Having launched in early 2018, open banking is set to change the state of play in the financial services industry. Early adoption has typically been pushed by governments, but increasingly we will see industry-led open banking develop. In this progress assessment we provide insight into the developments of open banking in different markets to keep you at the cutting edge of worldwide modernisation.
The UK and Europe driven primarily by regulation
The movement has been kick-started in the UK by the Open Banking Implementation Entity (OBIE), which has overseen the introduction of the service by establishing a benchmark for APIs. In 2017, the OBIE ordered all CMA9 banks to comply by January 2018 to a common standard for read/write and read-only APIs. Despite most failing to meet this deadline, they now all have fully operational APIs. Nearly 67 million successful API calls were made in the UK during June 2019 according to OBIE, indicating just how far ahead the UK is in this field. In addition, the UK is beta testing payment initiation service APIs that will allow consumers to pay companies directly from their bank accounts using third-party programs instead of conventional methods such as card payments.
It is clear that as a result of enforced legislation major banks in the UK have innovated, but this has not put disruptors off. Perhaps the most formidable UK challenger is Monzo, boasting 2 million users (as of June 2019) and attracting over $350m in investment. The digital bank utilises an API marketplace as a business model, generating revenue from being an intermediary between customers and third-party providers.
The story for the EU is similar, with PSD2 also coming into effect in January 2018. The legislation’s main focus is on giving third-party providers open access to consumer data for purposes including account information services and payment initiation. This has provided more than enough wiggle room for German digital-only bank N26 to gain 2.3 million users (as of February 2019) in 24 markets across Europe, but it hasn’t done so without waking the incumbents. Deutsche Bank has asked up to 100 third parties to develop new propositions based on its APIs, and in May 2018 it acquired Indian fintech Quantiguous Solutions to help develop its open banking platform.
The UK and the EU are far from indistinguishable in their approach. PSD2 does not enforce the creation of common API standards, meaning different banks may utilise different technical standards. Meanwhile, OBIE has mitigated to allow for services such as account aggregation to be as streamlined as possible. There have been initiatives within Europe to standardise API formats such as the Berlin Group’s NextGenPSD2 and Stet (owned by six major banks in France) creating a secure, easy-to-use API, but these efforts appear largely uncoordinated. In addition, PSD2 only grants customer transactional data to certain institutions. Price comparison websites fall outside this remit, whereas the Competition and Markets Authority hopes to establish whitelisting arrangements for such companies in the UK. Despite adopting similar models, it is clear that the UK remains a step – or two – ahead of Europe.
More industry-led and less prescriptive in Asia
China has taken a very different approach to the UK and Europe, with open banking being largely market-led instead of driven by changes to legislation. A lack of API standards, mandates, or customer data protection has enabled unrestricted growth. But this does not come without its risks. Elsewhere across the globe, incumbent banks claim that threats to the security of consumers are severe enough to warrant a delay in and heavy use of legislation. This thinking highlights why European lenders are being predicted to fail meeting the September 14, 2019 PSD2 deadline to make production APIs available.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataDespite such freedoms, Chinese banks remain slow on the uptake. Refusing to offer payment protection for online transactions, they have fallen behind tech giants such as Tencent and Alibaba. The latter has started offering loans and interest from investment-generated accounts – services previously exclusive to banks. However, with Chinese regulators beginning to clamp down on dubious cryptocurrency trading and P2P lenders, and reports of regulation to be introduced that reflects the General Data Protection Regulation, we may start to see stable, secure methodology replacing the experimental practices of over 3,000 Chinese banks.
Singapore appears to be welcoming open banking with open (and safer) arms. Smart Nation Singapore was implemented by the government back in 2014 to encourage adoption of open data and payments. Combine this with the Monetary Authority of Singapore (MAS) publishing an API playbook in 2016 – and in late 2017 an API Exchange being developed for secure data sharing between government agencies – and it becomes clear that Singapore is well ahead of the curve. This comes as a result of early innovation, with change not only promoted but enacted by the authorities. Banks have taken a guided initiative, with DBS launching the world’s largest banking API platform in November 2017, offering access to 155 separate APIs.
Hong Kong shares Singapore’s readiness, following an open API framework being released by the Hong Kong Monetary Authority in July 2018 to emulate that of the MAS, as well as a four-phase approach to open banking implementation. This keenness is shared by consumers; according to a survey by Accenture only 31% of Hong Kong consumers would not share financial information with third parties (compared to 69% of UK consumers). We are also seeing more pragmatic efforts in Hong Kong to develop open banking. For example, Citibank has partnered with contactless payment provider Octopus to offer novel services such as reward points and auto-refills of the Octopus digital wallet.
