How APIs Changed Bank Security From Castles to Strip Malls

Written by

The application programming interface, or API, has become one of the principal building blocks of the modern digital economy.

APIs are at the center of modern application architectures and system design; over 90% of the world’s internet traffic passes through them. For banks, APIs are the conduit that connects institutions to customers, partners and each other. Their responsiveness and agility drives innovation while dramatically lowering the cost of application development and integration. In addition to remaining competitive and innovative, API adoption and the microservices that use them are key to addressing regulatory requirements for open banking, such as PSD2.

But there’s a problem, and it’s a familiar one: With new technology, adoption tends to outpace security. It is the same situation with each new generation of tech solutions: adoption leads and security lags a few steps behind. This is happening right now with APIs — and banks should be anxious.

But anxiety is frequently taking second place to blissful ignorance. Most chief information security officers in financial services don’t understand the full implications of the API economy and are not measuring their institution’s exposure to its risks. It’s a major blind spot; you can’t secure that which you can’t see or don’t understand. Within the same organization, the CISO and the DevOps (a portmanteau of “software development” and “IT operations”) team commonly don’t really speak the same language. DevOps teams can often see the issues, but CISOs are not as alert to them. This gap in understanding means many back-end systems and critical infrastructure could be exposed to a cyberattack.

Regulators and auditors are catching up on the implications of architectural and attack surface changes and have yet to update their audit or examination methodologies. They are learning what questions to ask, from the basics around API ownership to detailed metrics and matters of governance around operating effectiveness. But some are still hazy about what an API even is, let alone why it might pose a problem.

Complexity is the Enemy of Security
Part of the difficulty is the complexity of legacy IT stacks that most banks are sitting on. Unfortunately, there’s rarely a financial return on a bank retiring a mainframe or decommissioning legacy systems. This leads to IT and security teams being responsible for maintaining and securing several generations of different technology, from ancient “Big Iron” mainframes and AS/400s right up to modern, fully API-driven digital banking platforms. The discipline and focus on system life cycle management is a continuous challenge. Migrations are complex and you can’t just switch off old systems — that’s like changing a plane’s engine mid-flight.

The complexity of securing and managing these multiple generations is immense; most banks don’t have the skills or resources in-house to do it. Complexity is the enemy of security, and the complexity of modern computing environments is only increasing. For chief information officers, chief technology officers and CISOs, it’s difficult enough to keep up with the current complexity. While Gartner estimates that APIs will become the No. 1 attack vector this year, API threats are just coming onto the radar as an area of focus.

Why are APIs at Risk?
The benefits of migrating to an API-first, microservice-based architecture are so strong that their adoption is inevitable. The advantages of APIs are manifest in terms of being able to easily collaborate with other companies, share data and simplify all kinds of integrations that weren’t possible before. The problem is that yesterday’s security model wasn’t built for this architecture.

Think of the security model for old monolithic web applications like a castle with a moat: a gate with a drawbridge that means one way in, one way out. Your services sit behind your defenses inside the castle. The microservice and API-first model changes that attack surface to more of a strip mall: external doors on each store. Data is highly distributed, but the castle’s security methods were never designed to monitor or protect this approach.

In many cases, security teams are not even aware that this is happening; this is even more common where there are third parties involved. Third-party dependencies are very common in banking, and it’s extraordinarily difficult to get appropriate visibility into critical supply chain vendors that banks rely on for key operational and control processes.

All this begs the question: If the adoption of APIs is inevitable, how will banks manage them safely? Security programs must evolve to address API challenges directly. Without management and appropriate security designed for them, APIs expose your bank’s essential data while the “guards at the front gate” have no idea what’s going on.

Banking’s Single Pane of Glass

Written by

Imagine looking at all the elements and complexities of a given business through a clear and concise “single pane of glass: one easily manageable web interface that has the horizontal capability to do anything you might need, all in one platform.”

It may sound too good to be true, but “single pane of glass” systems could soon become a reality within the mortgage industry. Underwriters, processors, loan originators and others who work at a mortgage or banking institution in other capacities must manage and maintain a plethora of different third-party software solutions on a daily basis.

It’s complex to simultaneously balance dozens of vendor solutions to monitor services, using different management console reports and processes for each. This cumbersome reality is one of the most significant challenges bankers face.

