E-musing … open banking – from regulation to implementation
For open banking, 13 January 2018 was a big day. The end of the beginning, you might say – though for organisations that fail to adapt it could come to be seen as the beginning of the end.
At a European level, 13 January marked the coming into effect of the Second Payment Services Directive (PSD2). As part of this, banks and other payment services providers throughout the EU now have to make account data available to third parties if the customer wants them to.
In the UK, things have gone further. For the nine biggest retail banks (including one building society), the so-called CMA9, 13 January was not just the deadline for allowing access to account data but for doing this through an open API. While all but three of the CMA9 have been granted delays, the clock is ticking.
For banks, it’s a big step away from a world in which they effectively owned customer data. For fintechs and new challengers, it’s an exciting opportunity to develop new businesses offering account information and payment initiation services.
2018 and beyond
But all that is just the start. From a regulatory and technical point of view, the first half of the year sees plenty more changes.
For PSD2, detailed technical standards for security measures are currently under consultation. Official publication of the final version is expected during the first quarter, with the standards coming into effect eighteen months later – probably in September 2019. Both the UK and other EU countries will need to align their regulations to these standards.
For the UK’s CMA9, the six weeks from 13 January see a soft launch of open banking, with a limited rollout to allow for testing. At the end of this period, open APIs should be made generally available. Meanwhile, an extension of open banking to include credit cards and other forms of payment is already in the works.
Separately, 25 May 2018 sees new data protection laws come into effect under the EU General Data Protection Regulation (GDPR). GDPR brings its own data security requirements – and the threat of huge fines for organisations that fail to comply.
And all this before even looking at the wider business issues. What are the best opportunities for banks and fintechs to collaborate – and to compete? How will customers – who in the UK, at least, seem largely ignorant or sceptical about the promise of open banking – react? Will one or more of tech big five make a decisive move into the sector?
It looks like being a very interesting year in open banking.
Open Banking Summit
25 April 2018, London
Finance Edge’s 3rd Open Banking Summit is the year’s most crucial and focused flagship event, dedicated to providing business clarity and regulatory certainty around Open Banking, and to helping UK and European firms navigate the evolving open API landscape.