How Japan’s Open API Adoption Could Change Financial Institutions in the RegionSenior Analyst, Asian Financial Services at Celent
It is now common practice for many businesses to display Google Maps when publishing their address and location on a website. Technically speaking, this is realized by outputting map data using Google’s application programming interface (more commonly referred to as API). An API generally refers to a technical specification for operating a program by another program—it defines command statements (commands and functions). Put very simplistically, it lists the operations developers can use and explains what these operations do.
The use of open API has now spread to even the most conservative industry: financial services. In May 2017, the Japanese financial industry shifted to a new framework—the amended Banking Act introduced a registration system for Electronic Settlement Agency Service Providers, so-called third-party providers (TPP), and announced policies of collaboration between banks and TPPs. Measures concerning the promotion of open innovation at banks eventually emerged as new regulations. This was a major shift in Japan’s financial regulations.
Since they first began employing computers in the 1960s, Japanese banks have always limited themselves to closed and rigid approaches to system development. The open API will be a powerful trigger for the value chain revolution in the Japanese banking and financial services industry.
Open API in Japan
In the case of Japan, the Japanese Bankers Association’s Review Committee report on APIs details the fundamental principles of user protection and security measures. Regarding security measures, the report calls for continuous improvement, review, and advancements in API connection suitability and eligibility of third parties, measures to prevent unauthorized external access, measures to prevent unauthorized internal access, and measures to handle incidents of unauthorized access.
The Center for Financial Industry Information Systems also released an API connection checklist. The document lists a number of common items as a tool for facilitating efficient communication between banks and API connections. These include confirming an ability to implement security measures and a recommendation that entities establish user-protection systems and their own individual set of confirmation items.
From a security perspective, open APIs also serve as an opportunity to revisit and review the relationships between financial institutions and technology vendors. Indeed, this will presumably be an opportunity to fundamentally restructure relationships due to the sheer increase in the number of financial institutions offering open APIs, the scope and scale of APIs provided by them and the services offered through APIs. Additionally, relationships will be reshaped owing to the diversification of industries and external companies, such as TPPs with which partnerships are formed, and also as a result of advancements in API use.
In the open API era, financial services and their security will not be maintained and managed by financial institutions alone. Rather, continued development and evolution by industry groups and across the entire value chain should be expected. Japanese financial institutions are also at a point where they should identify the optimal time to externalize security overall and to use external certification bodies for security.
How Businesses Should Prepare
We believe that open-banking strategy is critical both for financial institutions that are striving to build an open API strategy and for IT vendors looking to support them. The following points are designed to serve as advice to companies that are undertaking pioneering initiatives in advanced markets, with localization for the Japanese market in mind.
First, it is necessary to formulate an open API vision. This should include the definition of open APIs for business and technology, including data openness and its monetization strategy, as well as an IT and business roadmap.
Making public and external pledges that put forth concrete numerical targets, achievement deadlines, and revenue sources in the form of a manifesto may be the preferred approach. However, in practice and implementation, a data openness strategy and a monetization strategy are key.
From the perspective of open data and business models, experience in other industries that are ahead of the financial industry has clearly shown that there is a first-mover advantage. However, a balance must be struck between data openness and data control. In addition, opening up a platform to external developers should be expected to greatly enhance the customer experience; but in tandem with this, companies need to directly address data control and management.
Second, strengthening a company’s products and services relies on optimizing processes for providing them. Internal processes should be revisited and rebuilt to establish and leverage an integrated API model. These efforts should be seen as an opportunity to significantly improve the fundamental product and service supply system as well as service quality.
The existence of customer information asymmetry, the degree to which the customer response process is analog and the degree to which the service chain is seamless, should be regarded as factors that can drive improvements in both customer convenience and service provider cost efficiency.
A number of cases have demonstrated that, in addition to process digitization, process automation, and a shift to real-time processes, the outsourcing of processes to digitize customer interactions using digital marketing and social listening is a highly effective way of generating new brand value and can offer significant revenue opportunities.
Third, build relationships between developers and TPPs. This point also represents a task area in which financial institutions have little or no experience. These tasks include identifying TPPs and developers aligned with your company’s objectives and establishing a developer-support model to facilitate the building of third-party applications. Other key considerations include how to incorporate external resources to design, develop, operate, and maintain IT. Again, the principles of co-creation and competition should be put to work.
And lastly, redesign IT as an enabler. Ultimately, IT will enable everything discussed so far. To ensure that you are maximizing your performance, you will want to ask yourself these questions: Is IT driving innovation in these business models? Or is IT hindering it?
A company will want to look at redefining the requirements of security, data, and channel applications. Using new APIs can simplify the architecture and streamline data integration. In principle, it should not create new IT, it should not possess new IT, and it should not allocate staff to new IT.
Exhibit: Open API Banking Strategy
How Japan Can Become a Role Model for the Region
There is plenty of room for open APIs in Japan to be expanded by the creativity of individual companies both in terms of scope and content. Now is the time to establish new competitiveness and value chains that depend on the incentives and motivation of financial service providers, that is, motivation to create new product services and innovation initiatives.
How and why system reform was implemented in Japan, what kind of items were considered, and the details of the new system all make for a good case study for other regions and countries.
The creation of a new framework in a mature Asian market could serve as a reference case in terms of institutional design for neighboring countries and emerging economies. In addition, such cases could contain many hints and insights for financial services in the Asia-Pacific market of the future, as well as the concept behind collaborative models between financial institutions and service vendors.