The second Payment Services Directive (PSD2) is especially relevant to consumers and businesses in the UK as it has been augmented by the Competition and Markets Authority’s (CMA) Open Banking initiative, designed to increase innovation and improve competition in retail banking. This required the nine largest current account providers to make secure access to specific current accounts available to authorised third parties by January 2018 for reading transaction data and initiating payments.
A survey of UK and Irish consumers by Accenture in conjunction with University College Dublin suggested businesses would be heavy users of services offered by account information service providers (AISPs), given their tendency to be multi-banked and their need for real-time account information to give them visibility into their financial position.
But despite the CMA revealing its plans for open banking in August 2016, the 13 January 2018 deadline for PSD2 did not herald a flurry of new services. Indeed, a survey of major UK retailers published by Consult Hyperion and CCgroup just days earlier found that a third were unaware of the impact of PSD2 on their business and that only 16% were seeking to take advantage of the new rules, under which third parties (including retailers) can be granted access to bank accounts to initiate payments and source customer data.
One of the changes that has taken effect is that retailers are no longer allowed to levy an additional charge on customers who pay by credit or debit card. Deloitte’s UK head of payments, Stephen Ley, notes that many retailers have dropped surcharges, while others are looking at introducing booking fees applicable to all transactions, withdrawing card acceptance or simply absorbing the loss of revenue.
Other, less favourable outcomes from the consumer’s perspective include spreading card costs across all consumers through a fixed administration or service fee, or through price increases, says Jeremy Light, head of Accenture payment services in Europe. “Those paying with their own funds will therefore subsidise those on credit. We could see an increase in people opting to pay with credit where they are no longer hit with a surcharge,” he adds.
As payment initiation services become more acceptable to customers, we can expect more merchants to take advantage of these services to replace card transactions, says Ley. “We can also expect easier person-to-person payments via integration with social media sites.” However, in store, the immediacy and ubiquity of cards means alternatives will be slower to emerge, suggests Richard Ransom, head of business development at Bottomline Technologies.
According to Naomi Bowman, managing director at Berkeley Research Group, the next potential area of disruption relates to charges levied on bank customers for withdrawing cash from ATMs abroad or purchasing items via their debit/credit card internationally. “Foreign exchange charges are expensive and some of the new market entrants (such as Monzo) are already offering tech savvy consumers an alternative,” she says.
Consumers won’t see a dramatic change, but Light expects banks, retailers and other third parties to introduce targeted products for consumers. “The success of Open Banking hinges on consumers embracing it and for that, banks, retailers and other third parties need to build secure and trusted platforms,” he says.
New and secure
Naturally, security is fundamental to the success of Open Banking services. Almost all the consumers surveyed by Accenture said any new payment service must be at least as secure as the current method they use to undertake transactions.
An important factor is how consumers will be compensated if their money or financial data is lost by a third party. Simon Deane-Johns, consultant solicitor at Keystone Law, notes that PSD2 builds on the framework for apportioning liability between payment service providers and their customers and provides for rights for those providers to obtain contributions from each other.
Card schemes operate on similar lines in terms of apportioning responsibility among those processing data, he explains. “These liability arrangements are underpinned by technical standards for customer authentication and secure communications, as well as storage of sensitive data.”
Open banking service providers will be regulated and are also subject to data protection requirements, including the new General Data Protection Regulation (GDPR), which comes into force in May. ICAEW risk and regulation manager John Mongelard suggests consumers are less likely to lose confidence in an organisation that loses sensitive personal data than might be expected, referencing the case of TalkTalk. In 2015 the telecoms company was hit by a cyberattack that compromised the personal details of more than 150,000 customers as well as partial financial information related to more than 15,000 accounts. It was found to have placed personal data from 21,000 customers at risk.
“Those incidents did not lead to massive numbers of customers taking their business elsewhere,” Mongelard says. “The price offering was clearly sufficiently attractive to retain customers and suggests that users are more price sensitive than ‘trust sensitive’.”
Ransom agrees that new services will take time to emerge as providers earn trust. “The ability of AISPs and payment initiation service providers to persuade consumers to share their account information will depend a lot on the strength of the brand offering the service,” he says. “Trust will be built over time. It won’t be a big bang.”
When Accenture asked consumers to rank the companies they would trust to initiate a payment on their behalf, just over three-quarters (76%) chose traditional banks, with online retailers the second option. These figures suggest that companies that are not already linked with payment activities in consumers’ minds may struggle to gain customer confidence.
According to Deane-Johns, banks are gradually being relegated to the back office of most financial services as more nimble operators and those with better, large-scale customer relationships expand their offerings.
The ability to offer account information services and payment initiation services from outside the existing payments sphere plays to the strengths of major online retailers, digital content platforms and social network service providers, he adds.
“Many people in the payments space mistakenly view customer behaviour solely through the lens of payment services,” says Deane-Johns. “People and businesses don’t engage in ‘banking’ or ‘paying’ or ‘balance checking’ as activities in their own right, but as part of wider activities.”
He suggests that the tendency for online retailers, digital content platforms and social network service providers to add and improve features quite quickly in response to demand (or complaints) and to proactively improve customer experience and convenience has earned many of them a reputation as “facilitators” of what their customers need or want to do.
Incumbents – especially the high street banks – are already concerned about potential loss of revenue from new services being developed by third parties, so will undoubtedly develop their own new services over time, explains Clear Books CEO Phil Sayers.
“However, incumbents are likely to still be affected by new operators and services, not least because the big banks are much slower at developing and delivering new products. Once customers switch to a service they perceive to be more attractive, getting them back will be a real challenge.”
Mongelard refers to the forced separation of retail and investment banking activities in the UK. “This will encourage people to consider alternatives to their existing bank, and the switching incentives on offer from established banks are increasingly attractive,” he says. “There is nothing to stop new entrants offering similar enticements, although since start-ups tend to be cash poor they may struggle to match the incentives already on offer.”
Consultant Bob Lyddon, who is co-ordinator of the IBOS Association secretariat, is even more pessimistic. “Third party providers will prove a damp squib. We are still almost two years away from the mandated European technical and operational solution as to how these providers should link to banks. Open banking is mandated on nine UK banks and may be inadequate anyway,” he says.