Guest Posts

Open Banking Explained: How It Works, And Risks

December 20, 2022
|
10
Min Read
No items found.

In this Article

Suppose you had to apply for a car loan ten years back. You would have had to provide your financial information to the lender, who would then decide based on this data. This used to be how banking worked; it was an opaque, complicated, and lengthy process, and you had little visibility over your financial data. 

Open banking, however, brought in a new era of digital banking. Instead of lengthy processing of documents, you can now access and share your financial data with banks and other third-party service providers in real time. 

While open banking has made banking for individuals and small businesses significantly more accessible, it has also presented some risks, depending on how and what information is shared with open banking. 

This article will discuss everything you need to know about open banking: what it is, how it works, and the potential risks. 

What is open banking?

Open banking is a set of initiatives enabling customers to share their financial data with regulated third-party service providers. It is based on the open API (Application Programming Interface) technology, which allows two computer applications to exchange information. 

The concept behind open banking was first introduced in 2015 when the European Union passed the Payment Services Directive 2 (PSD2). This directive mandated banks to provide access to customer financial data via APIs and granted permission for third-party payment services such as Stripe and PayPal to use this financial data for transactions. 

Open banking has become a global phenomenon, with countries like the United States, India, and China introducing their open banking initiatives. However, the banks typically require consent from the customers before sharing their financial data, which is managed through open banking APIs.

How does open banking work?

Data sharing is at the core of open banking, which is why open banking is also sometimes referred to as data banking. Open banking enables banks and third-party service providers to access customers’ financial data with their consent. 

The entire framework of open banking takes place in a few steps, as outlined below. 

Step 1: Open banking API access

Banks provide customers with an Application Programming Interface (API) that allows them to securely access their account information, such as balances, transactions, and payment history. 

Step 2: Obtaining consent

Customers provide their consent on what data they would allow the bank to share. Both banks and customers keep a record of the approval, ideally through a system-generated email or online banking platform. 

Step 3: Integration of third-party service providers with the API

Once customer agrees to share their financial data via open banking APIs, they can use a plethora of services provided by third parties, such as budgeting apps, automated savings, accounts, and loan comparison tools. 

Step 4: Banking services with API

Customers can use this API to connect other services they find helpful or necessary for better managing their finances. For example, a customer could set up a budgeting app that could connect directly with the bank's API and pull in data about the customer’s spending habits or income sources. Open banking APIs can help fight chargebacks by providing a secure, direct bank transfer process that is simpler and quicker than traditional payment gateways. The latter would require reliable chargeback stats to pinpoint fraud sources.

Source: Unsplash

Open banking use cases and functionalities

The following functionalities of open banking will help you better understand how the open banking system works in practice and how the open banking APIs use the information your bank shares. 

1. Direct debit

Open banking allows customers to make payments directly from their bank accounts through a ‘Direct Debit.’ In addition, it will enable the customer to authorize the payment service provider to withdraw money from their account when needed. 

Direct debit enables third-party providers to reduce transaction service time and costs. It also eliminates the need for customers to use payment cards or other forms of payment. 

Currently, you will find several third-party payment service providers known as payment initiation service (PIS) providers who help connect the client’s bank account to external eCommerce sites and facilitate transactions through a secure open banking API. 

2. Account Information Service (AIS)

Account information service (AIS) is open banking that allows loan issuers or other parties to pull customers’ financial data from their bank accounts. AIS comes in handy when a customer wants to borrow money from the bank and has to provide their financial information. 

The AIS helps customers provide relevant data quickly and securely without having to go through lengthy paperwork. Lenders can access customers’ financial data in real time using open banking APIs and make intelligent decisions on loan approvals or rejections depending upon various criteria such as credit score, income level, etc.

3. Strong security protocols

The process of open banking is secure as it uses robust authentication protocols such as two-factor authentication, biometrics, and tokenization technology for access control and data encryption for safe storage of financial information.

Third-party service providers or financial institutions also sometimes form an alliance or association to standardize the open banking or data banking security protocols, which ensures data safety, storage, and privacy even better. 

Major milestones toward open banking regulations

Open banking requires a set of rules and regulations adopted by banks to allow customers access to their financial data. It is also known as "banking-as-a-service" or BaaS, allowing third-party companies to use customer data with the customer’s permission and consent. 

