A Treasury-backed working group is urging industry and government to move quickly to develop an Open Banking Standard that will make it possible for banking data to be shared and used securely for the benefit of consumers and to ensure the UK remains at the leading edge of financial services innovation.
A report by the Open Banking Working Group (OBWG), set up last year by Treasury to develop a framework for the design and implementation of an “Open Banking Standard”, says that as well as helping people to save, borrow, lend and invest their money in better ways, the creation of such a standard will lead to greater competition in the financial services sector and further stimulate innovation in banking. The group envisages the standard becoming the official go-to “guide for how banking data should be created, shared and used”.
The OBWG, a collective of policy makers and experts from sectors including banking and data management, also believes development of the Open Banking Standard framework will help the UK to implement new EU regulations on banking data and place it in a powerful position to develop an international version of the standard, something that would help support the leading global status of its financial services industry.
City players represented on the group’s steering committee include Barclays, HSBC, EY and Nationwide. The Open Data Institute, an independent company focused on promoting open data for economic and social benefit is also a member of the committee. The ODI was co-founded by Sir Tim Berners-Lee, inventor of the World Wide Web.
The OBWG has set out a raft of recommendations for how to implement the Open Banking Standard, with a focus on the evolution and roll out of its framework in phases over the next five years. It proposes the recommendations be actioned by an “Open Banking Implementation Entity”. The new body “should plan, design and deliver” all phases of the Open Banking Framework with input from and consultation with industry bodies.
The creation of the OBWG and its mission reflects the fast growing importance of “Open Data” – data that anyone can access, use or share – and “Open Application Programming Interfaces” (Open APIs), which enable systems to talk to each other and open data to be transferred from one organisation to another. Smartphones for example rely heavily on APIs, with apps and services able to access and drag data in from many sources, manipulate it via design and then present it to users in novel ways. A growing ecosystem of Open APIs across the financial world is expected to dramatically enrich consumer experience of and engagement with financial services.
The OBWG says: “By guiding how banking data can be better opened, accessed and shared, the Open Banking Standard will help developers to build services that are more targeted to meet the needs of customers, suppliers and other innovators in finance.”
The group strongly believes everyone can be a winner through Open Standard APIs in banking: “For customers, having access to their own banking data will mean better options for choosing and using financial products, and better ways to manage their finances. For challengers in industry, having access to open bank data, and clear, secure ways to integrate it with shared customer data will mean they can quickly develop new, or better, products and services. For banks, being able to make their interactions with customers smoother and simpler will help them to find efficiencies, improve customer service and deepen their customer base.”
While a UK inspired international Open Bank Standard is highly desirable, more urgent is the need for the financial industry, government and UK regulators to address changes in EU law that mean that within the next two years UK banks will have to open up access to their payments capabilities and provide services that enable customers to receive their data over the internet as well share it with third parties easily, safely and securely.
Called the Payment Services Directive 2 (PSD2), the EU law came into force in January 2016 and promises to have a far reaching impact on the relationship between banks and customers. It is also likely to further stimulate the growth of the payments-focused fintech sector, underpinning existing new generation players and encouraging more new entrants into the space.
An example where PSD2 will have a big impact is online shopping. Currently that typically involves the buyer entering payment details into a merchants website. The retailer then gets paid from the customer’s bank account by way of a few intermediaries (which increases transaction costs). Through PSD2, however, retailers will be able to ask their customers for permission to use their bank details and, once that is given, receive payment directly from the buyer’s bank, cutting out intermediaries. That will all require a direct connection between retailers and banks, with APIs expected to be at the heart of that mediation process. Some believe that PSD2 will lead to the demise of traditional credit and debit cards, perhaps even e-wallets.
Milestone recommendations by the OBWG for developing the Open Banking Standard include a call for a “minimum viable product” (MVP) for an Open Banking API based on open data to be launched towards the end of 2016. (MVP is a development technique widely used by start-ups to create the smallest or most lightweight product possible to meet a customer’s needs. )
The OBWG envisages that further development of the Open Banking API should lead to it including personal customer transaction data on a read-only basis from the 2017. The Open Banking Standard’s full scope, including business, customer and transactional data, should be reached by 2019, it says.
