The banking industry took its time to transition from paper bills to plastic cards. Now it’s in the midst of a more rapid transformation: going digital.
“Open banking” allows anyone to share data from their financial accounts with third parties, like merchants, financial tech companies, or rival banks. For customers, it creates a way to easily compare bank offerings, transfer their bank accounts, and get an overview of their finances. (If you’ve ever been prompted to give another app access to your bank, then you’ve already used open banking.)
It’s also a way for banks — and merchant partners — to leverage large stores of data to boost their revenues and expand their offerings.
The digitization of transactions is accelerating the growth rate of the payments market, meaning banks have a major incentive to go all-in on their digital offerings. Payments revenues are projected to reach $800 billion in North America and $3.3 trillion globally by 2027, according to research by McKinsey & Co.
“Eventually, this is a win-win-win situation for merchants, for banks, and for customers,” said Bruno Cambounet, head of research at Sopra Banking Software, a subsidiary of Paris-based consulting firm Sopra Steria.
Banks are major data collectors. U.S. banks have 1 exabyte of stored data, or one billion gigabytes. This is typically gathered from things like credit card usage, transaction records, customer bank visits, call logs, support chats, and web interactions.
With open banking, retailers can use this financial transaction data to target advertising, give customers individualized offers, and tailor their initiatives in ways that are cost-effective and more attractive to consumers.
Ready or not?
Three-quarters of banks say they aren’t ready for open banking, according to recent data published by Sopra. The changes within the banking sector are spurring banks to develop their innovations and partner with data aggregators and potential competitors in the fintech sector to improve their offerings.
The main way that banks will be able to share this data is through application programming interfaces (APIs), which allow third-parties to gain access to certain data and information. According to openbankingtracker, there are 182 banks and account providers that offer open banking in the U.S., with 36 bank APIs and 17 data aggregators. Among the banks that have created their own APIs is Capital One, which launched its DevExchange back in 2016.
But APIs also give banks the ability to collaborate with fintechs and outside data aggregators to provide specialized services that are too expensive or complicated to replicate on their own. Citi, for example, has a number of open banking partnerships with aggregators including Mastercard, Amazon, Plaid, and Intuit.
For its part, Mastercard acquired open banking platform Finicity in November 2020 as part of its early foray into the growing market. The company offers an array of open banking solutions — including its latest subscription management tool, Smart Subscriptions — that financial institutions can incorporate directly into their apps.
And Visa is getting its foot in the door with its recently announced “data tokens,” which will allow businesses to request consent from a customer to get real-time, personalized offers as they shop, using AI-generated insights based on transaction data. Banks will also receive a token to show where a customer’s data has been shared and display it in their mobile app, so people can decide whether they want to continue sharing data with that merchant or revoke access.
Paving the way with regulation
In the U.S. and Europe, regulators are shaping new rules that will pave the way for banks to embrace open banking and open finance. Regulations are designed to give banks the tools to develop their own offerings, and to protect customers by giving them the power to decide when and with whom to share their data.
“I think that as long as there is a tangible benefit that comes from an organization where all the players are jointly working together, I’m confident,” Cambounet said, adding that consumers’ trust and confidence will ultimately be won through regulation.
🇺🇸 Last October, the Consumer Financial Protection Bureau (CFPB) issued the Personal Financial Data Rights Rule (1033), which requires banks and other payment firms to share transaction and account data with customers and authorized third parties. The rule also requires that third parties establish obligations for accessing a consumer’s data, including privacy protections for that data, and provide basic standards for data access.
The CFPB said the rule will give customers the ability to “break up” with banks that provide bad service and would forbid companies from misusing or wrongfully monetizing sensitive personal financial data.
“The ambition really is to protect consumer privacy and also to put practices in place that increase the safety of the open banking,” said Ulrike Guigui, a managing director at Deloitte Consulting.
The rule, which is expected to go into effect later this year, gives the eight biggest U.S. banks six months to become compliant and develop a roadmap for open banking.
“The message for banks is: Bring together a working group, have your chief data officer, your [chief technology officer], your head of product, and your [chief marketing officer] in there and say, ‘How do we what is it that we need to get done? How are we going to get organized to do this to make sure that we’re ready and compliant and can start thinking about the exciting products we can build on top of that?’” Guigui said.
🇪🇺 The European Union has charged forward in open banking adoption, moving leaps and bounds ahead of the U.S. The second Payment Services Directive (PSD2), adopted in 2015, established rules for all retail payments in the E.U. for euro and non-euro transactions, domestic and cross-border.
The directive requires banks to share customer transaction data with other banks and non-banks, with a customer’s consent. The primary goal of PSD2 is to boost competition and innovation in the financial services sector by removing banks’ monopoly on customer data.
The European Commission is now looking to move the needle further, driving a shift from open banking to open finance. Last June, the European Commission also published a regulatory proposal for the Financial Data Access (FIDA) framework, which will require financial institutions to share a broad set of customer data with authorized third parties.
“PSD has been, in Europe, more of a reaction from the regulator in order to protect individuals and citizens,” said Cambounet, of Sopra. “Generally speaking, FIDA is more proactive, and it’s really to think about what the business cases are for end users. We [in Europe] are way beyond the aggregation of data in order to have a comprehensive view of your finance.”
This article originally appeared on Quartz.