Jump to content

Open banking: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
Undid revision 1253254552 by 184.97.177.42 (talk) - linkspam
 
(145 intermediate revisions by 69 users not shown)
Line 1: Line 1:
{{short description|Financial services term to allow sharing of financial data}}
'''Open banking''' is a [[financial services]] term as part of [[financial technology]] that refers to:<ref>{{Cite web |url=https://www.paymentsforum.uk/sites/default/files/documents/Background%20Document%20No.%202%20-%20The%20Open%20Banking%20Standard%20-%20Full%20Report.pdf |title=United Kingdom > Budget HM Treasury > the Open Banking Working Group (OBWG) > The Open Banking Standard |access-date=2017-04-18 |archive-url=https://web.archive.org/web/20170418163531/https://www.paymentsforum.uk/sites/default/files/documents/Background%20Document%20No.%202%20-%20The%20Open%20Banking%20Standard%20-%20Full%20Report.pdf |archive-date=2017-04-18 |url-status=live }}</ref>
{{Dmy|date=May 2023}}
{{Use British English|date=May 2023}}
#The use of open [[Application programming interface|API]]s that enable third-party developers to build applications and services around the financial institution.
#Greater financial transparency options for account holders ranging from [[open data]] to private data.
#The use of open-source technology to achieve the above.<ref>{{cite web |url=https://www.mckinsey.com/industries/financial-services/our-insights/data-sharing-and-open-banking |title=Data sharing and open banking |publisher=McKinsey & Company |date=September 2017 |author=Laura Brodsky and Liz Oakes |access-date=2017-11-07 |archive-url=https://web.archive.org/web/20171108035225/https://www.mckinsey.com/industries/financial-services/our-insights/data-sharing-and-open-banking |archive-date=2017-11-08 |url-status=live }}</ref>


In [[financial services]], '''open banking''' allows for financial data to be shared between [[bank]]s and third-party service providers through the use of [[application programming interface]]s (APIs). Traditionally, banks have kept customer financial data within their own closed systems. Open banking allows customers to share their financial information securely and electronically with other banks or other authorized financial organizations such as payment providers, lenders and insurance companies.
Open banking, as a concept could be considered as a subspecies to the [[open innovation]] concept, a term promoted by [[Henry Chesbrough]]. It is linked to shifts in attitudes towards the issue of data ownership illustrated by regulations such as [[General Data Protection Regulation|GDPR]] and concepts such as the [[Open data|Open Data]] movement.

Proponents argue open banking provides greater transparency and data control for account holders, and could allow for new financial services to be provided. Proponents also say that it aims to promote competition, innovation, and customer empowerment in the banking and financial sectors.<ref>{{Cite book |last1=Premchand |first1=A. |last2=Choudhry |first2=A. |title=2018 International Conference on Communication, Computing and Internet of Things (IC3IoT) |chapter=Open Banking & APIs for Transformation in Banking |date=Feb 2018 |chapter-url=https://ieeexplore.ieee.org/document/8668107 |url-status=live |pages=25–29 |doi=10.1109/IC3IoT.2018.8668107 |isbn=978-1-5386-2459-3 |s2cid=84185109 |archive-url=https://web.archive.org/web/20230404205245/https://ieeexplore.ieee.org/document/8668107/ |archive-date=4 April 2023 |access-date=15 May 2023}}</ref><ref>{{Cite web |author=Open Banking Working Group |title=The Open Banking Standard |url=https://www.paymentsforum.uk/sites/default/files/documents/Background%20Document%20No.%202%20-%20The%20Open%20Banking%20Standard%20-%20Full%20Report.pdf |url-status=live |archive-url=https://web.archive.org/web/20170418163531/https://www.paymentsforum.uk/sites/default/files/documents/Background%20Document%20No.%202%20-%20The%20Open%20Banking%20Standard%20-%20Full%20Report.pdf |archive-date=2017-04-18 |access-date=2017-04-18 |publisher=HM Treasury |df=dmy-all}}</ref><ref>{{cite web |last1=Brodsky |first1=Laura |last2=Oakes |first2=Liz |date=September 2017 |title=Data sharing and open banking |url=https://www.mckinsey.com/industries/financial-services/our-insights/data-sharing-and-open-banking |url-status=live |archive-url=https://web.archive.org/web/20171108035225/https://www.mckinsey.com/industries/financial-services/our-insights/data-sharing-and-open-banking |archive-date=2017-11-08 |access-date=2017-11-07 |publisher=McKinsey & Company |df=dmy-all}}</ref> Opponents argue that open banking can lead to greater security risk and exploitation of consumers.

The first open banking regulations were introduced by the European Union in 2015, and many other countries have introduced [[financial regulation]]s related to open banking since.


== History ==
== History ==
In October 2015, the [[European Parliament]] adopted a revised [[Payment Services Directive]], known as PSD2. The new rules included aims to promote the development and use of innovative online and mobile payments through open banking.<ref name="PSD2 press release">{{cite web|url=http://europa.eu/rapid/press-release_IP-15-5792_en.htm?locale=en|title=European Parliament adopts European Commission proposal to create safer and more innovative European payments|author=EU Commission|publisher=EU Commission|accessdate=2016-05-04|archive-url=https://web.archive.org/web/20160722052406/http://europa.eu/rapid/press-release_IP-15-5792_en.htm?locale=en|archive-date=2016-07-22|url-status=live}}</ref>


The concept was first explored in 2003 as part of the [[open innovation]] movement that was promoted by [[Henry Chesbrough]].<ref>{{Cite news |title=When Open Innovation comes to banking - BNP Paribas |language=en-US |work=BNP Paribas |url=https://group.bnpparibas/en/news/open-innovation-banking |access-date=2020-10-29 |archive-date=27 January 2021 |archive-url=https://web.archive.org/web/20210127042701/https://group.bnpparibas/en/news/open-innovation-banking |url-status=live }}</ref><ref>{{Cite web |date=2018-04-03 |title=Open banking: The new face of digital transformation |url=https://www.ibm.com/blogs/regtech/open-banking-the-new-face-of-digital-transformation/ |access-date=2020-10-29 |website=IBM RegTech Innovations Blog |language=en-US |archive-date=31 May 2021 |archive-url=https://web.archive.org/web/20210531062320/https://www.ibm.com/blogs/regtech/open-banking-the-new-face-of-digital-transformation/ |url-status=live }}</ref> The advent of [[internet banking]] and development of online technology in the early 2000s led to interest in access to the data, which was first seen in [[account aggregation]] attempts by technology companies.
Support for the concept is not unanimous. [[Mick McAteer]], of the UK [[Financial Inclusion Centre]], thinks that only the tech-savvy will benefit. He says that open banking is "a daft idea", which will lead to more financial exclusion for those on low incomes. He says it is naïve of regulators to expect consumers to own their data and be able to get better deals from banks, and points out the danger of consumers being exploited, either by businesses offering new types of expensive payday loans, or misuse of data and personal information that people have revealed in places such as social media.<ref>{{cite web |url=https://www.bbc.co.uk/news/resources/idt-sh/The_disruptors_money_changing |title=The Disruptors - Money |website=BBC News |date=21 November 2017 |author=Kevin Peachey|display-authors=etal |accessdate=21 November 2017 |archive-url=https://web.archive.org/web/20171121074316/http://www.bbc.co.uk/news/resources/idt-sh/The_disruptors_money_changing |archive-date=2017-11-21 |url-status=live }}</ref>

During the 2010s, open banking was also linked to shifts in attitudes towards the issue of data ownership, illustrated by regulations such as [[General Data Protection Regulation|GDPR]] and the [[open data]] movement.{{Cn|date=May 2023}} With open banking, banks turn into financial service platforms, technically implemented through a [[banking as a service]] concept.<ref name="BaaS">{{cite web |last1=Scholten |first1=Ulrich |title=Banking-as-a-Service - what you need to know |url=https://www.ventureskies.com/blog/banking-as-a-service-categorizing-the-services |access-date=28 May 2020 |publisher=VentureSkies |archive-date=20 February 2019 |archive-url=https://web.archive.org/web/20190220140414/http://www.ventureskies.com/blog/banking-as-a-service-categorizing-the-services |url-status=live }}</ref>

