Open Banking explained
Open Banking is about putting consumers at the heart of their money.
It is an enabler, designed to bring more competition and innovation to the financial services industry via Open API standards; granting consumers with more financial controls and smarter, data-tailored financial solutions.
Navigation: Open Banking APIs > What is Open Banking?
Open Banking explained
Open Banking is about putting consumers at the heart of their money. It is an enabler, designed to bring more competition and innovation to the financial services industry via Open API standards; granting consumers with more financial controls, greater access… and smarter, data-tailored financial solutions.
Navigation: Open Banking APIs > What is Open Banking?
A report published by the UK Competition and Markets Authority (CMA) in 2016, determined that the nine largest banks (known as CMA9) were operating in a monopoly-like fashion, with minimal competition for customers.
This was preventing new and innovative third-party providers (TPPs) from accessing the market, reducing the amount of choice and control people have over their money…
What is Open Banking?
In response, the UK Government ruled that the CMA9 must allow licenced TPPs access to their data via a single security protocol.
This new Open Banking ecosystem, governed by the Open Banking Implementation Entity (OBIE) - would allow consumers to share transactional data securely, with authorised third parties.
This movement looks to transform the financial world with transparency-of-data, empowering consumers to get more from their money while enabling smaller FinTechs and challenger banks to participate competitively.
Example
Through Open Banking, a customer of HSBC could log in to their online banking and see not only their HSBC accounts - but accounts held with ALL other financial institutions (with the ability to move money quickly and efficiently between accounts).
Additionally, all authorised TPPs can view this transactional data - so should loans, credit cards or mortgages be applied for, the decision can be given in mere moments. This is without any paperwork or time-consuming assessments; instead, relying on the consumers actual financial and transactional history.
What is Open Banking?
In response, the UK Government ruled that the CMA9 must allow licenced TPPs access to their data via a single security protocol.
This new Open Banking ecosystem, governed by the Open Banking Implementation Entity (OBIE) - would allow consumers to share transactional data securely, with authorised third parties.
This movement looks to transform the financial world with transparency-of-data, empowering consumers to get more from their money while enabling smaller FinTechs and challenger banks to participate competitively.
These third-party organisations must undergo rigorous Financial Conduct Authority (FCA) approval processes before entering the UK's Open Banking ecosystem. Even then - data is only shared with explicit consent, permissions must be 'opt in' and easily revoked, plus no security data like passwords are ever shared.
Global governments and financial institutions are now exploring their own Open Banking variants, each at different levels of development. In Canada, Open Banking is planned with 130 groups including Banks and the Federal Privacy Commission - who've already submitted to the Canadian authorities.
You then have the European Commission's PSD2 standards and various commercial, data, and payments-led initiatives in Australia and the United States. However, the UK is recognised as the Open Banking forerunner due to the UK Government mandating a single API standard upon the nine largest retail banks.
Companies are also exploring the use of Open APIs for internal enablement purposes, such as overcoming legacy infrastructure or dramatically reducing the time required to implement new systems.
“For example, let’s say you have a loan or credit system, typically lending up to £15,000. If you wanted to apply an FX element to lend that money in Hong Kong Dollars (HKD), the integration with legacy systems could easily take 9-12 months; even if you have an FX offering already available.
Using Open Banking, given that you have an API that connects elements together like lego blocks, you can integrate FX with a credit system in just 2 or 3 months because the credit facility can be implemented in your sandbox. You can test, make it secure and go live fast!"
- Mike Elson, Head of Consultancy Services at Caspian One
These third-party organisations must undergo rigorous Financial Conduct Authority (FCA) approval processes before entering the UK's Open Banking ecosystem.
Even then - data is only shared with explicit consent, permissions must be 'opt in' and easily revoked, plus no security data like passwords are ever shared.
Global governments and financial institutions are now exploring their own Open Banking variants, each at different levels of development. In Canada, Open Banking is planned with 130 groups including Banks and the Federal Privacy Commission - who've already submitted to the Canadian authorities.
You then have the European Commission's PSD2 standards and various commercial, data, and payments-led initiatives in Australia and the United States. However, the UK is recognised as the Open Banking forerunner due to the UK Government mandating a single API standard upon the nine largest retail banks.
Companies are also exploring the use of Open APIs for internal enablement purposes, such as overcoming legacy infrastructure or dramatically reducing the time required to implement new systems:
“For example, let’s say you have a loan or credit system, typically lending up to £15,000. If you wanted to apply an FX element to lend that money in Hong Kong Dollars (HKD), the integration with legacy systems could easily take 9-12 months; even if you have an FX offering already available.”
