I. INTRODUCTION

The introduction of PSD2 (Revised Payment Service Directive) with the backdrop of GDPR (General Data Protection Regulation) in Europe is posing a serious challenge to financial systems in Asia and other countries in the region (Sibois, 2017; Choi, 2017; Snoek, 2018; Roules et al., 2017). Specifically, with the launch of PSD2 in 2018, banks’ monopoly on their customer’s account information and payment services is about to shrink as it allows bank customers to use third-party providers to manage their finances. In the near future, one would be able to utilize various services of fintech or other vendors to pay his or her bills by making P2P transfers, whereas banks can utilize fintech to analyze customers’ spending. This will significantly foster the growth of the digital economy as it allows more active transactions beyond national borders within the jurisdiction. On the downside, banks are obligated to provide third-party providers access to their customers’ accounts through open APIs1 (Application Program Interface), enabling third-parties to build financial services on top of banks’ data and infrastructure. Such requirement is a provoking element in the current Asian banking system, where large banks have traditionally enjoyed their predominant position in the financial market.

Unlike the situation in the European counterparty, Asian fintech firms would also face coordination failure because of its existing fragmented financial and legal system and lack of any viable coordination mechanism or proper governance that would encourage incentive-compatible participation for a broad spectrum of participants. For shocks, there is a powerful growing trend emerging from outside, but responses to such trend have been disappointing. The system yet remains largely fragmented and isolated, if not coordinated, without valiant efforts to change accordingly. With the global fintech movement, the payment ecosystem in Asia is especially undergoing pressure for change; however, consensus within the region on how to cope with such change is barely detected. Asia as a region remains sluggish in preparing for the future in terms of not being aggressive in laying the necessary foundation for market-driven changes for the PSD2.

The academic base of this paper can be traced back to industrial organization and competition theory, where the insight of Tirole and Rochet (2003) has been playing a more significant role in the “platform economy.” As connectedness transforms market dynamics toward the multi-sided market, the balanced development in the future ecosystem must remain sustainable. Therefore, legacy institutions with massive market power should strive to remain part of the ecosystem by being more open and collaborative with possible new players. Likewise, fintech and other new entrants can only survive in this new environment given the help of the legacy institutions by gaining required access via a set of APIs. This is due to huge entry barriers manifested as capital requirements and other setup costs when starting a business. The sweeping changes of digital transformation also force existing players to remain more open and collaborative as it is the only viable choice for them to survive going forward.

In reality, the majority of Asian countries are heavily influenced by bureaucratic decision-making while their diverse cultures and discrepant legal systems are hardly amenable to foundational change: especially any kind of disruptions that encroach upon incumbent’s market positions. As it stands, there have been only isolated efforts to engage digital transformation in Asia. Despite a lack of coordinated efforts and preparations, authorities in Asia are grappling with serious pressures that force them to change without any mutually agreed blueprints or roadmap (Mahowald et al., 2016). In short, Asia, compared to the European region, is constrained by its constricting legacy, legal, and regulatory barriers as well as a lack of region-wide roadmap to make a coordinated effort (Eisenach and Soria, 2016). In 2018, investment in fintech companies in Asia hit 22.7 billion US dollars across 372 deals, but banking regulators are still cautious about granting market access (Pollari and Ruddenklau, 2019). In essence, while European countries are taking full advantage of PSD2 to transform itself toward a digital economy, Asian countries are currently at a deadlock situation as they face numerous administrative and cultural obstacles such as complicated regulatory processes and bureaucratic society.

Fortunately, some Asian countries have the option of utilizing its existing centralized payment infrastructure to “reconnect the dots” in a decentralized manner. Dots indicate the legacy capital market infrastructures, e.g., Korea Financial Telecommunications and Clearings Institute (KFTC) that enable fast settlement of all digital transactions in a centralized manner. Reconnecting the dots implies the adoption of a more inclusive approach of opening API to engage lots of new entrants in the market to formulate a broader ecosystem for payment, clearing, and settlement (PCS). Explicitly, it is about re-wiring existing legacy institutions to enhance the efficiency of the fast-evolving regional financial network in an increasingly connected environment as dictated by the PSD2 or its equivalents. It becomes increasingly clear that existing legacy infrastructures in its current form can veer off the course as technological disruptions and their inability to cope with core governance continue to get exacerbated. With existing mandates, legacy infrastructures are essentially trapped in a golden straightjacket because the prevailing conditions are most favorable to new antithetical entrants while being disruptive to them. For instance, the so-called clearing network for small payments established by the commercial banks in Korea or Vietnam could provide necessary API services to potential startups, so that they can implement payment and remittance services to expand their client base in the region. In other words, Asia could make use of its existing legacy infrastructures to become more interconnected within the region by widening the ASEAN network and be better prepared for the digital economy. By allowing themselves to be more open and accommodative, KFTC has shown the possibility of legacy institutions remaining as a vital part of the digital transformation.

