As banks open up, Centana invests in tech firms

Investors are increasingly focused on European regulatory changes that will mandate better connections between banks and technology companies.

Financial institutions are looking to partner with companies that can offer security, data management and development tools to comply with the Payment Service Directive (PSD2), which focuses on application programming interfaces and other open means of data sharing.

"The regulators in Europe have mentioned a number of technologies," said Eric Byunn, partner at Centana Growth Partners, a venture capital firm in Palo Alto and New York. "We believe it will be a medley of technology as companies seek a layered approach to authentication."

Centana in finished raising a $250 million fund this year, and is seeking companies that can deliver digital payments and other financial services for a market that will increasingly support mobile commerce, partnerships between fintechs and banks. It did not announce PSD2-specific investments, though Byunn said APIs and open banking are a global trend that transcends Europe. Centana's recent investments include Jumio, a company that provides web-delivered identity and onboarding technology that Centana owns outright; and One, a cloud-based software and payments technology company that has clients in the insurance industry.

The cloud, open development and onboarding tools should get a boost from PSD2, with mandates that banks make it easier to share payment data with fintechs in Europe. But it's likely to have an impact in other markets as banks rapidly add cloud-based software development kits and APIs to improve authentication, data management and payment execution.

"The biggest impact will be the opening up and increased transparency for data via APIs," Byunn said. "That was already a trend, but PSD2 provides a shove forward, and we expect the most changes in technology from that."

Accenture predicts that as much as 16% of payments in Europe may be executed by third-party fintechs by 2020 under PSD2, creating a substantial market for technology that can connect these fintechs to banks.

"APIs are a hot topic in most countries," said Gareth Lodge, a senior analyst at Celent's banking group, adding Nacha has set up a task force on API standardization even though there's no direct PSD2 equivalent regulation in the U.S. "We're predicting a number of different impacts from data management, but not just PSD2. [General Data Protection Regulations] has big impacts on data management as well and not always consistent with PSD2 or other regulations. There will be, as with other regulations, an increase in spending as banks struggle to meet the requirements."

The changes are substantial enough for the European Commission to announce, about a week ago, a implementation period for APIs that will run until September 2019 to provide a longer period to support APIs for data sharing and to provide extra payment security for certain transactions. This transition will boost a focus on APIs, ID security and other open development and web-delivered technology that was already underway in the payments industry, Byunn said.

That means companies that can deliver biometrics, facial recognition, or other types of authentication that can supercede static ID such as usernames and passwords will draw attention from investors, as will companies that can use APIs to make it easier for banks to install interfaces for new payments functions or data sharing.

The PSD2 regulations mandate APIs over screen scraping, an older process to power personal financial management services that will not be allowed under PSD2.

"Nobody ever liked screen scraping, so this provides a good framework to avoid it," Byunn said.