Paths and progress to open banking vary globally. For instance, in countries like the USA and Canada regulators make public pronouncements on the importance of openness in consumer financial services and make statements of intent, whereas in countries like Brazil or Japan, where open banking transposes to a national law, and in India, UK, or the Australia where the ability to conduct open banking has acquired legal status.

Listed below are the key regulatory trends impacting the open banking theme, as identified by GlobalData.

Data governance

Further increases in data require further work on structures and processes to manage, control, and disseminate data. Data catalogues that enable people across internal silos to discover and use data and the insights it enables become more important. A transition to an open data economy will also require that banks invest in advanced analytics tools that enable them to aggregate external datasets and customer-mapped data. Perhaps, banks will need to drive data-sharing and data-driven decision-making across the business, making use of machine learning (ML) and artificial intelligence (AI) to enrich insights.

Fair treatment

Regulators worldwide are fixated on various dimensions of fair treatment in the aftermath of the pandemic, but particularly issues of affordability and informed decision-making for consumers. Open banking-enabled data makes product comparison easier and can help give customers more transparency around options and risks.

Open banking data can also help expand access to financial services. For example, lending to small and medium enterprises (SMEs) is always the first to fall off during times of crisis, as their limited credit histories make them hard to assess. Expanding access to these firms can contribute as much as 33% of gross national product in developing economies, yet effective lending to this segment is disproportionately dependent on alternative data sources.

How to handle consent and permissions

Big questions remain around how to handle consent. Initially, there was talk of incumbent banks deliberately inserting friction into this process to impair the services of third parties. For example, making multiple requests for consent, or requiring online verification instead of using one-time passcodes (OTP). In some markets, that has come to pass. But it is also true that sometimes friction can build trust and reassurance – and the perception of security. Combining that with their KYC processes, and the data concerns around Big Tech, banks are in a strong position to be the data custodian.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Electronic Payments International.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Wells Fargo launched a ‘control tower’, which gives customers visibility into what data is being shared with who, when, and how, alongside the option to turn that sharing ‘on’ and ‘off’. More broadly, the rising importance of digital identity and consent-handling for data-sharing has created a clear captive market for banks that are able to leverage their long-standing reputations for security and trust. It will also lead customers to demand a clearer return for their consent on data or wealth.

Partnership terms

Banks may need to manage hundreds of partners in the open data economy. Doing this effectively will require metrics to distinguish between tactical and strategic partners. Service-level agreements are particularly important with smaller fintech partners, given that the incumbent bank partner will be bearing the greater reputational risk in the event of a service outage. Therefore, it is critical to understand how such an outage can occur and who is liable when it does occur, as well as establish an agreed process for recovering performance.

Amazon guarantees so-called ‘four nines’ (99.99%) availability, meaning only 52 minutes and 36 seconds of downtime across the entire year. Few smaller players can replicate those terms , forcing banks to negotiate on a case-by-case basis.

Regulatory limits to ‘platformification’

Open banking has enabled a variety of direct-to-consumer (D2C) business models for niche fintech providers that otherwise would have struggled to gain a foothold in the market. Yet it is also true that open banking reduces barriers to entry for global platforms in banking and allows them to extend their data and scale advantages into retail banking.

Big Tech in the US is no longer in a golden age of ‘lite-touch’ regulation but has faced various regulatory headwinds and consumer distrust. Meanwhile, regulators are clearly wary of the unconstrained rise of Eastern fintechs and the systemic risk posed by unregulated global firms in general, something that regulators in China appear to be waking up to, given the recent suspension of Ant Group’s listing in Hong Kong and the introduction of regulatory supervision of a number of its business units, including the lending platform business.

Other countries emulating European top-down model

As many countries around the world emulate the top-down adoption model in Europe, we anticipate many of the same types of issues. For example, negotiating an industry-wide standard is so difficult it might never actually happen, or it could end up being so watered down it represents little actual progress.

Banks are understandably wary about opening up application programming interfaces (APIs), as they would be liable for a data loss that they don’t have complete control over. But it is also true that banks have historically resisted aggregation for competitive reasons and that the current agenda creates an almost endless range of delay tactics.

They can repeatedly object to standards on the grounds of security and reliability. If standards are agreed, incumbents can deliberately misinterpret them, requiring online banking authentication instead of one-time passwords (OTPs), creating ‘friction’ through multiple consent requests, or denials of service for load-balancing purposes.

Unlike screen-scraping, APIs are a chargeable product and a new revenue stream for banks. They give banks more control over what data is shared, when, and how.

Moving towards a third payment service directive (PSD3)

While PSD2 has driven progress in Europe, it is also true that there is much still to be done to move beyond the mandated regulatory minimum APIs of the regulation, to a deeper and broader set of premium services that cover different data sets and use cases. Meanwhile, ongoing resistance and delay tactics from some incumbent banks will drive a more precise and concrete specification of API standards, directory services, and infrastructure (PSD3).

In the US, it seems unlikely that ongoing disputes between aggregators and incumbents can be resolved without intervention by regulators, at least to provide clarity on what is expected; therefore, top-down guidance can be expected in 2021.

This is an edited extract from the Open Banking 2021 – Thematic Research report produced by GlobalData Thematic Research.