What is Open Banking and why does it matter?
The UK has long been recognised as a global leader in banking. The industry plays a critical role domestically, enabling the day-to-day flow of money and management of risk that are essential for individuals and businesses.
It is also the most internationally competitive industry in the UK, providing the greatest trade surplus of any exporting industry. The UK has a mature and sophisticated banking market with leading Banks, FinTechs and Regulators. However, with fundamental technological, demographic, societal and political changes underway, the industry needs to transform itself in order to effectively serve society and remain globally relevant.
The industry faces a number of challenges. These include the fact that banking still suffers from a poor reputation and relatively low levels of trust when compared to other industries. Many of the incumbents are still struggling to modernise their IT platforms and to embrace digital in a way that fundamentally changes the cost base and the way customers are served.
There are also growing service gaps in the industry, with 16m people trapped in the finance advice gap. In the face of these challenges, Open Banking provides an opportunity to
- open up the banking industry,
- ignite innovation to tackle some of these issues
- and radically enhance the public’s interaction and experience with the financial services industry.
A wave of new challenger banks have entered the market with these opportunities at the heart of their propositions. However, increased competition is no longer the only objective of Open Banking.
Open Banking regulation has evolved from the original intent
The UK started introducing an Open Banking Standard in 2016 to make the banking sector work harder for the benefit of consumers. The implementation of the standard was guided by recommendations from the Open Banking Working Group, made up of banks and industry groups and co-chaired by the Open Data Institute and Barclays. It had a focus on how data could be used to “help people to transact, save, borrow, lend and
invest their money”. The standard’s framework sets out how to develop a set of standards, tools, techniques and processes that will stimulate competition and innovation in the country’s financial sector.
While the UK was developing Open Banking, the European Parliament adopted the revised payment services directive (PSD2) to make it easier, faster, and less expensive for customers to pay for goods and services, by promoting innovation (especially by third-party providers). PSD2 acknowledges the rise of payment-related FinTechs and aims to create a level playing field for all payment service providers while ensuring enhanced security and strong customer protection. PSD2 requires all payment account providers across the EU to provide third-party access.
While this does not require an open standard, PSD2 does provide the legal framework within which the Open Banking standard in the UK and future efforts at creating other national Open Banking standards in Europe will have to operate. The common theme within these initiatives is the recognition that individual customers have the right to provide third parties with access to their financial data. This is usually done in the name of
- increased competition,
- accelerating technology development of new products and services,
- reducing fraud
- and bringing more people into a financially inclusive environment.
Although the initial objectives of the Open Banking standards were to increase competition in banking and increase current account switching, the intent is continuingly evolving with a broader focus on areas including:
- reduced overdraft fees,
- improved customer service,
- greater control of data
- and increased financial inclusion.
Whilst there is little argument that the UK leads the way in Open Banking, it is by no means doing so alone. Many other countries are looking carefully at the UK experience to understand how a local implementation might benefit from some of the issues experienced during the UK’s preparation and ‘soft launch’ in January 2018. There are many informal networks around the world, which link regulators, FinTechs and banks to facilitate the sharing of information from one market to another. Countries around the world are at various stages of maturity in implementing Open Banking. The UK leads as the only country to have legislated and built a development framework to support the regulations, enabling it to be advanced in bringing new products and services to market as a result. However, a number of other countries are progressing rapidly towards their own development of Open Banking. In a second group sit the EU, Australia and Mexico, which have taken significant steps in legislation and implementation. Canada, Hong Kong, India, Japan, New Zealand, Singapore, and the US are all making progress in preparing their respective markets for Open Banking initiatives.
One danger in any international shift in thinking, such as Open Banking, is that technology overtakes the original intention. The ‘core technology’ here is open APIs and they feature in all the international programmes, even when an explicit ‘Open Banking’ label is not applied. In a post-PSD2 environment, the primary responsibility for security risks will lie with payment service providers. Vulnerability to data security breaches may increase in line with the number of partners interacting via the APIs.
The new EU General Data Protection Regulation (GDPR) requires protecting customer data privacy as well as capturing and evidencing customer consent, with potentially steep penalties for breaches. Payment service providers must therefore ensure that comprehensive security measures are in place to protect the confidentiality and integrity of customers’ security credentials, assets and data.