The Need for Core Banking Software
Would you agree with me that financial institutions need channels to deliver their products and services to consumers?
Historically, financial institutions have relied on in-person interactions; requiring members to visit branches in order to open accounts, access loans, and savings products amongst other offerings.
Given the advancements in technology and ease of access to internet-enabled devices, financial institutions now favour a digital, self-service approach that not only provides instant, round-the-clock access to products and services but improves customer experience and reduces operational costs.
Choosing a core banking software for your credit union, microfinance bank or FinTech organisation is one of the most important decisions you will make as an organisation. The banking application would be the face of your organisation and the key service delivery channel, particularly in a digital-first, post-pandemic era.
Traditionally, this decision is made mainly by the board of directors of credit unions based on marketing presentation by software vendors, with cost being the major or only factor in some cases. In other cases, there is little input from the IT team or external independent analysts.
This is why you find many organisations with banking software that come with the following challenges:
- They do not fulfill the desired functions or requirements of the credit union
- They are too expensive to maintain
- They are not scalable / Difficult to enhance
- Bad customer experience / Not user friendly
- Compliance issues
- Compatibility issues
- Data Protection & Cyber security concerns
How then do you make the right decision when choosing your core banking software application?
15 Features & activities to consider
- Open Banking Architecture
- Artificial Intelligence – Transaction Monitoring, Anomaly detection
- Security by Design – Strong Customer Authentication
- RegTech & Built-in Compliance
- Mobile & Contactless Payments
- FX & International Money Transfers
- API Integrations
- Card payment Infrastructure
- Penetration Testing
- Digital & Cryptocurrency Integration
- Customer interactions and Chatbot
- eCommerce & Marketplaces
- *** Product development roadmap
- *** Technology stack
- *** Costs
1. Open Banking
In 2015 Her Majesty’s Treasury put into force the open standard for Application Programme Interfaces (APIs) and data sharing in UK Retail Banking (commonly referred to as Open Banking) as a measure to increase the opportunity for competition in the retail market with the ultimate aim of improving outcomes for customers of the UK banking industry.
This initiative covers 3 main areas:
1.The release of reference information via Open Data APIs.
- Branch and business centre locations, opening times, ATM locations
2. The release of specific product information via the Open Data APIs
- Product prices, All charges (including interest), Features and Benefits, Terms and Conditions and Customer eligibility
3. The release of Personal Current Account and Business Current Account transaction sets via Read/Write APIs.
- Access to account information at the request of a customer by a third-party provider
- The Initiation of a payment from a customer’s account at the request of a customer by a third-party provider.
About Open Banking
- Open Banking enables Account Servicing Payment Service Providers (known as ASPSPs) including banks, credit unions, and building societies, to allow their personal and small business customers to share their account data securely with third-party providers.
- This enables those third parties (TPP) to provide customers with services related to account information such as product comparison or payment initiation using the account and product information made available to them.
- This is achieved by the development, maintenance, and publication of Standards for Application Programming Interfaces (APIs).
- APIs are an established technology that uses defined methods of communication between various software components; they are used by many well-known online brands to share information for a variety of purposes.
Benefits of Open Banking for Customers & Banks
- Give customers greater access to their data
- Increase competition and Value creation for customers
- Improve Overall Customer Engagement with Open Banking APIs
- Increase Digital Revenue with Open Banking APIs
- Banking-as-a-service: Open Banking Strategies with API-led Connectivity
- Creation of new revenue streams
- Provides a sustainable service model for traditionally underserved markets
- Centralization of services
- A number of governments & Central banks are implementing the Open Banking framework
2. Security by Design
Strong Customer Authentication (SCA), Compliance & Risk Management
Security should be a key consideration throughout the platform. Your banking application should feature several consumer safety and security measures as standard, in compliance with the Strong Customer Authentication (SCA) under PSD2, GDPR and other regulatory requirements.
The SCA requirement
The use of two independent sources of validation by selecting a combination of two out of the three categories multi-factor authentication.
- Something you know (e.g. PIN, password)
- Something you have (e.g. Card/phone)/
- Something you are (e.g. fingerprint, iris scan, other biometrics)
Some Security by design features
- Biometric authentication: fingerprint access, Iris scan where supported on mobile devices.
- Two Factor authentication: Mobile One-time password verification for certain transactions.
- Email & telephone verification on registration/onboarding.