Since its early days, many countries and regions have formed open banking rules and regulations to facilitate secure data sharing. Below are the timelines of a few major available banking frameworks, as specified in an open banking technical paper published by the World Bank.  

  • 2011: The UK government formed a strategic alliance with 26 organizations to develop the data framework, establishing a backbone for consumer empowerment and privacy. 
  • 2013: Hong Kong introduced an open banking-like framework. 
  • 2015: The UK regulators formed the Open Banking Working Group (OBWG)
  • 2016: European Union published the PSD2 framework, and Singapore brought its first API Playbook to set standardized rules. The National Payments Corporation of India (NPCI) also formed a framework to build a Unified Payments Interface (UPI).
  • 2017: Payments NZ initiated the API Workstream, the first open banking API framework of New Zealand. Japan amended its banking act to include open banking within its banking system. The US also standardized NACHA API, the country’s first formal open banking framework. The Australian Department of Treasury initiated a commission known as Farrell Commission to review Australia’s available banking frameworks and prospects. 
  • 2018: EU implemented the PSD2 framework and policies after several amendments and reviews. The UK also launched its first Open API, and Mexico approved a new law known as the Fintech Law outlining how open banking would work in the country. The Australian Banking Association finalized its formal guideline for handling Consumer Data Rights (CDR) through the country’s available banking operations.
Many countries globally, including Canada, Australia, Brazil, India, and Singapore, have implemented open banking since then. The main goal of these regulations is to make financial services more accessible for individuals and businesses by allowing the secure sharing of customer information between banks and third-party service providers.

Open banking data regulations in practice: Reviewing FDX of the USA

Open banking provides a layer of security through regulatory bodies and associations such as the Open Banking Implementation Entity (OBIE) in the UK, which ensures that available banking data is shared securely. Additionally, the Payment Services Directive 2 (PSD2) rules protect customers’ financial information from misuse or theft.

We will now explore how the Financial Data Exchange (FDX), an open banking association and regulatory body in the US, operates. 

Regulatory authorities and open banking stakeholders in the US have collaborated to establish FDX to facilitate and standardize open banking protocols in the country. It includes a vast network of over 200 financial institutions that serve over 42 million consumer accounts. The FDX API ensures secure access to consumer banking data and reports from third-party service providers. 

Version 5.2 of the FDX API reports over 600 financial data elements of the customers to the service providers so that they get an accurate picture of the consumer’s banking data in real time to offer the most suitably tailored services. A few major FDX Board member includes

  • Toronto-Dominion Bank
  • Equifax Canada
  • JPMorgan Chase
  • Intuit
  • National Bank of Canada
  • Xero
  • Several customer advocacy groups

Now that we have gone through the basic functionalities and regulatory frameworks of open banking let’s find out how it benefits the customers, users, and all stakeholders. 

What are the benefits of open banking?

Open banking is an emerging trend in managing finances and benefits both consumers and institutions. We will explore both. 

Open banking benefits for consumers:

Open banking streamlines how consumers access and manage their finances. It allows individuals to:

  • Have a better understanding of their spending habits by tracking transactions in real-time
  • Quickly transfer money between various accounts with multiple providers
  • Access more financial products, as banks can offer personalized services like virtual cards based on data shared via open banking.
  • Receive customized loan offers from lenders without having to provide documents or visit physical branches 
  • Enjoy lower fees for bank transfers, payments, and other financial activities
  • Receive loan approvals reasonably quickly without having to submit a lot of documents
  • Make eCommerce transactions quickly through a personal bank account
  • Manage finance and multiple accounts through a centralized system
  • Conveniently and automatically pay bills with auto-debit from a bank account.

In addition to consumer benefits, open banking also benefits the banks and service providers through significant process improvement. 

Open banking benefits for institutions:

Open banking brings numerous advantages for banks, financial institutions, and other service providers. 

  • Banks can offer more personalized services to customers by leveraging data shared via open banking APIs.
  • Companies can easily access customer information to make better decisions regarding loan approvals or new product offerings. The obtained data is more comprehensive and reliable than it can get through credit rating agencies. 
  • Service providers can develop innovative and customized products and services that leverage real-time data sharing through open banking APIs.
  • Banks can reduce operational costs associated with processing documents and manual data entry from customers.
  • Financial institutions can provide customer support faster using automated processes driven by open banking technology.