The first real regulatory move to open banking came in 2015 when the [[European Parliament]] adopted a revised [[Payment Services Directive]] known as [[PSD2]].<ref>{{Cite web|title=Press corner|url=https://ec.europa.eu/commission/presscorner/home/en|access-date=2021-09-08|website=European Commission - European Commission|language=en|archive-date=25 August 2020|archive-url=https://web.archive.org/web/20200825095835/https://ec.europa.eu/commission/presscorner/home/en|url-status=live}}</ref> The new rules were aimed at promoting the development and use of innovative online and mobile payments through open banking.<ref name="PSD2 press release">{{cite web|url=http://europa.eu/rapid/press-release_IP-15-5792_en.htm?locale=en|title=European Parliament adopts European Commission proposal to create safer and more innovative European payments |publisher=EU Commission|access-date=2016-05-04|archive-url=https://web.archive.org/web/20160722052406/http://europa.eu/rapid/press-release_IP-15-5792_en.htm?locale=en|archive-date=2016-07-22|url-status=live}}</ref><ref>{{Citation|title=Commission Delegated Regulation (EU) 2018/389 of 27 November 2017 supplementing Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication and common and secure open standards of communication (Text with EEA relevance. )|date=2018-03-13|url=http://data.europa.eu/eli/reg_del/2018/389/oj/eng|issue=32018R0389|language=en|access-date=2022-02-14}}</ref> This introduced a number of new services, definitions, and obligations for market participants.

This was welcomed by fintech companies but banks were generally slow to agree to sharing the data for technical and security reasons as well as concerns for new competition. Between 2015 and 2021, a number of countries enacted laws and regulations forcing traditional banks to provide API access to customer data.

== Risks and criticism ==
With open banking, banks open their APIs to third-party [[fintech]] companies, which comes with security risks. [[Hackers]] can target third-party apps and excessive access privileges could be given to employees. Malicious actors may be able to trick banking customers and third-party companies with [[phishing]] scams.<ref>{{Cite web |title=The Risks of Open Banking: Are Banks and their Customers Ready for PSD2? - Security News |url=https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-risks-of-open-banking-are-banks-and-their-customers-ready-for-psd2 |website=www.trendmicro.com |access-date=15 May 2023 |archive-date=9 May 2023 |archive-url=https://web.archive.org/web/20230509043932/https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/the-risks-of-open-banking-are-banks-and-their-customers-ready-for-psd2 |url-status=live }}</ref>

There are also privacy concerns about open banking.<ref name=":0">{{Cite web |last=Reynolds |first=Faith |date=2017 |title=Open Banking: A consumer perspective |url=https://home.barclays/content/dam/home-barclays/documents/citizenship/access-to-financial-and-digital-empowerment/Open-Banking-A-Consumer-Perspective-Faith-Reynolds.pdf |website=Barclays |access-date=15 May 2023 |archive-date=9 May 2023 |archive-url=https://web.archive.org/web/20230509001918/https://home.barclays/content/dam/home-barclays/documents/citizenship/access-to-financial-and-digital-empowerment/Open-Banking-A-Consumer-Perspective-Faith-Reynolds.pdf |url-status=live }}</ref> There is a risk of aggressive market practices or offering a customer more expensive products based on an analysis of openly-available financial data.<ref name=":0" />

For consumers, open banking poses a risk of "digital and financial exclusion".<ref name=":0" /> Mick McAteer, from the UK research firm Financial Inclusion Centre, said that only the tech-savvy would benefit from open banking and it would lead to more financial exclusion of those with low income.<ref name="bbcdisruptors">{{cite web |author=Kevin Peachey |display-authors=etal |date=21 November 2017 |title=The Disruptors - Money |url=https://www.bbc.co.uk/news/resources/idt-sh/The_disruptors_money_changing |url-status=live |archive-url=https://web.archive.org/web/20171121074316/http://www.bbc.co.uk/news/resources/idt-sh/The_disruptors_money_changing |archive-date=2017-11-21 |access-date=21 November 2017 |website=BBC News |df=dmy-all}}</ref> He said that consumers could be exploited, either by new types of [[Payday loan|payday loans]] or the misuse of data and personal information that people have [[Digital footprint|revealed online]].<ref name="bbcdisruptors" />

== Use and regulation ==
=== Africa ===

Open banking in Nigeria was kickstarted by the Open Banking Nigeria as an initiative to be non-partisan and non-financial API standards for Nigerian financial services. It was formed in June 2017 by a group of bankers and fintech experts who got together to propose the adoption of common API standards for the country.<ref name="BusinessDay">{{cite news |last1=Moses-Ashike |first1=Hope |title=Explainer: What to know about Open Banking |url=https://businessday.ng/news/article/explainer-what-to-know-about-open-banking/ |access-date=22 May 2023 |publisher=Business Day |date=9 March 2023}}</ref> Open banking in Nigeria later evolved into a regulatory backed initiative with the release of the open banking regulation by the [[Central Bank of Nigeria]] in 2021<ref name="Regulatory Framework for Open Banking in Nigeria">{{cite news |last1=Central Bank of Nigeria |title=Regulatory Framework for Open Banking in Nigeria |url=https://www.cbn.gov.ng/out/2021/psmd/circular%20on%20the%20regulatory%20framework%20on%20open%20banking%20in%20nigeria.pdf |access-date=22 Jan 2024 |publisher=Central Bank of Nigeria |date=17 February 2021}}</ref> and the subsequent Operational Guidelines for Open Banking in Nigeria.<ref name="Operational Guidelines for Open Banking in Nigeria">{{cite news |last1=Central Bank of Nigeria |title=Operational Guidelines for Open Banking in Nigeria |url=https://www.cbn.gov.ng/Out/2023/CCD/Operational%20Guidelines%20for%20Open%20Banking%20in%20Nigeria.pdf |access-date=22 Jan 2024 |publisher=Central Bank of Nigeria |date=7 March 2023}}</ref>

=== Australia ===

An open banking project was launched in Australia on 1 July 2019 as part of the Consumer Data Rights (CDR) project by the [[Treasury (Australia)|Treasury]] and [[Australian Competition & Consumer Commission]].<ref>{{cite news |date=June 29, 2019 |title=Open banking era dawns in Australia |publisher=[[SBS World News]] |url=https://www.sbs.com.au/news/open-banking-era-dawns-in-australia |df=dmy-all |access-date=15 May 2023 |archive-date=31 January 2021 |archive-url=https://web.archive.org/web/20210131071831/https://www.sbs.com.au/news/open-banking-era-dawns-in-australia |url-status=live }}</ref> The [[Consumer Data Right|CDR]] legislation was passed by the Australian parliament in August 2019.<ref>{{cite web |last1=O'Brien |first1=Kate |title=ASX shares that could benefit from Open Banking |url=https://au.finance.yahoo.com/news/asx-shares-could-benefit-open-225455924.html |access-date=31 October 2019 |website=Yahoo! Finance |publisher=Yahoo |df=dmy-all |archive-date=31 October 2019 |archive-url=https://web.archive.org/web/20191031062219/https://au.finance.yahoo.com/news/asx-shares-could-benefit-open-225455924.html |url-status=dead }}</ref>

In May 2023, Payments NZ, which supervises the payment system in New Zealand, said that the main banks will be ready by 2024 to implement open banking.<ref>{{cite news |url=https://www.rnz.co.nz/news/business/490990/open-banking-coming-to-nz-mid-2024 |title=Open banking coming to NZ mid-2024 |date=May 30, 2023 |publisher=Radio New Zealand}}</ref>

=== European Union ===

In October 2015, the [[European Parliament]] adopted a revised [[Payment Services Directive]] known as [[PSD2]].<ref>{{Cite web|title=Press corner|url=https://ec.europa.eu/commission/presscorner/home/en|access-date=2021-09-08|website=European Commission - European Commission|language=en|archive-date=25 August 2020|archive-url=https://web.archive.org/web/20200825095835/https://ec.europa.eu/commission/presscorner/home/en|url-status=live}}</ref> The new rules were aimed at promoting the development and use of innovative online and mobile payments through open banking.<ref name="PSD2 press release">{{cite web|url=http://europa.eu/rapid/press-release_IP-15-5792_en.htm?locale=en|title=European Parliament adopts European Commission proposal to create safer and more innovative European payments |publisher=EU Commission|access-date=2016-05-04|archive-url=https://web.archive.org/web/20160722052406/http://europa.eu/rapid/press-release_IP-15-5792_en.htm?locale=en|archive-date=2016-07-22|url-status=live}}</ref><ref>{{Citation|title=Commission Delegated Regulation (EU) 2018/389 of 27 November 2017 supplementing Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication and common and secure open standards of communication (Text with EEA relevance. )|date=2018-03-13|url=http://data.europa.eu/eli/reg_del/2018/389/oj/eng|issue=32018R0389|language=en|access-date=2022-02-14}}</ref> It introduced a number of new services, definitions, and obligations for market participants.

