[WSO2Con EU 2018] WSO2 Open Banking, So Good I Bought it Twice
Independent Architect / Consultant
Golden Switch Limited
WSO2 Open Banking:
So Good, I Bought it Twice
About myself and why I’m speaking today…..
I’m an independent architect and/or consultant. (WSO2 don’t pay
In recent years I’ve provided services within the financial industry,
in-part facilitating digital related initiatives and PSD2 compliance.
This led to two organisations choosing to implement WSO2 Open
Today I’m looking to share my experiences.
Who are WSO2? How I discovered them.
● September 2016, WSO2 held a Meetup on “Future of
Enterprise Integration: Micro Integration”. I wasn’t
busy so attended. So impressed I attended the
November 2016 and February 2017 meetups.
● In 2017 I was working with a financial services client
looking at Digital Transformation. Upon creation of
a suitable Target Reference Architecture and
analysing the gap between it and the current state,
it was obvious we would have to mix legacy systems
with new digital platforms and would need a new
integration strategy. We ran an Request for
Proposal process where we included WSO2 along
with “better known” vendors.
Open Banking Implementation 1
Suffice to say, WSO2 won the previously mentioned RFP contest.
Why? Some of the reasons include:
● Commercials – WSO2 were cheaper when comparing apples for apples.
● Proposed solution fit – The apples they were proposing were exactly what we were
● Confidence – The proposal had shown they understood our requirements, going
beyond and suggesting amendments and alternatives.
● Product alignment – WSO2 platform products were a good fit for the Target
● They were aware of their competitors strengths – Probably the worst question ever to
be asked is “Where are X, Y & Z competitors stronger than yourselves?” only vendor
● Approach - Was engineering first, sales second.
Open Banking Implementation 1
The approach to PSD2 compliance (and Open Banking) was born from the greater
Digital Strategy, although compliance would need to be achieved before Digital
Transformation would be realised. It would be important that the approach would:
● Not compromise customer security or the security model of the current Online Banking System.
● Align to open standards, to aid in development and delivery efforts.
● Did not hinder possible future migrations, even including the possibility of replacing the
implementation of the new vendor with minimal disruption to customers.
● Contribute towards the new Target Reference Architecture, enabling further digital transformation
● Re-utilise existing customer authentication artefacts, creating the basis of a future SSO platform
with minimal customer disruption.
● Provide compliance in regards to the Banks existing offerings.
WSO2 proposed approach and the Open Banking standard met all these objectives.
Open Banking Implementation 2
At the start of 2018, another financial services client had approached me to aid them in
the technology deliverables associated with PSD2 directive and the Strong Customer
Authentication (SCA) Regulatory Technical Standard (RTS).
The start point was very different from that of the previously shared story. The client did
not have a Digital strategy at the time, the priorities here would be commercials and
Also by this point, every man and his dog were offering an apparent solution to PSD2
and SCA compliance, many looking for that first Banking client to deploy the solution
with very attractive commercials.
With acknowledgment that there maybe a digital strategy at some point in the future, an
expandable, platform type solution would be preferred but not at the expense of
Open Banking Implementation 2
It was also acknowledged by the client, internal governance may slow down progress
and the availability of internal resource may be a limiting factor. It was decided to hold a
“Request for Quotation” competition, to be able to get an “Apples for Apples” comparison
Suffice to say, WSO2 were one of two vendors which had won the RFQ contest.
Although (again) I can’t go into specifics, some of the reasons included:
● Commercials – WSO2 were slightly cheaper when comparing apples for apples.
● Proposed solution fit – The apples they were proposing were exactly what we were looking for,
even though this was different to the previous engagement.
● Confidence – The proposal had shown they understood our requirements, going beyond and
suggesting amendments and alternatives. They were also one of the very few companies that had
actually implemented an open banking solution in Europe.
Why Open Banking UK Standard?
Why consider using the Open Banking UK Standard? After all there are other options:
● NextGenPSD2. (Berlin Group).
● STET. (France & Slovenia).
● PolishAPI. (Poland).
● In house creation.
At the time of implementations, Open Banking UK Standard has provided the best fit to
requirements within these examples. (Also being the most mature standard at the time
rather than merely providing a framework). This will also aid those organisation when
applying for Backup Interface Exclusions or if there is divergence between the PSD2
directive and Payment Services Regulation post Brexit.
Open Banking UK Standard is not a perfect fit for all scenarios.
The approach has to fit the circumstances, though WSO2 Open Banking solution can
Are we too late?
● Organisations procurement and technology processes.
● Under the Strong Customer Authentication Regulatory
Technical Standard, Account Servicing Payment Service
Providers will need to make the technical specifications of their
access interfaces available to TPPs by 14th
March 2019. This
includes providing them with testing facilities.
● The FCA consultation paper (CP18-25) is pretty much a carbon
copy of EBA advice + preferences around Open Banking UK +
Confirmation of Payee.
● Application for Backup Interface Exclusion.
You have work to do and you need to start now!
● If you need to go through typical procurement process, go
straight to “Request for Quotation” over RFI and RFP. Keep the
● Review very quickly and get your budget request in fast!
● Legal, contracts need turning around quickly.
● Where possible, stick to the agreed design.
● Make sure you are ready for delivery in advance of it starting.
● Testing and Service Introduction, don’t wait until delivery is
But remember, the cakes are on a first
come, first served basis
Frequently Asked Questions
Q: Richard, can I hire you as a clown for my child's birthday party?
A: Clown, Consultant, not that different surely?
Q: Richard, I really feel like I missed out on the other two sessions
running in parallel to yours, will they be available online?
A: Yes, they will be available at https://eu18.wso2con.com and
probably on the WSO2 Youtube channel.
Q: Richard, can I add you to Linkedin?
A: Yes, just search for Richard Smith, I’ll be somewhere in the
More information on WSO2 Open Banking Solutions at
Thank you from WSO2 and myself.