Welcome to the October issue of “This Month in Commercial Banking” where we dig into the latest data about rates and balances and examine the value of APIs as a driver of revenue.
The latest inflation numbers aren’t for the faint of heart and commercial customers are clamoring for higher rates. One bright spot is the business banking segment, where rates and balances are relatively stable.
In the never-ending search for more revenue, a growing number of banks are embracing APIs as a way to improve connectivity and deepen client relationships. The question: Should banks charge clients for them?
Finally, we return to the topic of treasury management systems with a look at the controls that are critical to their success.
Balances Drain And Rates Gain
The operating environment for commercial deposits has become more challenging as betas rise and balances continue to head for the exits. Through the end of September, average commercial deposit balances were down 8.2% year over year and down 2% from August. (See Figure 1.)
At the same time, average MMDA rates increased from 87 basis points (bp) to 116 bp. (See Figure 2.) This corresponds to a 35% through-the-cycle beta. And ECRs have begun to tick up, reaching an average of 46 bp for September. As ECRs begin to rise, that has freed up additional client funds to seek rate. This is reflected in a 5.8% month-over-month drop in average ECR balances.
With the Fed continuing to pull $95 billion out of the money supply each month through quantitative tightening and the corresponding dynamic of rising yields on commercial cash alternatives, this pressure will continue. This is a different dynamic than the last cycle of quantitative tightening, during which balances grew modestly. There are two primary drivers to the current state of play: faster Fed balance sheet reduction and slower GDP growth.
That said, business banking deposits are one bright spot so far against this backdrop of a challenging current operating environment and a difficult outlook. Business banking deposits have been much more stable so far, down just .9% from last year compared with a decline of 8.2% across all commercial segments. Lenders also have been able to toe the line on business banking MMDA rates, which now average 39 bp compared with 116 bp across all commercial segments.
Figure 1: Average YoY Commercial Deposit Portfolio Growth (September 2022)
Figure 2: Average Commercial MMDA Portfolio Rate (September 2022)
While the outsized value of business banking deposits may be less obvious in a benign deposit environment, the value of these stable low-cost deposits is increasingly evident in times like these.
The bad news is that there isn’t a quick fix for banks that have underinvested in acquiring customers and building out solutions in this segment.
The good news is that the long-term return on investment for this segment can be exceptionally high. In business banking, optimizing deployment, channels, market strategy and product is a broad topic. But one strategy that is comparatively quick to deliver is optimizing packaged products and treasury management “lite” bundles. These products can simplify both client experience and sales process, creating a comparatively quick path to deepening existing client engagement and accelerating the acquisition of new primary relationships.
APIs Drive Growth, Enhance Client Experience
With competition accelerating and delivery becoming increasingly digital, banks need to find new ways to connect to clients and integrate their services in as many channels as possible. Many innovative delivery solutions are based on connectivity, often through partnerships, and among the most promising are application programming interfaces, or APIs. APIs not only can be an effective way to modernize legacy systems to accommodate commercial-client growth, they can also be used as plug-ins or to launch new products relatively quickly under a single sign-on. That can yield significant improvements to client acquisition and increases to revenue.
In adopting APIs, banks have a choice: They can elect either to integrate their services into client systems (API banking) or allow third parties to gain access to client data and credentials when permissioned (open banking). Either way, the bank is tapping into channels many of their clients prefer while adding a level of personalization. This interface automates functions that a corporate client would otherwise have to perform through its own banking platform and that would also require data updates across all supporting systems that aren’t supported in real time.
Banks can use API banking to integrate their services into open banking platforms or client treasury management systems, allowing clients to choose their preferred method of engagement and interaction. A recent example that has gained traction is Enterprise Resource Planning (ERP) payment integration, to which customers can connect their banking data and services, including payment functionality. This allows corporates to streamline existing payment processes and automate operations in real time, while reducing manual entry and errors. To respond to client demand and as part of their digital strategy to continually innovate, national financial institutions launched ERP payment integration quickly last year.
The same functionality applies to open banking, through which banks allow fintechs to access customer data for use in their applications. This allows banks to market and offer banking services, such as trade financing, through these additional platforms and channels, thereby further driving revenue and client acquisition.
Payments, account validation, information reporting and administration are ripe for API integration in commercial banking. Whether a bank is looking to offer more value and service to existing clients or gain new clients, API partnerships can be an effective channel supplement for marketing new products, driving primacy and ultimately generating more revenue.
APIs: To Charge Or Not To Charge?
Because it’s become widely accepted that APIs enhance the client experience and can help increase revenue, more and more of our commercial bank clients are asking us if they should charge their clients directly for APIs and, if so, how. Pressure to generate more fee revenue and the investment required to build APIs appear to be contributing to the urgency.