There are not many studies that dwell on possible strategic choices for Asia as a region in response to the PSD2. In contrast, Europe has conducted a number of studies and reports that analyze the contents and scope of PSD2. For instance, large consulting corporations like Ernst & Young (Fritsch et al., 2018) and Deloitte (Tomlinson et al., 2017) already published analysis reports that articulate how the PSD2 will change the European banking ecosystem. The white paper published by the Deutsche Bank is another one, which highlights the changes made by the PSD2 and how the PSD2 will change the EU payment market (Deutsche Bank, 2016). However, there have not been many studies that examine PSD2’s impact or related case studies about open API, and the other related studies notably lack in Asia. Thus, this paper is the first attempt to highlight the highly successful cases represented by one of the local cross-border remittance services. By utilizing the prevailing key API infrastructures in the market, even small fintech startups can help clients enjoy better services with minimum service charges. In contrary to the prevalent beliefs, legacy infrastructures can actually be beneficial for digital transformation. What matters is how we connect the dots. By reconnecting the dots openly and collaboratively, digital transformation can be made to benefit broader participants in a sustainable manner.

The rest of the paper consists of comprehensive analyses of PSD2 implications; it then presents a case study on how the existing infrastructures work as alternatives. The subsequent analysis touches on the interoperability across the region gained from this choice, and the final chapter contains an overall summary and conclusion. Hopefully, the paper would shed light on possible roadmaps for the ASEAN+3 concerning its progress of digital transformation on a greater scale.

1)Open API allows developers to use a specific software product in various ways, for example, fitting it into third-party projects.

II. CHALLENGES POSED BY THE PSD2 IN EUROPE

The PSD2 has been a great medium to trigger changes essential for the digital transformation in Europe. By allowing diverse players in the most protected and regulated areas of PCS, consumers enjoy enhanced welfare and expect significantly improved scalability of digitized commerce and activities. Europe is going through a major transition due to changes in key regulations such as the Banking Act. However, it should be noted that Asia cannot take similar steps due to the lack of legal and regulatory preparedness and capacity. Unless some re-wiring is undertaken, Asia faces dimming prospects for digital transformation as the gap between disruptive technologies and legacy-friendly regulations only widen under the silo-ed superstructure of governance.

Here some of these evolutionary undertakings by the European authorities need to be introduced as a part of PSD2. Based on a single European currency since 1999 and Single Euro Payments Area (SEPA) established in 2014, the European Union (EU) has promoted competition and innovation of electronic payment systems while ensuring their security through regulated consumer protection and the Payment Service Directive (PSD) as of 2007. As the emergence of new payment services is changing the environment around payment markets, European authorities implemented the revised Payment Service Directive (PSD2).

The primary change of the PSD2 is the scope of applicable subjects. PSD, which offers Euro payment services, was only applicable when both the payer’s and receiver’s Payment Service Providers (PSPs) were located in the European region. However, the revised PSD can be activated when the PSP for either the payer or receiver is based in Europe. Moreover, they are not limited by currency when both PSPs are in Europe. Most importantly, PSD2 extends to third party providers (TPPs) that provide services of payment initiation or account information. According to the PSD2, payment service organizations should allow PSPs to access their customer’s account information in an objective, non-discriminatory, and proportionate manner upon customers’ request. In essence, PSD2 obligates banks to adopt an open API practice. The account information needs to be accessible to the extent that PSPs can offer their services. If an account holding organization rejects access disclosure to PSPs, it should be for a duly motivated reason.

Another change in the PSD2, compared to the PSD, is that PSPs need to equip a secure customer authentication process for payers using electronic payment services. In detail, PSPs should satisfy at least two of the following three requisites: contents which are only available to a customer (e.g. passcode, PIN), devices of each customer (e.g. mobile phone, token, security cards), and biological data of every customer (e.g., fingerprint). Soon, the European Banking Authority (EBA) will confirm the Regulatory Technical Standards (RTS) of customer authentication process with which PSPs should comply. The last change applied to the PSD2 is the liability amount of a payer to unauthorized transactions, such as loss, theft, or inappropriate means of payment. The exemption was reduced from 150 euros to 50 euros. However, if a payer fraudulently or intentionally opens the account information, the liability amount can be more than 50 euros and the provider needs to prove the matter.

