Most banks are full-service banks that control every aspect of banking in-house, that is they control the entire value chain of the customer experience and use their own infrastructure. Recent regulations have forced banks to open up this infrastructure to third parties (API’s, or application programming interfaces, specifically), particularly regarding account information and payment initiation services. The U.S. the Consumer Financial Protection Bureau (CFPB), via section 1033 of the Dodd-Frank Act passed a new rule in October and since then bank boards have been assessing how to embrace it along with considering its data privacy issues.

Open banking is a practice of allowing consumers to access and share their financial data from different financial institutions through secure digital platforms and it is designed to increase competition, innovation, and transparency in the financial sector. As one example, open banking could provide consumers with the ability to aggregate all of their financial data in one centralized dashboard.

Since banks still make their money in traditional ways (e.g. loans, deposits and fees), open banking could provide the solution to the creation of other product or services lines. Net interest income—a measure of the difference between what a bank pays on deposits and earns on loans— makes up the bulk of revenue in banking. So, as interest rates rose in the past couple years, loan demand decreased making it even more obvious that banks needed to diversify their product offerings. Generally, banks use business models that rely on high amounts of scalability and given this changing context, they will experience cost pressure due to decreased volumes.

A good place for boards and managers to start is to consider what data they have and how to use data gained from opening up the banking infrastructure to third parties – particularly regarding account information and payment initiation services. What we do know is that, at least for the time being, the data required to be shared does not include algorithms used to derive credit scores or other risk scores or predictors.

Still, banks can use this data to find out what other services or bank accounts customers have at other banks. Perhaps this can be used for integration of new services – given that banks tend to focus on a limited line of services. For example, can the data assist in applying for tax credits on products that might require loans (e.g. electric vehicles, solar panels, energy efficient window for residential or commercial customers). This is the type of strategic decision making that bank boards will need to provide to the top management team.

Another opportunity is the use of robotics. According to a recent McKinsey study the ‘ideal’ business process for deploying robotics processing automation (RPA) is mature, stable, repetitive, optimized, rules-based, and often high-volume.  This accurately describes the banking industry. And because of the nature of the data banks have, they can use both sensing and predicting aspects of machine learning (ML) and could provide both security and more digital product or service opportunities.

Since as part of the new open banking rule, banks would need to authenticate the consumer’s and the third party’s identity before disclosing any data, it’s a likely place for robotics too. At some point RPA will be used to authenticate both the consumer data request and the third party alongside banking professionals’ own knowledge and expertise.

At the same time using natural language processing (NLP) could perhaps root out some of the perceived bias in lending (and the tendency for machines to overlook case by case nuances in customers). For example, banks can use NLP techniques to help capture urgency in text – maybe those applicants who are concerned about their credit worthiness. Working alongside the robotics, bank personnel can be trained on certain words and expressions that denote negativity or discontent. Banks can then prioritize both the most important applications and those that may be on the riskier side. In fact, RPA-based banking robots can take control of the system (mouse and keyboard) actions, including clicking & opening applications, sending emails, and copy-pasting information from one banking system to another.

The primary aim of RPA in the banking industry is to assist in processing the work that is repetitive in nature. Ideally this automation will help banks and financial institutions increase their productivity by engaging customers in real time while also saving time and reducing errors. Still, RPA is an extensive process requiring robust employee training, structured inputs, and governance.

A bank’s reputation is directly related to the trust it has garnered through the protection of its customers’ assets. As open banking becomes increasingly used, banks must ensure that participating third parties can’t damage their reputation in the marketplace. Might this involve prediction models for determining the quality of the API along with that of the customer? Banking and more broadly the entire value chain of financial services requires security, privacy, and compliance. Therefore, assessing an API’s quality will need to develop beyond technical and functional aspects to include legal, operational and governance aspects – which could reduce banks’ overall risk.