Defining ROI, Creating Consistency, and Practicing Security
"There's been a big boom in API development around Fintech. We're probably our fastest growing section of the bank where the number of API calls has exploded, and the number of partners approaching us is only growing."
— Daniel David, Director and Head of Payment APIs at Wells Fargo
API programs are one of the fastest-growing focus areas for many Fintech organizations. This week on the API Intersection podcast, we chatted with Daniel David, Director and Head of Payment APIs at Wells Fargo, to get an inside look into best practices and demonstrate your API program's business value.
Getting Your Fintech API Program Right: API Security & Standardization
API Security: Necessary for Success
"We certainly have our many layers of security, and we have to be extra careful given that we're storing very sensitive information. But beyond that, in terms of the actual API design, we do everything we can to not even send certain sensitive information," shares Daniel.
Security and standardization are always essential parts of the API program, but they're especially crucial to the Fintech world.
API implementations and integrations in the fintech industry can prove difficult when security needs to be the utmost priority. Customers need to feel secure and comfortable, which sometimes means the convenience of a simple API integration may be sacrificed for heightened security.
Obviously, on the Wells Fargo team they ensure that their customers are authenticated as well as they should be, which means maybe they have to come back to the API actually to pick up the sensitive data.
Daniel warns that when building out APIs, integrations, and platforms in the Fintech space, keep in mind that small bits of information can feel innocuous. Still, you always have to pay ample attention to what information you're using. And that's because while separate information can be benign and seemingly harmless, it suddenly can be quite dangerous in combination with other information.
Consistency & Standardization: Don’t Forget!
"Consistency is a key topic, so we have a standards board. We have the governance that is necessary to make our program successful," shares Daniel.
You should always treat the APIs you create as products, as we know by now. When thinking about what makes a good product for a customer, it's not just about giving the customer what they want and solving their problems. The other significant part is implementing, maintaining, and versioning those products.
"I think iteration and versioning are key for everything. Once you do it for the first time and experience customer feedback, you need that. But, it's imperative to get the consistency right during versioning," shares Daniel.
Daniels' team puts in place quality control checks and milestones to enforce the consistency and success of their API program. They constantly ensure naming conventions, URLs, abbreviations, specific terms, structure setup, and more are standardized across every API they create.
Wells Fargo's API team has teammates dedicated to performance testing and review.
"We're already up to many dozens of APIs, and it can quickly get out of hand because many of our customers will use more than one API, and you don't want them to start noticing inconsistencies," shares Daniel.
Understanding the landscape of what the team has coming up in the next 12 to 18 months and relaying that to all team members to stay in sync helps enforce standardization and keep everyone on the same page.
"I think from the customer's perspective… we want to make sure everything is repeatable--that any customer, small or large, can implement, understand, and call for support. All those things have to be in place," shares Daniel.
However, it's important to note that you'll never be able to standardize absolutely everything. It's impossible to standardize entirely because of a constantly changing competitive landscape. Daniel notes that the mere fact that companies compete on differentiation means there will always be ways of doing things that differentiate your brand from others. But at least within your own organization, standardize to the best of your ability!
Demonstrating the ROI of Your API Program
Now, showing the value of an API program isn't Fintech specific–it's relevant for any API programs across a wide variety of industries. Whether you're a small startup just getting started or a Fortune 500 like Wells Fargo, knowing how to demonstrate the ROI of your program is crucial.
"The success of our API program is really shown through the fact that in some cases, we are going to be cannibalizing other channels due to the success of the API program," shares Daniel. "But, like Apple used to say if you don't cannibalize yourself, somebody else will. So in that sense, it's good that our API program is moving with the times and leading the pack."
Wells Fargo has customers who used to go through file-based or some other channels that can now use an API to solve their needs, further proving the program's value. When a smooth and effective API program cannibalizes other process forms, the team can safely deprecate the archaic channels.
Another way Daniel proves the program's value is by reiterating that they're doing all the things their customers want Wells Fargo to do. They track when a customer makes a transaction and interacts with specific APIs so that they have visibility into that direct line of business.
"Thankfully, with all the tracking, it's actually fairly straightforward to show how we're doing a good job of bringing in that ROI from APIs. We have multiple billions of calls per year, and tracking all of it helps demonstrate that business value," shares Daniel.
With focused metrics and ensuring tracking is a priority, the team can see how many times a customer used a different channel versus the API. They can see the incremental gain or the cannibalization of archaic systems showing the value of the API.