Open banking: a new global standard?

Open banking became a topic of global discussion in 2015 when the EU revised its Payments Service Directive and adopted PSD2.

Open banking adoption has been slow in some parts of the world

PSD2 aims to protect consumers when they pay online while also promoting the development and use of innovative online and mobile payments, as is the case with open banking.

Looking at the concept of open banking itself, we can clearly see the disruption it brings to the traditional banking and payments industry.

Unlike traditional banking, it is based on collaboration. It is meant to provide banks with a secure way to exchange financial data and services with third-party providers (TPP) such as fintech companies.

The way that happens is by first of all having customers’ consent and then using technologies such as application programming interfaces (APIs).

Naturally, this disruptive concept raises some questions when it comes to its adoption.

Has open banking managed to find its way outside of the EU? What has it brought forward in terms of security and regulations in the banking industry? How are different countries actually approaching open banking adoption?

The trailblazers of open banking: UK and Europe

Having set their own frameworks and API standards, the UK and the rest of Europe are regarded as trailblazers when it comes to open banking.

For instance, the Open Banking UK legislation was launched in January 2018 by the Competition and Market Authority (CMA) on behalf of the UK government to enhance competition and innovation in financial services.

Following the legislation, the CMA9 (composed of the nine biggest financial institutions in the UK) worked with the Open Banking Implementation Entity (OBIE) to deliver open banking.

They ended up developing a framework with technical, user-experience, and operational guidelines, including an API standard.

Compared with the UK, the initial progress in other parts of Europe has been slower, but many countries and banks have begun to take the initiative, including Germany, Luxembourg, and the Berlin Group consisting of more than 40 individual banks.

In fact, the Berlin Group has developed their own API standards to support implementation.

Ever since the UK and Europe paved the way, many other countries are taking their lead and preparing for the wider adoption of open banking around the world.

Open banking adoption in the rest of the world

When we take a look at the rest of the world and compare it to the UK and Europe, we will see much slower rhythms when it comes to open banking adoption.

In the US for instance, open banking is more of an industry-led initiative, which ends up causing some confusion as there are no regulations with specific requirements for compliance.

The starting point relies on the leading providers, but many believe that to reach its full potential the US needs to implement some open banking regulations, which could soon be on the cards.

If we move to South America, we can see that Mexico was the first country to pass a fintech law in 2018 to set out open banking standards.

But although the regulation is quite advanced, there are still some bumps in the road towards the implementation goal, as it is moving quite slow.

On the other hand, Brazil seems to be moving fairly quickly since releasing its first open banking announcement in 2019.

They have adopted a very structured implementation approach divided into four phases. The first one consisted of sharing data about the participating institutions and the second phase, which is approaching its deadline, consists of sharing customer data.

Moving to the Asia-Pacific region, Singapore is an early adopter and regional leader of open banking and APIs.

This is greatly related to the fact that the Monetary Authority of Singapore (MAS) provided an open banking framework, and together with the Association of Banks in Singapore (ABS), they have delivered an API Playbook to guide financial institutions when it comes to developing an open API architecture.

If we take a look at Australia, they went so far as to write open banking into their Consumer Data Rights (CDS) law. Regarding implementation, it has been divided into phases and the full data transfer for consumers is hoped to be available by February 2022.

Securing open banking

After seeing the state of open banking adoption across the globe, we can clearly spot some major differences.

When there are no standards, guidelines, or regulations to follow, the implementation of open banking becomes overly complex and slow — so it will likely take some time before we see it as a global standard.

Open banking is a clear step forward for financial services, but its very nature contradicts the traditional security approach in banking, where customer data and all operations are kept under highly controlled environments.

Secure open banking will inevitably require the adoption of improved client-side security, but these security layers will act as global enablers and put us closer to this new era of the financial industry.

About the author

Rui Ribeiro is the co-founder and CEO of technology company Jscrambler.

He has professional experience in the banking and finance sectors as an IT developer, team leader and project manager.