API StrategyAPI GovernanceOpen Banking

Case Study: Digital Bank Tonik

A representation of the intersection between API strategy, design, security and governance all linking to the APIwiz symbol in the middle.

Meet Tonik: The neobank built to serve Southeast Asia’s unbanked population

Back in 2018, digital-only Southeast Asian bank Tonik was born out of a dream to launch a neobank across Southeast Asia.

“We chose the Philippines as our pilot market because of what could be a 20 million customer base across 7,200 islands with 60% of the population either unbanked or underbanked,” explained Arivuvel Ramu, group CTO of Tonik.

Before Tonik’s launch, most of the banking population was in the main Philippine cities of Cebu and Manilla, not present across this archipelagic nation. “Filipinos say if they want to open a bank account, they need to buy a good dress. Then they need to travel about 10 kilometers with two proofs of I.D., one proof of address, and one proof of income to open a bank account. And there was no quick access to cash. They have to wait for at least two to three weeks for getting any loans from any of the banking entities,” Ramu explained.

This results in extreme financial institution irregularity, he said, with unregulated lending markets, which brings with it a lot of risk from the systemic all the way down to the individual level.

Financial inclusion of the more than 1.7 billion people worldwide who are unbanked is deemed the enabler of the United Nations 2030 Sustainable Development Goals. Ramu and the rest of the founding Tonik team saw both a moral imperative and a huge opportunity in offering low-end financial products via this new type of mobile-only bank — sometimes called a neobank, digital bank or disruptor bank — specifically serving Southeast Asia.

“We saw huge potential, a multibillion-dollar business out there to serve the unbanked and underbanked.” — Arivuvel Ramu, Group CTO, Tonik

They reached out to BSP, the Central Bank of the Philippines, and received principal approval by the regulator in December 2019. They launched their pilot banking operation in November 2020.

After three months of the pilot, Tonik had its public commercial launch in March 2020. Since, they have rolled out the following customer-facing features:

  • Self-quick onboarding
  • Four deposit products
  • Three lending products
  • Two payment rails

In just the first year, Tonik has accomplished what would’ve been impossible with the traditional banking services in the Philippines, including:

  • 230,000 new customers
  • $30 million USD in customer deposits
  • $20 million USD lending portfolio

How Tonik’s success is built on modern technology

In traditional, legacy banking, high tech is equated with a higher customer acquisition cost. “Because of that, they focus on only premium customers,” Ramu said. But this is no longer sustainable. Traditional banks, reliant on inflexible, legacy infrastructure, struggle to compete with fintech disruptors and cloud-based banks like Tonik, because they aren’t able to roll out changes nearly as quickly. This leaves them with “either no innovation or very little transformation since their OPEX and CAPEX are high,” he explained.

Tonik is about creating a people-centric alternative, which necessitates a modern technology strategy.

“Neobanking requires a modern technology strategy which is in line with the business strategy. Technology can reduce OPEX and CAPEX and provide a customer-centric, contextual customer experience.”— Arivuvel Ramu, Group CTO, Tonik

For Tonik, that modern stack includes best-in-breed technology across the hybrid cloud, grounded in auto-scalable, invisible infrastructure.

Next, he said, Open APIs allow Tonik to integrate with merchant partners and different digital channels, to release features faster on the back of the API economy. This builds in what Ramu refers to as a “future readiness support system” via third-party API ecosystem partnerships. By being built API-first, Tonik is also better able to leverage managed SaaS tools for sales support, systems of record and other ancillary services, which in turn keeps the customer acquisition cost down, so the team can focus on their core client offering.

This extends to the addition of third-party cybersecurity tools to their stack which help Tonik, as it scales, to fully integrate and comply with different national regulations and legal frameworks.

A modern technology stack also enabled financial inclusion to be integrated into the building and launching of this neobank. This includes alternate credit scoring based on customer behavior and demographic data — because the unbanked simply do not have a credit history for traditional loan considerations.

Another hurdle overcome was proof of identity requirements. Yes, customers don’t need an I.D. to open the basic services, but more banking products open up when KYC [know your customer] financial services standards are fulfilled. For Tonik, this involves using the mobile phone’s camera to scan documents — proof of I.D., address, an income, which may be available in hard copy only — and then the Tonik app leverages machine learning to automatically populate details.

