ISO standard for APIs - Whitepaper

Dec 19, 2017

An ISO standard for web-based APIs in Financial Services

In November 2017, 23 countries under the governance of ISO TC68 Financial Services agreed to work together with China, Singapore and the United Kingdom to pool resources and to focus effort on defining the first ISO standard for APIs in financial services. This new project has already changed the landscape considerably for web-based API (WAPI) standardisation by providing a single place, with the legitimacy of the tried and trusted ISO process, to focus expert resources from around the globe to deliver such a universal standard.

ISO 20022 will continue to play a big part in shaping the standard adding tremendous value as an authoritative source of business data and semantics. Formative work under the Registration Management Group on the potential use of ISO 20022 in the context of APIs and JSON syntax has been reflected in a whitepaper (published 29 January 2018) which is expected to also contribute to this new ISO effort.

What is ISO 20022?

ISO 20022 is an international messaging standard developed to facilitate electronic data interchange between financial institutions, and with their customers, users, suppliers, market infrastructures and regulatory authorities. It is a single, common ‘language’ for all financial communications supporting interoperability between all parties – no matter where the business is based. It allows participants and systems in different markets to ‘talk’ to each other using consistent terminology and formatting.

ISO 20022: Built for the future

ISO 20022 has been created by the International Organization for Standardization (ISO) as a new way to develop message standards within the financial industry – a standard to develop standards, so to speak. Financial institutions exchange massive amounts of information with their customers and amongst themselves in the course of delivering the services we all use every day.

Uniquely, ISO 20022 is adaptable to emerging requirements. ISO 20022 is chosen by many projects, communities, and experts as their messaging standard for financial business transactions. This may include emerging regulatory reporting requirements, market infrastructure developments, or legislative mandates to adopt new channels of data exchange between transacting parties. ISO 20022 offers an efficient and secure way of developing and implementing messaging standards that will serve as a basis for long-term requirements and solutions.

The development and changes to ISO 20022 applications varies in relation to what is aiming to be achieved and the need to address emerging business services.

At one end of the scale, the ISO 20022 development process permits the introduction of new data components and message formats into the standard. This means that organisations that wish to use the standard, are able to implement it to suit their purpose – achieving compliance and promoting interoperability. This process is achieved when an organisation puts forward a change request and business justification to the ISO 20022 Registration Authority, for approval by the ISO 20022 Registration Management Group. The governance of this process sits alongside ISO, is open and transparent, and allows for any organisation to submit requests for changes to existing messages or business justifications for development of new messages.

As the needs of the user community evolve the ISO 20022 Registration Management Group is often asked to consider the implications on the application of the ISO 20022 standard. The work to inform how ISO 20022 could be used to support APIs is an example of this thought leadership work.

Application Programming Interfaces and introduction of JSON encoding

Emerging applications of standardised open API’s require standardised data. An API is a set of functions and procedures that allows access to data or a service in order to provide greater functionality to the app or websites’ user. Data accessed via an API may be closed, shared or open data, however in order to expose a consistent view of data to an API requires the data to be uniformly presented. When APIs are implemented in a cross industry setting between many institutions with differing data sets ISO 20022 can add value by providing the common business data semantics in a standardised and uniform structure.

An informative guide will be made available by the ISO 20022 RMG which presents informative guidance on using the ISO 20022 common business data semantics in an API exchange. Today in fact the ISO 20022 standard includes formal support for XML and ASN.1 syntaxes, the RMG has recently discussed the concept that JSON could be used as an additional alternative syntax encoding so long as it adheres to the ISO 20022 standard for alternative syntaxes. This is demand driven so the RMG anticipates that it may receive a formal request from industry to approve the development of JSON as an alternative syntax in the near future.

With a clear demand for an ISO API standard the RMG has invited all experts, the RA and other interested parties to contribute to and help to expedite the development of the global API standard under ISO. This development is supported by ISO TC 68/SC 9 Information exchange for financial services. Our objective is simple – use ISO 20022 to support the definitions of common business data semantics within the ISO web-based API standard.