Banking and PSD 2: when regulation brings disruption

Today I had the opportunity to participate in the third Mastercard Innovation Forum, an event I took part in last year, and which although it has a fundamentally technological agenda, this year’s main theme was the impact of the Payments Services Directive II (PSD 2).

In my presentation, I highlighted the role of regulation as a driver of innovation: it was not my task to go into detail on the impact of PSD 2 on banking, but instead to talk about its origins and its possible disruptive role: in a very few years, payments operations have gone from cash and card payments using a swipe to a complex ecosystem in which many different players are trying to attract customers to their systems and that requires an overhaul of the original PSD to meet current legal requirements. In addition to the usual participants, we now have a plethora of companies in the field of fintech from technology, social networks and messaging systems, all looking for a place in the post-cash world.

Overnight we now have devices such as a Square or iZettle, along with applications such as Venmo and the entry of companies like Apple, Google or Samsung, as well as payment systems between individuals through instant messaging or wonderfully simple methods such as Pay with your Face that Square briefly tested in San Francisco.

PSD 2 is now relatively well-defined, although its deadline is pressing: it may not have been decided whether it will be written with Roman numerals or numbers, and while some of its articles, such as 97, are about tough authentication, it is likely to become law by January 2018, and its impact will be felt over the next year. One thing is clear: the aim of the regulator is to generate as much competition as possible, with many more players in an open environment with clear rules, meaning the banks will have to accommodate competition, whether they like it or not.

In many ways, PSD 2 is a kind of “uberization” of the banking sector, albeit it with some differences: the first and most evident is that while taxi drivers did not know what was round the next bend, the banks have had warnings of all kinds and have been able to think about adapting to the impact of legislation that will bring competition to their sector.

The second thing is that while taxi drivers bring cities to a halt, throw stones and smash up the competitoin in order to coerce the authorities to maintain a status quo that suits them (and no one else but them), banks do not, as a rule, stoop to such measures, and will be limited, at best, to employing some delaying tactics. But in essence, it’s the same thing: an activity once dominated by a certain group of players suddenly opens up to competitors from different areas.

Are the banks ready for this? My impression is not as much as they should be, given the notice they’ve been given. The future requires a level of digital transformation that the banking sector is still far, with exceptions, from having reached. That means customers who want purely digital contact, generation and processing of data to be analyzed by algorithms and machine learning that offer better quality service, and of course, the development of platform-based models that can accommodate not only what the competition the bank is obliged by law to accept (and in many cases, without cost), but also many other possibilities that depend, if they want a dynamic environment, the ability to attract other companies and developers.

For many banks, the possibility of converting their activity into standardized APIs that allow the interconnection of third parties — something that, I repeat, they will have to do by law will be hampered by a remarkable technical debt due to legacy systems that will be nigh impossible to update… in addition to a poor understanding of the needs of their customers and a mentality anchored in the past. I

Are the banks in a position to change their mentality and turn an apparent threat such as PSD 2 into an opportunity? The answer is obvious: not all banks are, and possibly, those who are or claim to be are in the minority. As such, appeals for calm or studies that claim users tend to trust banks more than other types of companies or ideas along the lines of “everything is under control” could end up doing more harm than good, and lead to the kind of conformism that has taken place in other industries … before the storm hit.

Are the banks ready for the new scenario PSD 2 supposes? Few. And even those are not fully ready. I am concerned about the low penetration of sophisticated machine learning to help detect fraud, which could offer a real competitive cost advantage in costs, but that are still not widely used.

My impression? That very soon, the new players working solely on payment will have built up a client base in some sociodemographic segments and some products, and will have become a growing worry. If that does happen, we will be talking about the disruption of a sector that has failed to see the writing on the wall and has no idea what is about to hit it…

(En español, aquí)

Professor of Innovation at IE Business School and blogger at