Skip to content

The API-Driven Expansion of Banking

November 5, 2020

Financial services aren’t just offered by financial services companies anymore. There are a few ways in which banks are expanding their reach by opening their systems to third parties via financial data APIs. The rise of banking as a service (BaaS) has allowed just about any company to expand its offerings to include financial products, but there are a few API-driven ways in which banks are connecting with third parties.

How APIs are connecting banks to third parties

There are three primary types of API-driven connection between banks and third parties:

  • Open banking: Regulation-driven connection in which banks have “open” APIs for approved third-party providers (TPPs) to connect to banks’ data
  • BaaS: Banks connect their financial products and services to third parties via an API; the third parties (fintechs and companies operating outside the financial sector) use the API to build banking services into their product
  • Platform banking: Banks integrate fintech applications with their own products via APIs

What is driving the connection?

  1. Regulations (PSD2-driven opening banking regulation)
  2. Reduced customer switching costs
  3. Massive influx of fintech funding 
  4. Increasingly digital-first customer base

Banks aren’t opening their doors and giving away pieces of their market share because they’ve suddenly become altruistic enterprises. They’re being forced to engage with their competitors by natural market developments and regulators with an eye on increasing competition. An increasingly digital-first, or digital-only, customer base is looking outside the traditional banking industry for their financial services needs. Switching costs are lower than ever for customers in the digital sphere, and the ease with which they can use multiple financial products from multiple providers means more difficulties for incumbents looking to retain their customers. A steady increase in fintech funding has also put the pressure on incumbents to innovate and forge partnerships to reach their digital-first customers where they live their financial lives.

The COVID-19 crisis has accelerated the rate of digital transformation within the banking sector particularly and has forced banks to focus on their digital presence and product lineup—or seek out partnerships with companies that are digital natives. On G2, we saw a 133% increase in traffic to the Financial Data APIs category from December 2019 to July 2020. 

G2 traffic to Financial Data APIs categoryG2 traffic to Financial Data APIs category

New regulations, such as PSD2 in Europe, have mandated that banks open their datasets via APIs. The goal of the regulation is to spur competition within the banking industry by allowing fintechs to develop applications that meet consumer needs, as determined by the consumer datasets the application development is based on.

While open banking has not been written into law in the U.S., American banks are still opening their systems to third parties (typically financial data aggregators, fintechs) via APIs. They do this to stay in front of a wider base of customers. Yes, they lose out on the lion’s share of the revenue to the vendor whose application the customer is using, but they stay in front of an increasingly digital-first consumer who values convenience above most things.

Financial data aggregators are some of the most visible players in the industry of banking data connection. The data aggregators, like Plaid, sell access to banking data to fintechs and developers. In the U.S., unlike in Europe, regulators haven’t directed banks to open their datasets, so banks are reliant on data aggregators to provide connection to fintechs through easy and organized access to consumer data.

The risk for incumbents is that they may end up being used for their banking license and get left far behind their innovative cousins in the fintech world, whose applications bring intuitive UI/UX (user interface/user experience) and valuable insights based off of the incumbents’ customer data. However, the immense difficulty inherent in the process of obtaining a banking license protects banks and legacy financial institutions. While Square recently got a banking license, as did Varo, and other fintechs may opt to take the same path, the reality is that it remains quite difficult to get approved for a banking license.

Given the increased amount of risk in operating as a bank and difficulty in becoming one, a strategy mirroring Google’s expansion into banking services via its partner banks will likely continue to be the standard. The competitive moat for banks remains wide, and these partnerships between financial institutions and financial data aggregators are mutually beneficial. Banks get access to the digital infrastructure needed to maintain and increase their customer base without having to build out a worse version themselves. Their partners get the opportunity to expand into financial services without going through the torturous process of applying for a banking license.

Risks and questions about the newly connected banking world

These new connections to third parties—tech companies or financial data aggregators—bring an increased amount of risk into the fold for banks. Some banks (JPMorgan Chase and Wells Fargo being two prominent examples) are signing agreements with financial data aggregators like Plaid to protect themselves from the increased risk. These agreements pass the risk onto the aggregator, limit data collection to APIs instead of screen scraping, and give customers full transparency and control as to what data is being accessed.

However, currently, there is a patchwork of different agreements and a distinct lack of standards when it comes to data sharing practices. Steps are being taken to templatize these agreements because the API approach is prolific but will continue to be the approach to data connection moving forward. Groups like the Financial Data Exchange (FDI)—a nonprofit consisting of major banks, data aggregators, and fintechs—are working on frameworks that promise to standardize, regulate, and control the unprecedented access to data that’s been prompted by the evolution of the financial system.

The advent of APIs in the financial services world raises an interesting question about data ownership and protection. Similar questions have been raised and debated in the healthcare sector. Who owns customer data? There have been pushes for consumer ownership of their own data, with the companies they entrust the data to acting as stewards. With stewardship comes a certain duty of care. Customers currently have to weigh their desire for convenience against concerns about where their data is being stored, how and to whom their data is being shared, and how secure it is. The onus is on regulators to ensure that customer data privacy and security is baked into the standards being set for banks’ connections to third parties. Screen scraping is slowly but surely becoming a relic of a bygone era, with good reason, but connections to third parties mean an increased attackable surface that needs to be dealt with.

Find the best Financial Data APIs, here.

The future of banking

Financial services will continue to become an increasingly digital industry with significant API-driven connections to fintechs and other tech companies. These third parties will leverage either the banking license or the customer data of the incumbents to produce products, provide customers with data-driven insights, and offer financial services where previously they were unable to. In return, banks get to use the digital infrastructure of their partners to reach more customers and stay relevant in an age where switching costs for financial services are quite low and customers have more options than ever.

In short, the landscape will continue to evolve drastically, and banks that don’t adapt to the changing environment will struggle to survive.

Read more: The Importance of Fintech in a Remote World

Don’t fall behind.

Subscribe to the latest software news & updates from the expert analysts at G2.

By submitting this form, you are agreeing to receive marketing communications from G2.