The approach to legislation in the PSD2 is truly disruptive, and most articles and whitepapers written so far about it have been focusing on a general view of the consequences of this novelty within the European payment market.
In this whitepaper, the aim is to further qualify the analysis by focusing specifically on the consequences and opportunities from PSD2 for the Nordic region – and especially the Nordic banks. The questions here are:
- Are the Nordic banks particularly well suited to move beyond compliance and fully exploit the strategic opportunities of PSD2?
- If so, what should they do to fully benefit from the new reality defined by EU?
- And finally: what are the main challenges for the Nordic banks in terms of realizing the potential within PSD2?
The paper will also cover the initiative “Convenient Access to PSD2 Services” (CAPS), which is a new and open framework that aims to help the banks on their way towards the fulfillment of the business potential in PSD2. CAPS is the perfect springboard for progressive banks who want to get the most out of PSD2 by introducing open APIs and take the first steps towards the future of Open Banking.
Finally, this whitepaper outlines Worldline’s capabilities when it comes to assisting banks on their PSD2 journey. Worldline has a strong belief in the potential of the Nordic region and significant ambitions for the Nordic market in the coming years. And PSD2 is a perfect opportunity to demonstrate the company’s ability to serve the Nordic market.
PSD2 and the Nordic region
Collaboration as a hallmark
More than anything else the Nordic region is characterized by a longstanding tradition of collaboration. As early as 1397 Denmark, Sweden and Norway formed The Kalmar Union that lasted more than a hundred years until 1523. And even though the Nordic countries fought several wars among each other in the following centuries, ever since the 19th century the Nordic relationships have been marked by peace and extensive collaboration - at grassroots level between organizations as well as business partnerships and more formal cooperative relationships between the Nordic States.
Inspired by the Latin Monetary Union Denmark and Sweden formed The Scandinavian Monetary Union in 1873, which was joined by Norway two years later (the First World War made it difficult to uphold the union and it formally ended in 1924). The Norden Association was formed by Denmark, Norway and Sweden in 1919 and joined by Iceland and Finland in 1922 and 1924 respectively (the association has the goal of promoting Nordic corporation and it still exists today). Later, in 1952 the Nordic countries formed the official inter-parliamentary Nordic body called The Nordic Council.
Banks working together
Over the past decades, the relationships between the countries have only grown stronger, and in the financial sector we have seen several cross-Nordic examples of both collaborations and mergers, most prominently the merger of Finnish Merita Bank, Swedish Nordbanken, Danish Unibank, and Norwegian Christiania Bank into the largest Nordic bank, Nordea.
Sharing financial infrastructure has also been common practice across the Nordic countries. This has accelerated the digitization of services including digital identity and real-time payment infrastructure further raising the bar for costumer expectations.
New examples of cooperation between the Nordic banks occur regularly. For example, in 2016 Nordea and DNB - Norway’s largest financial services group – decided to join forces in the Baltics.
Also in 2016, the Nordic financial technology network - Nordic Finance Innovation (NFI) – was formed as a meeting place for key players in the financial industry. NFI already has around 50 members including banks, insurance companies and international technology companies – Worldline being one of them.
A mature market
In 1996 the Finnish bank OP was the first in Europe and the second in the world to launch an online bank. Other Nordic banks were front-runners too within online banking, and now that banking is entering the mobile space the Nordic banks are still among the global first movers.
Today the Nordic region is the world’s 10th largest economy, and the Nordic payment market and payment industry is known for maturity and a high level of innovation. Card usage and digital payments are prevalent, and currently there is a lot of innovation going on especially within P2P payments where the Nordic banks are leading the European and global development.
Is the Nordic banking sector particularly well suited for PSD2?
Although PSD2 applies equally to the entire EU area the actual translation and implementation will differ at least to some extent between the European countries.
Security and fraud
Security and the fight against fraud plays a prominent part in the directive, and for a good reason, since fraud in digital payments has increased significantly in most countries and regions around the globe in recent years. The directive’s Recital 95 states:
"Security of electronic payments is fundamental for ensuring the protection of users and the development of a sound environment for e-commerce. All payment services offered electronically should be carried out in a secure manner, adopting technologies able to guarantee the safe authentication of the user and to reduce, to the maximum extent possible, the risk of fraud.”
However, if we look at the Nordic region in particularly, fraud is a relatively modest problem compared to the widespread use of digital payments. Even though the Nordic countries still have some way to go, fraud is already reasonably well contained and controlled using solutions such as chip & pin and different kinds of strong user authentication. And consequently, it makes sense to assume that the parties from this region who are responsible for complying with the increased security requirements are both able and more likely to focus more on other parts of the directive.
In addition to the Nordic advantage of a relatively low fraud rate, there is little doubt that the Nordic countries have a further advantage when it comes to the implementation of PSD2 simply because of the high level of digital readiness, the high penetration of digital payments – including mobile payments – and consequently the low use of cash in the region (this has been documented for several years, and media from all over the world have told the story). In the latest global Networked Readiness Index from the World Economic Forum Finland (2), Sweden (3) and Norway (4) are only bettered by Singapore, and Denmark is ranked as number 11 out of 139 countries (in the Digital Economy and Society Index (DESI), Denmark is ranked at number one).
Long tradition for digitization
The digitization of the Nordic societies started decades ago. If we take Denmark as an example the first version of the so-called common public digitization strategy was adopted already in 2001, and in 2016 the Danish government launched the fifth version of the strategy, which will run until 2020. Director-General Lars Frelle-Petersen at the Danish Agency for Digitization said earlier this year about the new digital strategy:
"When we compare Denmark internationally, we’re typically in the top three or four, and there are several reasons for that: First of all, we have a very digitized population that frequently uses IT in its everyday life […] Furthermore, we have a long tradition of close collaboration in the public sector, with whom we have built several advanced digital infrastructures within the last few years. But the collaboration also spans across sectors, and when it comes to digitization, particularly the public sector’s collaboration with the Danish financial sector has been successful for a number of years.”
A combination of digitization and collaboration is a major driver of innovation in the Nordic countries, and the Nordic citizens are already used to do almost everything online. A good example of that is digital identification. Every Nordic country has its own and widely used digital identity system - NemID in Denmark, BankID in Norway, BankID in Sweden, and Tupas in Finland. This is not the case in the southern part of Europe, and even the Netherlands have only just begun working on a national bank-ID solution.
Collaboration on financial services
The Nordic collaboration culture within financial services also stretches beyond the e-ID solutions. Within financial services collaboration has been key to sustain the high number of banks services the relatively small populations of the different Nordic countries. This has led to many shared services and shared ownership of service providers. The most prominent example of an entity created to deliver shared infrastructure to the banks is the Nordic payments company Nets, which is the result of the merger of the Norwegian BBS and the Danish PBS, both of which were owned by the banks they serviced. In terms of services, the Nordics have seen many financial services which were results of a collaborative effort. The successful direct debit solutions Betalingsservice from Denmark and AvtaleGiro from Norway as well as the two countries popular debit card schemes BankAxept and Dankort. A more recent example from Sweden is the mobile P2P payment solution Swish. In a PSD2 context, Swish is an interesting case as it in many ways shares the characteristics of a PISP as it operates as a TPP initiating payments directly on the banks account based payments infrastructure.
A Nordic head start
This digital savviness both in society in general and in the financial sector gives the Nordic region a head start in terms of ability to handle the new compliance requirements as well as to implement new processes and services following the PSD2.
Due to these preconditions, it is very likely that many – and probably a majority – of the Nordic banks possess both the aptitude and the willingness to adapt faster and more smoothly to the new directive than their counter-parties especially in the southern and eastern parts of Europe.
Undoubtedly, the single most important challenge for all European banks is how to turn the requirements of access to account - and everything that goes along with it in terms of liability and increased costs - into a business opportunity and a competitive advantage going forward?
The requirement to the banks to open access to the consumers’ payment accounts for TPPs is by far the most significant news in PSD2, and the way the banks chose to attack and handle this might very well influence their future digital journey.
Instead of perceiving PSD2 primarily as a threat the Nordic banks can be expected to take a more progressive stand and use the requirement to open the account infrastructure as a springboard for a more profound digital transformation and a leap into an open API economy and start experimenting with the concept of Open Banking.
Having common e-ID solutions across banks in the individual Nordic countries will allow for a simpler a faster implementation of XS2A services – at least in the individual markets – unlike markets that do not have shared e-ID services.
However, the use of the same e-ID credentials across both financial services and public authorities as seen in the Nordics could become at least a theoretical issue in case of any fraudulent activity by a TPP as this would also compromise government services. Mitigating this risk would require a separation of financial services e-ID and public e-ID – however this would be a major setback for the digital agenda of the Nordics.