Essentially, the core element of the PSD2 is that third parties, including fintech business, can obtain online access to back-end services and data maintained by traditional banks. This encourages fintech ecosystem development and fintech industry stability by extending the market as well as improving security from conventional bank system and data disclosure. PSD2 opens up the market to potential PCS entrants so that they benefit from better access and business platform going forward. A successful application of the PSD2 is expected to accelerate the spread of fintech by allowing approved fintech businesses to approach banks’ infrastructure through API; those businesses are anticipated to develop as intermediaries between banks and customers.

European authorities are introducing regulatory changes to gain traction to potential participants in this new inclusive ecosystem. Inclusion is highly crucial in nurturing a new ecosystem where banks become average participants, compared to their previously dominant, coveted position in the PCS market. Specifically, the EU is trying to strengthen the understanding of fintech regulations and establish a continuous ecosystem through the adoption of PSD2. It fosters development by suggesting standards of technology following technological innovations, such as the integration of the payment market, secure payment system, customer protection, and the reduction of costs for payment services. This reflects the maturity of the EU understanding of digital transformation as compared with that of Asia, which does not reflect such conscientious efforts. Since PSD2 guarantees access to customer account information, further discussions for establishing open API are necessary to effectively promote the change. Banks and fintech businesses should consider TPPs, such as Payment Initiation Service Providers (PISPs) and Account Information Service Providers (AISPs), as intermediaries that could expand by tying up with business platforms of cross-selling financial instruments, including loans and investments. Besides, various types of businesses related to big data would bloom with all the integrated information of customers’ expenditures, account balance, transactions, as well as high-level information of demographics, investments, and savings accounts. In this regard, banks should position themselves as quintessential platform banking in the form of API centers. Banks would also need to decide either to take the role in providing pre-approved account information while functioning as a TPP by themselves or to contribute to creating new financial services by sharing high-level information.

Other countries are already preparing for the digital drive in accordance with the movement in Europe. The United Kingdom has been promoting “open data” policy by establishing the Freedom of Information Act and the open data source (data.gov.uk). Recently, it has strengthened open banking regulation regarding data security to cope with the PSD2. The United Kingdom allowed clients to determine whether they would disclose their data, and third parties were granted access only if the Financial Conduct Authority approved them. As for the United States, the Dodd-Frank Wall Act is the result of a movement to permit consumers to access their banking data. The Smart Disclosure policy also allows individuals to access their banking data. And the Bureau of Consumer Protection in the United States announced that it supports the idea of sharing personal banking data and allowing third parties to have access to corresponding banking data. As observed, the underlying principle is social trust about the balance between data privacy and convenience of shared data.

In the future, because of PSD2, traditional banks will lose their market share while banking platform services will keep evolving. Such revolution is currently ongoing and will shake the banking industry to its foundations. For instance, Amazon, already working with numerous banks, is preparing to release a checking account service viable in mobile devices. In the future, “tech giants” like Google, Apple, Facebook, and Amazon will obtain data from banks, adding even more to its vast database gathered from social network services, online shopping, and portal sites, which further threatens the very existence of traditional banks.

The Open API initiative has become a global trend that cannot be overlooked. Several bank giants are preparing for such change by establishing their open API and implementing policies to promote data sharing. The BBVA, Citigroup, and Credit Agricole already provided open API to third parties, collaborated with fintech companies, and released third-party developed banking apps to offer mobile banking services to their customers. Similarly, in response to the Open Banking Act, Lloyds Banking Group developed an infrastructure and data pipeline that allows them to analyze related data in real-time while making some of its API data public. Likewise, HSBC has launched its open banking API and developed an integrated application that helps the company test its system.

III. DIFFICULTY IN CONNECTING THE DOTS AMONG LEGACY INSTITUTIONS

What is happening in Europe is by no means their own issue; it has ripple effects in Asia in an unpredictable manner. Difficulty in connecting the dots has something to do with satisfying the existing prudential regulations that are deeply entrenched with the legacy system. Too often, it is a golden straightjacket with all the good intentions inappropriately applied to wrongly identified risk factors in a network environment. Essentially, the prevailing conditions of “too much risks / too little risk mitigation infrastructures” effectively act as an entry barrier for potential participants in a newly evolving environment (Choi, 2018). Collaborating among different participants (i.e., legacy and fintech companies) seems easier than performing under the centralized and sovereign mandates among legacy institutions.

For instance, fintech companies trying to enter the cross-border remittance service market in Korea still have to satisfy a set of requirements that involve capital as well as human resources eligibility criteria, which inherit the legacy framework. Money transfer service (or money transmitter) should be recognized according to the South Korean commercial law and should have a minimum net worth of 2 billion won. However, capital requirements are set for 1 billion won for small money transmitters with less than 15 billion won transaction volume per quarter. If the transaction amount exceeds the stipulated amount or the company adds a new line of business, the company abides by the original minimum net worth requirement of 2 billion won. Moreover, the company’s total debt to total asset ratio should not exceed 200%. Other requirements include having the necessary infrastructure for data, retaining experts and professionals in data processing, and establishing foreign exchange network with the Bank of Korea.

