fintechs. Both models occur.
• Different monetization models are used, including direct models (mainly subscription) and indirect models (KPIs: customer adoption, stickiness, attrition). Banks are beginning to exploit revenue share models.
©2020 Aite Group LLC.Page 20
Data sharing and protection requirements
Accountability of API data sharing and protection is a business prerequisite:
• The GDPR sets the standard for data protection globally. In GDPR terms, the bank is the data controller. The vendor will have a role as data processor if they offer cloud services.
• Technology vendors do not share customer data unless explicitly instructed by the bank. The exception is aggregate data that is not linked to a single user. Vendors may also enrich data on request of the bank.
• Banks are very cautious as it comes to data sharing. There is a strong emphasis on customer consent and rights management when banks share data, and vendors are facilitating that.
• Third-party apps are vetted by dedicated teams to make sure that the platform remains secure.
©2020 Aite Group LLC.Page 21
Consumer Demand: Privacy and Accessibility
While consumers are demanding privacy and control over their data, they are also demanding accessibility to their data:
• Consumers want to leverage the convenience of aggregators, personal financial management tools, and other services.
• Without open banking APIs, these solutions have reverted to inefficient, error-prone approaches like screen-scraping.
• The current solutions often rely on collecting credentials from the user, which can open up security concerns.
©2020 Aite Group LLC.Page 22
Security and Fraud Concerns
APIs create a new attack vector for hackers and fraudsters. Authentication, threat detection, and fraud prevention need to be first-class citizens in your API solution:
• Since you may not be interacting with the consumer directly, you can’t solely rely on traditional product-centric authentication approaches like device IDs and multifactor authentication.
• Analyzing user activity and behavior and looking for abnormal activity can speed detection and automatic decisioning to disable access, alert personnel, or stop transactions.
• Third-party datasets and tools can augment your own monitoring to provide a comprehensive view into user activity
• Utilizing standard API access mechanisms, like Oauth and OpenID Connect, helps limit authorization and make it more difficult for hackers to gain access to large datasets.
• Implementing a least-privilege access approach and regulating identity and access management (IAM) is critical to ensuring that users, systems, and financial institutions themselves only have access to the data they absolutely need.
Recommendations
©2020 Aite Group LLC.Page 24
Recommendations While consumer APIs are leading today, increasing demand is expected for commercial applications.
Companies should invest in the monetization of commercial APIs which also provide a higher ROI.
Keep API pricing schemes simple. Banks are still catching up with API monetization and business models should align with current practice.
Custom your APIs to different audiences. Large banks may want to build their own tailored solutions using system level APIs, while fintechs may prefer a single API that provides the end-to-end customer experience.
Banks require strong customer consent and rights management to help them protect customer data when shared over APIs, and they should look for solutions that support that requirement.
Interest in B2B2C models is growing and requires careful attribution of responsibilities, accountability, interoperability between partner systems, and clear establishment of compensation schemes.
©2020 Aite Group LLC.Page 25
About Aite GroupAite Group delivers research and guidance to leading institutions and technology providers across the global financial services industry. With expertise in banking, payments, insurance, wealth management, and the capital markets, we guide financial institutions, technology providers, and consulting firms worldwide. We are dedicated to helping our clients make smarter decisions, faster, to strengthen and grow their business.
About PayverisPayveris is the creator of The MoveMoneySM
Platform, an Open API cloud-based platform that enables financial institutions to control, simplify + extend digital money movement capabilities to any application or device while lowering user experience friction, significantly reducing operating costs + future-proofing the IT investment. The enterprise platform supports a wide range of money transfer capabilities including consumer and business bill payment, P2P payments, A2A/External Transfers, eBillpresentment, loan payments, and B2C disbursements.