By being built totally in the cloud, Tonik can issue a bankcard in real time. Instead of the customer having to wait for a physical card to arrive before they can do any banking transactions, Tonik has enabled tokenization to link the debit card and the payment.

There are several doubts around mobile-only banking because of how easy it is to steal a phone. Tonik has again relied on a technical solution this time leveraging the mobile camera again, leveraging biometric identification and facial recognition for de-duplication for fraud prevention.

Tonik is an API-first company which has enabled it to quickly expand by partnering with existing global fintech partners, including:

  • Card processing integration with Mastercard
  • Bank processing center in Hungary (EU)
  • Digital layer and digital services from Amazon Web Services in Singapore
  • Contact center and operations support out of Japan
  • Anti-money laundering API from the U.S.
  • Fraud solutions from the U.K.
  • Modern cloud-enabled, Open API-enabled core banking from Finastra, which is running in Azure, Singapore

“We took a best-in-breed approach to technology and capability from diversified cloud in multiple geo-locations and all wired up in a secure way to provide the best customer experience in Southeast Asian markets,” Ramu said.

The challenge of Open Banking API Management

Yes, going API-first enabled all of these integrations with international best-in-breed solutions, but it doesn’t make it easier. Legacy banking systems may be significantly slower to market, but they are a lot less complex than API-backed distributed systems. This is where Tonik needed better API management.

Tonik was built on an Open API ecosystem of open banking and open finance. One of the key go-to-market strategies was customer acquisition through the Tonik partner ecosystem. From Day One that mean that Tonik built all of its own private digital services in Amazon Web Services on microservices architecture. In the two years of its design and implementation, Tonik built more than 300 internal APIs, as well as more than 170 external-facing APIs.

With the orchestrator model, ecosystem participants like digital lenders and payroll companies can use our regulated banking services over an open API banking platform, which helps us create new business revenue. All we need is the digital orchestration layer where we build a digital ecosystem through an API development platform, where you can easily onboard multiple ecosystem partners, define the financial products, and easily integrate and expose the open APIs for them to collaborate. And all your ledgers and all your systems are ready,” Ramu told Finastra before Tonik launched.

“Our collaboration with Apiwiz is instrumental in enhancing our Open API platform with API lifecycle management, developer portal, and consent management on top of our existing Google Apigee platform.” — Arivuvel Ramu, Group CTO, Tonik

Being at the forefront of Open Banking demands better API management. The Tonik team chose Google Apigee Edge as a SaaS managed API gateway and proxy layer in order to expose several of their private APIs to the public. However, Ramu found that Apigee Edge fell short of meeting the goals of his API strategy. Specifically he looked for a compliment to Apigee that filled in the gaps around:

  • End-to-end API lifecycle management
  • A developer portal with role-based access control to onboard several merchants and partners
  • Consent management

“When we looked at it, that's where we saw Apiwiz as a perfect fit for supporting these three capabilities,” he said.

“The complete end-to-end API lifecycle management, starting from design, development, implementation, monitoring, and put it into the API service management lifecycle, and create multiple API products within that specific API governance platform, that’s where Apiwiz was completely top in our list during our selection” of API management tools, Ramu continued.

Leveraging Apiwiz, Tonik has been able to migrate into the Apigee platform with proper Open Banking API grouping by domain, and is able to enact platform-driven governance.

Through Apiwiz they added to their API ecosystem

  • Consent management for compliance and user privacy
  • API security, monitoring and governance
  • Define a predictable release model
  • Launch an Open API Marketplace for developers and partners to access Tonik’s API

With Apiwiz, Ramu says Tonik has seen a remarkable increase in developer productivity and a significant reduction in operational cost.

Presently, 15 months since launch, Tonik has onboarded 300,000 customers and gained a $500 million USD valuation. With a cloud-native, API-first, Open Banking strategy, Tonik is able to offer financial services wherever Southeast Asian residents are, right from their pockets. We’re excited to be with them wherever they go next!


New Request Demo