The Open Banking Summit on 26 September focused on what is expected to come in the world of Open Banking in Australia. The event, hosted by Finance Edge, gathered industry professionals to discuss economy-wide interconnections and how to succeed in the new environment for financial services.
There has been a five-fold increase in the number of fintech start-up companies in Australia over the past five years and Australia has not experienced a bonafide recession since 1990-1991. This is fertile ground to take advantage of the opportunities Open Banking presents. The Productivity Commission announced recently that there is ‘enormous untapped potential in Australia’s data’; but there are challenges to consider when implementing Open Banking in Australia – 94% of digitised people don’t read privacy terms and conditions and 95% would like to opt out of services they are linked to. Thus tapping into some of the challenges that still have not been solved when implementing Open Banking – consent, privacy and product saturation.
The journey to Open Banking in Australia has been brief. The interim report on implementation of an Open Banking regime in Australia was released in February 2018. The review, undertaken by Mr Scott Farrell, a partner with King & Wood Malleson (the Farrell Review), provides recommendations on the design of the operating model and regulatory framework for the introduction of Open Banking in Australia. In May the Australian Government accepted the recommendations of the Farrell Review and outlined a phased implementation timetable.
The 2018/2019 Federal Budget has committed $44.6 million over four years to establish a Consumer Data Right (CDR). Banking, whilst the first sector to have to comply, will not be the last. Telecommunications and Healthcare amongst other industries will also need to open up customer data and will need to comply. What also differentiates Australia in the world of Open Banking is that the regulation only specifies the need for read-access to data, at least for the moment.
Source: King & Wood Mallesons
The drive for Open Banking
There are many reasons why individual markets or regions are undertaking Open Banking programs. Australia is by no means the first and will not be the last. Increased competition in the retail banking sector a la the United Kingdom; greater adoption of innovation such as in the European Union and Japan; financial inclusion in Mexico and Kenya or enhanced consumer data rights as in Australia are all among the reasons jurisdictions are journeying down the Open Banking path. The domestic nature of retail banking and a lack of a universally accepted definition of Open Banking has led to many flavours and implementations, with different account types and data sets being in scope. But one thing remains consistent – banks are worried.
Roy Amara, the American researcher and scientist, was quoted during the conference as saying, ‘we overestimate the impact of new technology in the short term but we underestimate it in the long run’. If we imagine, Google opened up their Maps service via open APIs in 2005, which has been revolutionary and transformative. So much so that it has since spurned a whole economy, with the likes of Uber tapping into this service in 2009. Banking API’s have the opportunity to be just as powerful, particularly when combined with Telecommunications and other industry data. This sets Australia apart when delivering Open Banking – it has been thought about in the wider context of data utility rather than just within the confines of banking.
In Europe and Australia Open Banking has been regulatory driven, but elsewhere in APAC territories they are embracing a more voluntary approach. Some attendees at the conference believed that innovation cannot be legislated for and that by strong-arming the industry into delivering Open Banking the true benefits may be more difficult to achieve. Regulators should not be creating more compliance. That being said, most conference attendees agreed that privacy, liability and consent criteria are difficult to achieve by industry alone.
API’s are not the silver bullet
APIs have been around in the banking industry for decades. They are not sexy and they alone are not going to solve the industry’s problems. They are a technical way of exchanging and exposing data. What fundamentally will revolutionise banking is the use of these APIs to transform the user experience.
Fintechs in the past have not been growing the financial services sector. They have been finding ways to filch pre-existing margins. Open Banking through open APIs has the potential to change that. The industry needs to be focused now on new business models, not digitising broken business models. Only then will be really see the benefit of Open Banking. Some attendees felt that PSD2 in Europe is merely just trying to keep the existing banking model, despite regulatory efforts to the contrary.
Standardisation of APIs is seen as beneficial. However, the value of the Consumer Data Right in Australia is that APIs for banking, telecommunications and healthcare will all interoperate, building a rich picture of an individual’s digital footprint. These are industries that traditionally have not worked together. These siloes need to be broken down so that true interoperability can be achieved.