- Encrypted personal PIN and password protection
- KYC: ID verification, proof of address, real-time photo (selfie). Rigorous & Regular KFC, AML, TF checks & reviews
- Device, Connection, and Location identification protocols
- Advanced Checks & Authentication when using new devices.
- Analysis of the device and connection interacting with the platform on each login
- Behavioral Analytics powered by AI: Monitor user habits and transaction history, continuously verify the consumer is who is expected
- Passive (Invisible) Biometric Verification: Allow trust in the human, not just the device, using sensory inputs from the real-world
- Real-Time Trust: Aggregate data from all behavioral interactions across the board. Real-time photo of payment card for credit card transactions.
- PUSH Notifications, Text / Email alerts for all account transactions
- User Access Management
Biometric Authentication
- Biometrics can be divided into three main categories of characteristics: biological, morphological, and behavioral.
- Biological biometrics relate to human DNA. Each person has a unique DNA code that can be identified upon examination.
- Morphological biometrics include different human body characteristics and can be used for various purposes, including the authentication of an individual based on these characteristics.
- Behavioural biometrics in the context of authentication refers to the use of technology to analyze the way users behave and interact online to assess whether they are the person they claim to be.
Implementing Biometric Authentication
- Fingerprint Recognition
- Facial Recognition
- Voice Recognition
- Retina Scan / Eye Pattern Recognition
3. Mobile & Contactless Payments
- Mobile app deployment on iOS & Android at the least
- NFC & Contactless payments
- Digital Wallets
- Peer-to-Peer payments
- eCommerce / Point of Sale
- Mobile Authentication, SCA, 2FA, Multi-FA,
The Future of Payments
Possibilities Created by Mobile & Open Banking
- The increasing availability of mobile phones – which is anticipated to rise over the coming years – has led to new possibilities with regards to mobile payments and transfers.
- Digital wallets, integrating billing, and in-app payments are all facilitated through the fast-evolving smartphone.
- These mobile payment solutions are examples of open-loop systems, which facilitate consumers’ access to the existing network-ecosystem, by improving the connection between the customer and the point of sale through a mobile device (World Economic Forum, 2015).
- It will be cashless.
- Payments will be increasingly automated and invisible.
- The industry will be increasingly about customer interaction.
- The process will be driven by data.
- The transparency of financial data will allow for increased access to loans.
- The technology will be built on available infrastructure, thus reducing the cost of transactions.
4. Artificial Intelligence Ready
- Behavioural analytics / Behavioural biometrics
- Transaction Monitoring
- Anomaly detection
- Geolocation tracking
- Biometric Authentication
- Fraud prevention
5. RegTech & In-built Compliance
- eKYC – Tiered and automated KYC
- AML / PEP / Sanctions Checks
- Continuous KYC / AML monitoring
- Liveness checks
- One-click reporting
- Capital requirements monitoring
- Other in-built regulatory compliance based on jurisdictions
6. FX & International Payments
- You will find that a number of your customers/members make or receive international money transfers.
- International payments and money transfers could be a huge source of revenue for the organisation.
- Your members/customers travel around the world and should be able to access their funds from anywhere in the world and in any currency.
7. Card Payment Infrastructure
- At the least, the core banking application should support card integration VISA / Mastercard / AMEX etc.
- Smart Debit Card features: Users can control debit cards from the banking app in real time. Disable card, activate card,
- Authorise online card payments in-app
- Compatibility with Apple Pay, Google Pay, Samsung Pay etc
8. eCommerce & Marketplaces
- Market place (offers & wants)
- Alerts for advertisement matching personal interests
- Member directory
- Messaging module
- Brokering / agents
- Business referrals and transaction qualifications
9. Technology Stack
- This looks into the technology with which the core banking software was built.
- It is important to avoid legacy software (Outdated programming languages, tools, frameworks, and methodologies).
- Some modern programming languages are more versatile, AI & data-friendly.
- A functional, object-oriented technology stack should be favoured.
- The tech stack/framework determines the scalability of the core banking software
Backend | Frontend | Mobile |
Java | JavaScript / HTML / CSS | Native Android Java |
Python | Angular | Native iOS Swift |
.NET / C# / C++ | React | Flutter |
Ruby | Vue | React Native |
Haskell | jQuery |
10. Digital Wallets & Crypto Integration
- Digital wallets are very convenient to modern financial service consumers
- All you need is your phone to make a payment. Apple Pay, Google Pay and other Digital Wallets.
- Cryptocurrencies such as Bitcoin, Ethereum, and other stable coins are increasingly becoming the preferred payment method of choice for many consumers.
