Open banking has reached a fever pitch as the initiative takes off overseas. While banking and FinTech ecosystems are both maturing in sometimes opposing directions, the lack of data-sharing threatens to hamper innovation. Incumbent banks are rich with data but it is the FinTechs that have been harnessing and presenting data in imaginative ways to develop valuable new customer relationships.
Open banking brings together the best of both worlds by opening up a treasure trove of data to third parties via APIs. Furthermore, open banking governs this data-sharing with processes that allay the inherent risks that come with the connection. While challenges remain around data sharing and security, overall collaboration could spark new heights of innovation. Opportunities are emerging daily, with proactive players standing to capitalize the most.
The Status of Open Banking in the U.S.
While the EU is center stage for the open banking movement, the U.S. is not just an understudy. Several large U.S. banks are making moves of their own, committing to data-sharing deals with innovative FinTech partners. However, the U.S. also lacks the centralized approach to data governance that the EU has, making these partnerships hard to scale and more of a medley than anything repeatable.
Things are finally starting to look up with Biden’s executive order, which according to John Pitts, Plaid’s head of policy, is a welcomed move for open banking in the U.S. Pitts believes this executive order makes open banking a top priority of the administration and we will soon witness open banking moving to the forefront of the financial services landscape in the U.S.
Challenges of Open Banking
In the EU, open banking is rooted in the regulatory initiative meant to improve innovation and security via increased competition and accessibility. By opening data to third parties through APIs, financial institutions would widen the FinTech ecosystem and facilitate greater consumer choice through the availability of data. Shifting to this innovative state requires some groundwork. Financial institutions have found themselves grappling with digital transformation, evolving models and platforms, and emerging technologies.
To say that transitioning to an open-API environment is easy would be untrue. Not only are there technical specifications that need to be addressed but also new thinking around customer data and how it’s used. Two of the biggest concerns among financial institutions are:
1) Will we lose control of our customers’ data?
2) How will we address evolving data security concerns in a new open banking environment?
Both are well-founded concerns. With the open availability of customer data, it is possible that competitors can take, understand, and use customer data better than an incumbent bank has. For example, when third parties layer analytics capabilities on top of this data, it may be easier to glean valuable insights from data than it traditionally has been in the past.
In terms of security, the PSD2 has outlined very specific language about the fundamental security of API services per defined protocols like third-party verification and secure customer authentication. That said, other overlapping regulations must be adhered to in tandem, including the General Data Protection Regulation (GDPR), which acknowledges the rights associated with personal data and defines rules around how it is used.
Capitalizing on the Open Banking Model
While the challenges defined around data are very real, there are also tangible solutions to address them. On the competitive front, financial institutions need to be proactively developing additional capabilities to engage with technology and garner insights and analytics. Machine learning can be tapped for these purposes. The key is to determine the use cases, and then to leverage technology to find solutions and better serve the needs of customers.
In many cases, institutions still need to determine the appropriate way to ask customers for their data and for permission to use it to conduct effective analytics. Per GDPR, organizations must earn the right to have access. In cases where institutions are shifting their models and how they work, they may need to go back to customers and ask for new permissions to work with their data.
The payoff of effectively handling customer data is lucrative. Not only do organizations improve existing customer experiences but they gain the ability to develop new revenue streams. In most cases, services borne under this model are a boon to both consumers and providers.
