While adoption of application programming interfaces (API) has been commonplace elsewhere, the financial services industry has been slow to get on the bandwagon, but a fintech startup with a credit union pedigree is looking to change that.

“People are overly skeptical of API. I understand the concern about giving others access to financial information because of its value,” said Rupert Kingshott, CEO of the Washington, D.C.-based Georgetown University Alumni and Student Federal Credit Union. “However, the world is getting faster and consumers are consistently seeking the most convenient option.”

Nikhil Lakhanpal, co-founder of the New York-based Narmi, a mobile an online services firm, said credit union executives shouldn’t view APIs as a potential regulatory mandate, but rather an opportunity to enhance the member experience.

“Bill pay and remote deposit capture made the lives of members much easier, fundamentally changed the relationship and has been proven to increase retention,” said Lakhanpal. “It is much more cumbersome for a member to close an account if they are paying bills through bill pay. Similarly, it is harder for a member to close an account if they are leveraging your API whether it is directly or indirectly through a third-party application.”

Prior to co-founding Narmi, Lakhanpal served as CEO of Georgetown University Alumni and Student Federal Credit Union. He said he became "incredibly frustrated" with the state of technology in the industry at that time, which was the impetus for the company he would later co-found with former classmate and then CIO, Chris Griffin.

Nikhil Lakhanpal, Narmi
Nikhil Lakhanpal, co-founder of mobile and online services firm Narmi, got interested in the field after having served as CEO of Georgetown University Alumni and Student FCU.

"It seemed there wasn’t much innovation in the industry," Lakhanpal recalled. "Our prior experience gives us unique insights into the operations of a credit union. Between Chris and me, we've touched nearly every department a financial institution might have—from credit, IT, member service, marketing to operations, HR."

Building on that credit union background and insight, Narmi has wooed some credit union clients, including the co-founders’ “alma mater” CU – Georgetown Alumni and Student FCU – and Florist Federal Credit Union, Roswell, N.M.

Cisco Malpartida Smith, CEO of the $9.4 million Florist FCU, told Credit Union Journal he has some concerns about API “protocols and standards” related to information protection and access. But, he said API is usually the answer to a vender who says: We can’t do that function. “My follow-up question is: Do you have an API? As I may be able to find someone else who can.”

API Retention Rates
Both Florist FCU and GASFCU are tapping Narmi for a suite of services that include website hosting, content management services, online banking and mobile banking.

“We believe there is immense value in ensuring your user-facing digital presence—website, online banking and mobile banking—speak to each other seamlessly,” said Lakhanpal. “Further, adjacent products like member service (e.g., email, messaging), account opening and targeted offers should also share the same experience.”

The $10 million Florist FCU has 920 members. As the only credit union serving the $40 billion dollar U.S. florist industry, Smith explained members are mostly small business owners that require many small business loans.

“As you can imagine with retail florists in nearly every town in America, it is a large and widespread industry to serve,” said Smith. “Digital technology is essential for our strategy to grow and serve our members as having a physical site in every community is not feasible or realistic.”

Kingshott noted that the goal of partnering with Narmi was to build a financial intuition that caters to the needs of the younger generation. The $17 million CU serves 3,089 members, 2,000 of which are active mobile and online banking users.

“We strongly believe that the best course of action is to have one partner that handles everything. However, we understand that this can be both a blessing and a curse,” said Kingshott. “In our case, we consider it a blessing because our vendor is consistently innovating, has a roadmap and wants to expand like we do.”

Not unlike a user using a Facebook account to register for Spotify, Twitter or Venmo, Kingshott feels that an open API platform increases member-retention rates because members can conveniently connect respective accounts together.

“A credit union account with API can fulfill a similar role to Facebook because you use it so often. If members connect their credit union account to external service providers, that account will be much harder to close,” said Kingshott. “Closing the account will create ripple effects that will influence the member’s relationship with those external service providers.”

API Security Concerns
While security is always a practical concern of any CU executive, Smith said he has never heard of any major problems associated with an API breach or misuse of member data.

“The partners we want to engage with are equally concerned,” said Smith. “They seem to understand that their reputation is extremely valuable and they wouldn’t want to put that in jeopardy as their entire business could be torn apart overnight.”

As compared to the “status quo,” Lakhanpal feels that open banking APIs increase security and privacy. He said data aggregators like Yodlee, Intuit, Plaid and Quovo collect member credentials and “screen scrape” the data from online banking applications.

“By offering an API, you can allow your members to safely authorize read-only access to their financial data,” he said. “By enabling financial data sharing, credit union executives can make their members’ lives easier by encouraging integrations with other applications like tax preparation software, budgeting software and accounting software.”

In Kingshott’s view, any privacy and security concerns related to API will be similar to those faced with online or mobile banking.

“There are so many examples of companies who have successfully implemented APIs, that you can certainly develop best practices in terms of privacy and security,” he said.