June 3, 2020
PSD2 is part of a global trend in banking regulation that aims to foster market competition, innovation, and security. In late 2015, the European Parliament passed the revised Payment Services Directive (PSD2) to disrupt the existing monopoly that the banks were holding. PSD2, which came into effect in 2018, replaced PSD, an earlier directive that created a single market for payments and the foundation for a Single Euro Payments Area (SEPA).
PSD2 is administered by the European Commission to regulate payment services and payment services providers throughout the European Union (EU). PSD2 mandates banks and other financial institutions to give third-party service providers (TPPs) access to consumer transaction accounts based on the account holders’ consent (for both retail and corporate customers). It establishes a clear and comprehensive set of rules that will apply to existing and newer providers of innovative payment services.
Main objectives of PSD2:
PSD2 has forced the banks to reconsider their position and business models. Many FinTechs, merchants, large consumer tech players, and banks themselves have been applying for licenses to operate in the capacity of these TPPs. TPPs are categorized as AISP (account information service provider) and PISP (payment initiation service providers):
Source: Open Banking
Customers will need to provide explicit consent for the usage of their transaction data. The EU’s General Data Protection Regulation (GDPR) requires that customers are made fully aware in a clear, concise, and transparent manner concerning how their data will be used and by whom.
The global financial landscape is continuously evolving, but one concept that is inevitably standing out is Open Banking. Think of the business model shift that happened when Apple launched the App Store in 2008. It gave consumers the power to choose the applications they wanted on their smartphone tailored to their own lives. Open Banking has the potential to have a similar effect.
Changes in consumer behavior, regulatory changes, search for new business models, and the threat for digital ecosystems like Google, Amazon, Facebook, and Apple is driving banks to walk the path of Open Banking. Open Banking is a systematic paradigm shift in the way financial services are delivered along the entire value chain, providing access to consumer banking, transaction, and financial data from banks and other financial institutions through the use of application programming interface (APIs). API platforms are the technological backbone for the implementation of Open Banking. Through the use of these APIs FinTechs, banks and other companies can build new and innovative financial services and products, such as third-party PFM apps (personal financial management apps) that provide a consolidated view across all your accounts and streamlined lending where lenders can get the required data to acquire the ability to make informed decisions instead of manually gathering data and so much more.
With Open Banking, this data belongs to the account holder and not the bank. Open Banking will re-architect the industry by placing the end customer/business in charge of their data held by the banks and, more importantly, how they want to use banking services, with consumers/businesses required to consent to data sharing.
Open Banking can achieve the following objectives:
Open Banking is a way of facilitating data sharing and not an app or product. Thus, it will take customers a while to see a tangible impact of Open Banking only after a number of solutions that augment value to consumers and businesses get implemented. Open Banking will push some of the passive, reactive banks to ramp up their tech efforts; it will also pave the way for several new services and business models which banks can adopt. Here are a few Open Banking use cases:
The Open Banking onset started when the Competition & Market Authority (CMA) in the UK was investigating the supply of retail banking services to personal current account customers and small-and-medium-sized enterprises (SMEs). In 2016, it was concluded that there was a need to improve competition in retail banking and financial services. Several changes were proposed, and “Open Banking” went into effect on January 13, 2018, as a regulation in the UK.
The CMA announced a mandate for the nine largest UK banks (also known as CMA9 banks) – HSBC, Barclays, RBS, Santander, Bank of Ireland, Allied Irish Bank, Danske Bank, Lloyds, and Nationwide – to implement recommendations developed by the UK government-appointed Open Banking Working Group (OBWG).
In many geographies, Open Banking has gone hand in hand with data privacy and protection laws. GDPR & PSD2 in EU, PDP & AA in India, and CDR & Open Banking in Australia are examples. Based on the UK’s Open Banking and the EU’s PSD2, different jurisdictions around the world are adopting their own versions of Open Banking either in the form of regulations or as guidelines for the market to adopt.
Source: Open Banking Report 2018
With Open Banking, banks could be relegated to the role of a utility and lose control over customer interactions as non-banking organizations embrace the open API economy. Therefore, they face a stark strategic choice. Do they want to become another utility providing commoditized, “white label” banking products and services, or do they want to maximize future shareholder value? A proactive approach is a best-case scenario. Here are some potential opportunities and business models across the ecosystem that are emerging out of Open Banking:
Following Europe and the UK, similar aspirations for Open Banking are now being seen worldwide. These broadly fall into two categories: market-driven and regulatory-driven. Since the drivers for Open Banking vary across geographies, it would be inaccurate to favor either of these models. The regulatory model supported by well-defined standards seems to have worked well in the UK, starting to see positive results in the EU.
Market-driven: Countries like Singapore and India do not have compulsory Open Banking regulations, but the policymakers are introducing a range of measures to promote and encourage the uptake of Open Banking. In Singapore, the MAS and the Association of Bank published a Finance-as-a-Service API playbook and launched a regulatory sandbox for experimentation between FIs and FinTechs. The US has also opted for a market-led approach, and there is no government-sponsored Open Banking policy. Many progressive financial institutions are leaning into open API-based business models to fight back data aggregators’ insecure practices of screen-scraping. India has had a very different and intriguing approach to Open Banking. Unlike many other geographies where Open Banking and instant payment initiatives are running in parallel, India instead launched Open Banking with payments on what is known as the Unified Payments Interface (UPI). It is now widely considered the best real-time payments network worldwide. After the large scale success of UPI, India has launched an Account Aggregation framework, which is its first foray into consent-based financial data sharing (though this is not a regulatory mandate in India).
Regulatory-driven: Countries like Hong Kong and Australia have gone down the path of a regulatory-driven approach. The HKMA published the Open Application Programming Interface Framework for providing guidelines and time frame for deploying Open APIs. The framework has a four-phase approach to the implementation of various Open API functions. The HKMA has made it a regulation for Hong Kong’s larger banks to comply with the Open Banking regulation and provide Open APIs. In Australia, Open Banking was introduced as part of the Consumer Data Right (CDR) by the Federal Government of Australia. The CDR will allow consumers to share their data with authorized third parties they choose. The critical difference is that CDR is a data policy initiative and not just a financial services initiative; it will be extended to other sectors like telecom and energy sectors, to begin with. Japan has introduced a “soft” Open Banking regulation. The FSA has amended its Banking Act to establish a framework for regulating electronic payment service providers, where banks were required to publish their affiliation and cooperation with third parties. Banks in Japan can charge fees to disclose customer data, unlike the UK’s Open Banking and PSD2.
Open Banking is still a relatively new development, and it will likely take some time to observe its full impact on financial services. Gaining consumer trust is the most vital element for realizing the true potential of Open Banking. Regulations are a catalyst and can create a conducive environment for innovation and customer reassurance. However, it is ultimately the ability to engage customers that will determine the success of Open Banking. Ecosystems and the digital economy could be the ultimate expansion of Open Banking!