A debate has raged for some time as to whether fintech companies are friends or foes to financial institutions. In our view, the question itself is a cynical oversimplification of the situation. While there are some aggressive startups intent on stealing business from financial institutions, there are more fintechs that want to partner with banks and credit unions to help them modernize their service offerings.
The good news is that many of the fintechs that started out wanting to compete with financial institutions seem to be moving toward middle ground and the partnering model. Having learned some hard lessons in the marketplace, more of these fintechs have come to appreciate the value financial institutions bring to the party in terms of customer access, a robust compliance backbone, and an ample balance sheet. For their part, banks and credit unions are realizing that without fintechs, they may be unable to modernize their aging systems in time to keep customer attrition from taking its toll.
Even as this fledgling détente continues to play itself out here in the United States, there are developments in the European Union that could test these new alliances. Our latest SRM Academy report explores this topic in detail, but here are some highlights.
It Can’t Happen Here, But Might Anyway
Those who follow EU banking developments are likely familiar with terms like PSD2 and GDPR, both of which took effect earlier this year. The foundation on which the General Data Protection Regulation (GDPR) is built clearly establishes that consumers own all personal data, regardless of where it presides. Although the rule applies only to EU residents, the effect of GDPR was seen all over the world in the form of disclosures about data ownership that showed up in pop-ups, links and redirects on millions of websites.
Data ownership is also a driving factor behind the open banking EU regulations, a means to foster financial services innovation and competition. The concept is that if a bank customer grants permission to a non-bank to leverage his or her data, the bank must not only comply, but must enable convenient access (often through APIs, or Application Programming Interfaces) to that data. With these open banking mandates still in their early days, the full operational impacts are not yet known. However, the potential impact on financial institutions is clear: non-bank entities – including FinTechs – will be able to compete more effectively for end users. Evidence of this can be seen in the number of EU “challenger banks” and related entities that have appeared, a few of which (such as Revolut and Klarna) have expanded to the United States.
The prospects for a U.S. version of the open banking mandate are cloudy at best. The United States already has nearly a hundred times more banks than the EU, so competition is not as big an issue. And given the state of Congress, it’s hard to imagine a law imposing such onerous demands being passed. Nonetheless, the emergence of APIs and the appetite of many large banks to strike data sharing agreements with big players like Intuit make it easy to envision a market-driven endgame that winds up looking reasonably similar to the EU open banking model.
Using the Rules to Your Advantage
Unlike their EU brethren, U.S. financial institutions are under no obligation to share data with third parties. That does not mean they should stick their heads in the sand and let the industry innovate its way around them. One need only look at the traction of products like Venmo, Mint, and SoFi to realize the cost of inaction.
Financial institution leaders should realistically assess how well their current offerings align with customer expectations, how quickly they can bring new functionality to market (with and without outside help), whether any existing non-bank solutions can help close these gaps, and whether acceptable terms to integrate such solutions can likely be reached. It is possible that, under the right conditions, an open banking model could prove to be beneficial to institutions.
I hope you’ll take the time to read our latest SRM Academy report, which further addresses APIs, GDPR, PSD2 and how U.S. banks and credit unions can leverage these trends to modernize their product suites.