Permissioned access to a person’s financial data unlocks products that are more powerful and personalised. Learn how the UK is taking an important first step.
Napala Pratini is a growth & business strategy consultant to early-stage technology companies. Since concluding her graduate studies at Oxford, she has been enjoying the UK startup scene.
The UK aims to lead the world in fostering competition among financial services providers.
Its approach is grounded in a piece of landmark legislation called the Open Banking Standard. At its core, Open Banking exists to benefit financial services consumers through the use of open-source technology. But its impact has been equally profound among those building new fintech products. This primer on open banking is a starting point for entrepreneurs and software engineers looking to understand:
What open banking means and whom it impacts
How and why open banking came to be
How open banking differs from other ways of accessing financial data
What banking data can be accessed by third-parties
Where open banking and PSD2 overlap—and where they don’t
What is open banking?
Open banking defines a specific way for financial data to flow among three stakeholders: consumers, banks, and fintechs.
Open Banking prescribes that these data flows take place over Application Programming Interfaces (APIs), which function like the waiter in a restaurant. Fintechs (diners) select the kinds of data they would like to access from a menu (documentation) and tell the waiter (API). He delivers their request to the kitchen (bank). The kitchen prepares the food (data) as ordered. When ready, the waiter (API) brings the food out to the diners.
At its core, Open Banking exists to benefit financial services consumers through the use of open-source technology.
It’s important to note that fintechs can only access consumer financial data with the consumer’s explicit consent. That stands in stark contrast to credit reporting agencies, who collect financial data about consumers throughout their lives without once asking for permission. Generally speaking, consumers share data with fintechs in order to gain access to products and services they want (e.g. Credit Kudos, Tully, Wagestream).
Each of the three stakeholders has a different relationship to open banking:
Banks 🏛️ For banks, open banking constitutes a regulatory requirement to allow approved third parties access to customer data in a secure and standardized format —down to the individual transaction.
Fintechs 🦄 For consumer fintechs, open banking creates reliable access to high-quality financial data facilitated by trusted third parties. In order to access that data, these companies must gain consent from individual consumers and comply with relevant regulations.
Consumers 👪 Many consumers know little, if anything, about open banking. Nevertheless, the legislation benefits them by making possible a new generation of financial products and services, and by fostering competition in the financial services sector.
How did open banking come about?
Although the seeds of UK open banking were sown years ago, it’s only recently that the legislation has taken full effect.
2013 🔎 The Treasury begins investigating banking APIs as a way to address antitrust concerns and foster competition in the financial services sector.
2014 ✍️ John Gibson, an ex-member of Prime Minister’s policy unit, co-authors an independent report for the Treasury which investigated the concepts of open data and data sharing for banks.
2015 💷 Perhaps not by accident, the Treasury included APIs for banking data in their 2015 budget. There they explain various benefits of the technology, including increased competition amongst banks and better outcomes for consumers. (Somewhat separately, they recommend adopting banking APIs as a way for the UK to maintain its status as a global financial hub.)
2016 🏗️ A nonprofit called Open Banking Limited is incorporated to deliver on the requirements of the regulation. Simultaneously, the Open Banking Working Group is formed to build framework laying out how and when open banking should be implemented.
2018 🚀 UK open banking launches. It includes mandates for the nine largest retail banks and building societies (collectively known as CMA9) to provide API access to personal and small business accounts. Some challenger banks choose to comply as well.
The journey continues. In September of 2018, the standard rolled out to credit cards, prepaid cards, and e-wallets. Looking ahead, the fourth iteration of open banking is on the roadmap to be released later this year. It includes updates to future-dated payments and standing orders, as well as new clauses for two-way notification of revocation and trusted beneficiary exemptions. (article continues below)
What data can be accessed via Open Banking?
Open banking facilitates access to two kinds of data.
The first is publicly available data, such as banks’ product offerings and pricing. Accessing this kind of data allows third parties to build better comparison tools for financial products. For example, Yolt combines it with a user’s account data to make personalized recommendations about which financial products might be a good fit.
Fintechs can only access consumer financial data with the consumer’s explicit consent. That stands in stark contrast to credit reporting agencies, who collect financial data about consumers throughout their lives without once asking for permission.
The second, more nuanced piece is permissioned access to a customer’s private banking data, which includes (but is not limited to):
loan payment history
account and routing numbers or sort codes
real-time account balances
transactions history
Essentially, any data that you can access when you visit a bank branch can also be accessed through open banking. But the decision about which data to share, when, and with whom is entirely in the hands of the consumer.
This is where the true potential in open banking lies, as appropriate access to a person’s data allows third parties to build applications and products that are more powerful and more personalised. Things like:
Loans underwritten using personal banking data
Smart subscription and bill management services
Insurance products with dynamic pricing based on banking data
Automated micro-savings and micro-investing apps
What is Open Banking vs. PSD2?
PSD2 is a Europe-wide regulation that requires banks to open their data to third parties. Open Banking is the UK version of PSD2; the difference is that it demands slightly more of its member banks. There are three main distinctions:
Scope 🔭 In terms of scope, PSD2 applies to all providers of payment accounts throughout the EU. Open Banking, on the other hand, applies only to the CMA9. Some challenger banks have also chosen to comply.
Data Formats 💾 Whereas PSD2 lists few requirements about how consumer financial data is to be shared, Open Banking specifies that it must be made available in standardized formats. This is key, as billions of lines of data are rendered near useless if they are not standardized.
APIs 🔌 Whereas Open Banking actually specifies a single API that must be implemented by all regulated banks, PSD2 allows the implementation details (such as which data fields are included, methods of authentication, and consent models) to be defined by the market. (article continues below)
The road ahead.
We are still in the early days of reliable access to consumer financial data, but the Open Banking Standard is an important first step toward a financial system in which the incentives of financial providers are more closely aligned with the consumers they serve.
There are certainly wrinkles to iron out, as well as arguments both for and against the Standard. But for anyone looking to increase competition amongst banks and bring about better consumer outcomes, Open Banking is an experiment worth paying attention to.
Napala Pratini is a growth & business strategy consultant to early-stage technology companies. Since concluding her graduate studies at Oxford, she has been enjoying the UK startup scene.