Open Banking paves way to more questions about general data ownership
Review of FDATA Open Banking Summit in Edinburgh, December 6–7th, 2018
FDATA Summit is a serious content-heavy event with participants from open banking involved parties including banks and regulators, all engaged in serious and productive debate to deliver a scalable global environment of financial data interexchange.
Its not small thing to annouce the name Open Banking obsolete only after 1 year of it coming into force in the UK, yet the convenor of the original CMA-9 and now Chair of FDATA, Gavin Littlejohn, said this would certainly be the last Open Banking Summit, held in a spacious and magnificent McEwan Hall of the University of Edinburgh.
It will continue as Open Finance Summit, and the reason for this change is simple: a lot more is being done by numerious fintechs and companies other than banks, inventing valuable use-cases on how data is being used, achieving the original call for competition through data made free to access.
Free does not equate with uncontrolled or unaccountable, since concrete principles-based models have been developed to highlight end-state of users being better off and still having their data accessed in a secure and accountable manner.
The reason for the industry authorities to allow for open banking is simple: there is concentrated risk of pooled assets flocking via herd instincts to the biggest too-big-to-fail institutions in a opaque information-asymmetric market, where in a separate domain, ecommerce and internet-data platforms have built the total opposite: based on efficient access, processing and distribution of data that fuels calibration of ads, content delivery and goods purchase.
The dichotomy of private secured vaults of banking data and open swaths of private consumption data has to be reconciled and open banking is a great first domain of data that in most use-cases go hand-in-hand with others that banks have only indirect access (eg., behavioural and preferences data to target users with banking products ads or that of the 3rd parties).
Authorities overseeing consumer financial services see this, yet often open banking environment develops without their direct involvement via application of market forces: certain markets are either government-led or market-led, either of the two scenarios developing for different reasons. In market-led cases the leading actor is e-commerce that has basically redeveloped banking from ground-up to match it with the needs of the driving component: online sales. To not allow this case developing in established banking jurisdictions becoming conquered by new players with global ambitions, authorities and banks are acting in unison to help banking stay relevant in a unique market situation.
Certain countries directly postulate that it’s through coordinated effort and application of financial technologies and new firms developing their services on top of them — that the market can achieve a new state (for example, Mexico Fintech Law — the one that US is taking a closer look at as it grapples with state-by-state regulations not allowing to develop the market in unified manner).
I’ve done a couple of papers on the convoluted regulation structure of the US FS market not allowing it to operate with the efficiency achieved through homogenised law by the EU or other countries, but the US Government still sees great benefits from open banking for end-user rights and international competitiveness of the market — something one might pickup from the US Treasury so-called fintech report published this summer.
Currently seeking a compensating drive forward through bilateral agreements being forged between banks themselves and fintechs (to eradicate screen-scraping practices), only time would tell if these practices would be reforged with ease into a federal standard. Seeing as to how regularly and vehemently state legislatures are putting a dent in OCC attempts to institute a federal charter for fintechs, most likely existing 1 300 banks and 13 000 companies the Office oversees would work via principles-based approach.
Irrespective of how hard the road for open banking in the US is, over 140 million users have access to some form of open banking services enabled through bilateral agreements between their bank services providers and 3rd parties, while, according to Steve Boms from FDATA North America, only 15 per cent of Canadians have. Canadian regulator sees open banking as a threat to the stability of the system that stood aside from the economic recession.
For example, Australia sees open banking as a departing point of domain-based data regulation, formulating principles around each one and upon rigorous testing moving these to other (open banking in Australia happens in parallel with a consumer data right, where new data on energy consumption and retail will be made available), this also pushed by a competition authority — Competition Commission.
UK Open Banking one year forward:
Over 200 fintechs are looking to get authorized and the market is now witnessing banks themselves aggregating data. As some analysts correctly surmised, the regime provides a near-perfect bridge for banks to start building appropriate new digital tools under the brand umbrella, since the old infrastructure is past obsolesence.
According to FCA tracking progress of Open Banking, applicants are coming forward to use the regime: over 120 applications have been received with 38 firms accepted and 29 firms currently authorised to offer account a variety services under open banking.
Imran Gulamhuseinwala, UK Open Banking Trustee, admitted though overall usage and quality of conversions and completions of payments and information access are not where they should be, hence 2019 will be about rectifying the system in terms of uniformal acceptance in terms of quality and appeal to the user: similar neglect to these things left a noble pursuit of account switching a side-show.
Hence, after standardising the data in 2018, for 2019 the standardisation of the UX is what OBIE will focus on. The second focus trailing the first one is the mo channel driving adoption, demanding further simplification, efficiency of speed and delivery — and allowing for secure interaction due to in-built qualities of biometrics and 2FA.
Building common standards around financial data movement is important. Yet tech alone does not bring forward to a finite state of open banking. It only provides just one input and has to coincide with interface simplicity and trust from users. Standards have to be around use-cases and focused on a user.
Seeing as to how banks often miss the point of what users want these days or cannot enable these services due to technical or other limitations, OBIE will also start work on creating commercial apis. Built on top of regulatory mandated one, it will allow the market forces to decide on what services are needed.
CMA respective added to the discussion on terms of how the enablement of data opened through the financial services domain was enacted not for financial market sake, but for the betterment of ultimate utilitarian consumer value for the end user. With 3 key components in open banking UK: Operations, Standards and Testing functions, customer experience is becoming the ultimate test-case for the platform, since it competes for value with other market platforms (in a way, this is a response both to increasing concern over private data misuse, and the advent of platforms built on consumer data neglect).
Rather than prohibiting data openness, open banking UK borrows from the market open and interoperable standards: for example it worked with OpenID foundation on security, doing this from a set of market principles built around efficiency, stability and accountability.
Banks are themselves not jumping in joy that now that are able to share consumer data — but are interested in this process, because now they can grow the bottom line since banks loose importance. Banks developers are themselves using the same APIs. It provides ability to deliver new value, now sought and found elsewhere probably the reason why people acknowledging the utility of new ways of consuming online are looking for FS services from them.
Witnessing a number of data-led products one can attest that the contest now is to get individual user consent to access one data and provide better value, thus, reversing the gears from profitability of account holders (banks) to utilitarian value for the account-owner (user). Talking about open banking from a theoretical point of view is nice, but the gritty detail is in who is to pay if anything goes wrong: the speed in enabling access is detrimental to the user experience or, worst-case scenario, data gets lost or stolen: where UX and efficiency is now addressed, the liability model is a key success-or-failure component of open banking.
- What happens when data is hacked?
- What happens when the payment is moved
- What are the responsibilities of each member of the process?
The model also has to be in line with existing regulations on reversals and disputes of the PSD2 and explicit consent, data processing and storage of GDPR. There is an emerging consensus that both AISPs and PISPs have to have standard insurance coverage, helping them to conform to the event of loss of funds or allow general efficiency of speed, where reversals, refunds can be done before investigation is carried out.
Digital forensics thanks to every part of the process operating on congruent data allows digital forensics to be carried out efficiently, to protocol the interaction between for new use-cases, to expedite the audit while any eventuality is covered by a blanket insurance. The model has to be granular, accountable because it allows it to become insurable — enabling ultimate user simplicity.
One caveat remains: how to communicate the complex issue of data access and rights to the consumer as at the very same time the consumer until this moment lived in oblivious world of free online services, harvesting on the users data.