To answer these questions, we start with leading banks. According to our NDepth monthly account feeds, which are sourced directly from more than 60 commercial banking clients, five of the top 10 U.S. treasury management banks are charging API-related fees even though adoption and volumes are still relatively low. This concentration among the largest clients in NDepth reflects their complex systems and processes that can benefit greatly from stronger integration and increased automation.
When it comes to how these banks are charging for APIs, however, there is no clear consensus. Among the five, there are at least four distinct charging models and significant variability in pricing. Two of the banks charge only a one-time implementation fee while another levies a fixed fee for monthly maintenance. The other two tie their fees to monthly volumes. One charges a per-API call charge, the other treats APIs as a separate payment channel and charges payment fees for individual payments. These individual-payment fees are generally lower than for payments that are initiated manually and even those initiated online.
The upshot is that banks can and are charging API-related fees, but they’re testing approaches in a market that’s not yet conditioned to expect them in any form.
When considering whether to charge, it’s important to look beyond what commercial peers may be doing and consider the value exchange. This includes examining API components and their suitability by client segment. API services that enable payments integration into ERP systems for large corporates, for example, can lead to direct savings in technology development and FTE. Here, a clear business case can be made to charge. Some API categories, however, might feature more episodic application or be used by smaller, less complex companies. In these cases, charging is more of a judgment call.
At the other end of the spectrum, open banking APIs, which allow fintechs to tie into the bank, can provide clients easy access to products and capabilities the bank might not have or even intend to have. In these cases, because the APIs are enhancing the client experience to win relationships or deepen primacy, they probably shouldn’t come with a cost.
API development is at the leading edge of TM product development and at the core of TM’s evolution to integrate more deeply into a commercial client’s financial processes. While many banks would love for APIs to be direct revenue generators, the decision to charge needs to consider the perceived value they bring to clients in the context of the bank’s product and pricing strategies. Weighing those factors can lead to very different conclusions from bank to bank.
The Importance Of Treasury Technology Controls
The increased adoption by companies of treasury management systems (TMS) means that internal controls are becoming more important to commercial bankers and their clients as they seek to improve an organization’s ability to prevent and detect fraud.
Previous issues of “This Month in Commercial Banking” have addressed the selection and implementation of a TMS, which now leads to the role of corporate treasuries in maintaining adequate controls of these systems on an ongoing basis.
The single most important strategic-level control is the nurturing and maintenance of a robust controls culture. This means that the senior management team and all employees associated with processing financial transactions need to create an awareness of the importance of controls — an awareness that is especially valuable during changes in transaction-processing workflows or systems. The following are critical for a robust controls culture:
- System Security. User access security is the gateway to the controls and risks inherent in these systems. The identity and authority of each user should be maintained in a central location. User authority in terms of read-only access and transaction-initiation rights should be clearly described. User activity logs should be automatically created by the treasury or bank system to permit audits of system use by both user and activity. Because the staff assigned to work with transaction-processing systems change over time, a formal and disciplined process needs to be in place to give new users access to systems. Even more importantly, rapid suspension of user access must occur when employees leave a company. This should be done on a same-day or next-day basis.
- Segregation of Duties. This is a foundational element of a control environment. Nearly all transactions and changes to system-static data should involve two people. One person should initiate a transaction or change to system data and a second person should approve them. For example, if a bank account is added or deleted from the system, one person should initiate that change and a second person approve it.
- Preventive Controls. All payment transaction processes should be bracketed by preventive controls that prevent fraud and can be either systematic or manual. Systematic preventive controls, for example, would require two users to initiate and release a wire in a bank or treasury system. Were that not to occur, the system would automatically block the transaction from being executed. A manual preventive control would, for example, require two authorized signatures on a form that requests a payment.
- Detective Controls. Because preventive controls aren’t perfect and can be overcome by sophisticated criminals, detective controls are also necessary at the back end of any transaction process. Daily or monthly account reconcilements are the most common example of a manual detective control process. Automated messages from systems to security administrators notifying them of after-hours use of a system is an example of a systematic detective control. Another example: post-processing review of payment files to detect suspicious patterns of payment activity.
- Policies and Procedures. It seems obvious, but written policies and procedures are necessary to document the workflow of transactions moving through bank and treasury systems. These documents are used to train new employees and are used by auditors to validate proper controls are in place and are being followed.
- Annual Review. Because the workflows of financial transactions are dynamic, a formal review of preventive and detective controls should take place each year. Introduction of new payment channels and processes should be the focus of these reviews, validating that proper controls and segregation of duties are in place.