Much has been written – both in our blog and elsewhere – about the many barriers to achieving the meaningful and sustainable digital transformation needed for businesses to operate in the challenging business conditions prevailing in the early 21st Century. From organisational structure to culture, from leadership to skills, these barriers span most elements of the modern corporation and many aspects of its operations. Despite this, however hard and piecemeal the journey, provided that there is a solid business case for doing so, business leaders are often able to find ways of addressing these barriers – sometimes with the support of external experts untainted by ‘business as usual’. But even the most valiant corporate heroes of digital change, however strong their superpowers, are stumped by the kryptonite of regulation and its oft-invoked corollary, risk. Whether it is data privacy in the EU, the Works Council Act in Germany, post-2008 societal strengthening in the US and UK financial markets, or many more, regulation often exists for very sound reasons – but it also provides a near-perfect hiding place for those wishing to sandbag change, whatever their motivation. In banking, the regulatory hiding place, as it relates to digital transformation, is becoming very narrow indeed – ironically, as a result of more regulation, this time in the form of the revised Payment Services Directive (PSD2) due to come into force in 2018. The original PSD was first adopted by the EU in 2007, providing a legal framework European payments aiming to increase the speed and usability of payment services, but PSD2 – with its emphasis on web-based technical standards, APIs, transparency and increased competition – will blow the competitive payments field wide open, forcing even the most culturally-conservative and technologically-retrograde banking institutions to come to terms with the brave new world of FinTech. In line with the spirit (if not the letter) of PSD2, the UK’s Competition and Markets Authority (CMA) recently published its retail banking market investigation report, which concluded – among other findings – that established banks were not competing hard enough for customers, to the disadvantage of new market entrants. In response, one of the CMA’s key reforms is to require banks “to implement Open Banking by early 2018, to accelerate technological change in the UK retail banking sector. Open Banking will enable personal customers and small businesses to share their data securely with other banks and with third parties” – in other words, the adoption of PDS2. Ready or not, PSD2 is coming and it will drive significant, lasting digital change across the banking industry – effectively mandating the revolution promised by thousands of FinTech startups and digital transformation evangelists in the past few years. As the CEO of the Financial Conduct Authority said in June, part of the role of regulation is to support the growth of vibrant markets: “if you want an increase in numbers on the pitch to translate into an effective increase in competition, there must be demand-side reform. Consumers must have the power to discipline the market”. This is not the first time that the combination of regulation and technology standards have spawned great market opportunities, of course. The growth of e-commerce on the Web is the most glaring generic example, but – closer to home – the implementation of the Pan-European Public Procurement Online (PEPPOL) standard for e-invoicing and e-procurement to the public sector has significantly accelerated that industry’s growth, to the benefit of suppliers and buyers alike, and is perhaps not a bad model for the regulation of PSD2 to follow. Unsurprisingly, PSD2 is still seen with a good degree of perplexity – if not downright suspicion – by many in the banking industry, not least given the limited presence of web-tech savvy leaders among the higher echelons of management. For example, a recent PwC survey of executives at 30 major European banks found that “the overall response … to PSD2 is one of uncertainty: although 68 percent of bankers fear that PSD2 will cause them to lose control of the client interface, many … remain unsure how to respond … As a result, they are adopting a defensive, wait-and-see stance that is risk averse. In contrast, there are a few banks – and more third-party providers and FinTechs – that are embracing the possibilities of open banking and pursuing strategies aimed at winning a leading role in the future. They are not waiting until the implementation of PSD2”. In many cases, there are some good foundations upon which a workable PSD2 strategy can be built. Visionary banking CTOs have for years been arguing for the creation of Web standards-based interoperability and customer data exchanges, and in some cases some great work has gone into implementing key elements of the vision of IT/IS as a corporate ‘app store’. At the same time, banking CMOs have been pushing the ‘what would the Web do?’ mantra in an attempt to better join up customer journeys and provide enhanced online experiences to banking’s retail clients. These efforts have, to date, been localised around specific functions, products or markets, whereas PSD2 will force branch-and-root reforms across whole institutions, but the some of the key human resources and skills already exist in-house in many institutions. They should be brought together and given a wide-ranging mandate to experiment and iterate with PSD2, which in itself would advance innovation significantly while de-risking future deployments. This also requires a shift in the way that banks have historically implemented ‘compliance’, away from a narrow product and service focus, towards a more holistic view of digital transformation and banking itself, as Cortet, Rijks & Nijland have argued: “PSD2 is not ‘just another regulation’ requiring a mere operational and compliance approach, but an accelerator of the already on-going change in the fabric of the – digitisation prone – financial industry”. A key part of the PSD2 work to be done will need to include embracing the realisation that, as Lee Bryant put it some time ago, “Products are no longer fixed objects to be designed and mass produced over a comfortably long lifecycle. Data + services + experience are becoming more important than the underlying hardware in many product categories, and we are seeing the rise of products as platforms, which in some respects requires companies to also become platforms.” Using ‘platform thinking’ as a filter, banks will have a better frame of reference for deciding what PSD2 means for their business model, their possible responses, and the challenges and opportunities that this provides. In summary, although there are some key technical first steps for all to adopt – e.g. handling open API, strong authentication, agreeing industry-wide standards, etc. – and some players are way ahead in the technological race, banks must also dedicate time and resources in the immediate term to evaluate how well their organisational structure, culture and ways of working lend themselves to a not-too-distant future in which ‘everything’ is a service and customers can perform hitherto-closed transactional banking processes using a range of providers, which may exclude established banks altogether.   If you want to find out more about how to kick off a meaningful digital transformation process inside your banking organisation, please head over to our dedicated financial services page, or just get in touch for an informal chat on how we might be able to help.