“Using Open Banking, given that you have an API that connects elements together like lego blocks, you can integrate FX with a credit system in just 2 or 3 months because the credit facility can be implemented in your sandbox. You can test, make it secure and go live fast!"
- Mike Elson, Head of Consultancy Services at Caspian One
Although originally created for Retail Banking, Wealth Managers in the UK are also beginning to offer corporate access to their clients via Open APIs for improved services. Corporate Banking access using Open APIs are strategic to the industry, with HSBC, Citibank and Barclays leading the way.
As of 2020, the UK had 84 regulated ASPSPs (financial institutions offering an online access payment account, including banks and building societies) - along with 260 authorised TPPs in the production directory (Open API ecosystem) and over 600 TPPs in the sandbox.
In terms of API performance, May 2021 saw a record 834.1m successful API calls (99% of total overall calls) - more than doubling in 12 months, from 410.2m reported in May 2020. For the latest performance metrics visit openbanking.org’s API Performance stats.
Timeline
Highlight moments in Open Banking history
2007
The European Commission releases PSD1 (the First Payment Directive), designed to regulate payment service providers in EU and EAA member states.
2015
European Parliament adopts a newly revised payments service directive titled PSD2, replacing PSD1 in 2018. These rules are focused on developing innovative online and mobile payment options in Europe, using Open APIs.
2016-17
The UK Competition and Markets Authority (CMA) rule that the nine largest UK banks (known as the CMA9), must allow licenced third-parties (TPPs) access to their data, down to the transactional level. The direction took effect in January 2018 with standards and systems created by Open Banking Limited (OBIE).
2018
The Canadian government announces plans to review the merits of Open Banking during the 2018 Budget. This has since reached the second stage of review (as-of January 2020), looking at how regulators and the financial sector can manage data security and privacy risks; now delayed due to COVID-19.
2019
August 1st 2019, Australian Parliament passes Open Banking legislation and launches the initiative as part of the Consumer Data Rights project by the Australian Treasury, in association with the Australian Competition and Consumer Commission.
2020
From July 2020 consumers are equipped to direct banks to share credit and debit card, deposit account and transactional account data with accredited TPPs.
In the UK, June 2020 saw the launch of OBIE's Open Banking App Store, the publication of UK Finances 'Open Banking Futures' report outlining recommendations for the future provision of Open Banking, the establishment of a Global Open Finance Centre of Excellence (GOFCoE) in Edinburgh - and a new mandatory 'Confirmation of Payee' system come into force.
2021
Global adoption of Open API standards is rapidly accelerating. Security is the primary concern for Open Banking success, alongside questions on banking data ownership.
COVID-19 has caused delays to many timelines but numerous TPPs have continued to develop new propositions, enabled by Open Banking.
For the latest insights from the UK's Open Banking governing body (OBIE) visit: openbanking.org.uk/insights - or request updates from Caspian One.
Highlight moments in Open Banking history
2007
The European Commission releases PSD1 (the First Payment Directive), designed to regulate payment service providers in EU and EAA member states.
2015
European Parliament adopts a newly revised payments service directive titled PSD2, replacing PSD1 in 2018. These rules are focused on developing innovative online and mobile payment options in Europe, using Open APIs.
2016-17
The UK Competition and Markets Authority (CMA) rule that the nine largest UK banks (known as the CMA9), must allow licenced third-parties (TPPs) access to their data, down to the transactional level. The direction took effect in January 2018 with standards and systems created by Open Banking Limited (OBIE).
2018
The Canadian government announces plans to review the merits of Open Banking during the 2018 Budget. This has since reached the second stage of review (as-of January 2020), looking at how regulators and the financial sector can manage data security and privacy risks; now delayed due to COVID-19.
2019
August 1st 2019, Australian Parliament passes Open Banking legislation and launches the initiative as part of the Consumer Data Rights project by the Australian Treasury, in association with the Australian Competition and Consumer Commission.
2020
From July 2020 consumers are equipped to direct banks to share credit and debit card, deposit account and transactional account data with accredited TPPs.
In the UK, June 2020 saw the launch of OBIE's Open Banking App Store, the publication of UK Finances 'Open Banking Futures' report outlining recommendations for the future provision of Open Banking, the establishment of a Global Open Finance Centre of Excellence (GOFCoE) in Edinburgh - and a new mandatory 'Confirmation of Payee' system come into force.