More than two years after the [[entry into force]] of the PSD2 provisions, which took place on 13 September 2019, the European Commission announced the commencement of the review procedure of the Directive.<ref name="Initiative">{{Cite web |title=Payment services – review of EU rules |url=https://ec.europa.eu/info/law/better-regulation/ |access-date=2023-05-08 |website=European Commission |language=en |archive-date=26 April 2023 |archive-url=https://web.archive.org/web/20230426095312/https://ec.europa.eu/info/law/better-regulation/ |url-status=live }}</ref> On 18 October 2021, the European Commission submitted a call for advice to the [[European Banking Authority]] (EBA).<ref>{{Cite web |title=Call for advice to the European Banking Authority (EBA) on the review of the payment services Directive (PSD2) |url=https://finance.ec.europa.eu/publications/call-advice-european-banking-authority-eba-review-payment-services-directive-psd2_en |access-date=2023-05-08 |website=finance.ec.europa.eu |language=en |archive-date=11 May 2023 |archive-url=https://web.archive.org/web/20230511173104/https://finance.ec.europa.eu/publications/call-advice-european-banking-authority-eba-review-payment-services-directive-psd2_en |url-status=live }}</ref> The EBA responded on 23{{Nbsp}}June 2022.<ref>{{Cite web |last=Campa |first=José Manuel |date=2022-06-23 |title=2022 06 23 Letter to Mr Berrigan - Response PSD2 CfA |url=https://www.eba.europa.eu/sites/default/documents/files/document_library/Publications/Opinions/2022/Opinion%20od%20PSD2%20review%20%28EBA-Op-2022-06%29/1036015/2022%2006%2023%20Letter%20to%20Mr%20Berrigan%20-%20Response%20PSD2%20CfA.pdf |website=European Banking Authority |access-date=15 May 2023 |archive-date=8 May 2023 |archive-url=https://web.archive.org/web/20230508035303/https://www.eba.europa.eu/sites/default/documents/files/document_library/Publications/Opinions/2022/Opinion%20od%20PSD2%20review%20%28EBA-Op-2022-06%29/1036015/2022%2006%2023%20Letter%20to%20Mr%20Berrigan%20-%20Response%20PSD2%20CfA.pdf |url-status=live }}</ref><ref>{{Cite web |date=2022-06-23 |title=Opinion of the European Banking Authority on its technical advice on the review of Directive (EU) 2015/2366 on payment services in the internal market (PSD2) |url=https://www.eba.europa.eu/sites/default/documents/files/document_library/Publications/Opinions/2022/Opinion%20od%20PSD2%20review%20%28EBA-Op-2022-06%29/1036016/EBA%27s%20response%20to%20the%20Call%20for%20advice%20on%20the%20review%20of%20PSD2.pdf |website=European Banking Authority |access-date=15 May 2023 |archive-date=8 May 2023 |archive-url=https://web.archive.org/web/20230508035430/https://www.eba.europa.eu/sites/default/documents/files/document_library/Publications/Opinions/2022/Opinion%20od%20PSD2%20review%20%28EBA-Op-2022-06%29/1036016/EBA%27s%20response%20to%20the%20Call%20for%20advice%20on%20the%20review%20of%20PSD2.pdf |url-status=live }}</ref> Amendments to the Directive were planned for the fourth quarter of 2022.<ref name="Initiative" />

The SEPA ([[Single Euro Payments Area]]) API Access Scheme initiative was launched by the ERPB (Euro Retail Payment Board), a strategic advisory body at the [[European Central Bank]].<ref>{{Cite web|date=2021-12-02|title=Euro Retail Payments Board (ERPB)|url=https://www.ecb.europa.eu/paym/groups/erpb/html/index.en.html|access-date=2022-02-14|website=European Central Bank|language=en|archive-date=4 April 2023|archive-url=https://web.archive.org/web/20230404121601/https://www.ecb.europa.eu/paym/groups/erpb/html/index.en.html|url-status=live}}</ref> The initiative was described in two reports, the first was published on 31 May 2019,<ref>{{Cite web |date=2019-05-31 |title=Report of the ERPB Working Group on a Single Euro Payments Area (SEPA) Application Programming Interface (API) Access Scheme |url=https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/11th-ERPB-meeting/Report_from_the_ERPB_WG_on_a_SEPA_API_Access_Scheme.pdf?18ac5087de445faeb7ca11f951bb7ca11f951bb7ca11f951bb7ca |website=Euro Retail Payments Board |access-date=15 May 2023 |archive-date=10 May 2023 |archive-url=https://web.archive.org/web/20230510013126/https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/11th-ERPB-meeting/Report_from_the_ERPB_WG_on_a_SEPA_API_Access_Scheme.pdf?18ac5087de445faeb7ca11f951bb7ca11f951bb7ca11f951bb7ca |url-status=live }}</ref> and the second was published on 4 June 2021.<ref name=":1">{{Cite web |date=2021-06-04 |title=Report of the Next Phase of the ERPB Working Group on a Single Euro Payments Area (SEPA) Application Programming Interface (API) Access Scheme |url=https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/15th-ERPB-meeting/Report_from_the_ERPB_working_group_on_a_SEPA_API_Access_Scheme.pdf?52770756ac64f8952873a76 |website=Euro Retail Payments Board |access-date=15 May 2023 |archive-date=27 December 2022 |archive-url=https://web.archive.org/web/20221227142743/https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/15th-ERPB-meeting/Report_from_the_ERPB_working_group_on_a_SEPA_API_Access_Scheme.pdf?52770756ac64f8952873a76 |url-status=live }}</ref> The information on the transfer of the initiative for further works and the implementation of the SEPA API Access scheme by the [[European Payments Council]] is also publicly available.<ref>https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/16th-ERPB-meeting/SEPA_Payment_Account_Access_Scheme_status_update.pdf%20https://www.ecb.europa.eu/paym/groups/erpb/html/index.en.html {{Dead link|date=February 2022}}</ref>

The proposed scheme defines the principles of cooperation between the entities participating in it and defines standard methods of implementing selected services based on the use of APIs, billing systems, and payment systems. The starting point for the work on the scheme was PSD2 services provided by European credit institutions, which would remain free of charge for third parties. Other services – referred to as value-added services, premium services or extended services – could be monetised by credit institutions based on the rules adopted in the scheme. These rules and the general assumptions of the scheme would be discussed with the relevant Directorates-General of the European Commission.<ref name=":1" />{{Secondary source needed|date=May 2023}}

On 26 October 2020, [[The Berlin Group]] established a new task force called The Berlin Group openFinance API Framework, which replaced the previous task force responsible for creating the NextGenPSD2 standard.<ref>{{Cite web|last=Group|first=The Berlin|date=2020-10-26|title=PRESS RELEASE - Berlin Group starts new openFinance API Framework|url=https://www.berlin-group.org/single-post/press-release-berlin-group-starts-new-openfinance-api-framework|access-date=2022-02-14|website=the-berlin-group|language=en|archive-date=14 May 2023|archive-url=https://web.archive.org/web/20230514064013/https://www.berlin-group.org/single-post/press-release-berlin-group-starts-new-openfinance-api-framework|url-status=live}}</ref> The new task force's work focuses on the standardisation of value-added services that credit institutions may make available to eligible third parties based on bilateral agreements or potential new payment schemes.{{Cn|date=May 2023}}

Standardisation initiatives include:

