INNOVATE. TRANSFORM. DELIVER.

March 2018 - workshop “API Governance & Service Integration”

CETIF - DIGITAL BANKING HUB

20/03/2018

2CONFIDENTIALGFT GROUP

Our approach to Digital Transformation

20/03/2018

3CONFIDENTIALGFT GROUP

Challenge remains!!

4CONFIDENTIALGFT GROUP 20/03/2018

BECOME A DIGITALLY MATURE FINANCIAL SERVICES

Strategic Model Real-time Model Life journey Path Core banking Path

There is no one perfect digital transformation planning process, each one should customize the best approach to suit the culture of its members and their current technological and organizational situation.

Ideal for companiesthat have enoughresources to pursuevery ambitious visionsand goals, externalenvironments arestable, and currentlydon´t have a largenumber of issues toaddress.

Issues-based Model

This model worksbest for organizationsthat have very limitedresources, severalcurrent and majorissues to address, andvery little buy-in tostrategic planning.

It suits especially forcompanies whobelieves that changesare too often andrapidly for long-term,detailed planning toremain relevant.Therefore planningshould be donecontinuously, “in realtime”

This path transformorganizations totailor /prioritizeservice experiencesto the expectationsand habits ofindividual users. Itsuits with flexiblecompanies that wantto continuechallengethemselves.

Ideal for companiesthat wants to evolveto a Bank as aPlatform, designing anew functional mapthat allows toevaluate eachinternal domainseparately andtransform itindividually.

STRATEGIC APPROACH TACTICAL LEVERAGE

Digital approach

5CONFIDENTIALGFT GROUP

Digital transformation? – the 4 pillars

20/03/2018

SCOPE OF ACTION

Based on the experience of previous models, we believe that in order to carry out the challenges of digital transformation in the financial industry it is necessary to focus the model on four areas/pillars:

• Customer Experience ( customer centricity)• Open Organization (collaboration)• Process Optimization ( operational efficiency)• Data management ( data driven)

An in-depth review of each one allow us to face the technology challenges and found answers to the needs of customers, partners and employees.

“Building the bank of the future it is aboutbeen more digital, diversified, adapted to thenew environment and well positioned for thelong term.”

Market places

New business models

Crowdlending, P2P payments

Digital On-boarding

Chatbots

Robo-advisor

Blockchain

Audit and trace

user activity

Smart regulatory &

compliance reporting

Anti-Money Laundry

Identity & Fraud

Robot Process

Automation

Smart alertsSocial networks to

credit score & risks

front off

ice

back o

ffic

e

Core

Banking

Loans´ approval

VR & AR

Environments

Home

Assistants

Recommendations

engines

Biometrics

signature

New incomes with non

financial services

Customer 360º

Open API

Fraud analytics

Trading patterns

REAL-TIME MODEL aligning four challenges, making tangible and driving by a JOURNEY PATH

“Accelerating company transformation designing a

company at 2 speeds prioritizing Customer Journeys“

R E

G U

L A

T I

O N

6CONFIDENTIALGFT GROUP

Digital transformation? - the 4 initiatives

20/03/2018

Augmented

Banking

Open

Banking

Automation

Banking

Cognitive

Banking

Augmented Banking Open Banking

Cognitive Banking

Enhance customer´s relationship with new contextual interactions providing personalized advices.

Combined services from banks and other suppliers to offer higher added value to the

consumer than separately.

Integrate and analyze the relevant data to present hypotheses, arguments and recommendations that are unique.

Automation Banking

Pair intelligent automation with banks organization to adjust the way employees work and type of they do.

Exponential Banking Initiatives

Business challenges in conjunction with technological advancements are disrupting the industry, the answer to this question allow us to define four initiatives that seems the beginning of a visionary era of hyper-banking.