Besides, a small money transmitter should follow the standards established by financial supervisory authorities in South Korea and needs to clearly state the exchange and commission rates, as well as its dispute settlement process. A small transmitter needs to deposit three times the average amount of payments requested by clients per day (amount of total payments in a specific month divided by total days of the specific month) to the financial supervisory service or buy surety insurance. That is, a small transmitter is inevitably monitored and supervised by the financial supervisory service. Additionally, a small money transmitter has the duty to report to the Bank of Korea about consumer’s transactional information. And it has to observe requirements for the real name financial system and anti-money laundering duty (KYC-AML), as required by the prevailing law on reporting and use of certain financial transaction information. This laundry list of requirements for money transfer service largely reflects the lack of understanding and preparedness by the incumbents to accommodate digital transformation in a forward looking manner. As such, almost identical set of guidelines toward fintech startups remain roughly unchanged from the previous silo-ed responses in Asia (Choi et al., 2016). Applying old guidelines to new entrants is tantamount to effectively denying them any chances of sustainable business.

In reality, pressuring existing market participants to be more open and collaborative via API is only part of the story related with the PSD2 initiative. In practice, difficulty in connecting the dots in a fast-evolving environment reflects the growing gap between the regulatory requirements and available resources for market entrants. As noted, this discrepancy highlights the unpreparedness of authorities to foster an embracing ecosystem for new entrants: First, business opening (registration) is still a very convoluted procedure with several bodies involved in the process. Second, the capital eligibility requirement is based on old business paradigms, which are no longer relevant in a network environment (Choi, 2018). Third, the basic validation service is often too prohibitive for new entrants if specialized support facility remains ineffective or unavailable like the case discussed in this paper. Acquiring business license and satisfying regulatory and other key requirements are major hurdles for potential entrants, if not impractical and infeasible. Current legal procedure to start a business in Asia, especially in Korea requires separate approvals by different government bodies, and the regulatory oversight remains even more confusing with newly enhanced self-regulatory gestures by new fintech companies. The multi-faceted feature of new businesses requires multi-signatures, which would virtually exhaust all the business resources available for securing a sustainable foothold.

Among others, due to the scarcity of resources for compliance and regulation, it is not easy for potential participants to prepare against the more stringent regulatory requirements. The most visible hindrance in developing a new inclusive ecosystem is the highly fragmented and excessively entangled regulatory overlay, which foreshadow any business potentials as seen by new entrants. It is practically impossible to start a business when regulatory stance remains volatile and confusing. Many of the strict requirements are often based on legacy infrastructures and conventional ecosystem. Therefore, these additional requirements for stability and liquidity (register or license requirements) are not securely grounded with little theoretical and empirical backing. This should be treated separately in future studies, but as of now, it should be noted that individual startups’ exposure to potential risks in a network environment is different from that of existing institutions, as technological underpinnings address sources of threats. For instance, business alternative based on the decentralized, distributed system does not have the same capital requirements as those of the centralized. Hence, capital adequacy concerns need to be tailored, if not adjusted, accordingly. In short, the well-established capital adequacy requirements have become less relevant in a network environment and should not be homogeneously applied to all potential entrants. Furthermore, the universal KYC-AML requirements constitute an insurmountable entry barrier to potential players, considering that they need to be differentiated from the existing multi-step processes that involve various corresponding entities across the border. The old criterion is still applied to those who attempt to operate a business in a different form, thereby hindering entrance.

Given the vast gap between the regulatory requirements founded upon the legacy environment and the prevailing constraints regarding the capacity of new startups, it is a huge burden, if not an impossible task, to formulate necessary requirements. According to research conducted by Lee et al. (2017), 70% of 340 fintech companies responded that the level of regulations is extremely high (20%) or slightly high (50%) in the industry. Therefore, if Asia were to formulate the PSD2 or any system similar to it, the system would only be appealing for a short period due to the lack of necessary market infrastructures. In order to successfully achieve digital transformation, other ingredients, such as the KYC-AML, should be made available in different manners, i.e., fintech startups can enjoy access to these essential services without separately building launch pads from scratch.