* NextGenPSD2 – Pan-European standardisation initiative run by The Berlin Group.<ref>{{Cite web |title=PSD2 Access to Bank Accounts {{!}} The Berlin Group |url=https://www.berlin-group.org/psd2-access-to-bank-accounts |access-date=2022-02-14 |website=the-berlin-group |language=en |archive-date=14 May 2023 |archive-url=https://web.archive.org/web/20230514063913/https://www.berlin-group.org/psd2-access-to-bank-accounts |url-status=live }}</ref>
* STET standard – developed by the French clearing house (STET); in its shape, the standard has been as close as possible to the NextGenPSD2 standard of The Berlin Group as part of the convergence project.<ref>{{Cite web |date=2018-05-30 |title=Stet : PSD2 |url=https://www.stet.eu/index.php?id=49 |access-date=2022-02-14 |website=Stet |language=en |archive-date=4 April 2023 |archive-url=https://web.archive.org/web/20230404104102/https://www.stet.eu/index.php?id=49 |url-status=live }}</ref>
* Slovak Banking API – a standardisation project entirely run by the Slovak Bank Association in cooperation with the [[National Bank of Slovakia]], made available in the form of documentation.<ref>{{Cite web |title=Slovak Banking API Standard |url=https://www.sbaonline.sk/projekt/slovak-banking-api-standard/ |access-date=2022-02-14 |website=SBA - Slovenská banková asociácia |language=sk |archive-date=21 March 2023 |archive-url=https://web.archive.org/web/20230321092731/https://www.sbaonline.sk/projekt/slovak-banking-api-standard/ |url-status=live }}</ref>
* PolishAPI – the PolishAPI standard defines an interface for the needs of services provided by third parties based on access to payment accounts, i.e. services introduced by the amended directive on payment services within the internal market (PSD2). Participants include the Polish Banks Association, associated commercial and cooperative banks, and third-party providers.<ref>{{Cite web |title=PolishAPI |url=https://polishapi.org/en/ |access-date=2022-02-14 |website=polishapi.org |language=en-US |archive-date=7 May 2023 |archive-url=https://web.archive.org/web/20230507165330/https://polishapi.org/en/ |url-status=live }}</ref>

=== Latin America ===
Mandatory and centralised [[electronic invoicing]] was implemented relatively early in countries such as Mexico, Chile, Colombia, and to a lesser extent, Brazil, offering the possibility to retrieve open accounting data in a similar way as open banking.<ref>{{Cite web |date=2018-03-14 |title=CFDI: Mexico's Electronic Invoicing Model That's Become a Reference Across all of Latin America |url=https://cfdi.edicomgroup.com/en/cfdi-al-dia-en/cfdi-mexicos-electronic-invoicing-model-thats-become-a-reference-across-all-of-latin-america/ |access-date=2021-05-23 |website=Edicom CFDI |language=en-US |archive-date=31 May 2021 |archive-url=https://web.archive.org/web/20210531062119/https://cfdi.edicomgroup.com/en/cfdi-al-dia-en/cfdi-mexicos-electronic-invoicing-model-thats-become-a-reference-across-all-of-latin-america/ |url-status=live }}</ref>

The [[Central Bank of Brazil]] deployed its open banking model, which mandates banks and financial institutions (including fintech) to make available information on traditional financial services and products.<ref>{{Citation |title=Open Banking: entenda o que é e como poderá ajudar na sua vida financeira |url=https://www.youtube.com/watch?v=rs0D8KgOpLo |access-date=2021-05-23 |language=en |archive-date=4 April 2023 |archive-url=https://web.archive.org/web/20230404194244/https://www.youtube.com/watch?v=rs0D8KgOpLo |url-status=live }}</ref>{{Secondary source needed|date=May 2023}} Brazil's implementation is mandatory for institutions with large sizes, significant international activity, and high-risk profiles, and optional for all other institutions.{{Cn|date=May 2023}} The implementation of the first phase happened almost two years after the first open banking framework was published in April 2019, in which the fundamental requirements for the implementation of the law were disclosed.{{Cn|date=May 2023}} The Central Bank of Brazil outlined the following phases of implementation:{{Update inline|date=May 2023}}{{Cn|date=May 2023}}

* Phase 2: Customer Information (July 2021) – Consumers have the option to share their data (registration, account transactions, card, information, and credit transactions) with the institutions of their choice, at the time of their choice.
* Phase 3: Transactional Information and Payment Initiation (August 2021) – Consumers have access to services, such as new payment options and credit offers, through the shared channels by financial institutions.
* Phase 4: Extra information (December 2021) – The following phases include additional products such as insurance, pension plans, and investments.

In late 2020, the [[Chilean government]] announced that it was working on a proposal for fintech regulation and the incorporation of an open banking standard. The government edited the Financial Portability Act, a set of regulations aimed to facilitate the switch between banks and financial providers.<ref>{{Cite web |title=BNamericas - Chile financial portability bill becomes law |url=https://www.bnamericas.com/en/news/chile-financial-portability-bill-becomes-law |access-date=2021-05-23 |website=BNamericas.com |archive-date=12 May 2023 |archive-url=https://web.archive.org/web/20230512070630/https://www.bnamericas.com/en/news/chile-financial-portability-bill-becomes-law |url-status=live }}</ref><ref>{{Cite web |title=Gob.cl - Portabilidad Financiera |url=https://www.gob.cl/portabilidadfinanciera/ |access-date=2021-05-23 |website=Gobierno de Chile |language=es |archive-date=4 April 2023 |archive-url=https://web.archive.org/web/20230404170551/https://www.gob.cl/portabilidadfinanciera/ |url-status=live }}</ref> On 4 January 2023, Chile enacted a law with the aim to establish a regulatory framework for fintech activity and create an [[Open Finance|open finance]] system that enables secure data-sharing.{{Cn|date=May 2023}}

Colombia has established a voluntary model for open banking,<ref>{{Cite web |date=2021-02-08 |title=Open banking en Colombia se prepara para despegar |url=https://iupana.com/2021/02/08/open-banking-en-colombia/ |access-date=2021-05-23 |website=iupana |language=es-ES |archive-date=4 April 2023 |archive-url=https://web.archive.org/web/20230404184828/https://iupana.com/2021/02/08/open-banking-en-colombia/ |url-status=live }}</ref> with the [[Ministry of Finance and Public Credit|Financial Regulation Unit]] (URF)'s goal being to foster public-private discussion.<ref>{{Cite web |title=BNamericas - Snapshot: The 2021 agenda for Colombia finan... |url=https://www.bnamericas.com/en/news/snapshot-the-2021-agenda-for-colombia-financial-regulations-research-unit-urf |access-date=2021-05-23 |website=BNamericas.com |archive-date=12 May 2023 |archive-url=https://web.archive.org/web/20230512071109/https://www.bnamericas.com/en/news/snapshot-the-2021-agenda-for-colombia-financial-regulations-research-unit-urf |url-status=live }}</ref>

Mexico was the first Latin American country to implement open banking legislation.<ref>{{Cite web |title=LatAm turns to Mexico's year-old fintech law as a model for regulation |url=https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/latam-turns-to-mexico-s-year-old-fintech-law-as-a-model-for-regulation-50081755 |access-date=2021-05-23 |website=www.spglobal.com |language=en-us |archive-date=12 May 2023 |archive-url=https://web.archive.org/web/20230512072405/https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/latam-turns-to-mexico-s-year-old-fintech-law-as-a-model-for-regulation-50081755 |url-status=live }}</ref> On 9 March 2018, the Fintech Law of 2018 ({{Langx|es|Ley para Regular las Instituciones de Tecnología Financiera|label=none}}) was published in the Federal Official Gazette (DOF; {{Langx|es|Diario Oficial de la Federación|label=none}}).<ref>{{Cite web |date=2018-03-09 |title=Ley para Regular las Instituciones de Tecnología Financiera |trans-title=Law to Regulate Financial Technology Institutions |url=http://www.diputados.gob.mx/LeyesBiblio/pdf/LRITF_090318.pdf |language=es |access-date=15 May 2023 |archive-date=20 March 2021 |archive-url=https://web.archive.org/web/20210320072622/http://www.diputados.gob.mx/LeyesBiblio/pdf/LRITF_090318.pdf |url-status=live }}</ref> Article 76 states that standardised APIs must be established to enable connectivity and access to other interfaces. As a consequence, more than 2,300 institutions were technically required to share information.<ref>{{Cite web |last=Garzón Galván |first=Jonathan G. |title=Open Banking MX Reporte 2019 |url=https://www.cecoban.com/Reporte_Open_Banking_MX_2019_Cecoban.pdf |website=Cecoban |access-date=15 May 2023 |archive-date=4 April 2023 |archive-url=https://web.archive.org/web/20230404065940/https://www.cecoban.com/Reporte_Open_Banking_MX_2019_Cecoban.pdf |url-status=live }}</ref> Article 76 provides that certain information may be shared by financial institutions, money transmitters, Credit Information Companies (SIC; {{Langx|es|Sociedades de Información Crediticia|label=none}}), clearing houses, and financial technology institutions. Those types of data are open data (related to products and services offered to the general public), aggregated data (related to any type of statistical information related to operations), and transactional data (related to the use of a product or service).{{Cn|date=May 2023}}

