The fast track to open finance
3 strategies to accelerate open finance in the UK
The UK Government is poised to develop Smart Data legislation in 2021 to bring the benefits of open banking-style data sharing to new sectors.This is great news for consumers who are still locked out of their own data in many areas, from utilities to insurance, despite wide ranging data laws (GDPR) aimed at data portability.But developing legislation and building sectoral frameworks around the new smart data rules is likely to take a number of years.
We believe it’s possible to achieve open finance much more quickly in the financial sector, where the groundwork has already been laid by open banking.It’s important that open finance happens quickly, to fully realise the benefits unlocked by open banking, and to ensure the UK doesn’t fall behind Europe, where open finance is being looked at by the EU Commission.We hope the outcome of the FCA’s open finance consultation and the Treasury’s Payment Landscape Review will enable the UK to get ahead on open finance, through an agile, targeted set of rules and facilitated industry collaboration.In what follows, we discuss how open finance can progress at speed by:
- Building on the foundations of PSD2 and open banking
- Introducing interim requirements for open savings and VRP
- Incentivising data holders to develop well performing open finance APIs
What is open finance?Open finance is the concept of extending open banking to a wider range of financial products. PSD2 limited open banking to payment accounts. This means consumers can’t currently get full control of their financial lives through a third party provider. For example they can’t view their savings accounts in a dashboard, or ask a third party provider to transfer funds from one ISA to another. The FCA believes open finance can eventually extend across:
- savings and investments
- consumer credit
- aggregating savings and investments data alongside the payment account data already available — to bring holistic financial management closer for consumers
- allowing access to financial account information in savings and investment accounts, to power value-add services like financial advice, ID verification and KYC
- enabling third party providers to initiate fund transfers between savings accounts, ISAs and other investments
- enabling third party providers to initiate bank and ISA switching
SequencingTo make open finance manageable for regulators and the industry, it should start by correcting some of the shortcomings of PSD2 — eg extending API access to savings and enabling variable recurring payments.This is the logical step to build on the foundations of open banking and give consumers more holistic control of their transactional accounts.In what follows we suggest ways to speed up the delivery of open finance, using insights from our experience with open banking.
1. Build open finance on the foundations of PSD2 and open bankingWe believe open finance can progress at speed if it builds on the foundations of open banking, rather than an entirely new regulatory regime. This means:
- replicating the PSD2 ‘right of access’ in legislation for open finance
- ensuring both ‘read’ & ‘write’ access in open finance, as with PSD2
- ensuring APIs are the basis of open finance
- re-using the PSD2 authorisations regime
- creating a permanent independent standards body to develop and maintain API standards, and oversee their implementation.
With open finance, as with PSD2, the legal right for customers to access open finance accounts using third party providers should be front and centre.Enshrining this right in law is necessary to shift financial institutions away from the mindset that they own the customer’s data and account access. This is key to driving competition, so customers benefit from innovative new services offered by third party providers, and financial institutions are incentivised to improve their own services.The PSD2 access right also gave banks (as data holders) a straightforward legal basis on which to release data to third party providers under GDPR. The same right should be introduced to ensure other types of financial institutions aren’t having to wrestle with GDPR and liability worries when allowing access to data.Ensure both ‘read’ and ‘write’ accessThe PSD2 access right did not just cover ‘read access’ of payment account data, but also ‘write access’ — the ability for third party providers to initiate payments on behalf of customers.This has paved the way for a new type of bank to bank payment to compete with cards and other payment methods. Adoption of open banking payments has grown significantly since 2018, as more businesses start to understand the security and cost benefits.
‘Write’ functionality should be a pre-requisite of open finance.‘Write access’ would, for example, allow authorised third party providers to:
- initiate fund transfers between savings accounts, ISAs and other investments
- initiate bank and ISA switching
Because APIs require up-front investment from data holders, making API implementation mandatory is the only way to guarantee that open finance will succeed.The FCA has recently acknowledged this in its proposals to mandate the use of APIs to a broader set of UK banks noting that ‘alternatives to APIs cause inconvenience to customers and significantly reduce the appeal of the service provided by TPPs’.Re-use the PSD2 authorisation regimeAuthorities could dedicate a lot of time and effort building a brand new authorisations regime for firms wanting access to open finance data. We think this would be a mistake.PSD2 has resulted in a well functioning FCA authorisation regime for open banking providers. We believe targeted rule changes should be made to add new open finance permissions to the PSD2 authorisation regime, which would allow:
- existing authorised open banking providers to notify the FCA of their intension to carry out open finance activity (without having to undergo further authorisation)
- new firms could apply for both PSD2 and open finance permissions at the same time
- as open finance broadens to new financial sectors, new permissions could be added to the existing regime sequentially, reducing the burden on regulators and firms of additional regimes per financial sector
We believe that OBIE should be repurposed into an independent, permanent open finance standards body, tasked with developing and overseeing the implementation of standards for the wider financial services industry.This would:
- maintain a monitoring body for open banking
- ensure that learnings and expertise developed through open banking are put to use for open finance
- lead to a more equitable funding model for the industry because costs could be shared more widely among participants
2. Introducing interim requirements for open savings to maintain momentumIt would be easy for any authority to be overwhelmed with the enormity of implementing ‘open finance’, much less extending open data principles across multiple other areas. Where to begin?We believe that the broader Smart Data initiative will take a number of years to be developed and implemented between 2021–2023. Work to migrate the UK’s open banking infrastructure to a permanent body will also take a long time.
While this is happening, the Treasury, CMA and FCA should maintain the momentum of open finance by introducing interim measures to complete open banking and extend it to open savings.What would this look like?
- In early 2021, the Treasury and FCA should extend the requirement for read/write API access to retail bank savings accounts
- The Treasury and FCA should support the work of OBIE to develop variable recurring payments (VRP), to enable open banking payments to compete with cards and direct debits
- The Open Banking Implementation Entity should be maintained beyond its current roadmap to develop the open savings and VRP standards
3. Incentivising data holders to develop well performing APIsWhile we believe that APIs need to be mandated for open finance, these APIs don’t necessarily need to be free, as they are with PSD2.A lesson of PSD2 has been that when banks are asked to build and maintain APIs for compliance reasons, rather than because they are revenue generating, the quality and reliability of the APIs suffer.It’s important that data holders understand that APIs are not purely a compliance exercise, so that they build API infrastructure to a high quality for commercial use.It’s also important that data holders have an incentive to maintain those APIs to a high standard, so quality services can be built by third parties connected to them.
We support the idea of developing open finance as a revenue sharing model between data holders and third party providers.There is already work to consider such a model in the SEPA API Access Scheme Working Group, overseen by the European Central Bank.Strong safeguards will need to be put in place to ensure data holders cannot exert overdue control over price and that access to APIs remains proportionate and non-discriminatory.