By Nadeesha Gamage,
Senior Lead - Solutions Engineer
134 banks and authorized deposit-taking institutions (ADIs) in Australia have to open up customer financial information through secured APIs as a part of the Australian Open Banking regulation (coming under the Consumer Data Right) by July 2020. This poses several problems for the ADIs in question. Depending on the size of the organization as well as how long they’ve been in business, different ADIs will have different challenges to overcome in complying with the regulation.
Many ADIs currently have rather messy technology stacks, where new systems have been incrementally added resulting in
Figure 1: A typical architecture in a traditional bank
This usually results in the following issues:
In an ideal world, banks can do a complete overhaul of their existing technology stack and create a clean, digitized system that can also provide open banking compliance. But in reality, this isn’t achievable because business, as usual, must go on (using the existing systems) while modernization happens parallelly and completely oblivious to the consumers as well as the employees of the bank.
The open banking compliance requirement provides a great opportunity to digitally transform the bank, piecemeal. If you take the requirement as a whole, it needs many technology components to work together in order to achieve compliance. Let’s look at what components you need to focus on and how you can modernize your technology.
First, you need to front the existing system architecture (which usually follows the messy spaghetti pattern) with an integration layer. This layer allows you to expose all the required services to the open banking solution, which will, in turn, expose them as APIs with the required identity and access management (IAM) checks. Once this step is done, the regulatory hurdle is accomplished.
Now comes the fun part — modernization. Once the new open banking technology components are connected to the existing technology stack, banks can understand how some of these components, while interoperating with the existing stack, can be used to digitally transform the bank’s technology architecture. Following are the key steps you need to follow:
Figure 2: Technology components needed for compliance and beyond
Spaghetti architecture found in most traditional banks makes it increasingly difficult to add new technology or update existing technology to add new services, without having an impact on the rest of the systems. Maintenance is also difficult, risky, and costly.
Figure 3: Systems integration in a traditional bank
Banks can re-use the integration layer and the API management technology used for the open banking requirement to transform their existing architecture to a more structured, digitized architecture by following the below steps:
Once this is done your bank’s systems integration will be digital-grade.
Figure 4: Systems integration in a digital bank
Figure 5: IAM in a traditional bank
In traditional banking systems, users may face several inconveniences when accessing applications and systems that meet various banking needs. These include multiple logins to disparate apps, poor customer authentication techniques, and the inability to access all applications from a common interface.
In order to eradicate this problem from both a security and user experience standpoint, banks should
When you successfully implement an IAM solution, you will end up with a system similar to the one depicted below:
Figure 6: IAM in a digital bank
“Data is the new oil” is probably a quote you have heard many times. But like unrefined oil, if we don’t refine the data into actionable insights, it becomes useless. In most traditional banking architectures, individual systems create siloed analytics or reports that are generated at the end of the day or week. These are then viewed as part of a weekly or monthly check up.
Figure 7: Analytics and auditing in a traditional bank
However, if banks want to not just benefit from the existing data, but also use it to provide digital products and services they need to
These steps will enable you to end up with an analytics platform that can truly deliver digital banking services by utilizing data.
Figure 8: Analytics and auditing in a digital bank
By combining these digitally savvy architectures, banks end up with an infrastructure that is lean, agile and provides all stakeholders in the banking ecosystems with an optimal experience. This improves the position of your bank as a digitally driven and innovative player in the Australian financial services market and puts you way ahead of the competition.
Figure 9
So are we there yet? Well, the goal post keeps changing. With the regulators promising to have regular version upgrades to the specifications, we will never really get ‘there’. But the important thing is that we ensure that our systems, processes, and people are able to operate in an agile and iterative manner to ensure that each regulatory update and each business expansion can be handled with ease without having to overhaul the technology stack each time.
At the end of the day, banks should remember that compliance is just the first step. How you perceive the opportunities beyond compliance and what you do in order to get there, lies in the hands of the decision makers in the bank. Open banking compliance provides you a great opportunity to digitally transform your bank. All you have to do is, identify which existing technologies can be re-used, acquire the technology you don’t have, and create a technology strategy for digital transformation. This puts your bank in the right place to use open banking compliance as a pathway to becoming a digital bank.
WSO2 Open Banking allows you to comply without having to reinvent the wheel. It can seamlessly integrate with your existing IT infrastructure, fill in any technology gaps and satisfy compliance quickly and effectively. The best part is, the solution can extend to the rest of the WSO2 Platform, allowing you the benefit if having a comprehensive technology stack to benefit from, when you start thinking about digital initiatives beyond compliance.
For more details about our solutions or to discuss a specific requirement