On 10 March 2020, the [[Bank of Mexico|Mexican Central Bank]] (Banxico) published Circular 2/2020 in the DOF. Circular 2/2020 outlined secondary provisions of the law, specifically dealing with open banking.<ref>{{Cite web |title=Interfaces de programación, disposiciones, Banco de México |url=https://www.banxico.org.mx/marco-normativo/normativa-emitida-por-el-banco-de-mexico/circular-2-2020/interfaces-programacion-dis.html |access-date=2021-05-23 |website=www.banxico.org.mx |archive-date=4 April 2023 |archive-url=https://web.archive.org/web/20230404065940/https://www.banxico.org.mx/marco-normativo/normativa-emitida-por-el-banco-de-mexico/circular-2-2020/interfaces-programacion-dis.html |url-status=live }}</ref> Different financial market entities were required to share information through APIs. The secondary provisions only apply to SICs and clearing houses; Circular 2/2020 states that both SICs and clearing houses must obtain authorisation from Banxico for the use of the APIs by other institutions. In turn, SICs and clearing houses must enter into agreements with other entities authorised by Banxico for the exchange of information. Additionally, the issuance of fees to be charged between institutions that exchange information is also defined. Circular 2/2020 states that in case of non-compliance with the provisions of Circular 2/2020, SICs and clearing houses may face fines levied by Banxico.{{Secondary source needed|date=May 2023}}


In June 2020, the rules for exchanging open data were applicable to all financial institutions – banks, fintechs, and companies authorised by the [[Comisión Nacional Bancaria y de Valores]].{{Cn|date=May 2023}}
=== UK competition direction ===
In August 2016, the [[United Kingdom]] [[Competition and Markets Authority]] (CMA) issued a ruling that required the nine-biggest UK banks – [[HSBC]], [[Barclays]], [[Royal Bank of Scotland Group|RBS]], [[Santander Group|Santander]], [[Bank of Ireland]], [[Allied Irish Bank]], [[Danske Bank]], [[Lloyds Banking Group|Lloyds]] and [[Nationwide Building Society|Nationwide]] – to allow licensed startups direct access to their data down to the level of [[transaction account|transaction-account]] transactions.<ref>{{cite news |url=https://www.wired.co.uk/article/open-banking-psd2-regulation-banking |title=To change how you use money, Open Banking must break banks |date=October 16, 2017 |publisher=Wired |author=Rowland Manthorpe |access-date=2017-12-29 |archive-url=https://web.archive.org/web/20171222104615/http://www.wired.co.uk/article/open-banking-psd2-regulation-banking |archive-date=2017-12-22 |url-status=live }}</ref>


=== United Kingdom ===
The direction came into force on January 13, 2018, and using standards and systems created by Open Banking Limited, a non-profit created specially for the task. However, enforcement rests with the [[Competition & Markets Authority]]. Protection for consumers is the responsibility of the [[Financial Conduct Authority]] (FCA) (for account information & payment initiation, under the PSD2 directive) or the [[Information Commissioner's Office]] (for data).<ref>https://www.wired.co.uk/article/open-banking-cma-psd2-explained</ref>


In August 2016, the [[Competition and Markets Authority]] (CMA) issued a ruling that required the nine biggest UK banks – [[HSBC]], [[Barclays]], [[Royal Bank of Scotland Group|RBS]], [[Santander Group|Santander]], [[Bank of Ireland]], [[Allied Irish Bank]], [[Danske Bank]], [[Lloyds Banking Group|Lloyds]], and [[Nationwide Building Society|Nationwide]] – to allow licensed [[startups]] direct access to their data, down to the [[Transaction account|transaction]] level.<ref>{{cite magazine |url=https://www.wired.co.uk/article/open-banking-psd2-regulation-banking |title=To change how you use money, Open Banking must break banks |date=October 16, 2017 |publisher=Condé Nast |magazine=Wired UK |first=Rowland |last=Manthorpe |access-date=2017-12-29 |archive-url=https://web.archive.org/web/20171222104615/http://www.wired.co.uk/article/open-banking-psd2-regulation-banking |archive-date=2017-12-22 |url-status=live |df=dmy-all}}</ref> The direction came into force on 13 January 2018, using standards and systems created by Open Banking Limited, a non-profit created especially for the task, while enforcement rests with the CMA. Protection for consumers is the responsibility of the [[Financial Conduct Authority]] (FCA) for account information and payment initiation services (under the PSD2 directive), and the [[Information Commissioner's Office]] for data.<ref>{{cite magazine |url=https://www.wired.co.uk/article/open-banking-cma-psd2-explained |title=What is Open Banking and PSD2? Wired explains. |publisher=[[Condé Nast]] |magazine=[[Wired UK]] |first=Rowland |last=Manthorpe |date=17 April 2018 |df=dmy-all |access-date=15 May 2023 |archive-date=30 January 2021 |archive-url=https://web.archive.org/web/20210130123443/https://www.wired.co.uk/article/open-banking-cma-psd2-explained |url-status=live }}</ref> The CMA direction only applies to the nine largest banks, and works alongside the broader PSD2 rules that apply to all payment account providers.
The CMA direction only applies to the nine largest banks and works alongside the broader PSD2 rules that apply to all payment account providers.


{{Asof|2023|April}}, there are 339 FCA-regulated providers enrolled in open banking.<ref>{{cite web |url=https://www.openbanking.org.uk/customers/regulated-providers/ |title=Meet the regulated providers |publisher=Open Banking Implmentation Entity |access-date=15 May 2023 |archive-date=27 January 2021 |archive-url=https://web.archive.org/web/20210127065950/https://www.openbanking.org.uk/customers/regulated-providers/ |url-status=live }}</ref> Many of them provide financial apps that help manage finances; others are [[consumer credit]] firms who use open banking to access account information for affordability checks and verification.<ref>{{Cite book|last1=Yang|first1=Qiang|url=https://books.google.com/books?id=aWgLEAAAQBAJ&q=Many+of+them+provide+financial+apps+that+help+manage+finances+and+also+consumer+credit+firms+who+use+Open+Banking+to+access+account+information+for+affordability+checks+and+verification.&pg=PA242|title=Federated Learning: Privacy and Incentive|last2=Fan|first2=Lixin|last3=Yu|first3=Han|date=2020|publisher=Springer Nature|isbn=978-3-030-63076-8|language=en}}</ref>
=== Adoption in the UK===
As of September 2019, there are 143 FCA-regulated providers who are enrolled in Open Banking. <ref>https://www.openbanking.org.uk/customers/regulated-providers/</ref> Many of them provide financial apps that help manage finances and also consumer credit firms who use Open Banking data for affordability checks and verification. {{cn|date=September 2019}}


