Out of 10, 9 of them will have SOA (Service Oriented Architecture) in place. Then they'll have ESB (Enterprise Service Bus) solution to support their SOA initiatives. Web services are everywhere. Integration with internal and external parties are also common.
Why would they need a API Management then? Below are some of my slides:
Security, Sandboxing and Scalability is my most-used tagline.
Yes, they could have deployed their own DIY solutions, as the concept of API Management is not something new. Honestly, if your team is highly technical and security-conscious, there is really no need to buy a ready-built APIM product out there.
It's a matter of time to market and where you want to spend your time in.
Do you want to spend most of your time in your core business? Or do you want to split your precious time in managing the security risks and scalability issues when your APIs are exposed?
It's a choice - $ vs Time.
Below is a statistics showing the target audience of exposed APIs in the Financial Services:
The goals of deploying a APIM solution in the Financial Services section as illustrated below: