Delivering Business Value from Regulatory Change 

Written By Matthew Buley

The regulatory landscape in the UK is complex

The 3rd iteration of the Payment Services Directive (PSD2) will soon replace the 2nd (PSD2), and while the UK is no longer obliged to pick up the regulation as law from the EU, the Financial Conduct Authority (FCA) will likely move in line with the rest of Europe. Alongside PSD3 comes the new Payment Service regulation (PSR), the Financial Data Access (FIDA) framework and a transition from Open Banking to Open Finance.  This portfolio will bring in measures to combat payment fraud, increase API standardisation and quality, enhance enforcement powers, increase consumer rights and offer the potential inclusion of investment and loan products in the Open Finance framework. 

Change is inevitable 

As regulations are published, reviewed and become law, regulatory change programmes in Financial Services are inevitable. The European Banking Authority (EBA)  and the Financial FCA both have roadmaps that will require businesses to update their products, services, technology and processes in the coming years, adding to the already packed change agenda in the industry. 

Whilst all businesses will strive for compliance; the way in which the regulation is interpreted and implemented is not mandated.  At one end of the spectrum it can be seen as a burden, being implemented only when legally required and just in time to achieve minimum compliance. Businesses with this approach may run a segregated regulatory change function, assigning budget specifically to meet these demands.  At the other end of the spectrum the regulation can be viewed as an opportunity, assessing the roadmap and the value that can be driven from its implementation and complementing it with the businesses existing strategy and goals.  

By moving quickly, ahead of competition and delivering new cutting-edge products to solve real customer challenges, value can be derived from regulatory change implementation.  

Getting value from regulation – success factors 

Overcoming legacy 

Some of the most successful PSD2 implementations were by those banks able to overcome their legacy processes and technology, they implemented API platforms to share not only the minimum required data, but managed to use those platforms to deliver new, high quality products and services to their customers, they were among the first in the market to provide account aggregation within their own apps allowing them to compete with non-banks, not just meeting the regulation but presenting themselves in the market as an account information service provider (AISP). 

Moving quickly 

Broadly financial services businesses took similar steps for basic compliance, for example the secure customer authentication (SCA) element of PSD2 led most to implement 2 factor authentication (2FA) across mobile applications and web channels. However, customer experience varied hugely for those on the receiving end of 2FA, that variation was due in the main to the quality of the build. Those businesses that lagged found themselves up against challenging timelines, realising too late that their platforms were not up to the job forcing development teams to build clunky workarounds. First movers gave themselves time to uncover these issues and time to remedy them; in some instances delivering new modern applications and implementing devops teams paving the way for agility in the future.  

Get in touch 

It is at this stage, ahead of the rush for compliance that an organisation should begin to build these principles into its business strategy and change agenda thinking about how to get value from these changes rather than ignoring them.  

 

 

 

 

 

 

 

 

Matthew Buley
Previous

The value of contingency planning
Next

Transformational Procurement: Digital Transformation’s enabling cousin