Understanding Trust and the Customer Relationship
Whilst historical customer data may be interesting, the opportunity does not lie here. It lies in whether your customer trusts you and gives you the next piece of data, as this is what organisations can take action on. This is what is necessary to stay relevant. If organisations are genuinely going to compete in this area, they need to transform both in strategy and in style. There is little point in keeping the same strategy but looking cool, to use the UK adage, you’ll be left with ‘all the gear, no idea’.
There is a real challenge in viewing Open Banking through the lens of public good, when it is being delivered by commercial organisations that need to realise the commercial opportunity. But innovation is not difficult, getting individuals to trust and adopt new technology and services is the challenge. Customers deserve their own experience, and not the one necessarily provided by their bank. However, unfettered control by consumers was seen as systemically dangerous. So who is in control of what? This seems a question that remains unanswered. Much like the question, who is liable? These questions need to be answered with confidence if trust is to be had in the system, not just by customers but by the industry as well. Digital identity and consent management are key for the Open Banking model and are at the heart of the customer experience. Social media and technology giants have everything to gain and nothing to lose. They are not regulated but can plug into a highly regulated market. This can lead to asymmetrical competition, as one speaker put it, and this is unlikely to be healthy for the market in the long run. Some felt that a level of reciprocity should be expected of big technology companies, where their data is also supplied into the Open Banking ecosystem.
There were some serious questions raised also about customer education. Some argued that there is no need for education; customers are rarely taught about new payments options, they just use them. However, others believe that in today’s world education is not about financial services but about data. Education should be raised to a higher level and government led.
There are many questions still unanswered and as Australia starts to implement Open Banking no doubt solutions will start to become clear. All agreed, that Open Banking may be ‘clunky’ in the beginning, but this will soon become a thing of the past as organisations really put theory into practice. One speaker commented, the App Store was not part of the original iphone, in the beginning it was just a phone. But a year later consumers had all these new apps at their fingertips. We can only hope that Open Banking brings the same level of customer satisfaction and usability.
Author: Lauren Jones, Editor, InstaPay
Open Banking has the potential to significantly alter the way that financial products and services are delivered. Third-party providers, including the big technology firms such as Amazon, Apple, Google and Ant Financial, as well as Fintech’s are looking at how they can exploit the capabilities of open banking and disrupt the financial services market.
In light of this, it is necessary that banks and other financial institutions develop a strategy to ensure they are prepared for the launch of open banking in Australia and can maintain their customer relationships, continue to be relevant and compete in an increasingly crowded market.
So what are some of the key aspects that a financial institution needs to consider as they develop a strategy for open banking?
Firstly, there needs to be agreement on the fundamental characteristics of the business. This requires the answering of questions such as, are you – or do you become – a utility bank that offers core functions of taking deposits and lending money and supports other providers customer facing channels? Do you want to be a central resource in a customer’s daily life and leverage the existing channels and new digital channels to broaden your business lines within financial services and beyond? Do you want to become a trusted advisor and enrich the customer experience with advice based on data and insights?
Secondly, it is important to consider what role open banking plays in a broader digital transformation process. It is likely that a response to open banking will be part of a larger business change program and thus it will need to have a strategic alignment to broader business objectives.
“If the intention of digital transformation is to bring convenience into the hands of the customer, then open banking, enables the customer to dictate with greater control who can provide those services to them; and for how long,” Gonsalves commented.
Digital transformation requires new thinking and thus will involve cultural change and change to back-office processes before the customer facing experience can change.
Financial institutions will need to work out how they can think like a Fintech and become more agile and responsive to change. Thirdly, how do financial institutions make sure they don’t lose the customer relationship. The opportunity for third-party providers to disintermediate in the value chain and disrupt the banks relationship with its customers, will be greatly enhanced with open banking and financial institutions need to consider the best approach in addressing this. It may be better to partner with Fintech’s and leverage their customer facing solutions either as white label products or third-party branded. There could be capabilities that big technology companies provide that will enable financial institutions to leverage their channels but retain the customer relationship.
“Linked with real time payment processing and increased data and decisioning capabilities then open banking can help to create a competitive ecosystem where traditional banks will have to work collaboratively with partners that sit inside and outside of today’s definition of financial service providers,” Gonsalves concluded.