In practice, several fintech companies in Korea have been constrained from offering their services due to Korea’s complicated and restrictive regulations. Currently, investors have to visit a financial institution to make a contract following the Enforcement Decree of the Financial Investment Services and Capital Markets Act, which requires a personal signature. Under this act, Robo-advisor businesses faced various obstacles expanding their non-face-to-face authentication service. Although the South Korean government, in late 2017, announced that it will permit qualified companies to launch their products or services, entering the industry is still challenging due to requirements on the capital and human resource system. According to the Use and Protection of Credit Information Act, the overdue payment history of an individual is required to be deleted after five years of the transaction, a contradicting feature to the nonerasable element of blockchain. Financial authorities are looking and yet are unsure whether some features of blockchain violate the existing law. Therefore, many argue that the current centralized management system prevents fintech technologies or financial innovations from showing reckonable progress.

Connecting the dots in two different ecosystems without any help or guidance is even challenging for established incumbents. Originally, it took about three years for fintech companies to create services or applications. To provide the function of verifications and balancing check and deposit within the service, companies had to form partnerships with every financial institution respectively. They had to go through a repetitive and persistent development process whenever the service was not compatible with each bank’s system. For instance, Toss, a fintech unicorn that focuses on money transfer services, is affiliated with 17 banks in Korea. It made individual contracts with those institutions and then standardized its system to connect with all of them; Toss spent more than three years connecting these “dots”.

Furthermore, a company should be registered as an electronic financial business operator capitalized at more than 3 billion won (approximately 3 million US dollars) to make a contract with financial institutions. Applying old and existing criteria for money service businesses stifles and discourages any attempt to start a new business in this field. There is a lack of understanding of the newly proposed business with flimsy capital base and almost no established records as well as the unrealistic toolboxes of the regulatory authorities. This entails difficulty in building trust among players and system in the new market, and fundamentally serves as a pre-selection bias that stifles any innovation. The hurdles to connecting the dots across different ecosystems need to be noticed and lowered to foster digital transformation that would eventually benefit all. Improvement in intra-connectivity and inter-connectivity is vital for a balanced evolution of the ecosystem.

In essence, the difficulty of reconnecting the dots is due to the following reasons: First, it is extremely costly for new startups or fintech companies to satisfy all necessary regulatory requirements like the KYC/AML and deliver financial services. Second, there is a lack of access to various market infrastructures, such as cloud services and PCS related infrastructures for processing loan applications. On both accounts, it is feasible to utilize existing infrastructures and resources to promote a vastly open ecosystem that welcomes wider audiences to better services. Especially, startups often need not only concrete business plans, but also practical funding support and boosts to overcome the legal and regulatory hurdle. In this setting, existing infrastructures need to provide open API as well as practical solutions that support these firms to adapt to a new environment. Moreover, it is critically important that the new entrants are capable of reinventing themselves by using digital infrastructures for transformation. Open API is the main ingredient, and yet other factors also need to be secured and available at reasonable costs to engage in digital transformation.

For instance, OneConnect, a subsidiary of Ping An, is rolling out services that would aid local small banks to adapt to a new environment and supply advanced quality services to local customers without requiring substantial preparation or investment. The OneConnect business model is similar to that of Amazon Web Services in the sense that tech start-ups are delivered back-end technology services at reasonable charges. In short, the API of existing infrastructures as well as some transition assistance services by a specialized firm in updating their outdated system within a short time frame are fundamental to new startups and small local banks in isolated areas. By fostering a favorable environment for locals to start building their capacity, and by providing services for a smooth digital transformation, small local banks will be able to develop mobile banking apps and credit scoring platform for loans and financial products. Locals will also intermediate interbank transactions around the banks’ core systems through the use of blockchain technology.

Even though there is expected synergy by connecting each bank’s database through open API, connecting them is not as easy as it sounds due to incentive conflicts. Large banks which have comparatively high-quality banking data have no incentive to share their data with smaller banks via open API. As client database is one of the valuable assets of each bank, big banks are hesitant about sharing these data with other smaller banks through open API via third parties. Large banks’ contribution to platform operators or fintech companies are widely different from that of other participants and the big banks are not adequately compensated for their bigger chunk of contribution. Therefore, such a situation makes it difficult for large banks to take part in new client services by fintech companies and is challenging for new entrants to make better use of existing data by making it available in a consolidated manner to wider audiences. Any consortium type of development initiatives suffers from this incentive conflict among potential participants.

Further, first-mover advantage can be easily suppressed in a newly developed ecosystem when the authorities subsequently step in to launch an open API initiative. This is because of the inherent trust base that authorities enjoy in a legacy framework; the dominant market position interferes with a private initiative for an open API strategy. Accordingly, better mechanism design aspects of protocol should be formulated before delivering improved services to potential customers.

