Open Banking: How Data and Competition are Changing the Financial Game

The term “open banking” was born in 2015 as part of an initiative by the British government to stimulate innovation in the opening of financial competition. It has since become a regulatory measure in the European Common Market, promoting financial portability and customer control over their data. Europe has successfully implemented open banking, leading countries like Mexico and Brazil to establish regulatory frameworks. While Canada and the United States are nearing completion, other countries in the Americas still need to define their regulations.

The Payment Services Directive 2 (PSD2), which came into effect in 2020, mandated that all banks operating in European Union countries comply with its regulations for payment services. The United Kingdom has made significant progress in implementing the PSD2 standards, with additional amendments by the Open Banking Implementation Entity (OBIE) to ensure compatibility. PSD2 introduces the concept of open banking and defines two new types of licenses for payment initiation services and account information services. This regulation requires European financial institutions to open their services to third-party providers (TPPs), including banks and e-money institutions. The focus of the regulatory technical standards (RTS) is on strong customer authentication, credential management, and security policies.

Open banking objectives 

Open banking is sharing or consuming business services such as data, transactions, and algorithms with business ecosystem partners and aims to create new value for banking products and services. Open banking allows customers to access their account information from different entities through an interface using their bank’s banking app or any application provided by a third-party service provider (TPP). 

Funcas Financial Digitization Observatory states: “Open banking allows sharing and providing information and processes from financial institutions to a new ecosystem of third-party suppliers.” There are several benefits and opportunities when implementing open banking, for example: 

• Personalization and improved user service 

Customers are no longer limited to viewing their financial product data in the applications made available by the entities where their products reside. They can choose to use the applications that consider customer loyalty and whose UX (User Experience) and CX (Customer Experience) are most beneficial. 

• Increasing competition in the sector 

By eliminating the captivity of customer usage, entities compete to make their applications the most used for consultation and transactionality in digital channels. Cross-selling offers, the sale 4 of other products beyond the customer’s activity or balance checking, occur more frequently in the context where transactions are carried out. 

• Greater product offer 

By increasing integration, institutions can be present in digital ecosystems by expanding the offer of products to their customers or by simplifying the integration of products from external entities where customers have their basic financial products. The creation of new products for particular customer needs is also encouraged. 

• Allow financial inclusion 

The opening and expansion in integrating digital ecosystems make it possible to integrate with Fintechs, whose main objective is financial inclusion. Financial inclusion is one of their core missions and much simpler to reach in terms of less regulatory pressure than traditional banks. 

• Greater data control 

By aggregating and displaying the data in the application that customers choose, it is possible to access more customer data than would otherwise be feasible. It involves having the customer’s authorization to access the data for a limited time and handing them the artifacts to revoke that access frictionlessly, at any moment. 

• Tighter prices 

The use and advancement of technology reduce the need to integrate with intermediaries cutting down the costs of products and services.

Banks can consider the following four principles when implementing open banking:

• Customer data ownership: Customers have full ownership of their data, including deposits and financial products.

• Digital integration: Proposing open solutions to integrate seamlessly into the digital ecosystem.

• BAAS (Bank as a Service) & Financial Inclusion: Banks offer white-label financial services through their digital interfaces, enabling third parties to focus on payment origination, data aggregation, and cross-selling financial products. This expands the range of financial services available and promotes financial inclusion.

• Reuse added value: Providing customers with an exceptional offering by delivering a consistent experience across all digital products. This is achieved through the reuse and enhancement of design, aiming to fulfill customer needs in an effortless and intuitive manner.

In the Americas, implementing open banking has the potential to significantly enhance financial inclusion, particularly in Latin America and the Caribbean, where an estimated 55.1% of the population remains outside the formal financial system. In the United States, the NACHA, along with industry players, is leading initiatives to establish standard API communication interfaces. 

The objectives of open banking in the United States focus on eliminating screen scraping methods for accessing information. Meanwhile, Mexico has already implemented mandatory laws and regulations, including the 2018 Fintech Law and secondary laws on “Open Data” (June 2020) and “Aggregate and Transactional Data” (2021), based on the implementation in the United Kingdom. Various financial entities, credit information companies, Institutions of Financial Technology (ITFs), and clearing houses are participating in the development of standardized interfaces (APIs) with specific use cases such as information access requirements, commissions, and customer consent. 

Canada has established a committee consisting of government and industry representatives to define open banking regulations specifically tailored to the Canadian context. The committee has assigned four working groups to address key dimensions, including Accreditation, Liability, Privacy, and Security, with implementation planned for 2023.

Recommendations for implementing an open banking strategy:

• Define the governance model: Depending on the organization’s maturity level, some APIs may have already been used for specific consumers without a full open banking implementation. In the initial stages of defining the governance model, certain artifacts are necessary to productize services and facilitate early testing.
• Establish a Developers Site or Developer Portal: This platform provides comprehensive information about the terms and conditions for using or testing the organization’s services.
• Utilize virtual response services: Virtual, emulated, or mocked responses can be used to simulate API interactions without going through the full internal system validation. These services are secure and isolated from the bank’s internal network, and their responses always contain test data.
• Implement different environments for service construction: Having multiple environments that represent the different stages of service maturity is crucial for tracking the evolution of created services.
• Assess reputational risk: General terms and conditions should be defined to ensure that the availability of services through open banking does not lead to reputational incidents for the service provider bank. Evaluation processes should be established for members of the developer community who create applications or solutions using the bank’s services.
• Define related processes: Determine manual or automatic operational support processes for onboarding developer community members and internal processes or security asset exchanges for service consumption.
• Define API types and data types: It can be beneficial to establish a guide or flow that identifies the types of APIs to be made available and the kind of data that will be accessed (public, confidential, or private). Classification results can dictate the minimum security conditions required for consumption.
• Present the governance model to the risk committee: Introduce the API governance model to the risk committee for validation. Once approved, the risk matrix, security classification, and validation processes are validated within the defined timeframe for each institution.

In conclusion, the implementation of open banking can be driven by regulatory requirements or as a strategic choice for organizations. Regardless of the motivation, it necessitates careful preparation and contemplation, which can be facilitated by the methodological guide outlined here. The preliminary analysis is aimed at aligning existing systems and fostering a culture of co-creation and co-design, all while keeping customers’ needs at the forefront.

Ultimately, banks need to determine the role they aspire to play in the open banking landscape and organize their teams accordingly, in order to transform the vision of simpler solutions into a tangible reality.