We are all about financial IT solutions that are both reliable and accelerate your growth. We do the hard work so you could focus on things that matter most – making best decisions on customer service without thinking about technologies.
Since 1990, we are advancing technologies to meet the future of finance services together with our clients. Our IT solutions and services offer you a hands-free approach: from complex banking systems to simple payments – we have you covered.
Open banking is undoubtedly the 'new black ' for the financial sector today, i.e. one of the most discussed and most promising areas for financial technology development.
In the European Union, Open banking was established in 2018 with the Second Payment Services Directive (PSD2), whose adoption could be compared to a tectonic shock. This Directive has demanded that the classic banks would share customers’ account information with the licensed third-party service providers. The Directive set out the requirements regarding the use of the customers’ consents, the ensuring of security of the services provided, and the regulation of the relationship between third-party service providers and the payment service providers processing the payers' accounts.
The related researches show that the financial data that are open and accessible to third parties can create certain economic value for both consumers and financial institutions. By using the open data, the financial institutions can operate more efficiently, make better use of the resources, prevent fraud, and protect consumer information. Private consumers, small and medium-sized businesses can benefit from less complex, faster, and more convenient financial services using the innovative financial solutions. The McKinsey Global Institute predicts that Open banking products and services could have created even 1.5 percent of Gross domestic product of the European Union by the year 2030.
According to the Juniper Research data, at the end of 2020, in Europe, there were about 12.2 million users of the Open banking services; it is estimated that this number could increase fivefold by the year 2024. The European users comprise 45% of the entire global Open banking market.
Lithuania is one of the EU countries that is chosen by the new financial solution providers (FinTech companies) being encouraged by the PSD2 Directive, for obtaining licences to provide payment initiation, account information, and other Open banking services. The Bank of Lithuania currently supervises about two and a half hundred FinTech companies, more than twenty of which are licenced providers of Open banking services. Naturally, the Lithuanian market is not large enough for the FinTech companies with global ambitions, thus, when considering the provision of Open banking services, the companies evaluate the opportunities to develop beyond Lithuania – in the Baltics or in other regions, where financial institutions belonging to the same groups often already operate.
Forbis is one of the Lithuanian companies developing IT solutions adapted to Open banking. Liudmila Voitova, Director of the Company's Department of Systems and Business Analysis, says that the start of Open banking was not easy: “The first years of Open banking were not easy. The developers of the technologies did not see enough prospects. Financial institutions had many questions regarding the implementation of Open banking requirements, and third-party service providers were challenged to develop new products and integrate with financial institutions, whereas consumers were reluctant to trust the innovations.”
However, with the quickening spread of Open banking, in this market, new opportunities become available and, according to experts, these opportunities can be used by Lithuanians as well.
Speed and security for consumers
Creation of the payment initiation service was the first and the most rapid to spread way of adapting Open banking. The pioneers of this service were payment institutions, which had already provided the business with the solutions based on the principle of screen scraping.
The payment initiation service in terms of its security is equivalent to bank transfers; it is more attractive to businesses due to its price, which is several times lower, and it allows consumers making a payment faster and more conveniently, thus improving the shopping experience. However, Lithuanians have not yet had the opportunity to try out some of the services that could facilitate financial management, stated L. Voitova. “Open banking enables many new services that can help manage personal and business finances. It is perspective at providing lending services in cases when it is necessary to calculate the rating of a borrower or assess the risk of the concluded agreements. Account balance information can be useful in improving the consumer experience when using the payment initiation service – the consumer may be displayed the accounts available in several banks and be allowed to select a payment account on the basis of the available balance. It would be very convenient, because now it is possible to pay only from the accounts of one bank that the consumer has chosen in the first step,” said L. Voitova.
According to the expert, Open banking can also be applied to personal financial literacy training, business consulting, financial risk analysis and mitigation, as the licenced companies can offer personalized advice based on the account information available to them. For businesses, this information also provides an opportunity to better understand the consumers’ money spending habits and to develop new marketing solutions. Undeniably, third-party service providers can gain direct access to personal account information only with the consumer's personal consent.
Untapped opportunities for technology developers and financial institutions
The prospects for rapid growth in Open banking mean new chances and opportunities for financial institutions and technology developers to become leaders in the field. This trend is already noticeable, as investors act more dynamically, the major players in the payment services market are actively interested in the activities of Open banking start-ups. One of the leaders in payment card services, MasterCard, has contributed to the development of the Open banking services by acquiring a Danish start-up that has developed an API connection with more than 2,700 financial institutions across Europe.