Open banking can help financial institutions generate new revenue streams by introducing new and innovative services. 

What risks are involved with open banking?

While open banking has made banking more accessible and simplified, it also has some associated risks. Some of the key risk factors include: 

  • Data security: The data shared with third-party service providers are often sensitive, so the concerned institutions must safeguard it against malicious actors or cyberattacks. Ideally, standardization of security protocols helps establish tightened security measures.
  • Privacy risks: Open banking increases the potential risk of data misuse. It is often possible to predict consumer behavior through open banking data, which implies privacy risks in many cases. Thus, financial institutions and businesses should be able to prove that they are using customer data ethically and responsibly, have proper guidelines for cookies in place, or else face severe legal action from regulators. 
  • Regulatory compliance: The regulatory landscape for open banking is still evolving, so businesses must stay abreast with emerging laws and regulations. Open banking initiatives must also ensure their products adhere to applicable consumer protection rules laid out by government bodies like the Federal Trade Commission (FTC) in the US. 
  • Excessive market consolidation: Open banking allows financial institutions to offer customers a broader range of services and products. As a result, banks, financial institutions, and service providers can access an extensive range of customer information, which may lead to excessive market consolidation, potential monopolies, and anti-competitive practices.

What information is shared with open banking?

Open banking allows customers to share various data types with third-party service providers depending on the region and local regulatory guidelines. Some of the standard data types you typically share through open banking include: 

  • Transaction history and transaction codes
  • Account balances
  • Financial goals and objectives
  • Location data or address
  • Credit score, credit reports, and financial liabilities 
  • Investment portfolio information
  • Banking product subscriptions

Sometimes, banks also share employment details, depending on local regulatory guidelines. 

Summary

Open banking is an emerging financial trend that has revolutionized the traditional banking system, making it more accessible and convenient for individuals and businesses. However, it would help if you considered some associated risks when using open banking services. 

Understanding what information is shared with open banking and the associated risk factors will help you get the most out of this innovative banking framework. Open banking can also help you gain invaluable customer insights for your online business or start-up

Guest Posts

Open Banking Explained: How It Works, And Risks

December 20, 2022
|
10
Min Read

Suppose you had to apply for a car loan ten years back. You would have had to provide your financial information to the lender, who would then decide based on this data. This used to be how banking worked; it was an opaque, complicated, and lengthy process, and you had little visibility over your financial data. 

Open banking, however, brought in a new era of digital banking. Instead of lengthy processing of documents, you can now access and share your financial data with banks and other third-party service providers in real time. 

While open banking has made banking for individuals and small businesses significantly more accessible, it has also presented some risks, depending on how and what information is shared with open banking. 

This article will discuss everything you need to know about open banking: what it is, how it works, and the potential risks. 

What is open banking?

Open banking is a set of initiatives enabling customers to share their financial data with regulated third-party service providers. It is based on the open API (Application Programming Interface) technology, which allows two computer applications to exchange information. 

The concept behind open banking was first introduced in 2015 when the European Union passed the Payment Services Directive 2 (PSD2). This directive mandated banks to provide access to customer financial data via APIs and granted permission for third-party payment services such as Stripe and PayPal to use this financial data for transactions. 

Open banking has become a global phenomenon, with countries like the United States, India, and China introducing their open banking initiatives. However, the banks typically require consent from the customers before sharing their financial data, which is managed through open banking APIs.

How does open banking work?

Data sharing is at the core of open banking, which is why open banking is also sometimes referred to as data banking. Open banking enables banks and third-party service providers to access customers’ financial data with their consent. 

The entire framework of open banking takes place in a few steps, as outlined below. 

Step 1: Open banking API access

Banks provide customers with an Application Programming Interface (API) that allows them to securely access their account information, such as balances, transactions, and payment history. 

Step 2: Obtaining consent

Customers provide their consent on what data they would allow the bank to share. Both banks and customers keep a record of the approval, ideally through a system-generated email or online banking platform. 

Step 3: Integration of third-party service providers with the API

Once customer agrees to share their financial data via open banking APIs, they can use a plethora of services provided by third parties, such as budgeting apps, automated savings, accounts, and loan comparison tools. 

