DCB Bank Limited recently launched its Open Banking platform for next-generation banking solutions, which not only helps the bank improve its products and services but also reach out to new customer segments.
In an exclusive interaction, R. Venkattesh, President and Head of Operations, Technology and Human Resources, DCB Bank shares more details with Usha Prasad about the open banking concept and the bank’s journey in implementing the Open Banking API.
Q: From a closed banking concept, banks are moving towards open banking concept. Could you share your thoughts on this?
A: Yes, banks are witnessing lot of changes in the customer behaviour today. Banks, earlier, typically had a closed banking concept. Customer would come in do the interaction and go away, which used to be unidirectional.
From unidirectional, now the trend is more bidirectional. The customer is not just relying on the bank for deposits or payment of cash alone, he is also making use of the bank for multiple other services. For example, making a GST payment on the GSTN network for our SME customer, who has a current account with us along with an accounting package with him, is much easier than the earlier traditional system, where he had to depend on multiple systems. There are no multiple handoffs here, it is seamless and integrated. This is the beauty of an open banking or bidirectional banking.
Today, rather than people going to the banks, the banks are going to wherever the customer is through an App. That’s the new definition emerging today. Clearly, banks are not only opening multiple channels to its customers, they are also able to source customers through different channels. They are also on-boarding more partners who work as an extended arm of a bank.
Q: DCB Bank recently rolled out its open banking API. How was the journey in implementing it?
A: Today, we can proudly say that we are amongst few API-first banks implementing an API-first application. Today, we have lot of discussion about API in the bank, which was completely new to us about a year and a half ago. Our Launch of API Banking was quite quicker with adequate governance structure. When we started, we neither had the skill set initially nor we had the technology. We developed both. It’s been – ‘From a journey of innocence to a journey of excellence.’ Yet, I would say that it still in the making. It is not at a point of arrival.
Q: How did you succeed in implementing the open banking API?
A: We first focused on how to build the skill set for this new initiative. Most importantly, we wanted to have a very strong governance structure around it so that whatever we manage and whatever strategic tie-ups we have around this, they conformed to the highest standard thus following a very structured approach towards API First Banking.
The next step was to find out who could be our partners. This was again a very important exercise because we didn’t want to partner with anybody and everybody in terms of a FinTech partnership on this. We were clearly looking for those who would meet our requirement and more importantly our customer’s requirement.
From a system perspective, one of our key approaches was that even if it is for an internal consumption, we will route the application through our Enterprise Service Bus (ESB) so that tomorrow if we have to interface with our partners outside, it would be a lot easier. Having said this, the behaviour or the culture that we wanted to build was an API-first approach within the bank.
We are very proud that in a short period of time we were able to quickly start something that we hadn’t done in the past ever. Open banking is a very new and tech trend-wise it is a very innovative concept.
Q: What are the advantages of implementing an Open Banking API?
A: From an advantage point of view, we have been able to get into more partnerships by rolling out the Open Banking API. Customers’ loyalty and engagement is far more effective through this because the bank is going where the customer wants you to go rather than telling him ‘this is my branch you come here’.
Q: Open APIs can also face cyber security issues, how are you equipped to fight it?
A: Confidentiality and data protection are the biggest priority for any bank and the nature of relationship with the customer is of a trust. Data confidentiality and data security is most important for us.
With the emergence of new technologies, in our bank, we have built suitable controls; we are implementing suitable policies and the way to manage it is we are adhering to certain standards when it comes to cyber security, understand the new vulnerabilities that are coming up, fixing up and building it in our ecosystem so that we are able to make sure that we balance security with positive customer expectation without compromising one for the other. This holds good for any bank going in for Open Banking.
One of the key parts in ensuring that we are managing open APIs proactively is to be on our toes and continue to adapt, evolve and implement security controls. It is always about strengthening this whole aspect of cyber security and making sure that we understand that this is a journey and it is not a destination. However, there is always need for balance. Having over the top protocols and ignoring the customer’s needs will result in the customer experiencing inconvenience. Therefore, the need is to have robust protocols and safeguards in place to facilitate genuine transactions, which is important from the customer experience perspective.
Q: How strict are the guidelines when it comes to Open Banking?
A: To ensure more widespread adoption of Open Banking, the banking environment certainly needs changes in terms of technology, processes, infrastructure and customer readiness.
When it comes to regulation, it is very pragmatic in terms of the open banking concept. As long as the customer confidentiality and data protection is concerned, the requirement of various regulations and laws are properly taken care of. I think people need to make sure that they understand the regulations better and comply to it fully. There is a need to have increased awareness about data protection regulations itself.
When compared with European countries and the Unites States, India is a little ahead when it comes to cyber security and regulations because certain standards that we have been able to implement, others are still on the catch-up mode. I would say that we are cautiously progressing by adopting cutting edge technologies and complying with regulations in all.