Monday , November 18, 2024

Fixing Open Banking’s One-Way Street

Financial institutions have been cooperating with fintechs for years on data exchanges. But now banks need to get on the receiving end, says Sarah Grotta.

Conceptually, open banking is a straightforward premise. Consumers allow their financial institution to share specific financial data electronically and securely with authorized third parties. Access to data is completely controlled by the accountholder and can be changed at any time.

The financial-services market is excited about the opportunity presented by open banking, given the multitude of use cases it can empower.

Popular use cases that can bring better financial outcomes for end users include sharing checking-account and routing numbers for inclusion in a payment wallet, gathering balance and transaction data for a third-party savings and budgeting application, and including financial information that could help make credit decisions when applicants have little or no formal credit reporting.

The United States is being ridiculed in the global payments industry (yes, again) for not having a top-down, regulated, and mandated approach to open banking as they do in the United Kingdom, the European Union, and Australia. In these countries, specific data sets must be shared upon request through standardized application programming interfaces with third parties that are vetted by regulatory agencies.

U.S. financial institutions are generally not opposed to the idea of open banking, but they are wary of how a mandated approach may put them in the position of having to bear all the responsibility while enjoying few benefits. A minefield of unanswered questions exists:

– Who bears a loss when unauthorized data finds its way into the hands of criminals?

– Who manages a consumer’s changing preferences for
which data points they allow to be shared?

– What is owed to the consumer whose data is shared in error, violating privacy rights?

– What are the appropriate authentication tools to have in place?

Besides these perils, any one of which could put a financial institution in regulatory hot water, there are simple, functional rules-of-the-road questions that must be addressed:

– Whose data standards should be used?

– Who will manage API development and how?

– Should requesters expect to pay for the data they receive?

Financial institutions that have already lost so many accounts and transactions, not to mention the loyalty of their customers, to fintechs believe open banking is just one more way that non-financial companies, unburdened by the regulatory oversight and profitability requirements banks bear, will siphon off even more account relationships.

While I would be shocked if a mandate for open banking were issued in the U.S., regulators will be shaping the rules of play. The Consumer Financial Protection Bureau issued an Advance Notice of Proposed Rulemaking (ANPR) in 2020 titled “Consumer Access to Financial Records,” and asked for industry participation to better understand which data points should have protected access, how security of data should be managed, how to ensure appropriate data privacy, how to provide consumers the ability to control what data is shared, when and with whom, plus who bears responsibility for unauthorized access to data as well as data errors.

These are very weighty subjects that could use well-thought-out guardrails that don’t stifle innovation.

Here’s the funny thing. Despite the Wild West environment of open banking, it’s already in place in the U.S. and being used by millions of households. Banks and credit unions have established bilateral contractual agreements with the data aggregators that want access to account data to legally lock down the unanswered questions.

While this may appear to be an imperfect approach that is hard to scale, it seems to be working. Plaid, just one example of an aggregator of consumer financial data, reports having processed data for 98 million individuals from the U.S.

So, without a government mandate, open banking is alive and functioning and expanding rapidly based on market-driven needs. Those who want to keep it at bay are fighting a losing battle.

It’s a Fintech World

In these early days of U.S. open banking, fintechs are pounding the table, demanding that “something be done” so that they may have the right to access account holders’ information uniformly across all financial institutions, with promises for better financial-services products at better prices. What isn’t being heard is financial institutions requiring the same of fintechs— and that’s a missed opportunity.

Banks should flip the story around open banking. They should ensure that this is not just a one-way proposition where fintechs and big tech are requesting all the important data while more-traditional financial institutions are doing all the giving.

This presents some interesting opportunities. Consider the following scenarios:

– A financial institution pulls in permissioned data from PayPal, Venmo, and Cash App to provide a more holistic view of a consumer’s available balance across accounts. The financial institution could then advise the account holder that they should pull in funds from another source to avoid an overdraft.

– A financial institution may query a consumer’s buy-now-pay-later apps or existing credit card accounts and offer a better alternative.

– Or if small-business data is included in open banking, fee data from a business’s merchant statement for services they are receiving from a fintech, or another financial institution for that matter, could be analyzed, and an alternative product offered.

These are all ideas that fintechs are already considering. Banks should be doing likewise.

—Sarah Grotta is director of the Debit and Alternative Products Practice at Mercator Advisory Group, Maynard, Mass. Reach her at sgrotta@meractoradvisorygroup.com.

Check Also

Overhaul Your Payment Processing with Payarc’s PAYFAC Platform

Empower Your Business with Seamless Transactions In today’s digital ecosystem, software companies have a wide …

Digital Transactions