In March 2021, the CMA consulted on arrangements for the future oversight of open banking.<ref>{{cite web |date=25 March 2022 |title=The future oversight of the CMA's open banking remedies |url=https://www.gov.uk/government/consultations/future-oversight-of-the-cmas-open-banking-remedies/the-future-oversight-of-the-cmas-open-banking-remedies |url-status=live |archive-url=https://web.archive.org/web/20230404090712/https://www.gov.uk/government/consultations/future-oversight-of-the-cmas-open-banking-remedies/the-future-oversight-of-the-cmas-open-banking-remedies |archive-date=4 April 2023 |access-date=15 May 2023 |publisher=Competition and Markets Authority}}</ref> This consultation referenced a proposal by [[UK Finance]] (a trade association for the banking and finance industry), which had engaged with stakeholders to develop a blueprint for a new organisation (a 'Future Entity') to replace Open Banking Limited, which would serve the needs of the significantly larger number of financial institutions by enabling an Open Data and payments market.
=== Adoption in the rest of the world ===
A number of other countries launched open banking initiatives based on the European and UK models. These were either through industry collaboration or through legislative changes. An open banking project was launched in Australia on the 1 July 2019 as part of the Consumer Data Rights project by the Australian Treasury department and [[Australian Competition and Consumer Commission]].<ref>{{cite news |url=https://www.sbs.com.au/news/open-banking-era-dawns-in-australia |title=Open banking era dawns in Australia |date=June 29, 2019 |publisher=SBS News}}</ref> The CDR legislation was passed by Australian parliament in August 2019. <ref>{{cite web |last1=O'Brien |first1=Kate |title=ASX shares that could benefit from Open Banking |url=https://au.finance.yahoo.com/news/asx-shares-could-benefit-open-225455924.html |website=Yahoo! Finance |publisher=Yahoo |accessdate=31 October 2019}}</ref> On 1 June 2017, a group of bankers and [[Financial technology|fintech]] experts in Nigeria got together for the [[Open Banking Nigeria]] initiative to drive the adoption of common API standards for the country.<ref>{{cite web |url=https://openbanking.ng/about.html |title=objectives |publisher=Open Banking Nigeria |date=June 2017 |author=Open Technology Foundation}}</ref>


== See also ==
=== United States ===
* [[Account aggregation]]
* [[Open Banking Nigeria]]


In 2021, president [[Joe Biden]] issued an [[executive order]] indicating the administration's desire to begin rulemaking for Section 1033 of the [[Dodd–Frank Act]].<ref name=":2">{{Cite web|url=https://www.jdsupra.com/legalnews/president-biden-issues-executive-order-5700505/|title=President Biden Issues Executive Order Encouraging CFPB To Act On 1033 Data Access and UDAAP|website=JD Supra|access-date=15 May 2023|archive-date=14 May 2023|archive-url=https://web.archive.org/web/20230514234044/https://www.jdsupra.com/legalnews/president-biden-issues-executive-order-5700505/|url-status=live}}</ref> The intention was to support open banking initiatives in the United States.<ref name=":2" /> Also in 2021, open banking provider [[Plaid Inc.|Plaid]] settled for US$58M in a consumer-driven, privacy-related [[Class action|class-action lawsuit]].<ref>{{Cite web|url = https://www.americanbanker.com/news/plaid-settles-class-action-lawsuit-for-58-million|title = Plaid settles class-action lawsuit for $58 million|date = 6 August 2021|access-date = 15 May 2023|archive-date = 4 April 2023|archive-url = https://web.archive.org/web/20230404104057/https://www.americanbanker.com/news/plaid-settles-class-action-lawsuit-for-58-million|url-status = live}}</ref> [[Rohit Chopra]], the director of the [[Consumer Financial Protection Bureau]], initiated rulemaking pertaining to Section 1033 in 2023.<ref>{{Cite web |date=2023-10-19 |title=The power to walk away: CFPB moves to give consumers control over financial data |url=https://www.politico.com/news/2023/10/19/cfpb-issues-heavily-anticipated-proposal-restricting-data-sharing-00122443 |access-date=2023-12-24 |website=POLITICO |language=en}}</ref>{{portal|Banking}}
== References ==
== References ==
{{Reflist}}
{{Reflist}}


[[Category:Banking technology]]
[[Category:Banking technology]]
{{Finance-stub}}

Latest revision as of 17:13, 25 October 2024

In financial services, open banking allows for financial data to be shared between banks and third-party service providers through the use of application programming interfaces (APIs). Traditionally, banks have kept customer financial data within their own closed systems. Open banking allows customers to share their financial information securely and electronically with other banks or other authorized financial organizations such as payment providers, lenders and insurance companies.

Proponents argue open banking provides greater transparency and data control for account holders, and could allow for new financial services to be provided. Proponents also say that it aims to promote competition, innovation, and customer empowerment in the banking and financial sectors.[1][2][3] Opponents argue that open banking can lead to greater security risk and exploitation of consumers.

The first open banking regulations were introduced by the European Union in 2015, and many other countries have introduced financial regulations related to open banking since.

History

[edit]

The concept was first explored in 2003 as part of the open innovation movement that was promoted by Henry Chesbrough.[4][5] The advent of internet banking and development of online technology in the early 2000s led to interest in access to the data, which was first seen in account aggregation attempts by technology companies.

During the 2010s, open banking was also linked to shifts in attitudes towards the issue of data ownership, illustrated by regulations such as GDPR and the open data movement.[citation needed] With open banking, banks turn into financial service platforms, technically implemented through a banking as a service concept.[6]

The first real regulatory move to open banking came in 2015 when the European Parliament adopted a revised Payment Services Directive known as PSD2.[7] The new rules were aimed at promoting the development and use of innovative online and mobile payments through open banking.[8][9] This introduced a number of new services, definitions, and obligations for market participants.

This was welcomed by fintech companies but banks were generally slow to agree to sharing the data for technical and security reasons as well as concerns for new competition. Between 2015 and 2021, a number of countries enacted laws and regulations forcing traditional banks to provide API access to customer data.

Risks and criticism

[edit]

With open banking, banks open their APIs to third-party fintech companies, which comes with security risks. Hackers can target third-party apps and excessive access privileges could be given to employees. Malicious actors may be able to trick banking customers and third-party companies with phishing scams.[10]

There are also privacy concerns about open banking.[11] There is a risk of aggressive market practices or offering a customer more expensive products based on an analysis of openly-available financial data.[11]

For consumers, open banking poses a risk of "digital and financial exclusion".[11] Mick McAteer, from the UK research firm Financial Inclusion Centre, said that only the tech-savvy would benefit from open banking and it would lead to more financial exclusion of those with low income.[12] He said that consumers could be exploited, either by new types of payday loans or the misuse of data and personal information that people have revealed online.[12]

Use and regulation

[edit]

Africa

[edit]

Open banking in Nigeria was kickstarted by the Open Banking Nigeria as an initiative to be non-partisan and non-financial API standards for Nigerian financial services. It was formed in June 2017 by a group of bankers and fintech experts who got together to propose the adoption of common API standards for the country.[13] Open banking in Nigeria later evolved into a regulatory backed initiative with the release of the open banking regulation by the Central Bank of Nigeria in 2021[14] and the subsequent Operational Guidelines for Open Banking in Nigeria.[15]

Australia

[edit]

An open banking project was launched in Australia on 1 July 2019 as part of the Consumer Data Rights (CDR) project by the Treasury and Australian Competition & Consumer Commission.[16] The CDR legislation was passed by the Australian parliament in August 2019.[17]

In May 2023, Payments NZ, which supervises the payment system in New Zealand, said that the main banks will be ready by 2024 to implement open banking.[18]

European Union

[edit]

In October 2015, the European Parliament adopted a revised Payment Services Directive known as PSD2.[19] The new rules were aimed at promoting the development and use of innovative online and mobile payments through open banking.[8][20] It introduced a number of new services, definitions, and obligations for market participants.