7CONFIDENTIALGFT GROUP 20/03/2018

Augmented

Banking

Open

Banking

Automation

Banking

Cognitive

Banking

Augmented Banking

Business challenges in conjunction with technological advancements are disrupting the industry, the answer to this question allow

us to define four initiatives that seems the beginning of a visionary era of Exponential Banking

Open Banking

Automation Banking Cognitive Banking

Intelligent

Interfaces

Intelligent

Algorithms

Intelligent

Solutions

Intelligent

Process

Automation

Robotic Process

Automation

Digital

Solutions

Augmented

Solutions

Open APIs (Marketplaces)

Bank as a

Platform

Modular Banking

Channels /

Architecture

AR/VR

Computing Vision

IoT

Web / Mobile

CPA

RPA

BPM

Bots

BaaS, BaaP

Blockchain

APIfication

Microservices

Machine Learning

Deep Learning

NLP

Bots

Mainframe Optimization/ IT

platforms Downsizing

Digital Process

Automation

The 4 initiatives: open banking

8CONFIDENTIALGFT GROUP

Open Banking - Key Assets (Tangible Uses Cases)

20/03/2018

Augmented

Banking

Open

Banking

Automation

Banking

Cognitive

Banking

Augmented Banking

Uses Cases involve in different Customer Journeys is the best way to make tangible and understand which expectations and

challenges are covered to customers and business benefits

Open Banking

Automation Banking Cognitive Banking

PFM / BFM

New ways Payments

Biometric SignatureDigital Onboarding

Digital Branch

Extended Mobile

Immersive Experience

New Interaction ways

Mobile experiences Digital Architecture

Aggregated APIs

API IAM

API GovernanceAPI Management

API Development

Bank Store

New Banks

Mainframe downsizing Mainframe Optimization

Banks Platforms

Agile Banking

API Solutions (PSD2)

Video / Messaging

ClassifierCategorization

Cognitive algorithms

Chabot Virtual Assistant

Insight / OpportunitiesObject identification

Robot AdvisoryAI Lab

Augmented Reality

Operational efficiency

Reduce Costs Accelerate timing

Reduce Errors

Intelligent decision making

Connected Apps

9CONFIDENTIALGFT GROUP 20/03/2018

Internal API

Core Banking

BANK DOMAIN

Proprietary

Apps

BANK DOMAIN

Proprietary

Apps

Core Banking

open API

Third party

Apps

BANK DOMAIN

Banking

Ecosystem

Unified API

Layer

Fintech

Neobanks

Traditional

Bank or

Spin-off

BANK DOMAIN

Banking

Platform

PLATFORM

Open Modular Bank (BaaS) Bank as Platform (BaaP)

Integrate external services and

aggregate multiple APIs from

external providers.

Open Banking Platform

New business models and accelerate

digital strategy

Unified API

Layer

CloudCibersecurity

Blockchain

Bank(Private API)

OPEN BANK

Closed Bank as traditional model. Use APIs as a channel for own bank

products. Expose bank services

through open APIs to third Party

developers.

Define the API first (Channels)

Open your API to others new entrants

in the competitive space (Api Market)

A unified API layer for the whole

system provides access to the

world ( Aggregator & Distributor)

Provide a complete platform to

develop a new bank (Platform)

Financial Data

Non Financial

ECOSYSTEM

Cloud

APIs APIs

Open Bank (Open API)

Cloud

APIs

Modernize Core Banking, mainframe

optimization or downsizing

Evolution

Open Banking - Evolution

10CONFIDENTIALGFT GROUP

API Governance

INNOVATE. TRANSFORM. DELIVER.

GFT’s framework

11CONFIDENTIALGFT GROUP

The three pillars of an API strategy

Definition of the digitization process to anticipate

and face the new banking business needs of the

coming years.

API Advisory for

Assessment and

Prioritisation

API Governance

Framework

API Design,

Implementation and

Architecture

Assessment of impact on legacy systems

12CONFIDENTIALGFT GROUP

What is an API ?

API should be seen as a Business Product

An API can be considered a contract between a

provider and a consumer

Its specification describes the functions it performs

or services it offers and the data each requires and

returns

An API specification is separate to its technical

implementation

The API definition is global yet can have local

implementations

An API abstracts the service from the back-end

systems involved

API Definition

13CONFIDENTIALGFT GROUP

What is an Open or Public API

What is an Open API?

An Open API is an API where the design

and technical implementation are suitably

robust and secure for external

consumption

An Open API approach to all API design

provides the organisation with the choice

to expose any banking capabilities as a

service (BaaS) to any consumer (owned

channels, as well as digital apps, third

party systems, fin techs, etc.)

BaaS

User Interface

Engagement APIs (e.g. BFF)

API Definition

API Implementation / Middleware

Core/Legacy systemsCountr

y

specific

Consum

ers

(AP

I Consum

er)

Countr

y

specific

Serv

ice

(AP

I Pro

vid

er)

Glo

bal

Main

FrameCRM BPM ...

API Gov

14CONFIDENTIALGFT GROUP

What isn’t an API ?

API shouldn’t be seen as

A way to scale your application

A technological challenge for banks

A synonymous of Mobile App

API Definition

15CONFIDENTIALGFT GROUP

Scope of API Governance

20/03/2018

API Gov Scope

Interface

Requirements

SW Service

Definitio

n

De

velo

pm

en

t

Execution

Monito

rizatio

n

(monito

ring)

Development status

(Country + Version)

API Catalog / Doc

Dev Portal

Consumer App’s Mon

API Mon

Deployment status

(Country + Environment + Version)

PaaSTech Arch

Robust governance should not constrict innovation. It must foster a collaborative community to enable the organisation to try early,

learn fast and scale easily, exploiting the maximum business value offered to the intended audience.

16CONFIDENTIALGFT GROUP

Reference Process & Roles

Documentation

Implementation interfaces

API Consumer SDK

Samples server

API Definition Validation Releasing Execution Decommission

API

Supervisor

Contributors

Contributors

.

.

.

Development

Process

Automatically

produced

GOVERNANCE

Global

supervision

Discussions

17CONFIDENTIALGFT GROUP

The value of GFT’s API Governance Framework

Governance Process Design

API’s life cycle definition (Global/Local)

API’s conceptual model for the governance:

Working model and governance for the internal open

source Club

Club control model

Artifacts: Roles (Global/Local), Committees, centres

of excellence

PoC Implementation

Development of a PoC based on the selected tools and

following the defined model:

Implementation of a base suit of tools to make it

understandable

Training for the in house teams

Benchmark of the Tools

Tool’s benchmark to follow the defined workflows

Functionality analysis

Recommendation

Blueprint Definition

Best practice definition for financial API design

Recommendations, examples, and accelerators

Joint design of the first APIs together with the client teams

Implementation of the complete life cycle and governance for

a certain number of verbs and endpoints

18CONFIDENTIALGFT GROUP

How do you setup?

API as a channel?

How do you structure the organisation and people?

How do you scale?

How to monetise the API?

How to run the API?

From API definition through to implementation?

What is the implementation reference?

What is the process to release to Production?

What are the considerations toward PaaS?

Programme loading

What are the correct sizing of teams for implementation and execution?

What is the impact on legacy?

What is the Open vs Internal API approach?

What are the security considerations?

Topics you need to consider…

19CONFIDENTIALGFT GROUP

Interesting patterns

API architecture

20CONFIDENTIALGFT GROUP

Definitio

nTech Arch

Scope of API Architecture

20/03/2018

API Gov Scope

Interface

Requirements

Service

Execution

Monito

rizatio

n

(monito

ring)

Development status

(Country + Version)

API Catalog / Doc

Dev Portal

Consumer App’s Mon

API Mon

Deployment status

(Country + Environment + Version)

PaaS

Robust architecture should not constrict innovation. It must foster collaboration, knowledge sharing and services reuse to enable the

organisation to implement early, learn fast and scale easily, exploiting the maximum business value offered to the intended audience.

SWDe

velo

pm

en

t

21CONFIDENTIALGFT GROUP

CQRS - architecture patterns #1

Stands for Command Query Responsibility Segregation.

At its heart is the notion that you can use a different model to update information than the model you use to read

information. For some situations, this separation can be valuable, but beware that for most systems CQRS adds risky

complexity.

The mainstream approach people use for interacting with an information system is to treat it as a CRUD datastore.

In the simplest case, our interactions are all about storing and retrieving these records.

22CONFIDENTIALGFT GROUP

CQRS - architecture patterns #1

Source: ThoughtWorks

© Martin Fowler

23CONFIDENTIALGFT GROUP

Shaping the future

of digital business DIGITAL BANKING HUB - “API Governance & Service Integration”

20/03/2018