The Fintech Times spoke to Christoph Rieche, Co-founder and CEO of Iwoca, on how the UK Open Banking Project would work in practice.
Although Open Banking and PSD2 both revolve around opening up bank account data, they were completely independent initiatives with different aims. The CMA specifically designed Open Banking to stimulate competition in the UK retail banking market, whereas PSD2 is a much broader EU initiative that targets all payment processors.
Fortunately, Open Banking Ltd, the body responsible for implementing Open Banking, realised the confusion and extra work that would be created by having two radically different approaches. To avoid this, they ensured that Open Banking requirements were closely aligned with the PSD2 requirements, including the RTS (Regulatory Technical Standards).
In broad terms, Open Banking simply standardises the way that the major banks have to provide transaction data under PSD2, rather than allowing them to use a mish mash of different formats. This will make it easier for third parties to develop innovative applications based on bank transaction data in the UK, and is likely to drive higher uptake.
GDPR is another independent regulation that happens to be released around the same time as Open Banking. However, there is a common thread amongst all the projects, in that they aim to give individuals greater control over their data; whether it’s bank transactions, personal details, or social media data. Open Banking has taken GDPR compliance into account from the outset, such as ensuring that consumers are aware of exactly what data they will be sharing.
Expectations around UK Open Banking Project
The promise of a truly level-playing field may be too much to deliver, but Open Banking could certainly provide some correction in the balance which currently weighs heavily in the favour of the big banks. Much depends on the willingness of these banks themselves to cooperate with fintechs, and to see the value of greater collaboration, especially for customers. To truly deliver, banks will need to adhere to the spirit of the law, not just the letter.
There is always the risk that the banks will only go so far in cooperating, or will simply struggle to meet the technical requirements with their legacy systems. Already, the rollout has been delayed, and granting access to data won’t be of much use to third-parties if the connection is painfully slow or the data is unreliable. For customers to experience the full benefits of Open Banking, all providers are going to have to work together and make a real effort to resolve any teething issues.
Although Open Banking was launched at the start of the year, it is still in a managed roll-out phase – partly because the banks weren’t ready yet to work with the new technology that underpins the system. Therefore, it is difficult to evaluate something which is not really in use at this stage. What’s more, public awareness of the initiative is low. If Open Banking is to succeed, consumers and businesses need to be made aware of the advantages that are on offer, and also of the safeguards that are in place. But above all, the banks need to speed up the implementation process.
For alternative lenders like Iwoca, Open Banking is a great opportunity to go that little bit further in improving our customers’ journey and experience. With our proprietary technology, we already make funds available to small and micro business owners in minutes instead of hours, but that relies on the customer having the correct information at hand. In our case, the real benefit of Open Banking is removing that time intensive step of providing historic personal and financial data from the customer. Through the Open API, with the customer’s consent, iwoca can get that information directly from their bank, which has held it ever since the customer first opened an account with them. This means that our automated credit decisions can release finance in a few clicks and we can seamlessly update the customer’s credit limit as their business grows.
Identity shifts and technologies for the improvements
With greater data sharing, enabled by the entry into force of PSD2 and Open Banking, comes the need for greater security. Access to financial data has rightly been identified as the best route to empowering users, but strong standards need to be in place for verifying users’ identities and providing permission to share data. Identity authentication processes will rapidly need to evolve to meet the growing demand for seamless service with robust protection. We’ve already seen the role of two-factor authentication within a host of personal services such as bank accounts and email. It may only be a matter of time before these methods are eclipsed by the fingerprint scanning and facial recognition technology that is being introduced to unlock smartphones.
Companies have wised up to security over the past few years, with two-factor authentication now the standard for secure transactions, including for sharing bank account data. However, consumers still struggle to remember long passwords and instead write them down or reuse the same password across multiple sites. To solve this problem and drive adoption, effective security has to get simpler. We’ve already seen this with fingerprint sensors and facial recognition on phones. A similar approach should be taken across people’s digital lives.
There also needs to be a better way to verify your identity on the internet i.e. to prove to a website that you are who you say you are. There’s a lot of innovation going on here, with fairly sophisticated systems for verifying that selfies match ID documents, but there’s still a lot more work to do. We think a big opportunity will be the ability to share your confirmed identity from one provider to another, without having to supply sensitive ID documents to everyone. Distributed identity systems like GOV.UK Verify are the right step in this direction, but there’s not yet a widely recognised industry standard that’s trusted by consumers and available to third-parties.
Open Banking could be the dawn of a new era in the financial services industry, but it’s still too early to tell what effect this will have on the status quo. If all goes to plan, the banks will need to step up their service to a whole new level. Gone will be the days of poor customer service, cumbersome form-filling, and stringent terms, as more fintech providers offer fast, convenient, and automated services that take the hard work out of accessing new products and services. Customers will then come to expect and demand this level of service, giving the banks a hard decision to make: start putting customer’s interests before profits, or yield ground to fintechs, who can meet customer needs in innovative and intuitive ways.