More than two years after the entry into force of the PSD2 provisions, which took place on 13 September 2019, the European Commission announced the commencement of the review procedure of the Directive.[21] On 18 October 2021, the European Commission submitted a call for advice to the European Banking Authority (EBA).[22] The EBA responded on 23 June 2022.[23][24] Amendments to the Directive were planned for the fourth quarter of 2022.[21]

The SEPA (Single Euro Payments Area) API Access Scheme initiative was launched by the ERPB (Euro Retail Payment Board), a strategic advisory body at the European Central Bank.[25] The initiative was described in two reports, the first was published on 31 May 2019,[26] and the second was published on 4 June 2021.[27] The information on the transfer of the initiative for further works and the implementation of the SEPA API Access scheme by the European Payments Council is also publicly available.[28]

The proposed scheme defines the principles of cooperation between the entities participating in it and defines standard methods of implementing selected services based on the use of APIs, billing systems, and payment systems. The starting point for the work on the scheme was PSD2 services provided by European credit institutions, which would remain free of charge for third parties. Other services – referred to as value-added services, premium services or extended services – could be monetised by credit institutions based on the rules adopted in the scheme. These rules and the general assumptions of the scheme would be discussed with the relevant Directorates-General of the European Commission.[27][non-primary source needed]

On 26 October 2020, The Berlin Group established a new task force called The Berlin Group openFinance API Framework, which replaced the previous task force responsible for creating the NextGenPSD2 standard.[29] The new task force's work focuses on the standardisation of value-added services that credit institutions may make available to eligible third parties based on bilateral agreements or potential new payment schemes.[citation needed]

Standardisation initiatives include:

  • NextGenPSD2 – Pan-European standardisation initiative run by The Berlin Group.[30]
  • STET standard – developed by the French clearing house (STET); in its shape, the standard has been as close as possible to the NextGenPSD2 standard of The Berlin Group as part of the convergence project.[31]
  • Slovak Banking API – a standardisation project entirely run by the Slovak Bank Association in cooperation with the National Bank of Slovakia, made available in the form of documentation.[32]
  • PolishAPI – the PolishAPI standard defines an interface for the needs of services provided by third parties based on access to payment accounts, i.e. services introduced by the amended directive on payment services within the internal market (PSD2). Participants include the Polish Banks Association, associated commercial and cooperative banks, and third-party providers.[33]

Latin America

[edit]

Mandatory and centralised electronic invoicing was implemented relatively early in countries such as Mexico, Chile, Colombia, and to a lesser extent, Brazil, offering the possibility to retrieve open accounting data in a similar way as open banking.[34]

The Central Bank of Brazil deployed its open banking model, which mandates banks and financial institutions (including fintech) to make available information on traditional financial services and products.[35][non-primary source needed] Brazil's implementation is mandatory for institutions with large sizes, significant international activity, and high-risk profiles, and optional for all other institutions.[citation needed] The implementation of the first phase happened almost two years after the first open banking framework was published in April 2019, in which the fundamental requirements for the implementation of the law were disclosed.[citation needed] The Central Bank of Brazil outlined the following phases of implementation:[needs update][citation needed]

  • Phase 2: Customer Information (July 2021) – Consumers have the option to share their data (registration, account transactions, card, information, and credit transactions) with the institutions of their choice, at the time of their choice.
  • Phase 3: Transactional Information and Payment Initiation (August 2021) – Consumers have access to services, such as new payment options and credit offers, through the shared channels by financial institutions.
  • Phase 4: Extra information (December 2021) – The following phases include additional products such as insurance, pension plans, and investments.

In late 2020, the Chilean government announced that it was working on a proposal for fintech regulation and the incorporation of an open banking standard. The government edited the Financial Portability Act, a set of regulations aimed to facilitate the switch between banks and financial providers.[36][37] On 4 January 2023, Chile enacted a law with the aim to establish a regulatory framework for fintech activity and create an open finance system that enables secure data-sharing.[citation needed]

Colombia has established a voluntary model for open banking,[38] with the Financial Regulation Unit (URF)'s goal being to foster public-private discussion.[39]

Mexico was the first Latin American country to implement open banking legislation.[40] On 9 March 2018, the Fintech Law of 2018 (Ley para Regular las Instituciones de Tecnología Financiera) was published in the Federal Official Gazette (DOF; Diario Oficial de la Federación).[41] Article 76 states that standardised APIs must be established to enable connectivity and access to other interfaces. As a consequence, more than 2,300 institutions were technically required to share information.[42] Article 76 provides that certain information may be shared by financial institutions, money transmitters, Credit Information Companies (SIC; Sociedades de Información Crediticia), clearing houses, and financial technology institutions. Those types of data are open data (related to products and services offered to the general public), aggregated data (related to any type of statistical information related to operations), and transactional data (related to the use of a product or service).[citation needed]

On 10 March 2020, the Mexican Central Bank (Banxico) published Circular 2/2020 in the DOF. Circular 2/2020 outlined secondary provisions of the law, specifically dealing with open banking.[43] Different financial market entities were required to share information through APIs. The secondary provisions only apply to SICs and clearing houses; Circular 2/2020 states that both SICs and clearing houses must obtain authorisation from Banxico for the use of the APIs by other institutions. In turn, SICs and clearing houses must enter into agreements with other entities authorised by Banxico for the exchange of information. Additionally, the issuance of fees to be charged between institutions that exchange information is also defined. Circular 2/2020 states that in case of non-compliance with the provisions of Circular 2/2020, SICs and clearing houses may face fines levied by Banxico.[non-primary source needed]

In June 2020, the rules for exchanging open data were applicable to all financial institutions – banks, fintechs, and companies authorised by the Comisión Nacional Bancaria y de Valores.[citation needed]

United Kingdom

[edit]

In August 2016, the Competition and Markets Authority (CMA) issued a ruling that required the nine biggest UK banks – HSBC, Barclays, RBS, Santander, Bank of Ireland, Allied Irish Bank, Danske Bank, Lloyds, and Nationwide – to allow licensed startups direct access to their data, down to the transaction level.[44] The direction came into force on 13 January 2018, using standards and systems created by Open Banking Limited, a non-profit created especially for the task, while enforcement rests with the CMA. Protection for consumers is the responsibility of the Financial Conduct Authority (FCA) for account information and payment initiation services (under the PSD2 directive), and the Information Commissioner's Office for data.[45] The CMA direction only applies to the nine largest banks, and works alongside the broader PSD2 rules that apply to all payment account providers.

As of April 2023, there are 339 FCA-regulated providers enrolled in open banking.[46] Many of them provide financial apps that help manage finances; others are consumer credit firms who use open banking to access account information for affordability checks and verification.[47]

In March 2021, the CMA consulted on arrangements for the future oversight of open banking.[48] This consultation referenced a proposal by UK Finance (a trade association for the banking and finance industry), which had engaged with stakeholders to develop a blueprint for a new organisation (a 'Future Entity') to replace Open Banking Limited, which would serve the needs of the significantly larger number of financial institutions by enabling an Open Data and payments market.

United States

[edit]

In 2021, president Joe Biden issued an executive order indicating the administration's desire to begin rulemaking for Section 1033 of the Dodd–Frank Act.[49] The intention was to support open banking initiatives in the United States.[49] Also in 2021, open banking provider Plaid settled for US$58M in a consumer-driven, privacy-related class-action lawsuit.[50] Rohit Chopra, the director of the Consumer Financial Protection Bureau, initiated rulemaking pertaining to Section 1033 in 2023.[51]

