If the rise of application programming interfaces (APIs) have found success in some corners of business, bringing third-party programs and services together to help create new business models, then some verticals, such as financial services, have been relatively slower in adapting to and adopting the technologies.
A white paper that debuted last week from SWIFT delved into the fact that financial institutions (FIs) have been late to embrace APIs, but “are catching up fast,” and have been spurred by regulations spanning PSD2 and Open Banking. With the advent of APIs, according to the research, companies are able to tap into the value and data that is held within other companies’ software.
However, SWIFT said, fragmentation reigns for FIs, as developers have approached using APIs to focus on specific business problems. A standardized approach can be of value to help scale adoption, said the paper.
There is enough precedence with FIs using technology, said the paper, that the movement toward automation is nothing new. Witness the fact that FIs have been using electronic messaging for 40 years. The focus on collaboration between parties in a transaction works because there has been standardization, said SWIFT, using that messaging.
“Banks don’t need to negotiate how to interact with every other bank they do business with: They just apply the global business standards and connect to each other through a globally standardized platform,” according to the paper.
Yet, even with this precedence in place, there has been a “lack of consistency in end-to-end processes,” while APIs also “expose new attack vectors for cybercriminals,” said SWIFT. The paper noted that anyone can develop and publish their own API specifications; there can be inconsistencies in business specifications, and in crafting identity and security frameworks.
As banks have looked to comply with regulations, and where they have had leeway to implement their own interpretation of local regulations, the result has been a large number of APIs. With so many APIs amid international markets, and with numerous representations of transaction and account details, then the value of data may be diminished through misrepresentation or truncation, said SWIFT.
Thus, the white paper serves as a call to action for stakeholders across banks and technology providers to address that fragmentation.
“The agility and simplicity afforded by APIs, and the tooling around them, mean that anyone can make their business services available to the whole world with a few clicks,” said SWIFT. “Already today, though, we are seeing serious challenges in the fragmentation that almost inevitably [result] from such flexibility.”
SWIFT noted that generic API platform services that are “perfectly suited to many financial services use cases are widely available from open source tools and proprietary cloud providers.”
To support a marketplace for API services, though, according to the paper, a standard platform is necessary. Existing business standards and best practices, said SWIFT, extend across reference data (such as currencies), semantic standards (such as certain business concepts and the relationships between them) and transactional standards (which govern the steps in a transaction and for which participants are responsible).
A platform must also guarantee identity, privacy and non-commercial data. For higher value transactions, SWIFT noted, it is preparing a “governed” platform that has solutions in place to promote those aforementioned guarantees.
“This platform will be flexible and ‘open’ to services from any appropriately qualified provider,” said SWIFT, which went on to say that “bespoke, standards compatible APIs, and even APIs that are entirely proprietary to a service provider, can benefit from these features of the SWIFT platform.”