Investor Meet is a podcast in which we present two of Sirma Group’s leading financial services and innovation experts who shared their experiences and business recommendations. Alexander Stanev(AS) is the CTO of the financial industry, and Merdihan Ismailov(MI) is the VP of Solutions and Products for Fintech Institutions. They discussed the hottest topics in the industry related to using Artificial Intelligence in banking services, open banking, embedded finance, the latest changes to the PSD3 and DORA directives, and the EU’s mandatory instant payments initiative. Our colleagues offered recommendations on how organizations can intelligently use the data silos to create new products or tailored solutions.
Here is a summary of the discussion, which you can follow in the podcast (the discussion is in Bulgarian).
An active “democratisation” process of financial products and services has been underway for a decade. This has been led by the European Union, which adopted the Payment Services Directive (PSD2), effectively introducing open banking. Is Bulgarian business benefiting from the opportunities of open banking, or is it lagging behind global trends?
AS: Like any other area, open banking regulation varies from country to country. Open banking in Bulgaria is at a European level, with almost all banks having well-established working interfaces to access their services. Based on this model, we see a gap in implementing as many services as possible. Open banking enabled the creation of many innovative fintech solutions developed in countries such as the Netherlands, Belgium and Germany which do not use card infrastructures for payments for all kinds of goods and services. However, this is still lacking in our country, but there is already a critical mass of banks, and we will soon see developments in this direction.
MI: I agree with Alexander and would like to add that we will see many solutions oriented towards a complete alternative to card payments. We expect a boom in account-to-account payments combined with instant payments. Regarding accessibility and availability of banking interfaces, the Bulgarian financial sector performs well compared to the European average, although it lags behind the Nordic countries. On the other hand, there is room for improvement regarding the data used by third parties - in particular, data organisation and availability. The local regulator has played its part, with the BNB mandating third-party payment service providers to undertake rigorous tests of all interfaces, resulting in recommendations on addressing the existing inaccuracies.
AS and MI stated that the banks in Bulgaria are ready for the requirements of the European directives because even before the regulation came into force, they realized the advantages of this type of payment and are already practising them. The second payments directive is an effort by the European Union to create a playground on which innovation can take place - it provides a basic mandatory level of compatibility between European banks on which innovation can be built. This is exemplified by the boom of the fintech industry in Europe since PSD2 came into force, which is no coincidence and is due to these regulations.
Are Bulgarian banks ready to adopt instant payments (IP)?
MI: Instant payments have been offered by banking institutions for quite some time, and the market and the demand for competitive advantage are the main driving forces. European banks are ahead of regulations requiring the community to make instant payments mandatory. Regulation is necessary to push some more traditionally oriented banks that have been slow to adopt instant payments and have not realized the potential of introducing this payment way.
How can clients protect themselves from unintentional mistakes when using instant payments?
AS: Several risk mitigation mechanisms are in place to protect customers from errors in the process. Obviously, with instant payments, the amount ordered is transferred to another account within seconds and can be transferred to other accounts in a very short time. To reduce the risk, a so-called look-up process has been introduced for the execution of payment transactions. The aim is to protect the person making the transaction from unintentional or technical errors, so this type of payment is also made by replacing the IBAN with, for example, a phone number, QR code, NFC, link, etc. Banks must develop specific mechanisms to protect and authorise instant payments, i.e., the payer’s additional insurance. These systems are not uncontrolled; they have a set of detailed rules for reacting to this type of misdirected transaction.
MI: One of the main innovations introduced by PSD2 was the 2FA requirement, which is mandatory for all institutions. Two-factor authentication applies to all online payments, and the new PSD3 version adds payee and account/IBAN name matching for transfers. Again, the focus is on consumer protection and trust in the payment system.
Embedded finance is among the most discussed topics right now. Name some use cases in people’s daily lives.
AS: The new third version of the payment directive will undoubtedly extend the scope to additional types of transactions, especially in the direction of embedded finance. These will allow players to innovate, regardless of which market in Europe they offer their services in. This unique approach allows for innovation to be introduced where needed without the financial institution taking the lead. It may only appear in the final part of the consumer journey, but it is an essential part of the value chain for the consumer. I’ll illustrate with an example: payment choice when buying a product online. If you choose any electronics from an online retailer’s website, the most general user path is as follows: you visit the site, browse the offerings, choose a product, and in the final steps of checkout, your payment options appear – choice of card, cash, bank, or third party. When you choose a bank, a window opens with the corresponding interface, and you go through several steps related to the customer approval procedure for consumer credit, such as an instalment purchase. The loan is approved in minutes. Once the bank confirms, the online merchant receives a notification, and the money is released. The item has now been sold on an instalment plan to the consumer under the terms of a consumer goods loan with instalment payments. This scheme applies to almost every product category, from appliances to automobiles to home purchases.
MI: I strongly agree that EF is one of the most discussed topics in the industry. Particularly in the evolving concept of the IoT (Internet of Things). In addition to consumer lending, interesting applications of this method are analyses of consumer behaviour and habits. Even more important touchpoints that should be analyzed are payment history, purchase frequency, and customer preferences. The results can be used to create loyalty programs or offer add-ons and services based on payment or transaction history data. These services do not need to be confined within a single institution. Let’s go back to the consumer leasing example. You can immediately offer insurance on the relevant goods an external organisation or third party provides. In addition to embedded finance, we have the concept of utilising available open data. PSD3 has also launched the process of approving the regulation on open data (FIDA). This will allow third parties access to data on credit and savings accounts, insurance, pension accounts, etc. This means that we can make even more personalised offers for each customer based on this volume of data.
Big companies have accumulated massive data sets. What is the best way to utilize data and derive economic benefits? What are the challenges of data monetisation?
AS: I believe there’s a misunderstanding about “data monetization”. Some individuals see it as “selling data, ” a flawed concept. Monetization involves using advanced algorithms to analyze behaviours, customer sentiments, predictions, and segmentation. Major online retailers use this approach, and financial institutions can also adopt it to customize their offers and interest rates. This represents an expansion of the ability to provide relevant analytics to enterprise customers and the chance to establish a marketplace for anonymized data. The EU has imposed strict regulations on the processing and management of personal data, and banks in Bulgaria strictly adhere to compliance requirements, so concerns about data ‘misuse’ are unfounded.
How is artificial intelligence changing banking, and what new opportunities and risks are emerging in the sector as a result?
MI: AI is being used to utilize data, especially for monitoring and preventing unauthorized transactions. AI and machine learning (ML) solutions can be employed to detect and prevent suspicious transactions and unauthorized access in near real-time. While AI has the potential to offer robust solutions, humans will make the final decisions.
Financial institutions have about half a year (until January 2025) to reflect the rules under the new EU regulation on operational sustainability of digital technologies in the financial sector DORA in their processes. Which companies are covered by this regulation, how does this affect their development, and will Bulgarian companies be able to meet this deadline?
AS and MI: Banks have been taking measures for their operational stability for many years and have built up control and reporting systems, so they are largely prepared for the new regulation. The big challenge will come for their sub-suppliers, who will also need to ensure their systems are compliant. More than 20 types of institutions fall under DORA - in addition to banks, also pension companies, insurers, investment firms, and even crypto-investment companies. The goal is to create uniform standards across the financial system, and currently, banks are much ahead of other players in the sector.