Posts Tagged ‘API’

Speaker Interview: Mike Schwartz

Posted by

What is Free Open Source Software or “FOSS”, and why is it the best development methodology for Open Banking?

The “open source” marketing label is a bit like “organic” — you need to dig deeper to understand what it really means. Some “organic” products may contain up to 30% non-organic ingredients! Thriving FOSS ecosystems share some common characteristics though: at a minimum, an open source license is fundamental — everyone in the ecosystem must have the right to modify and redistribute the code. Versioned packages are important as well–operations teams can’t compile source code and need easy-to-use binaries. And finally, freely available documentation and an active community are essential for productivity.

When all cylinders are firing (code, packages, docs, and an active community), the FOSS development process results in a product which has the most features, the fewest bugs, the simplest user experience and the quickest updates. More eyes on the code, more contributors building features, and more trained engineers makes community the super-power for open source products.

Is open source safe for banks?

There is no intrinsic security advantage for proprietary commercial software — hackers don’t need to see source code to find flaws. There is, however, a clear security benefit derived when many organisations pool their penetration testing results and share findings. An open source community leads to more discussion on the impact of announced security vulnerabilities and faster bug fixes. Community collaboration is the secret power of open source software, and is a “super-safe” choice!

What types of use cases is open source software best suited to address?

Open source software works best for standards, security and infrastructure–areas where cooperation is more important than competition. Banks compete, but nobody wins if hackers get richer. Sharing know-how on software that implements security standards is a win-win for all legitimate players in an ecosystem.

What are the up-and-coming identity security standards that will impact Open Banking?

The Internet is a layered fabric of standards. Routing data packets, browsing web pages, sending email, using mobile applications — none of this can happen without Internet standards working together. Important new standards for authentication, single sign-on (SSO) and consent management are proliferating even as older identity security standards are just gaining adoption. Even experts in the industry find it difficult to keep track of it all!

Three standards organisations are developing identity standards that will have an important impact on Open Banking: the OpenID Foundation (OIDF), Kantara and the FIDO Alliance:

  • Authentication: The FIDO Alliance is defining standards for hardware, mobile, and biometric authentication credentials
  • Single Sign-On: OIDF is leading the Financial API (FAPI) working group, which is defining a profile of OpenID Connect that enables websites and mobile applications to securely use a bank’s authentication service.
  • Authorisation: Kantara’s UMA standard will enable consumers to delegate access and permissions to people and electronic agents, and will help banks define inter-operable security policies with account information service providers and payment initiation service providers.

Why will you be speaking at Finance Edge’s Open Banking Summit, and what do you hope to get out of the event?

We are looking to build the community of collaborators for the Gluu Server, an open source OAuth 2.0 and FIDO access management platform.

Speaker Interview: Clare Rowley

Posted by

Clare Rowley, Head of Business Operations, GLEIF

The way we work has been revolutionised by technology. As part of this, the automation of many manual processes has led to considerable time and cost saving. However, despite these changes, many continue to use manual methods when it comes to legal entity identification.

The use of Legal Entity Identifiers (LEIs) as a common identifier to combat this issue has a wide range of business use cases that span multiple industries, business activities and functions. Clare Rowley, Head of Business Operations at the Global Legal Entity Identifier Foundation (GLEIF), talks to us about why current entity verification methods are not enough, and how the solution to the problem – LEIs – can not only help firms meet regulatory requirements, but create business value in multiple sectors.

How do LEIs work?

The LEI is a 20-digit alpha-numeric code based on the ISO 17442 standard developed by the International Organization for Standardization (ISO). It enables clear and unique identification of legal entities participating in financial transactions by connecting to key reference information. GLEIF makes available the Global LEI Index, which is the only global online source that provides open, standardized and high quality legal entity reference data. Each LEI contains information about an entity’s ownership structure and thus answers the questions of ‘who is who’ and ‘who owns whom’. As of February 2018, more than 1.1 million LEIs have been issued to legal entities globally.

The LEI data pool – which is publicly available – is essentially a global directory that enhances transparency in the marketplace.

Why are current entity verification processes not fit for purpose?

Current processes have significant manual components and often require the use of multiple databases in which a counterparty may be identified by a different name. Many banks and corporations still use names rather than identifiers, resulting in confusion. As an example, a large bank’s client services division recently found that it had an average of five names—with minor variations in its database—for the same organization. Additionally, commonly used databases, different divisions and IT systems within organizations can all have varying versions of the same entity’s name, making it harder to trace and to link information from multiple sources.

Another example of current inefficiencies is in know-your-customer (KYC) processes, where firms work to verify their clients’ identity by conducting robust due diligence. The lack of consistency and clarity within these processes means that banks spend considerable time and resources on what should be a simple task.

Beyond compliance and regulatory requirements, how can LEIs provide business value for companies?

Our recent white paper released with McKinsey & Company and titled ‘The Legal Entity Identifier: The Value of the Unique Counterparty ID’ identifies two broad areas in which the LEI has business value. Firstly, it reduces transactional and operational friction, both within and among organizations. Secondly, you can easily access important information about the background of a legal entity in a specific transaction. Together these benefits help organisations reduce the amount of time spent on identifying counterparties as well as improving information reliability.

How can LEIs create business value for the banking sector?

To give just one example: In capital markets, the LEI’s primary value is derived from reducing the cost of onboarding clients and middle- and back-office activities related to the processing of stocks, bonds and other securities trades. All such activities could be simplified and streamlined if LEI use was more broadly adopted throughout the lifecycle of the client relationship. The use of LEIs in the onboarding and trading phases of the client relationship would also reduce the time spent on data correction and reconciliation necessitated by inconsistent identification of legal entities.

McKinsey estimates that the use of LEIs in capital markets could reduce annual trade processing and onboarding costs by 10 percent. This would lead to a 3.5 percent reduction in overall trade processing and capital markets onboarding costs, amounting to over US$150 million in annual savings for the global investment banking industry alone.

What message do you have for businesses thinking about getting an LEI in the future?

Introducing the LEI into almost any process with a manual component that requires counterparty identification and verification can result in more reliable information, efficient operations, significant cost savings and a reduction in the time it takes to onboard clients. I would actively encourage organisations to consider the adoption of LEIs in their day to day processes.

Speaker Interview: Johannes Hennekeuser

Posted by

Johannes Hennekeuser, Head of Digitrans, IMTF

How close is the financial services industry to achieving standardisation in KYC and identity authentication processes?

  • In the area of ID authentication we see considerable progress towards standardisation. In many countries, the practice of video authentication is already accepted by the regulator and has been implemented by many banks
  • Initiatives towards a Digital Identification of every citizen have started in many countries and will ease the use of digital (self-) services; among first movers we see Aadhaar in India, and the SwissID in Switzerland.
  • Regarding KYC, requirements are getting more complex and laborious, making standardisation difficult due to differences among jurisdictions. The opportunities here are around automation. IMTF is able to automate processes and information searches successfully with the help of AI and semantic and linguistic technologies.
  • How can firms continue to deliver on their KYC and AML obligations within an increasingly demanding regulatory framework?

  • Only an agile setup that constantly and easily adapts to changes can cope with these requirements.
  • IMTF has built a modular and comprehensive platform that can easily be configured and deployed to increase the adaptability to changing regulations (IMTF RegTech Platform).
  • Banks are often using a variety of compliance systems that neither interact nor offer services (APIs). The IMTF RegTech Platform includes an integration layer that brings together vendor-specific APIs and file-based interfaces with rule logic and workflows.
  • What are the best ways firms can implement new technology to reduce KYC compliance costs while retaining customer loyalty?

    Banks are facing challenges here on all fronts, but a few new technologies can help to
    improve the end customer experience:

    Process Automation:

  • By automating manual work for screening and alert processing and replacing siloed solutions with an end2end vision regarding compliance and risk, your teams and systems can be aligned with your regulatory objectives.
  • Data remediation:

  • Create structured, usable data out of your existing low-quality, and unstructured information spread across multiple systems and documents based on an adequate Business Object model.
  • People:

  • Align, educate and equip staff to handle top-priority tasks where human expertise and decision-making is needed. Technologies such as collaboration tools and adaptive case managers help to ultimately improve the accuracy and efficiency of your people.
  • How can firms turn the compliance burden into competitive advantages?

