Open banking is a driving force for digital transformation, using shared electronic financial data.
It provides lucrative business model opportunities for third-party Fintech app and financial services industry providers. Open banking gives global consumers and business users new products, valuable information, and payment services when they share banking data.
What is Open Banking?
Open banking lets non-bank third-party providers (TPPs) use software API connectors (APIs) to offer Fintech apps or financial services using shared bank customer information and bank account transaction data. When data security and privacy are maintained, open banking can benefit financial institution customers who authorize the use of their customer data.
Open banking can benefit traditional financial institutions through partnerships that increase customer value, customer experience, and the banking services offered.
Data Sharing through API Integration
Data sharing in open banking platforms works using APIs or other software integration methods.
An API (application programming interface) integrates one company’s software with third-party software by mapping and connecting data fields and providing seamless interoperability.
Open Banking Data Sharing Regulations and Initiatives
Open banking data sharing regulations or market-driven initiatives have been established by several countries and regions, according to Penser, a global digital financial services consulting firm. For market-driven initiatives, banks can have their own open APIs that enable open banking. But standardization doesn’t exist through regulation.
The EU and UK are regulatory leaders in open banking. Mexico is also working on open banking standards. Per Penser:
“Countries such as Japan, the US, India, and Singapore have more of a market-driven approach, while Hong Kong, and Australia have a regulatory-driven approach, much like the UK and EU.”
Open banking regulations include the Payment Services Directive (PSD2) in the EU.
Data security and privacy are issues that require protection in open banking. GDPR (General Data Protection Regulation) is a privacy law from the European Union (EU), effective May 25, 2018). GDPR provides open banking data protection and consumer data privacy and security regulations. GDPR is implemented in Europe and worldwide.
Although the U.K. is no longer an EU member, it was instrumental in creating EU open banking rules. The U.K. fully supports open banking through its Open Banking Standard that complies with PSD2. The Open Banking Standard includes strong authentication methods to protect the user and establish a good customer experience.
The Competition and Markets Authority (CMA) in the U.K. mandated the adoption of variable recurring payments by the U.K.’s nine largest banks (CMA9) in 2022, specified in the open banking initiative. The U.K.’s Open Banking Implementation Entity (OBIE) issued its Variable Recurring Payments and Sweeping consultation in late 2020 as a lead-up to the VRP and sweeping launch. (See Open Banking Examples for more about VRP uses.)
Australia launched open banking regulations in July 2020, including Consumer Data Right (CDR), requiring consumer consent for third parties to access their banking data and financial services company information. The Australian Competition and Consumer Commission (ACCC) regulates CDR and issues required accreditation to companies to participate in open banking. Adoption will continue beyond six companies in the next few years.
The Hong Kong Monetary Authority (HKMA) issued the Open Application Programming Interface (Open API) Framework for the Banking Sector in July 2018.
Phase I and Phase II of the Open API covering Product Information and Customer Acquisition have been implemented.
According to Lexology/King & Wood Mallesons:
“There has been a high adoption rate of Phase I and II, with more than 20 participating banks having launched over 800 Open APIs covering a wide range of banking products and services as of May 2021.”
Hong Kong issued guidance for the last two of four phases of Open API in December 2021. Phase III and Phase IV of the Open API Framework cover Account Information and Transactions for payments and transfers.
The U.S. doesn’t have comprehensive regulation of open banking, per FICO, although the U.S. has deployed many open banking apps and services.
Nacha, the same U.S. organization that oversees ACH (Automated Clearing House) regulation, formed an API Standardization Industry Group (ASIG) to create standards for open banking APIs. According to the American Banker, Bank of America has made its API specifications available for open banking usage since 2018.
The Dodd-Frank Wall Street Reform and Consumer Protection Act became effective in the U.S. in 2010. Dodd-Frank Section 1033 gives consumers the right to access and share their personal financial data. This access applies to sharing their financial data with other financial institutions and with third-party financial service providers through open banking, according to an op-ed in The Hill.
Transform the way
your finance team works.
Bring scale and efficiency to your business with fully-automated, end-to-end payables.
Open Banking Ecosystem
The open banking ecosystem is a term to describe open banking in its totality, including new and existing markets available through open banking and the tools and participants in open banking, including third-party providers (TPP). In general, an ecosystem includes the interplay of internal and external forces in a geographic area (land or ocean).
Open Banking Benefits
Open banking benefits include:
- Innovation in types of financial services, including information and payments
- New market revenues for providers of open banking
- More analytical and decision data using AI and machine learning
- Better loan terms found through data aggregation and comparisons of more lenders
- Consumer consent, data privacy, and data security regulatory requirements in some countries or regions like the EU
Open Banking Risks
Open banking risks include:
- Providing aggregated financial institutions account balances information to consumers via email, without encryption for privacy
- Cybersecurity risks
- Bad actors providing open banking applications or perpetrating scams
- Inability to recover funds from some TPP account holder apps, once sent
- More banking industry and financial institution risk for AML/KYC non-compliance
- Lack of comprehensive regulation in all countries using open banking
Open Banking Examples and Companies
Examples of existing and trending open banking uses and third-party companies providing open banking apps and web services follow.
Variable Recurring Payments (VRPs)
One example of a significant open banking trend beginning in 2022 is the initiation of real-time, instantaneous variable recurring payments (VRPs) in the U.K. that could eventually replace direct debits. VRPs provide several types of open banking functionality to make recurring payments that can vary in amount and let users set amount limits and a payment end date.
Uses for VRPs include subscription and mortgage payments, automatically sweeping money from one bank account to another to avoid overdrafts and receive higher interest rates, paying utilities and other bills with variable amounts on a recurring basis, and 1-click payments, according to Plaid, a technology company enabling open banking for consumers with Fintech apps.
Account Information and Transaction Aggregation
Cake is a Belgian company with a real-time open banking app. Cake for Business processes millions of consumer bank financial transaction data (including banking and credit cards) into anonymized reports. These reports help retailers and brands understand their market and target existing and new customers based on their shopping history. Cake for Business also works for customer cashback campaigns.
- Open banking uses customer personal information and bank account transaction data to make payments through third-party providers or provide information, credit decisions, and analytics.
- Open banking Fintech (financial technology) applications and financial services benefit businesses and consumers.
- Open banking business models have launched startups, grown small businesses, and created substantial companies.
- Open banking is a global trend made possible through government regulations or market-driven initiatives and open API standardization goals.
- When data security, privacy, and consent are required, open banking can significantly benefit financial institution customers who authorize the use of their customer data.
- Open banking has risks that should be mitigated by increasing security and data privacy, deterring fraud, anti-money laundering (AML), and other harmful practices.