An application programming interface, or API, is a technology that connects two different systems and passes data between them. In recent years, APIs have become an important part of how companies do business. That’s because APIs allow businesses to share data and functionality internally and externally in a way that is secure, efficient, and scalable. For treasury, the interest in bank APIs – a connection between the organizations’ existing systems (like their ERP) and their banks – has recently exploded and will inevitably render host-to-host and SWIFT obsolete.
But not all APIs are created equal. There most certainly is a difference in quality between a balances API at Bank A and a balances API at Bank B. If your company is looking to integrate with one or more bank APIs, you’ll need to evaluate the quality of the bank’s API. Read on to learn the four key factors to consider.
The 4 Key Factors of Corporate Bank API Quality
- Data depth. Is the bank API offering an open banking API or a premium corporate bank API? Open banking APIs cover only the basics and are generally used by consumer banking. Premium corporate bank APIs go further, addressing areas specifically for the complex needs of corporations including account signatories, pooling structures, and invoice financing.
- Documentation. Documentation is the instruction manual for how to integrate with a bank API. For anyone who has assembled furniture, you know that having a well-written, clear instruction manual can make all the difference between a painful, long setup and an enjoyable, speedy setup. The same holds true for documentation of bank APIs. The best bank APIs have detailed documentation that is frequently updated and provided in an easily consumable format. Though it may sound like “just details,” high quality documentation is a hallmark of high quality, well-constructed bank APIs.
- Security. As a technology, APIs are inherently more secure than file-based connections like SFTP. When a corporate advances to bank API connectivity, a significant upgrade to the security is therefore built in. But the best APIs don’t rest on their laurels, they incorporate encryption, authentication controls, and other features for maximum security.
- Development & Testing. Anyone who has implemented a new software system knows that testing before going live is a vital step for a successful rollout. But, some banks have not yet created the elements needed for airtight testing, and in fact, many come up short when it comes to a sandbox environment. Comprehensive developer portals are also a bellwether for top notch bank APIs.
Bank API Implementations: Lessons Learned
The following are observations and recommendations based on our experiences with bank API implementations:
Unique Transaction Identifier – Banks should ensure that they provide a unique identifier for all the transactions. This identifier should be unique globally across all payment types. This provides great help with client account reconciliation.
Global APIs – Banks should focus on providing global APIs rather than region and payment type specific APIs. This provides significant efficiency improvement and ease of implementation.
API Response – Banks should ensure that correct & descriptive errors are provided for every API call. Generic errors which do not point to the exact issue do not provide much help leading to significant time lost in investigations.
Sandbox data – It has been observed that many banks do not have quality data to carry out the testing effectively, leading to either incomplete or inaccurate testing. This can cause issues in production later.
Sandbox availability – Many banks have a sandbox environment that is unstable and that is unavailable at times, leading to delays in the implementation. Banks should ensure that the sandbox availability percentage is high.
API versioning – Banks should maintain the versioning of APIs and communicate to the clients of any upcoming changes in advance. This will help to avoid some of the unforeseen incidences in production.