“Developing IT solutions together with the Forbis team, we feel that Open banking is a promising area. In response to the situation, we are developing solutions that would allow third-party service providers through the Open banking interface to offer instant SEPA payments, initiate SEPA payments by submitting information via data files, also initiate international payments, standing orders, and future payments. In the nearest future, we will also be introducing confirmation of payments with multiple signatures. This should expand the range of users of the payment initiation service and enable the initiation of payments not only to private customers but also to business clients. We feel the need for innovation very acutely – our team, together with another company of our group, Contomobile, is constantly developing the payment initiation tool, called Conto QuickPay, which is becoming increasingly popular among e-shops,” noted L. Voitova.
However, the expert added that the path taken by the innovators in the field is not an easy one: “So that the third-party service providers could become competitive in other markets, there is needed integration with Open banking solutions of the banks in other countries. And this is not a trivial thing to do, as the API integrations used by banks are different, and each needs to be analysed and customized in order to initiate payments or to obtain account information. Supporting different integrations increases the costs for service providers. The breakthrough would be achieved by moving to a single, standardized XS2A integration layer that would unify the solutions used. These processes could be initiated and coordinated by the EU institutions in charge of supervising banks.”
The information systems operated in financial institutions collect and store particularly sensitive data, this is why supervising authorities pay special attention to their reliability and security. Quite often, financial institutions not daring to deal with the compliance challenges alone rely on third parties providing IT services. Rūta Šiaučiulytė, Head of the Division of Legal Counsel and Compliance in the Forbis Company operating in the field of banking technology for almost 30 years, advises on how to choose a reliable information technology and software supplier that would facilitate routine operations and simplify the compliance processes.
The business activities of the Lithuanian financial institutions are defined by a wide range of legal acts – starting with the resolutions of the European Central Bank or the Bank of Lithuania and ending with the GDPR (General Data Protection Regulation) and the documents defining the AML (anti-money laundering) requirements. In order to achieve the overall sustainability and reliability of the financial system, not only the direct activities of banks, credit unions or other financial service suppliers are regulated, but also there are set requirements for IT systems and management thereof, i.e. for the tools used by financial institutions in their day-to-day operations. Then again, regulatory legal acts do not usually define specific technical requirements, but identify good industry practices that should help the institution to ensure the required level of security, regardless of the scope of activities, the technologies used, and the functions delegated to third parties.
According to Rūta Šiaučiulytė, Head of the Division of Legal Counsel and Compliance at Forbis, formal compliance with legal requirements is an important, but not the only criterion for a financial institution when choosing an IT supplier. “The third parties, from which the financial institutions acquire core IT systems, are considered critical suppliers, and it is therefore necessary to comply with the legal acts that specify how to choose IT suppliers and manage the services they provide. However, our many years' experience shows that not just formal compliance is important for success: the higher the ambition of the financial institution, the higher the requirements it should have for the experience of the future partner. IT provides can prove their competence with conformity certificates issued by recognised institutions and with the customer feedback,” said R. Šiaučiulytė.
Similar to companies operating in other fields, the IT system vendors can obtain ISO (International Organization for Standardization) certificates, confirming that the companies apply good business management practices as defined by the international standards. “When working with the financial institutions of various sizes – from banks to financial technology start-ups – we are convinced that one of the main criteria when choosing an IT supplier is confirmation obtained from independent certification bodies that the company pays due attention to the service quality, risk management, and information security. Therefore, both Forbis, developing IT banking software, and Fininbox, another company of our group, providing software rental (SaaS) solutions to financial institutions, have ISO/IEC 27001 certificates regarding the international information security management. Besides, the management systems that meet the requirements of ISO/IEC 20000 service management and ISO/IEC 9001 quality management standards also help to manage Forbis business processes. Moreover, specific market standards are very important when developing IT solutions – IT developers must follow the requirements of OWASP and other IT security standards, guidelines of NIST and other organizations, constantly check the security of the developed products, and allocate sufficient resources for staff training. Only the day-to-day application of good practices and a holistic approach to the development of IT systems can make one sure that the product being created is of the highest quality and security,” commented R. Šiaučiulytė.
It is also important that the IT systems supplier not only would manufacture and implement the product, but also would guarantee that its errors are eliminated, and the product is upgraded, as regulatory or financial institution needs change. “The reliability of IT suppliers and business continuity are essential for the customers to receive all the necessary services smoothly and on time. International standards oblige us to constantly monitor and improve business processes – in our opinion, they show and establish the trend for fair, clear, and efficient activities. The market and the requirements are changing very quickly, thus, a lot of effort needs to be put into maintaining of a high level of the processes’ quality and into constant update of the certificates,” said R. Šiaučiulytė.
The compliance expert encourages financial institutions that are now considering what supplier to choose, to pay attention to the company's history: duration of the activity, the implemented large-scale or complex projects, and the customer feedback, which will best reflect how the supplier's customer service team will work after entering into the agreement, whether deficiencies will be eliminated promptly, and what solutions the company will be able to offer in non-routine situations.