On February 2, 2017, the UK’s open banking ambitions took a step closer to reality when the Competition and Markets Authority (CMA) issued its final order for the implementation of open banking reforms.
The final order sets down a strict one-year time frame for nine of the UK’s largest banks to launch their open banking API interfaces. This means that by the end of Q1, 2018, these banks will have enabled their customer data to be securely accessed by competitors and third parties.
A definite shift
For those of us who, having worked in banks, once considered the “open banking” concept to be no more than a pipe dream, this marks a significant milestone. If data is new oil, and banks are really only just starting to mine its full potential, then sharing this asset with the external world is a very tough decision, new opportunities notwithstanding. Which is why it was unlikely to happen without the CMA’s firm hand.
But all that is history. The UK’s open API banking initiative now looks to be set in stone with other regulators likely to follow suit. Meanwhile, the European Union already have their own open banking directive – known as PSD2 – due to kick in in 2018. So how will this change the lives of banking customers?
Choice, choice and more choice
The CMA’s Open Banking report, published in August last year, gives us some idea of what is to come. At this point, the most relatable improvement, from a consumer’s point of view, is the potential to view multiple bank accounts via a single app. Many industry players have already begun to envision that such an app could be used to not only keep better track of one’s finances, but to “cherry-pick” banking services.
The development of a so-called “banking-as-a-service” (BaaS) platform would pave the way for customers to easily select and assemble a set of banking services from across several providers. Similar to other portals, the criteria for choosing one bank’s services over another would extend beyond just fee and features comparisons, and include the available channels and digital experience on offer.
The new era of inter-bank platforms
However, whether this takes off in the way the CMA would like depends in large part on whether individual customers are sufficiently reassured about the security and confidentiality of their data. This in turn rests on the regulations, IT platforms and security protocols being established to support such BaaS projects.
For example, the PSD2’s Access to Account requirement stipulates that banks are obliged to share their customers’ payment account information with third party service providers. While the regulators have indicated that strict conditions apply, including how “payment account” is defined, and how service providers will be licenced, the industry is still struggling to interpret the guidelines.
Similarly, the private sector has sought to build common standard open banking protocols and platforms. These include the Ixaris-led Open Payment Ecosystem, the Microsoft and Intuit-led Open Financial Exchange (OFX) standard for the exchange of financial information, and the Banking Industry Architecture Network (BIAN), an association established to define a common IT framework for banking inter-operability. It remains to be seen which of these will take root.
No pain, no gain
Despite the flurry of activity, it is no surprise that some banks have serious reservations about the effort required to support open banking. Aside from regulations that are extensive and still evolving, open banking brings the risks of fraudulent third parties, digital intrusion, impersonation, and the illegal use of data.
The pain of acquiring the resources and new skill sets, including in risk, compliance, technology, and data science, suggests substantial short term pain ahead of gains that are as yet unquantifiable. Clearly, the first salvos in support of open banking have been made, but there is still much work to do.