PSD2 - Product Suite and Solution
“Open Banking is about making everything for sale. It provides a new way to increase digital revenue for the banks that are willing to think differently...Open Banks and FinTech's will continue to erode margins and customer relationships for those banks that don’t.”
What is Open Banking and the effect on Banks
Financials Services Offered through TPP’s
Financial services will be delivered through third parties using open source technology (APIs for example) that are integrated into traditional banking infrastructure
Game Changing Regulation for banks
It’s not only a regulatory compliance and technology challenge, but also a strategic and operation one. Meeting the challenge requires a clear strategy, operations and infrastructure change, a clear focus on assessing and managing risks and meticulous execution
New Entrants, Strategic Ambition and Positioning
Opening bank’s payment and account information dramatically shift the competitive landscape. Direct engagement with customers no longer an advantage for the banks but to be shared with FinTech's, Technology Firms, Retailers and Telecommunication Providers
High Level Snapshot Overview
- Content and Context aware data processing
- Orchestration of data flows from API Gateway to/from back office applications
- Support for JSON, ISO 20022, Custom formats
- Handling of API request status notifications
- Fully audited processing of in and outbound messages
- Platform deployment agnostic
- Integration via RestFUL APIs or in-house mechanisms via existing ESB/Middleware
- Easy to configure new transformation mappings & 24X7 Operation , Highly Scalable to handle any data volume/size
- Provides single platform to address PSD2 regulatory compliance
- API Middleware & Management Framework
- API Bridge integration to Core Banking
- Secure Development Portal & Sandbox
- PSU Consent & Fulfilment Modules
- SCA Integration with Online Banking
- ASPSP’s TPP Onboarding Portal
- Risk Management Dashboard
- GRC Framework on PSD2 & Consultancy
- Risk Assessment & Cyber Security audit through our Strategic Partners
Our Offering
- Project Management & Consultancy – PSD2 Lifecycle
- Secure, Scalable API Middleware to comply with CMA – FCA external TPP ecosystem
- Developer Portal, Sandbox, Risk Management Dashboard, Incident Management and Reporting Framework
- Ongoing Consultancy as more changes are expected in the next 3 years by FCA & OBIE
- Risk, Operational & Compliance Governance framework and assistance offered through our Strategic Partners
- PSD2 Compliance Audit to certify the solution according to FCA’s requirement offered through our Strategic Partners
- GAP Study and Remediation Framework by Senior Consulting team ( UK & Offshore)
PSD2 Technical Landscape & Our Product Feature and Offering Presentation
| Annual Recurring Licence Cost - SAAS (Software as Subscription) Model | ||
|---|---|---|
| 1 | API Gateway and Management Layer Integration (30 plus end points) plus TPP Onboarding Platform. This will be constantly upgraded as more RTS version release | On Request |
| 2 | Sandbox to test Bank’s Test Environment on accessing API’s by TPP. This is part of the March 2019 FCA Compliance requirement and ongoing integration with future RTS versions. | On Request |
| 3 | Developer Portal along with API Kit for TPP’s to Test and Integrate with Bank’s API Gateway. | On Request |
| 4 | Consent Authorisation and Management Secure Portal, FCA reporting Dashboard on incident management | On Request |
| 5 | API – Bridge Implementation with Core Banking Solution. Require high level of engagement with CBS API End Points. | On Request |
| 6 | GAP Study on Bank’s ASPSP readiness including Phase-gate analysis in achieving compliance. Includes detailed project plan with stakeholder responsibility and key deliverables (12 days). | On Request |
PSD2 Project as a Turnkey Implementation (Optional) – ( Banks can opt for this option where Macro Global will take full responsibility of project execution with the satisfaction of FCA and sign off with less resource requirement from Bank.)
| One-Off Cost | ||
|---|---|---|
| 7 | Project Management through MACRO GLOBAL’s PMO Team (Split into 4 weeks initially and another 12 Weeks from March 2019 to August 2019 to complete the entire integration) – Senior Consulting team – UK Resources with 15 years of Payment and Regulatory experience | On Request |
| 8 | Mandatory Risk Assessment and remediation based on FCA-EBA guidelines SUP-98(2) – (5 weeks engagement.) – Using both onsite and offsite resources. | On Request |
| 9 | Consultancy for offering strategy and plan for phased integration to achieve compliance and scaling up for future business Oppurtunities as an aggregator by providing AISP & PISP services. (As required but usually takes 15 days and spread across to four quarters) | On Request |
Our Strategic Partners ( Risk Assessment and Mitigation )
Our Strategic Technology Partner for GRC framework, Happiest Minds ($60 Million turn over company - https://www.happiestminds.com ) can offer their expertise in assessing the risk around the PSD2 implementation landscape based on a fixed price cost for 5 weeks engagement using both offsite and onsite resources. The deliverables will be clearly defined in their proposal which is attached separately and we will take complete responsibility in delivering the report to Bank’s satisfaction. MACRO GLOBAL will project manage completely and make sure Bank fully satisfied with the results and further co-ordinate both Bank and HM towards successful completion of the PSD2 compliance assessment with full report on remediation plan. The cost quoted above for carrying out the Risk Assessment on PSD2 perspective following FCA-EBA guidelines SUP-98(2). Pls refer (FCA-EBA-Guidelines and requirement on Periodical Risk Assesment.pdf) enclosed which demands mandatory audit as part of the project. An early assessment is a must and to be reported to FCA by March 2019 part of Rep 18 reporting. HM consultants are ISO & CISO certified and already carried out numerous audits in UK for various clients. (Reference can be provided upon request including use cases and contact details)
Our Strategic Partners ( Cyber Security Assessment and Reporting )
Cyber Security audit part of PSD2 project will be carried out by our Strategic Technology Partner – Ardilla Consulting Group https://www.ardillaconsulting.com on a T&M basis. Our Cyber Security Practice assists companies in assessing their preparedness to counter cyber-attacks and recommends how to plug any gaps that are identified. We audit all of the information relevant to cyber-security in Bank including security policies, processes, data and all supporting infrastructure. We then produce a detailed report which identifies weaknesses in your current systems and recommends the best solutions. The report includes an executive summary for the Board, which estimates the effort and cost to implement the recommendations. This arms you with the information you need to put risk mitigation strategies in place. The process is carried out by our consultants who have a minimum of 15 years of experience in cyber information and security. Further, they have worked on projects across banking, investment management and government. Our consultants comply with both international and domestic standard practices, including those set by the Centre for Internet Security (CIS) and the National Cyber Security Centre (NCSC). The audit will be carried out in-line with the NCSC 10 Steps to Cyber Security, which incorporates the latest information security management standards (ISO27001). Our mission is to form long lasting and trusted relationships with your customers by providing highest level of confidence on your brand. Helping Bank to succeed in its Business Strategy by reducing risk around cyber security. We strongly suggest to engage Ardilla for Cyber security Audit considering their business knowledge combined with years of in-depth expertise around cyber security. We will take full responsibility of arranging comprehensive audit and necessary remediation plan and make sure all the deliverables are achieved to the fullest satisfaction of Bank.