Peter Klein, co-founder and CTO of FinLync.
Electronic bank account management (eBAM), the process by which all bank account management is automated through the use of software, seems like a no-brainer in theory. Opening new bank accounts, adding or removing signatories, changing limits or closing accounts with the click of a button sounds like a simple enough idea. Combine this with seamless and real-time connectivity between businesses and banks thanks to APIs and you can imagine the potential added value for tellers. Other areas of cash management have seen huge improvements by leveraging banking API technology, whether it’s accessing account balances in real-time or initiating a payment and getting instant feedback on its status and whereabouts.
So why has eBAM failed to catch on so far, despite the terminology that has been around for years and the clear added value for businesses and banks?
Compared to the previously mentioned processes, the market still lacks APIs for bank account management. Standard XML files based on ISO 20022 Account management specifications (acmt) are the most that banks can offer today, and while they do offer them to some extent, adoption is slow. Despite the huge interest in solutions from tellers, they have to deal with tedious paper-based processes that require multiple back-and-forths with each individual bank.
The main challenge for the development of eBAM is the legal framework that banks must adhere to. KYC (know your customer) regulations put the onus on banks to verify the identity of their customers to prevent bad actors from accessing their services. As critical as verifying a customer’s identity is, it can lead to a slower onboarding process, blocked resources, and verifying an ever-growing pile of documents. This makes digitizing certain aspects of account management processes difficult.
Enter APIs as a secure and direct communication channel connecting companies and banks. Upon establishment of connectivity, a set of keys (public and private) are exchanged in addition to other methods of authentication. Therefore, all information exchanged via APIs, by definition, dramatically reduces vulnerability to external fraud compared to legacy file-based connectivity such as host-to-host and SWIFT. Encryption prevents anyone from accessing the secure channel except the previous parties: corporate on one side and bank on the other. The information passed back and forth cannot be manipulated, as is the case with file-based communication, which may even be stored (temporarily) by an intermediate party. It’s safe to say that any information passed through an API can already be treated as trusted.
With all that being said, there are some extremely valuable services that banks can already focus on today to facilitate painless deployment of their eBAM capabilities.
1. Start by focusing on the account report
Account reporting (as opposed to processing, opening and closing processes) is a low-effort, relatively easy way to solve many of the pain points organizations face today. Even though it’s the simplest use case for eBAM, companies spend time and energy just getting and keeping an overview of all their bank accounts—especially after mergers and acquisitions—along with their signatories and limits. Making all of this available at the click of a button will save time and resources for both tellers and banks.
2. Strive for geographic coverage
Global treasurers want seamless global multi-bank capabilities. The integration effort to create eBAM capabilities across domestic banks and across multiple countries is a hurdle to overcome. We are seeing different API specifications for different regions/countries, even within banking groups for other APIs such as account balance queries, and we are sure to see a fragmented market once eBAM API adoption takes off. Often, fragmented solutions arise from legacy systems and legacy ways of thinking, which take time and change management to overcome.
3. Focus on Account Processing
For banks looking to integrate more sophisticated solutions, the next step in eBAM capabilities is processing account information directly from the ERP/TMS. Not all information can be treated equally: Signatures still need a way to be sent to the bank (even digitally). However, simple information such as limits or contact details can be processed via API, given the already established trust relationship created by creating the bank’s API in the first place. All changes must be logged and safe for review.
4. Enable the removal of old signer accounts
Another common use case in account management is to remove old account signers. Once you have an overview of all signatories according to an account report, the next step is to remove the old ones from employees who may have already left the company. This is critical and urgent, especially for audit purposes. Therefore, this should be a central process. Removing a signatory should work in a centralized manner, meaning that the teller only removes one master data entry, which triggers the process of removing their signature from all applicable bank accounts.
5. Review the authentication process for signatory accounts
Historically, most banks store physical or digital signatures of copies of all account signatories, which cannot be transmitted via API. Given the low level of security that signatures already provide, banks should consider updating their authentication processes to a (more secure) private password to increase security across all processes. While addressing these concerns requires more complex solutions, they will enable API-backed signer updates with little friction.
When looking at the long-term prospects for eBAM adoption, opening and closing bank accounts will remain the most complex process to fully digitize. When you plan to develop this process, it makes sense to focus on companies with an existing (trusted) banking relationship that reduces KYC pending processes. Ultimately, API integration creates an extra layer of trust. While this ultimate stage of eBAM undoubtedly creates value for businesses and saves time for them and banks, it is not an everyday occurrence. Compare that to the time spent compiling a full account list, and it becomes easy to focus on lower-hanging fruit first.