There are proven solutions and approaches to rationalizing these operational processes and streamlining interactions with customers, clients and new accounts. In the parlance of a technologist, these are called “single panes of glass,” better understood as multiple single panes of glass.

That does exist if you’re talking about a single product. Herein lies the problem. Heterogenous network users are using single third-party platform solutions for each service they need, with a result that one would expect. Too many single panes of glass — so much so that each becomes its own unique glass of pain.

How can banks fix this problem? Simply put, people need a single view of their purposed reality. Every source of information and environment, although different, needs to feed into a single API (application program interface). This is more than possible if banks use artificial intelligence and machine learning programs and API frameworks that are updated to current, modern standards. They can unify everything.

Ideally, one single dashboard would need to be able to see everything; this dashboard wouldn’t be led by vendors but would be supported by a plethora of APIs. Banks could plug that into an open framework, which can be more vendor-neutral, and you now have the option to customize and send data as needed.

The next hurdle the industry will need to overcome is that the panes of glass aren’t getting any bigger. Looking at pie charts and multiple screens and applications can be a real pain; it can feel like there isn’t a big enough monitor in the world to sift through some data spreadsheets and dashboards effectively.

With a “single pane of glass” approach, banks don’t have to consolidate all data they need. Instead, they can line up opportunities and quickly access solutions for better, seamless collaboration.

Focusing on one technology provider, where open-source communication can make integration seamless, might be a good adoption route for bank executives to consider in the short term while the industry adapts to overcome these unique challenges.

FinXTech’s Need to Know: Accounts Payable

Written by

When I think of bookkeeping, the first thing that comes to mind is a scene out of “Peaky Blinders:” a sharply dressed man pacing the floor with a heavy leather book, frantically crunching the numbers to figure out which accounts have an overdue balance and of how much.

Today, accounting software digitizes the majority of this reconciliation process. The problem with this? There are hundreds of software solutions a business can choose from — but more poignantly, software offered by a business’ bank seldom falls at the top of that list.

Many banks have historically been slow to service their small business customers. Account opening, applying for a loan or even getting business cards has traditionally forced business owners to head to a branch. The crucial need for bookkeeping software has turned businesses onto disruptors in the space: Intuit’s Quickbooks, Block’s Square software system, PayPal Holdings, etc. These incumbents, and others, are ready to pounce on a market that’s estimated to grow as big as $45.3 billion.

But banks have the chance to claim some of that market.

The Paycheck Protection Program showed small businesses that there were gaps fintechs couldn’t fill — ones that financial institutions could. Bank leaders looking to strengthen the relationship between their institution and their small business customers may want to start with accounts payable (AP) technology.

 If your bank doesn’t already offer small business customers an integrated AP software as a benefit of having a business account, it’s time to seriously consider it.

Some larger banks — U.S. Bancorp, Fifth Third Bancorp — have built in-house AP offerings for their commercial customers. Others, like my $4 billion bank in southeast Iowa, do not — and probably can’t even afford to consider building. Detroit-based Autobooks provides those in-between banks with a platform to help service the AP and invoicing needs of small businesses.

Autobooks lets banks offer its white-labeled software to their small-business customers to manage accounting, bill pay and invoicing from within the institution’s existing online banking system. This eliminates the need for businesses to go anywhere else to handle their AP, and keeps invoicing and payment data within the bank’s ecosystem. More data can lead to better insights, campaigns and products that generate revenue for the bank.

Autobooks receives payments via credit card, Automated Clearing House (ACH) transfers and lockbox transactions. Because small businesses are already working within the bank’s online system, received funds are automatically deposited directly into the business’ bank account.

Paymode-X from Bottomline Technologies is another solution that banks could use. Paymode-X is an electronic, business-to-business payments network that integrates with the existing cash management systems of a bank’s business customers. It eliminates manual initiation and tracking of electronic and ACH payments; its bi-directional connection to accounting systems helps automate reconciliation. Constant electronic monitoring of payments also better traces and tracks payments for banks.

Bottomline Technologies handles vendor outreach and enrollment into the system, and also helps banks identify opportunities to earn additional revenue through the rebates and discounts a vendor may offer to encourage paying electronically, paying early or buying in high volumes.

In addition to offering it to commercial customers, banks can also use Paymode-X for their internal AP needs.

Bill.com has also marked itself as a notable fintech partner. Bill.com Connect is an end-to-end payments management platform that commercial clients access through a bank’s online portal or mobile app. Platform features include a payments inbox to receive, manage and process invoices digitally, automatic forwarding of invoices to the appropriate party, digital signatures and customizable workflows to enable automated approvals.

Bill.com also touts a network of over three million businesses, which could be an attractive benefit for commercial clients looking to expand, partner and more simply get paid.

There is still time and space for banks to plant their flag in the small business space; fintech partners could be an attractive way to break that ground.

Autobooks, Bottomline Technologies and Bill.com are all vetted companies for FinXTech Connect, a curated directory of technology companies who strategically partner with financial institutions of all sizes. For more information about how to gain access to the directory, please email [email protected].

Opportunities — and Questions — Abound With Blockchain

Written by

Blockchain technology could add almost $2 trillion in gross domestic product to the global economy — and $407 billion in the U.S. — by the end of the decade, according to a 2020 PwC study. The digital ledger’s potential to build efficiencies, speed and trust isn’t limited to the banking industry, with PwC identifying five broad areas for transformation across various sectors, including improvements to supply chains, identity management to counteract fraud and faster, more efficient payments.

An increasing number of banks, large and small, are exploring opportunities for their institutions in a blockchain-based world. I focused on how two banks are using blockchain to build a payments niche in the third quarter 2022 issue of Bank Director magazine. New York-based Signature Bank launched a blockchain-based payments platform, Signet, in 2019. The $116 billion bank collaborated with Tassat Group on the initiative. Now, Tassat works with banks such as $19 billion Customers Bancorp, in Reading, Pennsylvania, to deliver payments services to commercial clients via a private blockchain. 

Another group of banks has taken a more collaborative approach, launching the USDF Consortium in January 2022. The five founding banks include $7 billion NBH Bank, the Greenwood Village, Colorado-based subsidiary of National Bank Holdings Corp., and $57 billion Synovus Financial Corp. in Columbus, Georgia, along with the blockchain technology company Figure Technologies and the investment fund JAM FINTOP. The group wants to make the industry more competitive with an interoperable, bank-minted stablecoin, a digital currency that’s pegged, one-to-one, to fiat currency or another physical asset.

Rob Morgan, who recently took the helm at USDF after leading innovation and strategy at the American Bankers Association, says that the banks are working together to answer key, competitive questions. These include philosophical ones, such as: “What is a bank’s role in a digital, tokenized economy?” They’re also answering questions specific to blockchain, including how can banks use a technology that has fueled the rise of cryptocurrency and apply it to traditional financial products? 

Creating a more efficient, faster payments system looks like the logical first step for these organizations, but other use cases could run the gamut from building better loan and identity verification processes to conform with know your customer and anti-money laundering rules. 

Given the nascency of blockchain applications, bank regulators are still getting up to speed. “From a legal and regulatory standpoint, [we are] working with the regulators to get them comfortable with this technology,” says Morgan. “Broadly, we have seen a changing posture toward cryptocurrencies for the regulatory agencies,” citing communications from the Comptroller of the Currency and the Federal Deposit Insurance Corp. that underscore expectations that banks work with their regulators before engaging in activity related to digital assets, including stablecoins. “We’re working really closely with the regulatory agencies,” says Morgan, to “make sure that they are totally comfortable with what we’re doing before moving forward and making these products live.”

For banks considering blockchain initiatives, Rachael Craven, counsel at Hunton Andrews Kurth, emphasizes the need for robust business continuity and incident response plans, as well as recovery protocols. “As with any emerging technology, operational failures, cyberattacks … should definitely be things that stay top of mind for banks,” she says. And working with a third party doesn’t let a bank off the hook for a compliance snafu. “Banks ultimately own the risks associated with any regulatory or compliance failures,” she says.

One potential murky area tied to blockchain centers around the technology’s immutability: Once the transaction data — or block — is added, it can’t be amended or reversed. Erin Fonté, who co-chairs Hunton’s financial institutions corporate and regulatory practice, sees potential conflicts with consumer protections under Regulation E, which governs electronic transfers of money via debit card, ATM or other means. “There’s nothing in Regulation E that exempts cryptocurrency transactions,” says Fonté. “You cannot forget the applicability of existing regulations to potential crypto or blockchain transactions.” 

Sara Krople, a partner at Crowe LLP, recommends that banks consider their current competitive strengths and strategic goals when discussing potential opportunities and risks with blockchain. Signature Bank started its Signet platform after consulting with its commercial client base; Customers Bancorp was pursuing a competitive moat with its niche serving companies in the digital assets sector. “Make sure it makes sense for you strategically and that you’ve thought through the risks,” Krople says. Many banks will partner with blockchain vendors, as Signature and Customers did. Banks should examine the controls and processes they’ll need, and determine whether they’re comfortable with the risk. 

Krople adds that banks should also identify one or more internal stakeholders who can take ownership for blockchain and bring the organization up to speed on its potential. Before Customers Bancorp launched its Customers Bank Instant Token [CBIT] platform, it formed an employee-level committee that spent months reviewing the associated risks. That resulted in a “best in class BSA review process” that provides speedy onboarding for clients while also ensuring the safety of the bank, according to Chris Smalley, the bank’s managing director of digital banking. 

Legal, risk and compliance processes should meet the needs of the emerging technology, says Krople. Among the questions banks should consider, she says: “Who’s going to monitor it for security? How do you know the transactions are process[ed] the way they’re supposed to? Who’s reading the smart contracts for you? You need somebody to be able to do those things.” 

A bank’s needs will differ by use case, Krople adds. “There’s a huge amount of opportunity, but you need to make sure people have thought through all the steps you need to implement a process.”

The Unlimited Potential of Embedded Banking

Written by

With fewer resources and smaller customer bases, community banks often find themselves on the losing end of a tug-of-war game when getting involved in emerging technologies. But that’s where embedded banking is a game-changer.

Embedded banking offers every financial institution — regardless of size — a chance to grab market share of this relatively untapped, billion-dollar opportunity.

Embedding financial services into non-financial applications is a market that could be worth almost $230 billion in revenues by 2025, according to a report from Lightyear Capital. That means forward-thinking community banks could see a big upside if they make the strategic investment — as could their non-bank partners. And those companies that are orchestrating integrations behind the scenes could also reap rewards in the form of subscription or transactional services. And ultimately, end users will benefit from the seamless experience this technology provides. While it’s a winning proposition for all, a successful embedded finance operation involves preparation and strategy. Let’s take a closer look at the four players who stand to benefit with embedded banking.

Community Banks: Building Reach
As community banks retool their strategies to adapt to more digital users, they also face growing challenges from digital-only neobanks and fintechs to retain their existing customers. They will need innovative features on-par with their big-budgeted competitors to thrive in the space.

Embedded banking is a legitimate chance for these banks to stake out a competitive advantage. Embedded banking, a subset of banking as a service (BaaS), allows digital banks and other third parties to connect with banks’ systems directly via application programming interfaces, or APIs. Today, 70% of banks that sponsor BaaS opportunities have less than $10 billion in assets. The cost to compete is low, and the services that non-bank entities are seeking are already available on banking platforms.

To start, institutions work with a technology company that can build APIs that can extend their financial services, then identify partners looking to embed these services on their digital platform. A best-case scenario is finding a digital banking partner that can deliver the API piece and has connections with potential embedded banking partners. Once a bank has an embedded banking strategy in place, expansion opportunities are unlimited. There are numerous non-bank partners across many industry verticals, offering entirely new customers at a lower cost of a typical customer acquisition. And these partnerships will also bring new loans, deposits and payment transactions that the bank wouldn’t otherwise have.

Nonbanks: Retaining Customers, Bolstering Satisfaction
Companies outside of the finance industry are rapidly recognizing how this technology can benefit them. Customer purchases, loans or money transfers can all be facilitated using services from a bank partner via APIs. Companies can offer valuable, in-demand financial services with a seamless user experience for existing customers — and this innovation can fuel organic growth. Additionally, the embedded banking partnership generates vast amounts of customer data, which companies can use to enhance personalization and bolster customer loyalty.