References

[edit]
  1. ^ Premchand, A.; Choudhry, A. (February 2018). "Open Banking & APIs for Transformation in Banking". 2018 International Conference on Communication, Computing and Internet of Things (IC3IoT). pp. 25–29. doi:10.1109/IC3IoT.2018.8668107. ISBN 978-1-5386-2459-3. S2CID 84185109. Archived from the original on 4 April 2023. Retrieved 15 May 2023.
  2. ^ Open Banking Working Group. "The Open Banking Standard" (PDF). HM Treasury. Archived (PDF) from the original on 18 April 2017. Retrieved 18 April 2017.
  3. ^ Brodsky, Laura; Oakes, Liz (September 2017). "Data sharing and open banking". McKinsey & Company. Archived from the original on 8 November 2017. Retrieved 7 November 2017.
  4. ^ "When Open Innovation comes to banking - BNP Paribas". BNP Paribas. Archived from the original on 27 January 2021. Retrieved 29 October 2020.
  5. ^ "Open banking: The new face of digital transformation". IBM RegTech Innovations Blog. 3 April 2018. Archived from the original on 31 May 2021. Retrieved 29 October 2020.
  6. ^ Scholten, Ulrich. "Banking-as-a-Service - what you need to know". VentureSkies. Archived from the original on 20 February 2019. Retrieved 28 May 2020.
  7. ^ "Press corner". European Commission - European Commission. Archived from the original on 25 August 2020. Retrieved 8 September 2021.
  8. ^ a b "European Parliament adopts European Commission proposal to create safer and more innovative European payments". EU Commission. Archived from the original on 22 July 2016. Retrieved 4 May 2016.
  9. ^ Commission Delegated Regulation (EU) 2018/389 of 27 November 2017 supplementing Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication and common and secure open standards of communication (Text with EEA relevance. ), 13 March 2018, retrieved 14 February 2022
  10. ^ "The Risks of Open Banking: Are Banks and their Customers Ready for PSD2? - Security News". www.trendmicro.com. Archived from the original on 9 May 2023. Retrieved 15 May 2023.
  11. ^ a b c Reynolds, Faith (2017). "Open Banking: A consumer perspective" (PDF). Barclays. Archived (PDF) from the original on 9 May 2023. Retrieved 15 May 2023.
  12. ^ a b Kevin Peachey; et al. (21 November 2017). "The Disruptors - Money". BBC News. Archived from the original on 21 November 2017. Retrieved 21 November 2017.
  13. ^ Moses-Ashike, Hope (9 March 2023). "Explainer: What to know about Open Banking". Business Day. Retrieved 22 May 2023.
  14. ^ Central Bank of Nigeria (17 February 2021). "Regulatory Framework for Open Banking in Nigeria" (PDF). Central Bank of Nigeria. Retrieved 22 January 2024.
  15. ^ Central Bank of Nigeria (7 March 2023). "Operational Guidelines for Open Banking in Nigeria" (PDF). Central Bank of Nigeria. Retrieved 22 January 2024.
  16. ^ "Open banking era dawns in Australia". SBS World News. 29 June 2019. Archived from the original on 31 January 2021. Retrieved 15 May 2023.
  17. ^ O'Brien, Kate. "ASX shares that could benefit from Open Banking". Yahoo! Finance. Yahoo. Archived from the original on 31 October 2019. Retrieved 31 October 2019.
  18. ^ "Open banking coming to NZ mid-2024". Radio New Zealand. 30 May 2023.
  19. ^ "Press corner". European Commission - European Commission. Archived from the original on 25 August 2020. Retrieved 8 September 2021.
  20. ^ Commission Delegated Regulation (EU) 2018/389 of 27 November 2017 supplementing Directive (EU) 2015/2366 of the European Parliament and of the Council with regard to regulatory technical standards for strong customer authentication and common and secure open standards of communication (Text with EEA relevance. ), 13 March 2018, retrieved 14 February 2022
  21. ^ a b "Payment services – review of EU rules". European Commission. Archived from the original on 26 April 2023. Retrieved 8 May 2023.
  22. ^ "Call for advice to the European Banking Authority (EBA) on the review of the payment services Directive (PSD2)". finance.ec.europa.eu. Archived from the original on 11 May 2023. Retrieved 8 May 2023.
  23. ^ Campa, José Manuel (23 June 2022). "2022 06 23 Letter to Mr Berrigan - Response PSD2 CfA" (PDF). European Banking Authority. Archived (PDF) from the original on 8 May 2023. Retrieved 15 May 2023.
  24. ^ "Opinion of the European Banking Authority on its technical advice on the review of Directive (EU) 2015/2366 on payment services in the internal market (PSD2)" (PDF). European Banking Authority. 23 June 2022. Archived (PDF) from the original on 8 May 2023. Retrieved 15 May 2023.
  25. ^ "Euro Retail Payments Board (ERPB)". European Central Bank. 2 December 2021. Archived from the original on 4 April 2023. Retrieved 14 February 2022.
  26. ^ "Report of the ERPB Working Group on a Single Euro Payments Area (SEPA) Application Programming Interface (API) Access Scheme" (PDF). Euro Retail Payments Board. 31 May 2019. Archived (PDF) from the original on 10 May 2023. Retrieved 15 May 2023.
  27. ^ a b "Report of the Next Phase of the ERPB Working Group on a Single Euro Payments Area (SEPA) Application Programming Interface (API) Access Scheme" (PDF). Euro Retail Payments Board. 4 June 2021. Archived (PDF) from the original on 27 December 2022. Retrieved 15 May 2023.
  28. ^ https://www.ecb.europa.eu/paym/groups/erpb/shared/pdf/16th-ERPB-meeting/SEPA_Payment_Account_Access_Scheme_status_update.pdf%20https://www.ecb.europa.eu/paym/groups/erpb/html/index.en.html [dead link]
  29. ^ Group, The Berlin (26 October 2020). "PRESS RELEASE - Berlin Group starts new openFinance API Framework". the-berlin-group. Archived from the original on 14 May 2023. Retrieved 14 February 2022. {{cite web}}: |last= has generic name (help)
  30. ^ "PSD2 Access to Bank Accounts | The Berlin Group". the-berlin-group. Archived from the original on 14 May 2023. Retrieved 14 February 2022.
  31. ^ "Stet : PSD2". Stet. 30 May 2018. Archived from the original on 4 April 2023. Retrieved 14 February 2022.
  32. ^ "Slovak Banking API Standard". SBA - Slovenská banková asociácia (in Slovak). Archived from the original on 21 March 2023. Retrieved 14 February 2022.
  33. ^ "PolishAPI". polishapi.org. Archived from the original on 7 May 2023. Retrieved 14 February 2022.
  34. ^ "CFDI: Mexico's Electronic Invoicing Model That's Become a Reference Across all of Latin America". Edicom CFDI. 14 March 2018. Archived from the original on 31 May 2021. Retrieved 23 May 2021.
  35. ^ Open Banking: entenda o que é e como poderá ajudar na sua vida financeira, archived from the original on 4 April 2023, retrieved 23 May 2021
  36. ^ "BNamericas - Chile financial portability bill becomes law". BNamericas.com. Archived from the original on 12 May 2023. Retrieved 23 May 2021.
  37. ^ "Gob.cl - Portabilidad Financiera". Gobierno de Chile (in Spanish). Archived from the original on 4 April 2023. Retrieved 23 May 2021.
  38. ^ "Open banking en Colombia se prepara para despegar". iupana (in European Spanish). 8 February 2021. Archived from the original on 4 April 2023. Retrieved 23 May 2021.
  39. ^ "BNamericas - Snapshot: The 2021 agenda for Colombia finan..." BNamericas.com. Archived from the original on 12 May 2023. Retrieved 23 May 2021.
  40. ^ "LatAm turns to Mexico's year-old fintech law as a model for regulation". www.spglobal.com. Archived from the original on 12 May 2023. Retrieved 23 May 2021.
  41. ^ "Ley para Regular las Instituciones de Tecnología Financiera" [Law to Regulate Financial Technology Institutions] (PDF) (in Spanish). 9 March 2018. Archived (PDF) from the original on 20 March 2021. Retrieved 15 May 2023.
  42. ^ Garzón Galván, Jonathan G. "Open Banking MX Reporte 2019" (PDF). Cecoban. Archived (PDF) from the original on 4 April 2023. Retrieved 15 May 2023.
  43. ^ "Interfaces de programación, disposiciones, Banco de México". www.banxico.org.mx. Archived from the original on 4 April 2023. Retrieved 23 May 2021.
  44. ^ Manthorpe, Rowland (16 October 2017). "To change how you use money, Open Banking must break banks". Wired UK. Condé Nast. Archived from the original on 22 December 2017. Retrieved 29 December 2017.
  45. ^ Manthorpe, Rowland (17 April 2018). "What is Open Banking and PSD2? Wired explains". Wired UK. Condé Nast. Archived from the original on 30 January 2021. Retrieved 15 May 2023.
  46. ^ "Meet the regulated providers". Open Banking Implmentation Entity. Archived from the original on 27 January 2021. Retrieved 15 May 2023.
  47. ^ Yang, Qiang; Fan, Lixin; Yu, Han (2020). Federated Learning: Privacy and Incentive. Springer Nature. ISBN 978-3-030-63076-8.
  48. ^ "The future oversight of the CMA's open banking remedies". Competition and Markets Authority. 25 March 2022. Archived from the original on 4 April 2023. Retrieved 15 May 2023.
  49. ^ a b "President Biden Issues Executive Order Encouraging CFPB To Act On 1033 Data Access and UDAAP". JD Supra. Archived from the original on 14 May 2023. Retrieved 15 May 2023.
  50. ^ "Plaid settles class-action lawsuit for $58 million". 6 August 2021. Archived from the original on 4 April 2023. Retrieved 15 May 2023.
  51. ^ "The power to walk away: CFPB moves to give consumers control over financial data". POLITICO. 19 October 2023. Retrieved 24 December 2023.