  • While regulators force banks to increase documentation and background research, the additional data collected can also be used to enhance the customer experience and extend product sales.
  • In the IMTF RegTech Platform, we use advanced profiling to both improve fraud detection capabilities and allow a bank to learn more about its customers.
  • With ICOS/2 it’s possible to do segmentation and peer group comparisons, making it easy to target processes, actual customer requirements and identify opportunities for additional product offerings.
  • A fully digitalized onboarding process with self-service features ultimately improves the bank’s image and reputation.
  • How can firms most effectively limit client impact when complying with the KYC refresh process?

  • Banks are required to collect more data and do background checks, so theoretically this would require additional customer questions and documentation. But, by using certain automation technologies, many of these steps can intelligently be done in the background with little customer impact.
  • IMTF offers a Semantic Search feature that is initiated automatically once an enhanced due diligence is required. Seconds later, it delivers targeted content from commercial lists and the web with guaranteed accuracy and compliance, enabled for use anywhere.
  • Case Managers are extremely flexible and support both routine processes and ad-hoc activities. BPM systems don’t have the flexibility to break out of the pre-defined flows and need to run the customer through multiple loops, but our Case Manager allows you to adapt on the fly while also fulfilling regulatory requirements.
  • Why will you be speaking at Finance Edge’s KYC & AML Summit?

    We are excited to participate in lively discussions on what it takes to “reinvent and support” processes from identity authentication to KYC automation and enhanced due diligence. As a RegTech pioneer with 30 years in the market, we will be sharing our best practices for Client Lifecycle Management, KYC/EDD, and AML.

    Speaker Interview: Timothy Vincent

    Posted by

    Timothy Vincent, Solutions Engineer Manager EMEA, DataStax

    How will the increased use of open APIs shape the financial services market, and how will it impact different market players in both the short- and long-term?

    The increased use of open API’s will impact banking institutions of all sizes, opening up financial services and payments markets to new competitors and service providers. Open API’s will provide new opportunities to make use of banks’ internal data and external market information in real-time and at scale as part of delivering customer services.

    Which activities should banks be prioritising in the wake of open banking?

    To meet the requirements around open banking, consolidation of data should be a priority. By looking at how to manage data at scale, banking IT teams can implement new cloud applications that can meet new customer experience expectations. Without the ability to consolidate data effectively, understand the relationships between the data elements, and achieve all this in real time, banks will find it difficult to implement new services that customers will value and face a potential loss of those customers to competitors.

    What opportunities does Open Banking present, and which commercial strategies will thrive in the new environment?

    Opening bank systems to third party access is a huge risk unless banks organise themselves to leverage data as a differentiator; this is the opportunity. This goes beyond looking at current data sets that are held in individual silos and instead involves thinking about how to use external and internal data sets together. The alternative is to let competitors take this approach. The strategy is to hold the data in an operational data layer to have a 360 view of your customers to better deliver a fully personalized experience in the context of where they are on their journey with the bank right now.

    How can firms overcome the security and privacy concerns associated with data sharing?

    This is a hot topic at the moment with the deadline of having a GDPR compliant strategy looming fast, especially when looking at hybrid cloud or multi cloud architectures. You need not only a data platform that comes with advanced security, encryption, access controls, audit trails, but also the ability to maintain data autonomy. For example, in a hybrid cloud architecture you need the ability to control which data resides on premise and which data resides in the cloud. DataStax has the ability the address this and other data autonomy requirements.

    What are the best strategies to encourage customer engagement?

    Having a customer-centric strategy where an organisation demonstrates that it has robust data privacy capabilities that are to the benefit of the consumer is a major USP that will drive customer engagement.

    Why will you be speaking at Finance Edge’s Open Banking Summit, and what do you hope to get out of the event?

    As a software vendor it is vital for us to be in regular contact with customers and potential prospects in order to better understand current market trends and emerging market requirements.

    Speaker Interview: Steve Boms

    Posted by

    Steve Boms, President, Allon Advocacy and Advisor to Envestnet | Yodlee

    How will the increased use of open APIs shape the financial services market, and how will it impact different market players in both the short- and long-term?

    Open Banking, powered through Open APIs, puts the consumer, who is now fully empowered to use their own financial data to take advantage of whatever products or services they choose, at the center of the financial services ecosystem. In this new, innovation-driven environment, those market players that provide solutions to consumers where they most demand them will flourish, whether they are traditional banks or fintech firms. Incumbency will no longer be a significant competitive advantage.

    Which activities should banks be prioritising in the wake of open banking?

    The first order of business remains ensuring that the APIs that power Open Banking are up and running and reliable so that consumers can fully benefit from the new ecosystem.

    What opportunities does Open Banking present, and which commercial strategies will thrive in the new environment?

    The beauty of Open Banking is that we don’t yet know its full potential; we only know that the benefit to consumers will increase in the long run. Over time, it will enable account information and payment use cases driven by consumer demand that we couldn’t envisage today. Who would have imagined just 10 years ago that we would be able to conduct almost all of our personal banking using a mobile phone? While we can’t know what the technology landscape will look like 10 years from now, the Open Banking ecosystem provides the consumer the right to use their financial data in whatever manner they choose, and ensures that banking services will be provided wherever they will want to use them.

    How can firms overcome the security and privacy concerns associated with data sharing?

    Open Banking is a triumph of collaboration among all of the stakeholders – banks, policymakers, consumers, and fintech firms – to create an ecosystem that addresses the security and liability issues associated with data sharing in the banking sector. Beyond Open Banking – a framework under which these issues have been painstakingly addressed – it is only through this type of determined, exhaustive, private/public sector collaboration that these types of concerns can be adequately addressed.

    What are the best strategies to encourage customer engagement?

    Financial management is an emotionally charged topic. While traditional PFM tools offer consumers the convenience of getting a consolidated view of their finances, they don’t provide personal guidance and recommendations on next steps. This lack of guidance is a key contributor to lack of engagement. Next generation tools that use data analytics and domain expertise to provide contextual education and personalised recommendations have a much higher likelihood of engaging consumers and empowering them to improve their financial outlook.

    Why will you be speaking at Finance Edge’s Open Banking Summit, and what do you hope to get out of the event?

    As Open Banking became a reality in the UK earlier this year, all of us with a stake in its success must ensure continued dialogue. Finance Edge’s Open Banking Summit is one of the best opportunities for such critically important stakeholder engagement.


    Open Banking Summit
    25 April 2018 London

    Steve Boms will be joining us for the Open Banking Summit. This high-level, interactive forum will bring together senior-level professionals from all corners of the open banking space.
    Contact us to secure your place

    Speaker Interview: Abe Smith

    Posted by

    Abe Smith, Founder & CEO, Dealflo

    What is Dealflo’s role in helping financial services companies with the KYC process?

    Dealflo’s cloud-based solution allows financial services companies to fully digitise the transaction of customer agreements that carry risk, such as finance agreements, loans, mortgages, and life and pensions agreements.

    Dealflo’s technology helps financial services companies move from manual or semi-manual onboarding processes to fully automated processes, where a customer’s identity is verified digitally, and agreements are signed electronically. Agreements which are signed electronically require stronger evidence to confirm a person’s identity than would be required if an agreement was signed face-to-face. We give our clients access to various KYC methods to help them balance the need to provide a great customer experience, with the need to mitigate risk.

    How can firms continue to deliver on their KYC and AML obligations within an increasingly demanding regulatory framework?

    Looking at KYC in the context of a completely digital onboarding process, there’s a delta between the minimum you need to be compliant with regulations and what is advisable as best practice. Dealflo help enable our clients to be on the right side of that delta, whilst offering a frictionless experience to their customers. Financial services companies should be looking for KYC processes that assist with compliance and mitigate risk robustly.

    What are the best ways firms can implement new technology to reduce KYC compliance costs while retaining customer loyalty?

    There are a multiplicity of KYC and AML vendors out there, with fantastic technology that can help financial services companies reduce KYC compliance costs and retain customer loyalty. However, the problem many financial services face, is that they do not have the bandwidth or desire to do multiple integrations with multiple providers of KYC services. My advice to financial services companies would be to look for a flexible solution that offers access to multiple KYC methods, so that they can pick and choose KYC methods which are most appropriate for particular processes or products. This will enable them to optimise not just for cost, but risk and customer experience factors too.

    Dealflo has sourced leading technology to address the wide-ranging needs of financial services providers. This enables us to give clients access to the widest array of global identity and verification checks available, all through a single integration, single contract and single API. Dealflo’s clients can pick and choose the best identity checks for them – such as credit reference agency checks, or innovative new KYC methods such as automated document verification, biometrics, facial recognition, IP geolocation or mobile device identity.

    How close is the financial services industry to achieving standardisation in KYC and identity authentication processes?

    The industry is nowhere near a standardisation, nor should it be. Each financial transaction is different and carries a different amount of risk. When you consider factors such as the value of an agreement, the profile of the customer, the method by which the agreement is signed, the extent to which the product/service is regulated, and many more, you soon realise that there is no appropriate ‘one size fits all’ KYC method.

    The goal shouldn’t be a standardisation – it should be to create a flexible and configurable service that can accommodate all these variations and deliver the most appropriate KYC method for each. A ‘platform as a service’ approach allows financial services companies to achieve this.

    Why will you be speaking at Finance Edge’s KYC & AML Summit, and what are you most looking forward to at the event?

    KYC & AML have historically been considered as isolated compliance requirements to ‘get done’, instead of integral steps in a financial transaction. We want attendees to view KYC and AML as steps which produce evidence which is essential to establishing the veracity of an agreement. If identity evidence is integrated into a tamper-proof signed agreement, then that agreement is much stronger if challenged.

    We are attending the KYC & AML Summit to discuss these processes in the broader context of digital onboarding and to help spark new discussion to think about KYC and AML differently. I’m looking forward to discussing and establishing the role of KYC & AML in customer onboarding and seeing where the industry is headed next.

    KYC & AML Summit
    7 March 2018 London

    Abe Smith will be join us during the KYC & AML Summit. This high-level and interactive forum, will bring together senior-level professionals from all corners of the kyc & aml space.
    Contact us to secure your place

    Who can see your data? ☠

    Posted by

    You’ve seen it: high-profile hacks have taken over the news. There’s so much that can be done with data gathered through KYC compliance, but you’re always looking at that dreaded data breach.

    We’ve asked our AML experts for their input on the best ways to prevent any sneak-peaks on client and company information:

    • Decentralise your data – Determine who needs access to what, and enforce it. Don’t give fraudsters an easy grab.
    • Give your clients control of their own information – If they can decide what to do with their information, you won’t be risking open access to any data lakes (or swamps!)
    • Move towards a real-time transaction monitoring model – Catch fraudulent transactions while they happen. Build this into your long-term strategy to stop them before they can disappear.

    None of these will be a one-size-fits-all strategy, but these are all important steps to take in building out your defences.

    If you want to help shape fraud prevention and data privacy strategies, join us at the KYC & AML Summit on 7 March in London. This event will bring top FS executives together to discuss how they are overcoming their biggest AML challenges today.

    Visit the website | See speakers confirmed

    Super Early Bird! Book by 22 December to pay only £599*

    Contact our customer service team on +44 (0)20 3397 7458 or email us on

    Latest News

    Finance Edge’s Weekly News Roundup - Friday 14th December

    Finance Edge Weekly News Roundup-1Read More

    Finance Edge’s Weekly News Roundup - Friday 7th December

    Weekly NewsRoundup-1Read More

    Nail convenience and customer engagement should take care of itself…

    Copy of Weekly NewsRoundupRead More

    Finance Edge’s Weekly News Roundup - Friday 23rd November

    Weekly NewsRoundup-2Read More

    Webinar: Future proofing GDPR compliance

    Copy of Operationalising GDPR complianceAssure line-of-business alignment with GDPR complianceAssure legacy systems 2F data integration to comply with the requirementsAssure compliance is demonstrable to the regulatorRead More

    Top 10 API Threats & How to Prevent Them

    Copy of Copy of Weekly NewsRoundup (3)Read More

    “Legal, regulatory and admin round up sessions were having some valuable insights. Pointing different perspectives on the topics.”

    Figo GmbH

    Event Updates

    Receive notifications of upcoming events and access to exclusive content.

    Receive Updates

    Finance Edge on Twitter

    SWIFT launches new Pay Later API standard version 1 @swiftcommunity #APIstandard #API

    About 3 days ago from Finance Edge's Twitter via HubSpot