Consumers: Gaining Convenience, Personalization
Making interactions stickier is key to getting consumers to spend more time on a website. Sites should be feature-rich and comprehensive, so users don’t need to leave to perform other functions. Embedding functionality for relevant financial tasks within the platform allows users to both save time and spend more time, while giving them valuable financial products from their trusted brand. They also benefit from data sharing that generates personalized content and offers.

Tech Companies: Growing Partnerships, New Opportunities
Technology providers act as the conduit between the financial institution’s services and the non-bank partner’s experience. These providers — usually API-focused fintech companies — facilitate the open banking technology and connections. By keeping the process running smoothly, they benefit from positive platform growth, the creation of extensible embedded banking tools that they can reuse and revenue generated from subscription or transaction fees.

Everyone’s a Winner
This wide-open embedded banking market has the potential to be a game changer for so many entities. The good news is there is still plenty of room for new participants.

FinXTech’s Need to Know: Direct Deposits

Written by

For many banks, direct deposit information is the key that turns a new account into a long-term successful primary relationship.

Direct deposit is a conduit to a customer’s life — and their information. Customers tend to use the account that receives their income; accounts without these recurring deposits risk sitting idly.

However, most customers don’t actively think about their direct deposit account. It’s not table stakes after they open the account; it doesn’t make or break their banking experience. But for banks, it’s crucial they get customers to switch. Research from Harland Clarke and Javelin Strategy & Research in 2017 found that 81% of bank customers who received a paycheck used direct deposit; of those customers, 91% used only one financial institution for it.

Banks with technology that makes it easier for customers to switch their direct deposit over when opening a new account have an edge in the fight for primacy.

Some of the financial technology companies that offer this type of solution — Atomic FI, Argyle, Pinwheel and ClickSWITCH, among others — can embed it directly into a bank’s digital banking interface. Customers have a self-servicing option, and bankers can use the tool on the back end. And, when opening a new bank account, it can automatically prompt customers to switch over their direct deposit as part of the account setup.

There is room for banks to improve in this area. Harland Clarke and Javelin also noted that out of those that opened a checking account between 2016 and 2017, only 70% recalled being asked to switch over their direct deposit enrollment.

Application programming interfaces (APIs) facilitate the actual switching of accounts. The APIs, which function as passageways between software systems that enable data exchanges, can also be used to verify income and employment data, which can help the bank identify other products the customer might qualify for.

In addition, some fintechs also offer a service called “paycheck linked lending,” which allows bank customers to pay their loans directly from their paycheck before it’s deposited into their account.

Newer digital startup banks — or neobanks — may have these types of tools built into their infrastructure. But for many smaller or community banks, the act of switching direct deposits is still a highly manual task that falls primarily on the customers, which could deter them from making the switch.

Here are five benefits a bank could experience by implementing a direct deposit switching tool:

  1. Capture more customer data. As customers switch their direct deposit, banks have an opportunity to collect more income and employment data to use in marketing campaigns and fraud detection.
  2. Automate manual tasks for both the customer and bank. APIs handle the account switch once the customer gives them permission to do so.
  3. Cater to customers in the gig economy workforce. Customers can switch one or multiple direct deposits to your bank, or split their paychecks to go to multiple accounts.
  4. Cut the time it takes to switch direct deposit accounts. APIs can conduct changes and verify data in real time — no paper forms involved. Atomic FI claims that its switches can take effect within a customer’s current or next pay cycle.
  5. Create stickier relationships with new and existing customers. Capturing direct deposits jumpstarts account activity and longevity with customers. If a customer considers your bank their primary financial institution, they may be more likely to turn to the bank for other services.

Q2 Software, the digital banking provider that acquired ClickSWITCH in April 2021, has an online ROI calculator to demonstrate the potential growth banks could see in adding a direct deposit switching tool.

It’s never been easier to open a new bank account. But newly opened accounts don’t promise a source of activity and recurring deposits. If your bank has never incorporated direct deposit as a key step in the customer acquisition process, now may be the time to reconsider.

Argyle and ClickSWITCH are included in FinXTech Connect, a curated directory of technology companies who strategically partner with financial institutions of all sizes. For more information about how to gain access to the directory, please email [email protected].

