COVID-19 | Official online Resource and News Portal. For more information, visit

Digital Finance APIs Come with Risks – Here’s One Way to Manage Them

Often an open API initiative starts when a digital financial services (DFS) provider sees the potential for scaling the exposure of services, such as payments, to partners and third parties. However, internal resistance can squelch the initiative, as management grapples with potential security, data privacy and brand reputation risks. While these concerns are valid, if providers believe open APIs make sense from a commercial perspective, they should think about how to address risks rather than miss out on the opportunities of open APIs altogether. One way to do this is through the use of fair, standardized legal contracts with partners and third-party providers.

A resource from CGAP and law firm Hogan Lovells, “Key Considerations When Developing Legal Terms and Conditions for Financial Services APIs” aims to help DFS providers address potential risks when exposing open APIs. It describes the risks a DFS provider will need to consider and includes a contract template that can help DFS provider’s initiate discussions internally. Sound legal contracts can complement operational risk management practices. And like APIs themselves, standardized legal contracts can reduce on-boarding time when working with external partners.

CGAP is a global partnership of more than 30 leading development organizations that works to advance the lives of poor people through financial inclusion. Using action-oriented research, we test, learn and share knowledge intended to help build inclusive and responsible financial systems that move people out of poverty, protect their economic gains and advance broader development goals. We research and experiment to achieve proof of concept and extract lessons that can be built to scale by our partners, who apply our insights in the marketplace.

Leave a Reply