Banks bewarned: the times they are a changin’
Berlin-based The Open Bank Project (OBP), launched in 2010, is one fintech that foresaw the impact open data and APIs would have on the financial services industry. Part of the first cohort to be taken on by Accenture’s Fintech Innovation Lab in London, OBP is now a leader in its space, offering “an open source, developer-friendly API for banks that developers and companies can then use to build innovative applications and services based on the account holders’ transaction data”. The company’s high profile customer base includes the likes of BNP Paribas, RBS, Ulster Bank and Rabobank.
Simon Redfern, founder of OBP and a member of the OBWG committee is clear about the impact open data and APIs will have on the financial services industry globally: “In the words of Bob Dylan, “The times they are a changin'” – this time regarding access to banking data and services. If web pages give humans access to data, then APIs give machines access to data. And that is important because customers want to connect their banking data to solutions of their choice and banks want to reduce integration costs and more rapidly deliver customer centric, secure innovations.”
The new API driven world been in gestation for many years says Redfern, pointing out that in the last decade or so platforms have come to dominate the technical landscape. “The iPhone is a platform after all, boasting countless Apps that Apple could never have dreamed up by itself; so is Facebook – remember those “Poke” Apps that annoyed but helped grow the social graph; so is Twitter – hashtags were invented by third-party developers, not in house. The list goes on and includes Amazon and Google, who have woven themselves into the fabric of businesses around the world – all linked via their APIs which they monetise.”
So if the idea of “Bank as a Platform” has precedent, and the technology supporting APIs is not rocket science, why has it taken so long for the majority of banks to move in this direction? Well, says Redfern, some reasons might include bureaucracy within institutions, their fear of being disintermediated, and difficult to connect core banking systems. The open data bandwagon, however, has little time for such concerns: “If the carrots of hungry start-ups wanting to partner up with them, and the promise of happier net-generation customers and businesses have largely failed to shift the course of oil tanker-like banks so far, then the stick of regulation is set to catalyse the process. ”
While PSD2 looms large in the OBWG’s thinking, Redfern stresses that the UK open banking initiative is more than just a reaction to the EU directive. “Important as it may turn out to be as a response to PSD2, this open banking initiative is about providing more transparency via open data backed solutions for banking customers. It is also about ensuring that through increased competition – facilitated by technology – the UK is a vibrant and efficient place for consumers, businesses, banks and fintech ecosystems to thrive. If UK banks take the lead on this they will be better placed to ride the banking sea change in the age of block chain, APIs, open data and even the Internet of Things.”
The OBWG’s report is very alive to concerns that will inevitably emerge about consumer privacy and information security in a fast evolving, data sharing world. It says access by third parties to customer data held by banks should only be facilitated where bank account holders have given their “informed consent”. Furthermore, access, where consent has been obtained, would be “subject to constraints”, such as time limits or transaction size caps.
In addition, the OBWG recommends that an independent authority be set up to take on responsibilities for complaint-handling and on “how data is secured once shared, as well as the security, reliability and scalability of the APIs provided”. The authority should also “vet third parties, accredit solutions and publish its outcome through a whitelist of approved third parties”.
Redfern says: “It’s not just about technology. There are paradigm shifts to be managed involving personal banking data, aggregated anonymised data, publicly known data and unbundled financial product pricing that is perhaps tricky to codify and/or publish.”
He adds: “Letting personal data rest on applications not directly managed by the bank will require education of consumers who will need to give their informed consent. Banks who are understandably paranoid about security and used to the comfort of their walled gardens – will need to adjust to a world which is a little more open and reap the benefits too.”
The Open Bank Project has deployed a “UK Open Banking API sandbox” where anyone can try some suggested API calls using a web browser: https://uk.openbankproject.com