API is an essential tool to concretize interactions among participants. Given the costs of developing API, charges for access depend on the market dynamics among relevant parties and should not be unilaterally fixed by authorities. It is always possible to control the exposure via API by information providers, and the API service charges are accordingly differentiated. Open API strategy by authorities, however, often interferes with market incentives and ignores the game-theoretic business decisions. It is essential to let the legacy institutions, even those with public characteristics, make autonomous decisions based on market incentives since the dominant incumbent positions often distort behaviors unexpectedly. All participants in the newly developed ecosystem should maintain their positions as equal partners, not with some special status associated with authorities.

In an integrated environment with super-connectivity, the centralized mechanism needs to be more decentralized and distributed for better inclusion, balanced growth, and robust security. By making available enormous resources that are practically kept in a siloed manner by authorities or institutions, member countries of the Asian framework will allow better interactions and value creation on a larger scale. The future direction for the highly centralized Korean system is geared for a more open and competitive environment, and some degree of decentralization using privatization.

For instance, South Korea utilized the Korea Financial Telecommunication and Clearings Institute2 to establish an open platform in the banking sector. Through this platform, banks and securities companies provide banking data to fintech startups, and the fintech companies use this data to offer their services. Under this scheme, fintech startups need not time consuming individual contracts with banks to access data. Until now, the world focused on strengthening its capabilities of centralized platforms and managing such a system. However, as technology innovates and regulations like the PSD2 are increasingly being adapted, nations need to divert from their traditional platforms and look into building decentralized platforms. Therefore, institutions established to cope with centralized platforms, such as Korea Financial Telecommunications and Clearing Institute and Korea Securities Depository, now face challenges that can shake their core foundations. As these platforms are also aware of the fast and ever-changing environment, they seek adaptable ways of improvement; one of their solutions could be open API. These organizations have obtained numerous data and developed technologies which can lower the entry barrier for new companies. The acquired data and developed technologies they own should be the cornerstone of establishing necessary infrastructures for the fastchanging environment initiated by the PSD2. Not only does the system need to switch to the decentralized, but the system itself can also benefit from the existing assets and data to decentralize the control mechanism and enhance connectedness, which has already been proven by the case of South Korea. Given the cost-effectiveness of rewiring, Asia needs to utilize its existing and increasingly marginalized market infrastructures to adapt to a new environment with an effective API strategy.

2)A non-profit organization in South Korea that supervises interbank payment systems like check clearing, inter-bank networks, and bank joint electronic services.

IV. CONNECTING THE DOTS USING THE LEGACY SYSTEM: A CASE STUDY

This chapter highlights the cases where the incumbents turn out to be helpful in digital transformation. For instance, Korea Financial Telecommunications and Clearings Institute (KFTC) decided in 2016 to make an open API that provides services to financial institutions in a standardized form. Given their original mandate for commercial banks dealing with small payment settlement services, the KFTC has initiated a very open and bold initiative for fintech companies, although they do not fall into one of its authorized business mandates. A small startup and fintech company in Korea, Finger, has proven that it has benefited from the incumbent services. If not for the KFTC, Finger’s lack of availability to payment and use of client data would have wholly destroyed its chances of survival in the new market. Finger launched an overseas remittance service provider called “ReLe Transfer” in 2017 by using the open API provided by KFTC. After overcoming the initial entry barrier via the help of KFTC, Finger successfully obtained license for cross-border remittances, passed the security examination of Financial Security Institute (FSI), and applied the API of KFTC into its service after three months of development.

The KFTC’s API in remittance service is used for real-name authentication, balance check, deposit transfer, and withdrawal processes. It also operates during the registration process to confirm the user’s account and automate deposit transfer. Usually non face-to-face registration is consisted of 7 steps: a customer uploads government-issued ID, inputs address, provides mobile phone authentication (KFTC), sets up a password, registers his or her bank account (KFTC), proceeds with ARS authentication for withdrawal (KFTC), and enters the deposit amount to complete registration. Since the API is linked to nearly all Korean banks, registered customers experience easy and swift bank services. The existing infrastructure of the KFTC made the open interface of fintech companies adaptable to engage in actual market transactions.

Traditional measures on remittance have required customers to separately deposit money via bank branches, ATMs (Automated Teller Machine), or online banking. However, since the launch of KFTC’s open API, “ReLe Transfer” can directly transfer money from the customer’s account without signing contracts for additional banking services. “ReLe Transfer” saves significant energy and costs, and is a win-win solution. In accordance with this remittance service, Europe has also planned to adopt this feature as of 2018, making it one of the main features of the PSD2 ecosystem in Europe.