What Does Today’s Community Banker Look Like?

Written by

After more than a year of great uncertainty due to the coronavirus pandemic, the biggest driver of change for community banks now will likely come from customer behavior.

The shift towards digital banking that took off during the pandemic is expected to become permanent to some degree. Customers are most likely to use online or mobile channels to transact and they are becoming more involved in fraud prevention, with measures such as two-step verification. They are also performing an increasing number of routine administrative tasks remotely, like activating cards or managing limits. Branches are likely to endure but will need to rethink how to humanize digital delivery: The Financial Brand reports that 81% of bankers believe that banks will seek to differentiate on customer experience rather than products and location.

Digitalization is good news for community banks. It reduces pressure on the branch network and increases opportunities to develop the brand digitally to reach new customers. But it also creates an obligation to deliver a good digital experience that reduces customer effort and friction. In the digital age, customers face less costs of switching banks.

Banks that assume they will be the sole supplier of a customer’s financial services or that a relationship will endure for a lifetime do so at their own risk. President Joseph Biden’s administration is promoting greater competition in the bank space through an executive order asking the Consumer Financial Protection Bureau (CFPB) to issue rules that give consumers full control of their financial data, making it easier for customers to switch banks. Several countries have already implemented account switching services that guarantee a safe transfer. How should community banks respond so they are winners, not losers, with these changes?

With their familiar brands, community banks are well positioned for success, but there are things they must do to increase customer engagement and build loyalty. Continuing to invest in digital remains crucial to delivering a digital brand experience that’s aligns with the branch. Such investment will be well rewarded — not only in retaining customers but also attracting new ones, particularly the younger generation of “digital natives” who expect a digital-first approach to banking. The challenge will be migrating the trust that customers have in the branch to the app, offering customers choice while maintaining a similar look and feel.

The branch will continue being a mainstay of community banking. Customers are returning to their branches, but its use is changing and transactions are declining. Customers tend to visit a branch to receive financial advice or to discuss specific financial products, such as loans, mortgages or retirement products. Some banks already acknowledge this shift and are repurposing branches as advice centers, with coffee shops where customers can meet bankers in a relaxed atmosphere. In turn, bankers can go paperless and use tablets to guide the conversation and demonstrate financial tools, using technology augmented by a personal touch.

Community banks can play a crucial role in promoting financial literacy and wellness among the unbanked. As many as 6% of Americans are unbanked and rely on alternative financial services, such as payday loans, pawnshops or check cashing services to take care of their finances. According to a 2019 report by the Federal Reserve, being unbanked costs an individual an average of $3,000 annually. By increasing financial inclusion, community banks can cultivate the customers of tomorrow and benefit the wider community.

Cryptocurrencies are the next stage of the digital revolution and are becoming more mainstream. Although community banks are unlikely to lose many customers in the short term over cryptocurrency functionality, these digital assets appeal to younger customers and may become more widely accepted as a payment type in a decade. Every bank needs a strategy for digital assets.

The shift to digital banking means bank customers expect the same experience they get from non-financial services. Application program interfaces (APIs) have ushered in a new era of collaboration and integration for banks, their partners and customers. APIs empower banks to do more with data to help customers reduce effort, from automating onboarding to access to funds and loans immediately. At a time when community banks and their customers are getting more involved with technology, every bank needs an API strategy that is clearly communicated to all stakeholders, including partners and customers. Although APIs cannot mitigate uncertainty, they do empower a bank to embrace change and harness the power of data. Banks without an APIs strategy should speak to their technology partners and discover how to find out how APIs can boost innovation and increase customer engagement.

How Open Finance Fuels the Money Experience and Drives Growth

Written by

If one idea encapsulates a significant trend in the current business environment, it’s “openness.”

Society is placing a greater value on transparency and “open” approaches. Even Microsoft Corp., the long-time defender of closed software, under the leadership of CEO Satya Nadella, has proclaimed they are “all in open source.” One industry where being open is of particular importance is banking and finance.

Open banking is the structured sharing of data through an application programming interface, or APIs. These APIs allow data to move freely from financial institutions to third-party consumer finance applications. Customers initiate and consent to data sharing, establishing a secure way to grant access and extract financial information from the financial institution.

