Are you ready to share your entire financial life online? It’s called ‘open banking’ and it just took a big step forward in the world’s biggest market.
Last month, US regulators announced measures to allow consumers’ financial data to be shared easily, following similar reforms in Europe and Australia that make it simpler to switch bank accounts and sign up for a range of financial products.
Banks “know every time you tap your card, they see you got the [train], and you go get your coffee, and you’re spending your money there,” points out Philip Benton, an analyst at tech research group Omdia and an expert on digital banking. “They [already] have all that data. [So] the whole point of open banking and finance is opening that up to the wider ecosystem.”
That is being made possible in the US by the Consumer Financial Protection Bureau under a new Personal Financial Data Rights rule that will, for the first time, guarantee Americans access to their data held at a bank or other provider at no charge. As a result, customers will be able to share that data with third parties — which will be subject to limits on how they use it — or revoke access to the data at any time.
“With the right consumer protections in place, a shift towards open and decentralised banking can supercharge competition, improve financial products and services, and discourage junk fees,” argues CFPB Director Rohit Chopra.
This right to control your data is one reason it is much simpler to change banks in, say, the UK, than in the US. “Account ownership is sticky in the US, where you are more likely to get divorced than to switch bank accounts,” observes John Pitts, the global head of policy for US fintech Plaid, and a former CFPB official.
Such portability of personal data, says Pitts, would also allow consumers to pick and choose “different products that either their bank doesn’t offer or [does] offer but someone else offers a version that better matches your need”. A customer would be able to use those more suitable products without leaving their main bank.
The next tech growth markets in payments
Countries to watch 2023-2027
Vietnam The success of local payment network NAPAS has boosted digital payments growth, with cardholders expected to more than double by 2027
Australia The real-time payment network PayTo, launched last year, will see increasing adoption over next five years as new use cases emerge
Saudi Arabia Fintech is a key aspect of the country’s goal of payments among individuals to be 70 per cent digital by 2025
Singapore
The city-state’s authorities have bold ambitions for a QR-code based payment system
Source: FT-Omdia Digital Economies Index
Open banking began as a UK government initiative in 2018, as part of Europe-wide efforts to foster competition and innovation, and break the stranglehold of legacy providers on personal finance. The biggest British banks were forced to share their customers’ data with third parties such as fintechs for the first time, under the authorisation of those customers.
Five years in, the results vary. Progress in achieving the aims of Europe’s Payment Services Directive Two, which implemented open banking in the EU, has been “disparate”, according to Daniel Jones, a partner at law firm Orrick who specialises in technology and finance.
“There are many, many jurisdictions I think in the EU that aren’t meeting the expectations set by the law,” he says.
Even the country that started it all has gone only so far. Jones says that, in the UK, the reforms have only had an effect on bank accounts and credit cards. “We are yet to really unlock the potential, which is the ability to compare things like mortgages or pensions,” adds Jones.
What happens in the US is therefore being keenly watched. While there is already widespread use of fintech apps that make use of customers’ data from other financial firms, that information is often gathered through “screen-scraping”, whereby bots copy it from a website using the customer’s log-in details. This can be unreliable and carries risks, including having more data than necessary taken by the third party.
In the US, the new open banking rule will require that, as in the UK, banks provide application programming interfaces (APIs), which allow data to be easily shared. The CFPB says its rule will “require data providers to establish and maintain a developer interface for third parties to access consumer-authorised data”.
In the UK, the huge cost of implementing the technological changes fell solely on the big banks, and not on the fintechs who stood to benefit from access to their networks — which caused conflict.
“I’m aware of certain large deposit-taking banks that have spent over half a billion [pounds],” says Jones.
In the US, the problem is that, while Wall St institutions can bear the costs, there are thousands of small and medium-sized providers that might struggle. The CFPB notes that “there are more than 9,000 banks and credit unions across the country, most of which serve as data providers, as do numerous non-depository financial institutions”. Making all those financial institutions work seamlessly together is likely to be a Herculean task.
According to the Fintech Brain Food newsletter, written by commentator Simon Taylor, the fact that the CFPB rule does not let banks charge for API access “will further reinforce the perception that open banking has zero upside for incumbents and all downside”. He proposes some form of revenue-sharing, in which banks could receive a small transaction fee when customers use open banking via third parties.
However, the Consumer Bankers Association, which represents retail banks, has welcomed the new rule, which also seeks to regulate fintech companies. “Many of these entities that are collecting, storing and selling this consumer information are not subject to the same rigorous data security and privacy standards as well-regulated and supervised financial institutions,” it pointed out.
And the Financial Technology Association — the fintechs’ lobby group — says the rule will bring consumers “one step closer to having a strong right to control their financial data”.
In addition, the regulatory changes should bring the US closer to the wider vision of Open Finance: having your entire financial life — spanning your deposit account, pension, mortgage, insurance and share portfolio — instantly available in the one place, and easily portable to different providers. Benton notes that Australia started with this idea — an open data rule that would expand to cover everything.
But steep barriers to fully Open Finance remain.
The first is a “huge trust issue” between the traditional banks and the third parties, says Jones. One unanswered question is who is liable in the event of fraud or the loss of data. What is needed, says Jones, is either clear legislation or a “killer app”.
In a recent Omdia survey on open banking, the top priorities of the banks were online security and protecting against fraud.
Pitts agrees that the question of trust is key. “When I think about a bank, the image for me is a vault — and the vault conveys trust in a deeply meaningful way,” he says. “I think you need that same level of trust in open banking, and that means appropriate regulation and policies and procedures when it comes to fraud and privacy.”