What is Open Banking?
Open Banking is a system which allows a secure and permitted access of individuals’ financial information by third parties using application programming interfaces (APIs). It aims to give consumers and businesses back the control and access over their data.
The APIs allow third parties such as personal finance management apps to access your data to give you a complete picture of your financial status. Your scattered data is provided by different banks, cards and e-wallets you use and is put into one place. Technologies allow data retrieval even from receipts. Insights will reveal you have been Uber-ing, drinking espresso martinis too much, buying countless clothes you will ‘summer’ in on credit, how far you are from your savings target and many more.
What Open Banking unlocks does not stop at merely grading your spending habits (detrimental or healthy). It promises to open up a new era of lending and credit scores. Open data aims to provide comprehensive and complete data on an individual’s finances. This is of course dependent on universal adoption and homogenisation of the concept.
Nordic financial data provider Asiakastieto is building a credit-assessment solution using Red Hat’s OpenShift. Analysing data from consumers’ bank accounts will allow better understanding of cash flow of loan applicants, reducing repayment defaults and personal debt. UK-based Credit Kudos uses Open Banking rather than borrowing history to measure creditworthiness of individual borrowers. The company has joined a PwC project to build a digital banking ecosystem sandbox along with a number of cloud-based platforms and API solution providers. Open Banking-enabled credit scoring for SMBs could also help better assess the risk profiles of businesses and expand lenders’ loan portfolio again assuming that all lenders and bankers participate.
We’re not done yet, there’s more to come. The Open API model that underpins Open Banking can be applied in different sectors - mortgages, savings, energy, insurance, pensions you name it. Services will be tailored to you and seeking for better deals will be easier than ever. This can only work of course, if everyone participates, meaning all the service providers, banks and Neo-banks.
The concept of Open Banking was born in the UK. Following the HM Treasury’s announcement of its dedication to standardising APIs and share of data in UK Retail Banking aimed at encouraging fair competition and thus better customer experiences, UK’s Competition and Markets Authority (CMA) proposed a number of remedies including Open Banking in 2016. The Open Banking rules went into effect in January 2018, forcing the 9 largest UK banks to give access to permitted customer data to regulated third-party providers. The same month, the European Union launched its own piece of Open Banking legislation, PSD2 (the second Payment Services Directive) that applies to banks and e-money providers. With the UK and EU paving the way, a multitude of countries follow suit introducing a various measure of data sharing in banking and payments. Europe has also been leading data sovereignty with the General Data Protection Regulation developed in 2016. The existing data protection regulations helped the EU to quickly allow interoperability between services providing consumers with better financial terms.
State of Open Banking across the globe
Let’s look at the home of tech innovation, the US. With the legendary (and progressive) Silicon Valley and capital-rich New York as its backup, America is the home of 15 of the world's 20 most valuable tech firms. However the figure below suggests otherwise. At least when it comes to Open Banking. The figure shows the birth of Open Banking companies in the US, UK and EU in the past decade and a heavy concentration in Europe including the UK.
While in Europe and UK, bank APIs exist through which banks and fintechs share complex consumer data (with the consumer’s permission, of course) securely, in the US there is no such standardised process. Open API’s job has been performed by data aggregators in the US using “screen scraping” that does not specify to what extent consumers reveal their financial data. Although US banks are leaning towards APIs against scraping, the US still lacks a law and standards on these interfaces so they may not be complete or accurate. The relatively slow adoption of Open Banking in the US reveals how American financial services incumbents interact with fintechs and consumers. American banks have been reluctant to open up their data (and consumers are used to handing over their data to giant corporations, too) to new entrants and they clearly hate attracting competition. Open Banking in the US will only work if the incumbent leading banks believe they can profit from opening up.
Putting the consumers at heart, Australia has passed the Consumer Data Right (CDR) Bill in 2019. Following the CDR rules, the Big 4 banks in Australia will be legally required to make consumer data relating to credit and debit cards, deposit accounts and transaction accounts available from July 2020, mortgage and personal loan from November 2020. Last week, ACCC launched a platform where Fintechs and banks can apply for accreditation as a data recipient within the CDR regime.
The Monetary Authority of Singapore (MAS) and The Association of Banks have published an API playbook in 2016 that can serve as a guide for banks to develop APIs. 98% of the financial institutions in Singapore believe in Open Banking is crucial to the industry.
In May 2019, Thailand passed the Personal Data Protection Act (PDPA) providing similar contents to EU GDPR. Whether the PDPA marches in step with the creation of Open Banking and API standards is of concern.
In 2016, the Indian Government implemented Unified Payments Interface (UPI), an instant payment system for inter-bank and mobile transfers operating via API. India introduced the Personal Data Protection Bill in December 2019 followed by the draft bill in 2018. Similar to Europe’s GDPR, it sets out how personal data is stored and shared both domestically and internationally. Sharing of financial data is facilitated by Non-Banking Financial Corporation Account Aggregators (NBFC-AA).
The Financial Services Commission (FSC) and the Korea Financial Telecommunications & Clearings Institute have taken the initiative to lower the cost of transaction. Commercial banks in South Korea have officially started to open up their payment systems to fintech firms in December 2019.
Japan’s Banking Act promotes open banking and partnerships between established financial providers and fintechs. Japan aims to persuade big banks to open up their APIs providing access to payment accounts by 2020. The standards around the API infrastructure are not explicitly imposed.
The Hong Kong Monetary Authority (HKMA) launched an Open Banking regulation “Open API” in July 2018. The framework will be rolled out in four phases for banks to develop and implement open APIs.
The Banking Regulatory and Supervisory Authority of Turkey (BRSA) strive for structuring Open Banking aligned with the Regulation on Banks’ Information Systems and Electronic Banking Services (published in March 2020) and the Law on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions (amended in November 2019).
Mexico's Finntech Law launched in March 2018 offered a regulatory framework for key fintech groups, such as virtual assets, crowdfunding and electronic payment funds. It will also require the publication of Open APIs and common standards are being developed by the authorities.
The Central Bank of Brazil has released open banking regulation in May 2020. The regulation will require registered financial institutions to reveal transactional data to third parties under consumer’s consent. Open Banking regulations will be rolled out in four-phases, starting from November 2020.
So in conclusion, although the adoption and implementation of some form of open banking appears inevitable and unstoppable as a consequence of technological advances has anything substantial really changed?
In the four years since open banking was recommended by CMA, have transactions become less expensive, easier and faster? Well, in the UK and many other countries small payments can now be sent between mobile phones in minutes or seconds. Spending with a credit/spending card in a foreign currency can be a lot less expensive. It is now possible as an individual to hold bank accounts in multiple currencies and even transfer money between them without losing your shirt. Individuals in the UK and many other countries can aggregate all of their card spending through services such as Curve and see across multiple banks’ and spending cards. However, big and especially international payments or money transfers between currencies are still slow and expensive for anyone other than large companies or of course, banks. As an example, payments in USD, GBP and EUR all still run on completely separate systems and few players get to actually run payments in all three, instead relying on corresponding banks to provide this service, meaning someone else to be paid and another pair of hands to drop the ball. The cost and privilege of being able to do this rises steeply as the size/popularity of the currency falls. This means that for the financially weakest currencies (and countries) the cost becomes prohibitive and a barrier to trade. Of course, innovation exists here too but that is the topic for another time.
For now, banking is indeed becoming more ‘open’ and also faster. The initiative has led to an explosion in fintech innovation and new providers. Incumbent providers are thus being challenged to improve services and lower costs. The question of whether this can be sustained or is even profitable however, has yet to be really answered.