Finally, there is the question of what role data will play. Although financial institutions already have a wealth of data and data analytics capabilities, the financial data they hold will be available to third-parties, some of which – including the big technology firms – have data analytics as a core competency. Will these organisations have a competitive advantage and be in a position to provide better financial insights?
Joanne Henagan, Chief Innovation Officer for Credabl, a specialist Australian lender believes they will. “Open banking will provide access to data that is consistent, transparent and intelligible. By analysing the data, we’re able to evidence trends and identify opportunities. In so doing, we devise data-driven strategies that accelerate innovation and deliver relevant products and services.”
Hear from both Ryan Gonsalves and Joanne Henegan at Open Banking Australia taking place on 26 September 2018 in Sydney, Australia.
The Summit will debate evolving practices in data protection and ownership, monetisation strategies, approaches for engaging consumers and more. Open Banking Australia is an opportunity to analyse and to hear speakers share insights from their experience of Open Banking in other markets and industries.
Ahead of the Open Banking Australia Summit we caught up with Seshika Fernando, Head of Financial Solutions, WS02 to discuss the opportunities and threats of open banking.
How will the increased use of open APIs shape the financial services market, and how will it impact different market players in both the short- and long-term?
In the history of banking, banks went through multiple phases of customer experience improvement. From branch banking to phone banking to ATMs to online banking to mobile banking. However, while each of these phases improved customer experience, the customer had to depend on the service offerings of the respective banks. The future is different. The customer will do banking through their preferred channel, and banks have to ensure that their financial products and services can be accessed through those experiences. This is where open APIs come in. Banks offer their financial services via APIs so that other players create great experiences on top of that and offer it to customers. Banks who do not open up secure, easy to use APIs will get left behind.
The impact to all stakeholders is positive. Customers are offered better experiences and financial literacy. Fintechs get to enter the currently oligopolistic market that is exclusively governed by banks. And banks get to focus on what they are best at – creating great financial products and services – and let the fintech take care of user experience.
Which activities should banks be prioritising in the wake of open banking?
Banks need to focus on four key areas
What opportunities does open banking present, and which commercial strategies will thrive in the new environment?
Open banking enables the creation of a consolidated financial portfolio for banking consumers, which is a first in the industry. This is the unique asset that the open banking world creates. Any organization (be it banks or fintechs) who understand the value of that asset will thrive. For example, if banks forge ahead and do API integration themselves, instead of just stopping at opening up APIs, they can then understand their customers beyond the limits of the bank. This allows them to offer their customers, customized product offers that can attract funds spread across different banks to themselves.
Creating insights on top of this rich asset of consolidated consumer financials will be a lucrative commercial strategy going forward.
Third Party Providers are going to be the presentation layer for banks in the future. Consumers will now flock towards certain TPP (Third Party Providers) apps rather than flocking towards a particular bank. Therefore, banks that provide great TPP experiences will indirectly win at the end of the day. The more TPPs providing experiences on top of a bank’s products, the more consumers for the bank.
Customer education is another one. Even though the open banking world seems promising for consumers, the reality is that most of them are apprehensive about whether or not their data is secure. If banks can be the ones to create that trust through customer education, then those consumers will always maintain a strong relationship with the bank irrespective of the independence the open banking world provides the consumers.
How can firms overcome the security and privacy concerns associated with data sharing?
This is not as daunting or complex as it sounds. Basically, in each of the open banking regulated markets, the standards bodies have been kind enough to provide guidance on how to share data in an absolutely secure manner as well as how to ensure consumer’s consent to share their data through Strong Customer Authentication and consent management requirements. All that needs to be done is to follow the guidelines and ensure that you have the right technology mix to implement it.
What are the best strategies to encourage customer engagement?
Customer education on open banking, its benefits, what to look out for when sharing data with a third party, and so on, will all help in creating consumer trust and confidence. If banks remain transparent about the steps they are taking towards compliance, your customers will appreciate that transparency and trust you. Giving customers a complete picture of open banking, all the way from the improved lifestyles they can enjoy through open banking to what is being done with their data, who is accessing it and within what scope helps deliver this. