Page 12


Time for “platformification”

Why a plug-and-play platform is banking’s future By Lisa Valentine, contributing editor


side from any online shopping that bankers may do, quite a few banks now use A mazon’s outsourced IT services. Unlike most vendors they rely on, financial institutions would do well to aspire to Amazon’s business model, according to Ron Shevlin, research director for Cornerstone Advisors. Amazon is the truest example of what Shevlin calls “platformification”—an admittedly “ugly word” that he believes will have a significant impact on the financial services industry. Shevlin, speaking at the fall BAI Beacon conference, described how Amazon has built an e-commerce infrastructure with a toolkit to integrate producers into its platform. “Amazon has created a plugand-play platform that allows producers and consumers to exchange and create value,” he said. Such an approach in banking, Shevlin added, would support an environment in which fintech and traditional financial services providers work together. But Shevlin noted: “Ask consumers how many of these fintech start-ups they want to do business with to solve their financial needs. The answer is that they don’t. Someone has to pull everything together in a cohesive way for consumers that makes sense.” That’s where financial institutions add value, providing “a platform in which multiple providers can play

together nicely in the sandbox to meet consumers’ financial services needs.” “The bank of the future will embrace a plug-and-play business model that allows multiple participants—producers and consumers—to connect, interact, and exchange value,” predicted Shevlin. A platformification strategy requires institutions to become magnets that attract both producers and consumers; become matchmakers that provide a platform for consumers to find the right products and services across a series of

producers; and have toolkits that integrate producers easily into the platform. Shevlin noted that BBVA Compass is working on platformification in Europe. “BBVA application programming interfaces [API] allow third parties to give their clients access to information in BBVA accounts.” He said U.S.-based Capital One also is launching a series of APIs. Shevlin added that “platformification is an open environment. You don’t need to partner with these producers; just offer them easy plug and play.”

Why cyber paranoia can be healthy


n September, New York proposed a new regulation on cybersecurity for the financial services industry. It underscores the need to do more. Even when your bank is closed and the door is locked, your enterprise is exposed 24 hours a day. Look at the proposed New York rules (23 NYCRR 500), and at the recently updated FFIEC Handbook on Information Security. Even if your bank is outside New York, set a plan in place to emulate the controls. Consider: • Data storage. It should be encrypted



December 2016/January 2017

(moving or at rest) at all times. • Vulnerability. Conduct tests quarterly. • Multi-factor authentication methods. Adopt them. • Threat detec tion and analysis. Adopt them, not just blocks. • Data and enterprise compromise simulations. Practice with a true wargame scenario. • Track data movement. Track it within your enterprise and when it leaves. Excerpted from a blog by consultant Dan Fisher. Read the full blog at

December 2016 January 2017 Banking Exchange  
December 2016 January 2017 Banking Exchange