2021
Global adoption of Open API standards is rapidly accelerating. Security is the primary concern for Open Banking success, alongside questions on banking data ownership. COVID-19 has caused delays to many timelines but numerous TPPs have continued to develop new propositions, enabled by Open Banking.
For the latest insights from the UK's Open Banking governing body (OBIE) visit: openbanking.org.uk/insights - or request updates from Caspian One.
The profound implication of
data sharing on the finance industry
We talk about Open Banking and APIs from a consumer perspective, but as an industry, data sharing is set to alter the dynamic of finance dramatically.
A fundamental realism of Open Banking is that the data banks hold on the consumers, belongs to the customer - not the bank.
It's this truism that has driven Open Banking forward and excites FinTech's and financial service providers; early adopters ready to lead the change.
Sharing data comes with its own risks, raising privacy and security concerns that must be overcome. However, new emerging privacy-enhancing techniques (PETs) are aiming to reduce and even eliminate these risks altogether.
For example, adding 'noise' to analytical systems to prevent reverse-engineering individual inputs, encrypting data before it's shared or secure multiparty computation, where data is spread across multiple parties but never viewed as a complete set.
This is also where cutting-edge technology like Blockchain will contribute to the success of Open Banking, providing transparency, immutability and ease of verification.
Ultimately, those organisations that best adapt and embed Open API Standards will be best positioned to reap the benefits of Open Banking; engaging with a rapidly growing global ecosystem, with seemingly limitless potential.
The risks of remaining with outdated legacy infrastructure and products at this time, are far outweighed by the opportunities presented through sharing data and empowering TPPs to innovate.
The profound implication of
data sharing on the finance industry
We talk about Open Banking and APIs from a consumer perspective, but as an industry, data sharing is set to alter the dynamic of finance dramatically.
A fundamental realism of Open Banking is that the data banks hold on the consumers, belongs to the customer - not the bank.
It's this truism that has driven Open Banking forward and excites FinTech's and financial service providers; early adopters ready to lead the change.
Sharing data comes with its own risks, raising privacy and security concerns that must be overcome. However, new emerging privacy-enhancing techniques (PETs) are aiming to reduce and even eliminate these risks altogether.
For example, adding 'noise' to analytical systems to prevent reverse-engineering individual inputs, encrypting data before it's shared or secure multiparty computation, where data is spread across multiple parties but never viewed as a complete set.
This is also where cutting-edge technology like Blockchain will contribute to the success of Open Banking, providing transparency, immutability and ease of verification.
Ultimately, those organisations that best adapt and embed Open API Standards will be best positioned to reap the benefits of Open Banking; engaging with a rapidly growing global ecosystem, with seemingly limitless potential.
The risks of remaining with outdated legacy infrastructure and products at this time, are far outweighed by the opportunities presented through sharing data and empowering TPPs to innovate.
"Open finance is about sharing the data that you want to share. If it's not about this, it is a technology partnership, not Open Banking. If a Bank is seeking a relationship with a FinTech, that's not Open Banking either. In reality, it's about the customer's right to share data and while PSD2 allowed customers to share payment data, other data is still in an unregulated space and this information is not covered by any of the protections that PSD2 provides."
SOURCE // Gavin Littlejohn, Chairman at FData - from Money20/20 Asia, 2019
"The centrality of data to the transformations of the Fourth Industrial Revolution is today so self-evident as to have become a clichè, and whether you believe data is the new oil, the new gold or even the new bacon, there is no doubt that its growing importance is shifting the priorities of the private sector.
However, while many column inches have been dedicated to the competitive scramble to accumulate vast troves of data, less attention has been paid to the growing appetite of firms to unlock the power of data-sharing between institutions.
Within the financial systems specifically, we have seen a significant increase in the appetite for such collaborations across use cases ranging from improving fraud detection to enabling new forms of personal finance advice".
SOURCE // The next generation of data-sharing in financial services: using privacy-enhancing techniques to unlock new value (World Economic Forum / Deloitte)
It's important we remember that Open Banking is about consumer data rights, not APIs. Seven points of consideration when introducing Open Banking frameworks include:
Implement data right //
Ensure the customer can give and take away consent //
Consider liability //
put in place a regulatory framework //
Discuss technology specifications //
Explore the implementation journey and monitor success //
Set up implementation capability that considers governance & funding
To fully understand Open Banking in Europe, it’s vital to also comprehend the European Union’s second Payment Services Directive, PSD2.
To fully understand Open Banking in Europe, it’s vital to also comprehend the European Union’s second Payment Services Directive, PSD2.