- Governments are now creating their own digital currencies. E.g Dcash by the East Caribbean Central Bank.
- A Modern Core Banking software should support integration with crypto and other digital currencies as they spring up.
A number of central banks (Bank of England, East Caribbean Central Bank, Central bank of Nigeria etc) have developed or are developing digital currencies. CadaWada has been designed with an open architecture to allow easy integration of future payment options.
Some crypto asset and digital currency use cases are described below:
- Crypto to Cash Exchanges: Allow users to liquidate their cryptocurrency to cash and withdraw into their digital wallets or bank accounts.
- Point of Sale Crypto Transactions: Allow users to shop in-store or online and pay via digital currency. The recipient can receive funds via crypto or instantly convert them to cash and pay into their bank account/wallet.
- Crypto Transfers: Transfer of supported cryptocurrencies to other users.
11. Penetration Testing
- This is not a feature, rather an activity that should be undertaken before proceeding with a core banking software.
- Due to the cost, you may not be able to do this for all applications in consideration, rather this should be done once a decision has been made to go with one vendor.
- It involves a specific type of test undertaken by third-party professional, ethical hackers; typically using a mix of automation testing tools and manual practices to simulate an attack.
- Penetration testing (or pen testing) is a simulation of a cyberattack that tests a computer system, network, or application for security weaknesses. These tests rely on a mix of tools and techniques real hackers would use to breach a business.
- Other common names for penetration testing are white hat attacks and ethical hacking.
12. Product Development Roadmap
- Sometimes, it may be tricky to find a software vendor with all the features you need. A compromise may be reached if you have some of the features.
- You should request a comprehensive product development roadmap (PDR) to show what the vendor plans to add to the core banking application in the coming months/years.
- In some cases, the PDR should form part of the license agreement / contract to ensure the vendor lives up to its obligations.
A high-level product development roadmap sample for FinTechs
13. API Integration
Application Preference Interface: Utilising a Network Innovation Approach
API is the acronym for Application Programming Interface, which is a software intermediary that allows two applications or computer programs to talk to each other. Each time you use an app like Facebook, send an instant message, or check the weather on your phone, you’re using an API. It is a type of software interface, offering a service to other pieces of software. A document or standard that describes how to build such a connection or interface is called an API specification/documentation.
Network Innovation
Your banking software should focus on leveraging on partner networks and external data channels to drive its value creation for consumers.
“APIs have become a key enabler of digital transformation and agile business, driving massive revenue generation for small and large organisations”. [Forbes 2019]
Open banking APIs
These APIs would provide a link between the PFM platform and the user’s bank account. It will enable performance of a number of functions such as:
- Account Login: Provide consent and access to bank account to enable third-party app identify users.
- Confirmation of Payee: Conform with KYC/AML by ensuring all payments come from the same account name as the registered user.
- Status of Payments: Monitor the status of all account funding and redemption payments. More to follow
Blockchain / Crypto Exchange APIs
These APIs would enable the PFM carry out a number of transactions in relation to Crypto/digital currencies.
Payment Processing API:
This will enable the platform receive bitcoin payments and convert this into cash for investments.
Exchange Rate API:
Real-time data feed to display market rates for FX & crypto currencies
KYC/AML APIs
Integration of third party APIs would also facilitate the quick, compliant onboarding of consumers.
Other Partner APIs
The PFM platform will also create networks with third party financial product providers, consuming their respective APIs end points to provide product information, market performance data etc.
- Currency / FX rates APIs
- Supplier & Partner APIs
- Payment Gateway APIs
14. Cognitive Assistant / Chatbot
- AI Powered Chatbot / Cognitive Assistant to provide 24/7 customer services
- Voice Technology integration – Siri, Google, Alexa
- Chatbot integration with 3rd parties.
- Carry out transactions on Facebook, Skype & WhatsApp via API integrations
15. Costs
- The cost of the application can be a major determining factor.
- When analysing the costs and ROI, it is important to consider other tangible benefits that require features which may influence the cost
- It is important to measure the value that the software will create for people society and the business.
- It is also important to analyse all possible ways of implementing a core banking software with all the desired features at the lowest possible cost.
CORE BANKING SOFTWARE IMPLEMENTATION OPTIONS
OPTION 1
OPTION 2
Buy off the Shelf
- Use straight off the shelf
- Customise an off the shelf software to suit your needs if you have access to source codes.
OPTION 3