Step 4: Banking services with API

Customers can use this API to connect other services they find helpful or necessary for better managing their finances. For example, a customer could set up a budgeting app that could connect directly with the bank's API and pull in data about the customer’s spending habits or income sources. Open banking APIs can help fight chargebacks by providing a secure, direct bank transfer process that is simpler and quicker than traditional payment gateways. The latter would require reliable chargeback stats to pinpoint fraud sources.

Source: Unsplash

Open banking use cases and functionalities

The following functionalities of open banking will help you better understand how the open banking system works in practice and how the open banking APIs use the information your bank shares. 

1. Direct debit

Open banking allows customers to make payments directly from their bank accounts through a ‘Direct Debit.’ In addition, it will enable the customer to authorize the payment service provider to withdraw money from their account when needed. 

Direct debit enables third-party providers to reduce transaction service time and costs. It also eliminates the need for customers to use payment cards or other forms of payment. 

Currently, you will find several third-party payment service providers known as payment initiation service (PIS) providers who help connect the client’s bank account to external eCommerce sites and facilitate transactions through a secure open banking API. 

2. Account Information Service (AIS)

Account information service (AIS) is open banking that allows loan issuers or other parties to pull customers’ financial data from their bank accounts. AIS comes in handy when a customer wants to borrow money from the bank and has to provide their financial information. 

The AIS helps customers provide relevant data quickly and securely without having to go through lengthy paperwork. Lenders can access customers’ financial data in real time using open banking APIs and make intelligent decisions on loan approvals or rejections depending upon various criteria such as credit score, income level, etc.

3. Strong security protocols

The process of open banking is secure as it uses robust authentication protocols such as two-factor authentication, biometrics, and tokenization technology for access control and data encryption for safe storage of financial information.

Third-party service providers or financial institutions also sometimes form an alliance or association to standardize the open banking or data banking security protocols, which ensures data safety, storage, and privacy even better. 

Major milestones toward open banking regulations

Open banking requires a set of rules and regulations adopted by banks to allow customers access to their financial data. It is also known as "banking-as-a-service" or BaaS, allowing third-party companies to use customer data with the customer’s permission and consent. 

Since its early days, many countries and regions have formed open banking rules and regulations to facilitate secure data sharing. Below are the timelines of a few major available banking frameworks, as specified in an open banking technical paper published by the World Bank.  

  • 2011: The UK government formed a strategic alliance with 26 organizations to develop the data framework, establishing a backbone for consumer empowerment and privacy. 
  • 2013: Hong Kong introduced an open banking-like framework. 
  • 2015: The UK regulators formed the Open Banking Working Group (OBWG)
  • 2016: European Union published the PSD2 framework, and Singapore brought its first API Playbook to set standardized rules. The National Payments Corporation of India (NPCI) also formed a framework to build a Unified Payments Interface (UPI).
  • 2017: Payments NZ initiated the API Workstream, the first open banking API framework of New Zealand. Japan amended its banking act to include open banking within its banking system. The US also standardized NACHA API, the country’s first formal open banking framework. The Australian Department of Treasury initiated a commission known as Farrell Commission to review Australia’s available banking frameworks and prospects. 
  • 2018: EU implemented the PSD2 framework and policies after several amendments and reviews. The UK also launched its first Open API, and Mexico approved a new law known as the Fintech Law outlining how open banking would work in the country. The Australian Banking Association finalized its formal guideline for handling Consumer Data Rights (CDR) through the country’s available banking operations.
Many countries globally, including Canada, Australia, Brazil, India, and Singapore, have implemented open banking since then. The main goal of these regulations is to make financial services more accessible for individuals and businesses by allowing the secure sharing of customer information between banks and third-party service providers.

Open banking data regulations in practice: Reviewing FDX of the USA

Open banking provides a layer of security through regulatory bodies and associations such as the Open Banking Implementation Entity (OBIE) in the UK, which ensures that available banking data is shared securely. Additionally, the Payment Services Directive 2 (PSD2) rules protect customers’ financial information from misuse or theft.

We will now explore how the Financial Data Exchange (FDX), an open banking association and regulatory body in the US, operates. 

Regulatory authorities and open banking stakeholders in the US have collaborated to establish FDX to facilitate and standardize open banking protocols in the country. It includes a vast network of over 200 financial institutions that serve over 42 million consumer accounts. The FDX API ensures secure access to consumer banking data and reports from third-party service providers. 