Malaysia has adopted a similar approach, creating implementation teams to support banking transformation via guidance from a non-mandatory framework. Bank Negara Malaysia, the country’s central bank and principal financial services regulator, established a Financial Technology Enabler Group in June 2016 to support innovation, as well as a Fintech Regulatory Sandbox framework a year later to allow testing of technology such as open banking. This has successfully promoted development, with Maybank releasing a developer portal with over 20 APIs in 2017, as well as Hong Leong Bank running the LaunchPad contest, which released five new applications in its first year.
Taking it slow Down Under
Compare this to Australia – a country traditionally ahead in digital banking. It has chosen to adopt a regulator-led model for rolling out open banking, but finds itself lagging behind the competition. It wasn’t until the start of July 2019 that the big four banks were required to provide access to product data for credit and debit cards, deposit accounts, and transaction accounts. The four will not be mandated to provide access to consumer, account, and transaction data for products such as overdrafts, personal loans, business finance, leases, and asset finance until July 2020. Slow on the uptake, incumbent banks are keen to buy time in order to successfully implement open banking schemes of their own and not be superseded by challengers.
Things are even more relaxed for the remaining Australian banks, which will eventually fall under the open banking regime but with a delay of 12 months. The Treasury’s review of open banking in February 2018 recommended using the UK’s Open Banking Standard for APIs as a starting point for Australia’s implementation. In other words, with the country trailing behind it finds itself attempting to replicate the efforts of the UK. However, there is still hope for innovation, with the Consumer Data Right legislation for Australia’s open banking legal framework being passed by the federal parliament at the start of August 2019.
Things are looking more hopeful for New Zealand, with Payments NZ releasing API standards for account data and payment initiations in March 2019, as well as an API Centre two months later to help coordinate the ongoing development, management, and governance of payment-related API standards – “bringing to life a new API-enabled ecosystem” according to Payments NZ. Yet it is still early days, with open banking inaccessible to Kiwis for the time being.
All quiet in North America
In January 2019 the Canadian Department of Finance published a consultation paper discussing the merits of open banking, inviting stakeholders to submit comments on the material in the following month. The paper identified open banking’s ability to diversify the ecosystem of financial services providers, whilst also making clear the need to ensure the privacy of Canadians is protected and their information is secure. Despite clear awareness from the government, the country has seen little to no development in the area. The Canadian Bankers Association has gone so far as to warn of the risks associated with third-party access to customer data. Erring on the side of caution, Canada will have to fight hard to catch up.
The US is likely to see change as a result of market forces. In October 2017 non-binding guidelines were introduced by the Consumer Financial Protection Bureau, but little has been done since to oversee development. Research from The Clearing House in August 2018 found that 67% of US fintech app users are “very concerned” to “extremely concerned” about data privacy, which goes hand in hand with US banks and fintechs forming the Financial Data Exchange in October 2018 – a non-profit organisation attempting to ensure secure sharing of data with third parties.
Meanwhile, in July 2018 the Treasury published a report in response to the Core Principles for Regulating the United States Financial System, an executive order signed by President Donald Trump in February 2017. In the report the Treasury recommends “removing legal and regulatory uncertainties” that restrict data-sharing agreements, encouraging firms to move from screen-scraping to more secure and efficient methods in line with practices seen elsewhere across the world. The report also promotes authorization by consumers of third parties to access financial account and transaction data, while emphasizing that a solution should be developed by the private sector. Given no enforcement from government and a lack of independent development, progress in the US is cautious at best and sluggish at worst, with no future milestones in sight.
Wrapping up: which way for the US?
Countries are taking a diverse range of approaches toward open banking and its associated benefits and risks. Caught between a rock and a hard place, lawmakers and banks must tread a careful path between too volatile a market enabling security risk, and too slow progress meaning losing out to global competitors. We see a clear division between models: standardised and non-standardised regulator-led models have been implemented in the UK and the EU respectively, in stark contrast to the market-led models seen in China and New Zealand.
The question on everyone’s mind is how the US, currently missing in action, will develop. Dysfunctional government is making regulator-led progress difficult, and a highly fragmented banking market is impeding industry-led advancement. Yet it seems likely the latter will dominate, as tech giants such as Facebook and Amazon provide a looming threat and disruptors like N26 are already claiming territory. Combining this with global competitive pressure, it seems inevitable that industry will become a force for change in the US.