Now that fintech companies can use API at a reduced price, service costs have also become comparatively lower (see Table 4). Moreover, fintech businesses can expect to create more diverse and innovative services using the API because fundamental deposit and check services can be easily and efficiently done using the API without incurring any extra costs. Recently, the API started to provide information about receivers, which was only available to existing banks. Disclosure of recipient information would resolve the issue of real-name authentication of cross-border remittance services and virtual currency exchanges. By leveraging the information, even fintech companies that are new to the game would be able to satisfy the stringent KYC requirements.

Korea’s case is the world’s first kind that gave fintech companies an open API that handles all financial sectors through the government. In a similar context, HM Treasury in the UK has been trying to establish the same type of infrastructure and offer financial services via standardized open API since 2014, but it has yet been completed. Government agencies abroad have developed open APIs in various fields, such as politics, medical science, or energy; however, the banking sector has been excluded from this transformation.

Aside from remittance service providers, various fintech companies have launched different types of offerings using the open API. Lazyant, another Korean fintech company, created a mobile phone application called ‘Bine’ that enables users to manage a joint account of specific meetings or clubs. Commercialized at the end of 2017, ‘Bine’ allows users to make small-value remittance without any authentication certificate among its user members. Transparency of member’s joint accounts are achieved as the application automatically manages membership fees in real-time. When wiring money, Bine does not require the recipient’s account number, and the whole process is merely composed of three steps: click the recipient, input the amount to remit, and enter the password. To provide such convenience, ‘Bine’ applies open API for an account history check, withdrawal, and deposit information.

The open API of real-name authentication, balance check, and account history check is also used for asset management by identifying consumer’s financial assets in all banks or securities companies and recommending specific financial products based on customers’ transactions data. Fundamentally, online shopping malls such as DANOSHOP widely integrate open API for deposits. Depending on the types and purposes of each service, different APIs are applied to fulfill the motive of each offering, as observed in Table 5.

Adamant is the legal and regulatory framework that it is struggling to formulate consensus for broader adoption of technology. This case suggests that legacy institutions could significantly help potential market participants from being swallowed up in a vortex of digital transformation. By being more open and collaborative in a fastevolving environment, the incumbents can not only avoid excessive adjustment burden, but can also contribute to the overall transformation that would remain challenging for startups with poor initial conditions.

Completely decentralized payment framework is still far from being practical. We are here disrupting one of the most centralized frameworks to be more open and collaborative so new entrants can go forward. One of the practical implications of this paper is how we engage toward decentralization when heavily burdened by the centralized legacy framework. As shown in many successful cases, the better option would be to make use of existing legacy infrastructures to create a new ecosystem that engenders a new paradigm without costly disruptions.

V. IMPLICATIONS AND CONCLUSION

In this paper, we highlight that some mechanism design aspects of a new protocol build-up are required to avoid incentive-incompatible efforts of potential participants. As evidenced by some case studies, digital transformation with a strong legacy background calls for reconnecting the dots in an open, collaborative manner in favor of overhauling or revamping the entire system. Here, dots represent legacy institutions that underpin the financial system for payment, clearing and settlement in the region. Formulating regional guidelines for a more open financial system via PSD2 equivalent would provide an environment where digital transformation could speed up without too much disruption. This is essentially a set of mechanism design based protocol for legacy institutions to avoid excessive adjustment costs and help promote a new ecosystem. Likewise, existing institutions are not necessarily the subject of disruption, i.e., it does not mean that existing institutions need to be flattened to accommodate the decentralization trend, which is currently sweeping the financial landscape. As shown in the previous case of Finger, there are methods for fintech companies to collaborate with legacy infrastructure in a forward-looking manner for mutual benefits.

On the surface, the decentralization mandate of the crypto economy would require serious unbundling and re-bundling of existing financial services, including governance and system infrastructures. However, the cases presented in Korea and Vietnam suggest that establishing an open and collaborative platform that hinges on existing legacy institutions and infrastructures may actually help smooth the transition toward a more inclusive digital economy. Seeming orthogonal changes associated with the on-going digital transformation in terms of eliminating lots of intermediaries’ role can actually mesh with legacy infrastructures to foster a favorable ecosystem for future value chains.

The legacy system can be a viable foothold for the advancement of digital transformation without excessive disruption and adjustment. Moreover, this can be achieved by reconnecting the dots or rewiring the existing system. By allowing new entrants via open API and utilizing the existing critical infrastructures, Asia can effectively develop a PSD2-compatible ecosystem in response to its European counterpart. If the legacy infrastructures become catalysts for such changes, far better and active interactions among diverse players will be achieved. The recommendations about reconnecting are particularly relevant in Asia because it is virtually the bank dominant system that has hierarchical sovereignty-based structure with no regional framework. There are little region-wide interactions and collaboration in many key areas of finance, including PCS.

Even though the PSD2 is developed with the Euro setting, which does not have its equivalent in Asia, the ultimate goal of this paper is not about Asian integration, but the necessary efforts that are triggered by our European countries. If not properly prepared and guided, subsequent endeavors for catching-up can result in a more fragmented situation, a situation to be avoided at all costs. Instead of starting from scratch, member countries must utilize resources that are available in the region by applying open API strategies and reconnecting dots on a broader scale, e.g., crossborder linkage among CSDs. By preparing the bigger picture with forward-looking perspectives, Asia can better prepare itself toward digital transformation that would benefit all via inclusive growth and sustainable stability.

To bear fruitful results, Asia needs a PSD2 equivalent legal and regulatory framework so that the utilization of existing infrastructures in a forward-looking manner entails virtual digital leap-frogging. This can be done not by raising the legal barrier, but by helping potential entrants satisfy the regulatory requirements via utilizing open API. While expecting legal and regulatory footings in the Asian region could be a tall order given the fragmented cultural and historical background, expectations of economic benefits can hold merits for greater cooperation among Asian countries. Sooner or later, Asia should utilize its existing legacy infrastructures to deal with mounting pressures coming from the European PSD2 and GDPR. To do so, it should see how legacy infrastructure could expedite an open innovation in the increasingly important field of PCS, instead of nitpicking at it as a feature of disruption. Some of the successful launches of an open, collaborative platform for creative and open innovations confirm the possibility of a smooth transition. The scalability and interoperability necessary for the transition toward digital economy can be accomplished by coalescing the scattered and segmented infrastructures across the region.

In summary, Asia can successfully address impending issues triggered by the PSD2 by enhancing capacity in a new and open platform. The KFTC instance proves that legacy infrastructures could play a significant role in reducing the entry barrier for potential new entrants to the market. Incumbents can reconnect with diverse entrants to provide a more powerful base for startups with no track records and scant capital base to gain a necessary foothold in a new environment. By rewiring the legacy infrastructure to be more connected on a platform, which essentially implies changes in the overall governance toward a more open framework, Asia can turn around its unfavorable situation and be much more competitive. Reconnecting the dots would provide undeniable benefits for both incumbents and potential entrants in a multisided market. The aforementioned cases explicate that legacy infrastructures can transform into sturdy foundations for promoting open innovations via startups and new entrants rather than degenerating into objects of unbundling and disruption.

In a broader context, it is possible to seek for a better connection among key hotspots such that all parties can enjoy more widespread network effect going forward. This implies that existing legacy infrastructures serve as a nurturing base for new entrants by reconnecting the dots across many different domains and ensuring necessary scalability, interoperability, and sustainability for a new environment. The use of existing infrastructures for the open API provision and reconnecting them are important steps towards an “Asian payment area.” However, given that Asia confronts other obstacles like different currencies or disparate regulatory oversight to integrate payment services in Asia, the suggestions in this paper need to be incorporated with other efforts to promote a payment union within the region. This paper underscores the forward-looking role of legacy institutions to expand the region into a more vibrant economic platform for a digital age where payment services can streamline into “Asian payment area” with extra efforts, such as harmonizing regulatory oversight. In a similar context, the ABMI (Asian Bond Market Initiative) has been making efforts to achieve higherlevel linkages3 between CSDs and RTGS in the region for more efficient clearing and settlement (ADB, 2014; 2016). Combined with small payment services platforms discussed in this paper, future efforts would accelerate evolution into a single payment area over the longer run. Further, future financial market infrastructures should accommodate innovations of blockchain as well as achieving efficiency and scalability to achieve inclusive financial market development in the region.

In conclusion, the open API initiative of legacy institutions would provide a robust, essential platform for digital transformation that has become necessary for the region post-PSD2 implementation. It is critical to let legacy institutions, even with those public characteristics, make autonomous decisions based on market incentives since the dominant incumbent positions often distort agent behaviors in a totally unexpected manner. Due to the sensitive nature of network externality, all participants in the newly developed ecosystem should maintain their positions as equal partners, not with some special status imposed on authorities. The crucial regulatory resetting as part of the harmonization drive to embrace the open API initiative can be a powerful catalyst to overcome the many potential issues of the PSD2 in Asia. All in all, the newly emerging payment area in Asia as triggered by the PSD2 in Europe can be promoted via a set of harmonized regulatory oversight as well as the open API practices of legacy institutions.

3)A possible cross-border linkage between the securities and the funds settlement system among countries in the region can be extended to cross-border collateral infrastructure to complete the de facto regional financial system for all member countries.