Version 5.2 of the FDX API reports over 600 financial data elements of the customers to the service providers so that they get an accurate picture of the consumer’s banking data in real time to offer the most suitably tailored services. A few major FDX Board member includes

  • Toronto-Dominion Bank
  • Equifax Canada
  • JPMorgan Chase
  • Intuit
  • National Bank of Canada
  • Xero
  • Several customer advocacy groups

Now that we have gone through the basic functionalities and regulatory frameworks of open banking let’s find out how it benefits the customers, users, and all stakeholders. 

What are the benefits of open banking?

Open banking is an emerging trend in managing finances and benefits both consumers and institutions. We will explore both. 

Open banking benefits for consumers:

Open banking streamlines how consumers access and manage their finances. It allows individuals to:

  • Have a better understanding of their spending habits by tracking transactions in real-time
  • Quickly transfer money between various accounts with multiple providers
  • Access more financial products, as banks can offer personalized services like virtual cards based on data shared via open banking.
  • Receive customized loan offers from lenders without having to provide documents or visit physical branches 
  • Enjoy lower fees for bank transfers, payments, and other financial activities
  • Receive loan approvals reasonably quickly without having to submit a lot of documents
  • Make eCommerce transactions quickly through a personal bank account
  • Manage finance and multiple accounts through a centralized system
  • Conveniently and automatically pay bills with auto-debit from a bank account.

In addition to consumer benefits, open banking also benefits the banks and service providers through significant process improvement. 

Open banking benefits for institutions:

Open banking brings numerous advantages for banks, financial institutions, and other service providers. 

  • Banks can offer more personalized services to customers by leveraging data shared via open banking APIs.
  • Companies can easily access customer information to make better decisions regarding loan approvals or new product offerings. The obtained data is more comprehensive and reliable than it can get through credit rating agencies. 
  • Service providers can develop innovative and customized products and services that leverage real-time data sharing through open banking APIs.
  • Banks can reduce operational costs associated with processing documents and manual data entry from customers.
  • Financial institutions can provide customer support faster using automated processes driven by open banking technology.

Open banking can help financial institutions generate new revenue streams by introducing new and innovative services. 

What risks are involved with open banking?

While open banking has made banking more accessible and simplified, it also has some associated risks. Some of the key risk factors include: 

  • Data security: The data shared with third-party service providers are often sensitive, so the concerned institutions must safeguard it against malicious actors or cyberattacks. Ideally, standardization of security protocols helps establish tightened security measures.
  • Privacy risks: Open banking increases the potential risk of data misuse. It is often possible to predict consumer behavior through open banking data, which implies privacy risks in many cases. Thus, financial institutions and businesses should be able to prove that they are using customer data ethically and responsibly, have proper guidelines for cookies in place, or else face severe legal action from regulators. 
  • Regulatory compliance: The regulatory landscape for open banking is still evolving, so businesses must stay abreast with emerging laws and regulations. Open banking initiatives must also ensure their products adhere to applicable consumer protection rules laid out by government bodies like the Federal Trade Commission (FTC) in the US. 
  • Excessive market consolidation: Open banking allows financial institutions to offer customers a broader range of services and products. As a result, banks, financial institutions, and service providers can access an extensive range of customer information, which may lead to excessive market consolidation, potential monopolies, and anti-competitive practices.

What information is shared with open banking?

Open banking allows customers to share various data types with third-party service providers depending on the region and local regulatory guidelines. Some of the standard data types you typically share through open banking include: 

  • Transaction history and transaction codes
  • Account balances
  • Financial goals and objectives
  • Location data or address
  • Credit score, credit reports, and financial liabilities 
  • Investment portfolio information
  • Banking product subscriptions

Sometimes, banks also share employment details, depending on local regulatory guidelines. 

Summary

Open banking is an emerging financial trend that has revolutionized the traditional banking system, making it more accessible and convenient for individuals and businesses. However, it would help if you considered some associated risks when using open banking services. 

Understanding what information is shared with open banking and the associated risk factors will help you get the most out of this innovative banking framework. Open banking can also help you gain invaluable customer insights for your online business or start-up

Effortless expense management for all business spends. Earned time, saved costs, improved productivity, happy employees - achieve it all with a single software.

Stay updated with Fyle by signing up for our newsletter

Thank you! Your subscription has been received!
Oops! Something went wrong while submitting the form.

Features to support all your expense management needs