The evolution of open banking

The trend towards open banking — and open data — shows no signs of slowing down. We invited Tony Craddock, Director General of the Emerging Payments Association, and Jim Wadsworth, Senior Vice President for Open Banking at Mastercard, to share their thoughts on how open banking has and will continue to evolve.

Let’s start by evaluating the current landscape: How is open banking progressing in the UK and Europe, and what’s happening around the world?

Jim Wadsworth, Mastercard: Open banking is a worldwide phenomenon, often catalysed by regulation. Most recently, we've seen announcements of significant and wide-reaching legislation from Australia and Brazil; At Mastercard we have been inputting and responding to consultations from various different national regulators around the world.

In Europe and the UK, it's growing rapidly. We’re seeing around 400 million transactions a month through UK banks’ APIs, most of which so far is for account information use cases.[1] But we’re also starting to see the first few payments use cases emerging as well. It's certainly true to say that not all banks have fully-functioning APIs in place at the moment. However, in light of the coronavirus pandemic, I suspect the national regulators will allow a certain amount of grace.

But we also see market-driven initiatives, the best example being the US where there have been variants on the theme of open banking for well over a decade now. Close to if not more than half of US adults participate in some form of open banking service, such as to get an aggregated view of their finances or prove their worthiness for credit, whether they're aware of it or not. 

Tony Craddock, EPA: Open banking has the potential to be transformational. Adoption is happening at different paces in different parts of the world, from the heavily-regulated environments to the much less regulated, where the market is being allowed to determine the priorities. We’re yet to see which is the best approach. 

Mexico for example, it’s designed to enable the high percentage of people who are under-banked to gain access to financial services; in the UK and Europe it’s to encourage competition between providers, and in places such as Hong Kong and Bahrain it’s to help establish them as financial centres of excellence to attract capital, entrepreneurs and other service providers to benefit the economy.

In light of the different drivers, how do the definitions of open banking differ around the world? For example, in the UK, regulation was initially focused on payments, but is now looking to grow beyond that into financial services. Is that the same around the world? 

Jim: The European regulatory model, which is often used as a baseline for other countries, is centred around payments accounts, having been introduced as an enhancement to the second payment services directive (PSD 2). One of the objectives of the PSD 2 regulation was to try to move the industry away from less secure means of accessing peoples’ account data, like screen scraping, towards something more secure, such as APIs.

EU regulation provides for API access to current accounts, but for a provider to offer a customer an aggregated view of their account balances across multiple providers, residual screen scraping methods are still required to access, for example, their savings accounts, pensions, and investment products. That, for me, does not meet expectations for overall security from a regulatory point of view.

The Australian regulatory model, by contrast, is more along the lines of what we might term ‘open finance’: savings accounts, investment accounts, pension accounts and so on are all in scope. In May, Australian regulators announced they were moving beyond financial services to open up access to data that is held in utility accounts, mobile phone accounts and more. Moving to a true open data model is a logical direction of travel, and one we’re very supportive of. Regulators in the UK and in Europe are currently consulting on whether or not to expand their scope; our response offers a very positive view.

Tony: If we can get to a point at which there is an open exchange of data between banking and insurance, pensions, property, utilities or telecoms, then this opens up extraordinary opportunities.

It makes the world a more level playing field, and allows innovation to take place more rapidly and at lower costs; it allows new products to come to market faster; and it ensures that big and small companies can exist very healthily alongside one another, tied together via the API model. That’s something from which both the industry and society will benefit.

What are some of the most exciting or beneficial use cases that are enabled by open banking – or open data?

Jim: At Mastercard, we’re very passionate about the inclusive agenda, one aspect of which involves widening access to affordable credit for people and small businesses. The challenge with the traditional model in lots of markets, including places like the UK and the US, is that lenders rely on credit reference databases to make their lending decisions, which are essentially limited to those who already have credit. It excludes many people and businesses who are entirely credit worthy but don’t have the necessary history. 

One of the great things that open finance makes possible is for lenders to readily access the data they need to make an informed credit decision, such as to verify someone’s income or existing assets. It makes it easier for them to provide finance to more customers on an appropriately risk-managed basis.

Tony: It means the propensity for recovering loan repayments will be increased, and it means that better customers will get better-priced financial products — that’s the upside. The flipside is that those who perhaps don't have the technical proficiency to leverage open banking may find themselves at a disadvantage.

Something we need to consider as an industry is whether we’re prepared to differentiate according to those who are enabled and empowered by open banking — because those that remain excluded are likely to be the ones that are most at risk.

Jim: That's a great point. I’m hopeful that with broader availability of more comprehensive data sets, then net better decisions will end up being made. There isn't a panacea for everything, but we know today that people get into credit difficulties because they've been given access to finance they probably shouldn't have taken or probably shouldn't have had. It cuts both ways.

As the ecosystem matures confidence is quietly building in its profitability for financial institutions.[2] What’s the opportunity for them to increase or diversify the revenues? 

Jim: What we've seen in the UK is a good precursor for what we're now seeing across the rest of Europe: financial institutions are coming around to viewing open banking as a commercial opportunity.

It’s not just third-party providers; banks are among the biggest consumers of APIs. Being able to see their customers’ accounts with different providers means they can, for example, offer a better rate in return for the customer transferring those accounts over.

Meanwhile, they’re investing more in their customer experience to make sure that it's their app that customers visit for their personal financial management services rather than a competitor’s. That's absolutely the intent of regulators in the regulated markets, which is to stimulate competition and innovation.

Tony: Absolutely. Beyond worrying about which API calls should be charged for and which ones shouldn't, the secret to banks’ success will be in making sure that they’re addressing genuine user problems that they also offer some value to them: speeding things up, making payments less manually intensive, improving reconciliation processes and reducing backend costs. It has to be safe for them to introduce new participants to the value chain, and generate sufficient return and profit. 

Let’s pivot very slightly. How can we secure users’ trust in open banking so they feel comfortable using and adopting the solutions that are becoming available to them? 

Jim: Our financial data is some of the most sensitive data we own; trusting that its kept secure is absolutely essential for open banking to succeed. There are various mechanisms in place to help keep that data secure, not least Mastercard’s Open Banking Protect solution. 

But another thing that’s important to secure customer trust and loyalty are the fundamentals of customer service. In general, people expect things to work; I think one of the big ways providers can secure trust is by responding quickly and effectively in the event something goes wrong.  

At the moment, liability falls on the shoulders of banks. But if it’s the third-party provider that causes the problem, I don't think it's right that the bank should be expected to put that right. The third-party ultimately needs to be responsible for its own mistakes.

Tony: What Jim is alluding to is customer protection and redress models and mechanisms. If things go wrong, we need to get to the point at which consumers are completely confident that when, for example, there's a push payment fraud, they get their money back.

How do we secure trust in open banking among participants and end users?
Tony: Firstly, banks are intrinsically trusted to manage people’s money. Banks can grow confidence through how they deal with customers in an open banking-enabled world.

Second, the user experience has to become increasingly high quality. We can't get to the point at which the API system works one time out of five. Consumers will walk away having lost interest in the whole concept. 

Third, it has to be consistent. When we pay online, the consistency of the experience gives people confidence, but that’s not quite the case in open banking at the moment: making an open banking-enabled transaction can take anywhere from five to 11 steps depending on the bank you're transacting through. Consumers won't learn more than one way of doing things.

Jim: These are hygiene factors that need to be addressed sooner rather than later. Some of the biggest beneficiaries of open banking are the banks themselves; they have an incentive to come together. Of course, it’s something the industry and Mastercard have done very successfully over the past 50 years in card payments, and there are some great lessons learned from that. I hope that another 12 months down the road, those conversations will largely be done and dusted.

So, where are we going next?

Jim: Open banking is a platform for innovation and as it evolves, it will be driven by the age-old disciplines of understanding where there are unmet customer needs and fulfilling them brilliantly. I expect open banking will become the normal way we all interact with our money moving forward.

Tony: It'll be fascinating to see what the consequences of the pandemic will be over a three to five-year timeframe. Is now the time for the UK Government to take another look at investing in a digital identity scheme that’s enabled by open data principles, perhaps?

Jim: I think the pandemic is going to accelerate the rate of innovation significantly. In the homeworking environment, we've all suddenly moved huge quantities of what we were used to doing in the physical world to a virtual one. The normalisation of digital technologies will ultimately help drive adoption of new services through open banking. 

It’s very hard to be definitive about the future, but that’s what makes it exciting. We'll see which services thrive and which ones need to be rethought, but — you know — that's the joy of innovation. 

[1] ‘Open Banking APIs Performance’. Accessed 1 June 2020. 

[2] According to a recent research report, 79 percent of the industry believe open banking will have a mainly positive effect on the profitability of the sector over the next five years. 91 percent expect to achieve a positive return on investment from charging for APIs, with an average payback timeframe of two years.