Open finance, on the other hand, is a broader term. It extends open banking to include customer data access for a range of services beyond the banking industry — to retail stores, hotels, airlines, car apps and much more.

Open finance is popular in Europe and is now gaining momentum in the United States. The goal, similar to open banking, is to enhance the way consumers in all industries interact with money. There are numerous far-reaching benefits of the open finance movement, both for consumers and organizations.

Consumers receive fast access to apps and services. Opening up data access allows someone to sign on and share their data with popular third-party apps (such as Netflix or Amazon.com) so they don’t have to re-enter their information every time. Taking it a step further, a stream of innovative applications such as fraud monitoring, automated savings, accelerated mortgage reduction and more are possible once access to financial information is opened up.

Greater security and control. With currently available technology, financial institutions, can leverage API connections to allow account access or facilitate money movement for their customers. This control provides a sense of autonomy and security for consumers and bankers alike, creating an improved and secure money experience. Banking APIs also impact business models, and most significantly, allow banks to adapt to changes in the marketplace.

But security is critical when “opening up data” to the world. When we launched our open finance platform, MX Open, we ensured that financial institutions would be able to help protect their user’s financial data. Security needs to be at the heart of any successful open finance strategy, so that  financial institutions, third-party financial apps and other companies can create more personalized money experiences that give customers greater access and control.

Easier connection of services, apps, cores and systems. Establishing a secure, end-to-end mechanism for sharing data not dependent on credential sharing allows banks and fintech companies can connect to many, many more services — resulting in even more services and offerings for users. Data connectivity APIs exist for that purpose: to empower organizations beyond the constraints of legacy systems, connecting financial institutions with new services, apps, cores and systems.

As a company focused on the financial services space, we recognize that data should be open to everyone. This movement of opening up — from open-source, to open banking to open finance — can only help bankers and boards maintain the advocacy-focused approach they desire in serving their customers, while increasing control over their roadmap to innovate faster and deliver the right tools and products to the right customers.

Three Reasons to Take Banking to the Cloud

Written by

Bankers challenged by legacy technology can leverage a low-cost workaround as a way to keep up with the latest innovation.

Today’s marketplace is challenging bankers to keep pace with the rate of technology innovation and provide a level of functionality and service that meets — or hopefully, exceeds — their customers’ expectations. Many find, however, that they must first overcome the limitations of existing legacy technology in order to deliver the customer experience that will keep them competitive.

A revolution of sorts has been developing within the computing world: a shift to internet-based, cloud services has introduced a more cost-effective, scalable and reliable approach to computing. With essentially no or little cost to join and access to on-demand platforms and application programming interfaces (APIs), users are empowered to leverage virtually unlimited resources while paying on a metered basis. An additional benefit of the cloud is its ability to support transformation over time, providing options to configure services based on users’ specific needs as they evolve — which has a direct application for bankers.

Many banks have already learned that a move to the cloud not only helps them increase efficiencies and reduce operational costs, but can drive innovation where it matters most: the customer experience. The inherent advantages of the cloud are being applied within retail banking to provide a modern banking experience for customers through services that are offered in a scalable, “pay-as-you-go” format that grows and evolves over time.

Most importantly, the cloud helps bankers build off of their existing technology infrastructure to more easily create new services and experiences for their customers, particularly in three ways:

Faster innovation. The cloud breaks down the barriers to innovate across departments, eliminating a disintermediated, “spaghetti” architecture and allowing banks to go to market faster. Projects that may have taken months or years to implement before can now often be completed through a click and initiated within days. Much like an appstore, the cloud allows banks to subscribe, try and launch new products almost instantly, as well as delete applications that no longer serve their account holders.

More cost savings. Compared to the expense of enterprise and on-premises solutions, the cloud minimizes the need for costly investments, like physical infrastructure or storage and maintenance fees. Instead, banks pay only for the specific applications they use. Services that were once available only through binding, long-term contracts are now accessible entirely within the cloud on a metered basis, removing the significant upfront costs associated with legacy technology.

Improved flexibility. The number of resources and tools available within the cloud environment is growing daily, which drives growth in the developer community as a whole. This leads to more participants who are creating and contributing even better offerings. Banks benefit through the ability to implement new products or services quickly and easily in response to market demand or the specific banking needs of account holders. If the bank finds a certain application does not provide enough value, the cloud offers the flexibility to try other services until it identifies the product with the best fit for its unique situation.

For too long, too many banks have simply settled for “good enough” from an innovation perspective, hamstrung by their legacy technology’s complex infrastructure. In most cases, banks’ core technology investments have been sound ones — the technology is stable, secure and reliable and has a proven track record. But it can create limitations when it comes to flexibility, ease and speed to deploy new capabilities. With cloud computing, bankers can effectively extend the value of their core technology investments by leveraging all of the benefits that they provide, while cost-effectively supporting a more innovative approach to providing customers with a true, modern banking experience.

Five Ways PPP Accelerates Commercial Lending Digitization

Written by

The Small Business Administration’s Paycheck Protection Program challenged over 5,000 U.S. banks to serve commercial loan clients remotely with extremely quick turnaround time: three to 10 days from application to funding. Many banks turned to the internet to accept and process the tsunami of applications received, with a number of banks standing up online loan applications in just several days. In fact, PPP banks processed 25 times more loan applications in 10 days than the SBA had processed in all of 2019. In this first phase of PPP, spanning April 3 to 16, banks approved 1.6 million applications and distributed $342 billion of loan proceeds.

At banks that stood up an online platform quickly, client needs drove innovation. As institutions continue down this innovation track, there are five key technology areas demonstrated by PPP that can provide immediate value to a commercial lending business.

Document Management: Speed, Security, Decreased Risk
PPP online applications typically provided a secure document upload feature for clients to submit the required payroll documentation. This feature provided speed and security to clients, as well as organization for lenders. Digitized documents in a centrally located repository allowed appropriate bank staff easy access with automatic archival. Ultimately, such an online document management “vault” populated by the client will continue to improve bank efficiency while decreasing risk.

Electronic Signatures: Speed, Organization, Audit Trail
Without the ability to do in-person closings or wait for “wet signature” documents to be delivered, PPP applications leveraged electronic signature services like DocuSign or AdobeSign. These services provided speed and security as well as a detailed audit trail. Fairly inexpensive relative to the value provided, the electronic signature movement has hit all industries working remotely during COVID-19 and is clearly here to stay.

Covenant Tickler Management: Organization, Efficiency, Compliance
Tracking covenants for commercial loans has always been a balance between managing an existing book of business while also generating loan growth. Once banks digitize borrower information, however, it becomes much easier to create ticklers and automate tracking management. Automation can allow banker administrative time to be turned toward more client-focused activities, especially when integrated with a document management system and electronic signatures. While many banks have already pursued covenant tickler systems, PPP’s forgiveness period is pushing banks into more technology-enabled loan monitoring overall.

Straight-Through Processing: Efficiency, Accuracy, Cost Saves
Banks can gain significant efficiencies from straight-through processing, when data is captured digitally at application. Full straight-through processing is certainly not a standard in commercial lending; however, PPP showed lenders that small components of automation can provide major efficiency gains. Banks that built APIs or used “bots” to connect to SBA’s eTran system for PPP loan approval processed at a much greater volume overall. In traditional commercial lending, it is possible for data elements to flow from an online application through underwriting to final entry in the core system. Such straight-through processing is becoming easier through open banking, spelling the future in terms of efficiency and cost savings.

Process Optimization: Efficiency, Cost Saves
PPP banks monitored applications and approvals on a daily and weekly basis. Having applications in a dynamic online system allowed for good internal and external reporting on the success of the high-profile program. However, such monitoring also highlighted problems and bottlenecks in a bank’s approval process — bandwidth, staffing, external vendors and even SBA systems were all potential limiters. Technology-enabled application and underwriting allows all elements of the loan approval process to be analyzed for efficiency. Going forward, a digitized process should allow a bank to examine its operations for the most client-friendly experience that is also the most cost and risk efficient.

Finally, these five technology value propositions highlight that the client experience is paramount. PPP online applications were driven by the necessity for the client to have remote and speedy access to emergency funding. That theme should carry through to commercial banking in the next decade. Anything that drives a better client experience while still providing a safe and sound operating bank should win the day. These five key value propositions do exactly that — and should continue to drive banking in the future.