Open Banking means that data is no longer exchanged only between a bank and its customers. Access to the data is also possible for third parties if they are certified accordingly and have received the customers' consent. Regulatory requirements for open banking exist not only in Europe, but also in the USA, Japan and Australia, for example. A trend is clearly emerging that more and more banks worldwide are being obliged to share their data with third parties.
Simplification through standardisation
Various standardisation initiatives have been formed so that not every bank has to develop its own interfaces for Open Banking. The Berlin Group wants to develop a standard for all European banks. In addition, there are initiatives in individual countries, such as STET in France, Polish API in Poland or Open Banking UK (OBUK) in the United Kingdom. In Switzerland, there are several activities, including those of Six and Swisscom.
In addition to open interfaces, the European Payment Services Directive PSD2 also provides for new payment services, such as the Account Information Service or the Payment Initiation Service. To ensure the security of data access by third parties, the identity of a customer must be proven via Strong Customer Authentication (SCA).
While an Account Information Service Provider (AISP) can only retrieve account data to make it usable for financial management applications, for example, a Payment Initiation Service Provider (PISP) may also make payments on behalf of the customer.
Opportunities for new business models
The opening of interfaces (APIs, Application Programming Interfaces) also creates opportunities for new business models. The integration of third-party banks into the financial overview is widespread, as is the customer check when applying for loans or insurance. The opening of interfaces can also serve to drive innovation with the help of external developers.
Many FinTechs already use Open Banking
Since, despite standardisation, there is still a whole range of different interfaces for open banking, some FinTechs have specialised in bundling these interfaces. For example, the German companies Finapi, Fintechsystems Finleap connect (formerly figo) and Ndigit as well as the American Plaid position themselves as so-called API aggregators. In addition, there are many FinTechs that focus on different areas of open banking, such as interfaces for payment initiation services or interfaces for retrieving data and preparing this data for additional services. A total of 410 Third Party Payment Service Providers (TPPs) are currently licensed in Europe. Almost half of them operate as pure Account Information Service Providers (AISP) or as a combination of AISP and Payment Initiation Service Provider (PISP).
Include internet groups in regulation
From the banks' point of view, the big internet companies pose a risk in connection with open banking. Google, Amazon, Facebook, Apple and Co. (GAFAs) can use the open interfaces to get more information about the financial situation of their customers and to use the existing payment traffic infrastructure for their own purposes. For example, it would be conceivable for Amazon to collect amounts due directly by direct debit based on account information. And Apple could promote its own Apple Card instead of cooperating with the cards issued by banks as it has done in the past. This leads to the demand that the large internet corporations should also be made to make the data they collect accessible to third parties via open interfaces by means of regulation.
Martin Meier, Co-Head Financial Technology at Netcetera: "Open banking is still at an early stage with strong growth. So far, most applications are based on gaining access to account information and offering new services based on it."
Kurt Schmid, Marketing & Innovation Director Secure Digital Payments at Netcetera adds: "Legislators should now deal with the fact that the big internet corporations – which benefit from the regulation to open financial data – also have to make the data collected about us accessible."
Learn more in the corresponding webinar: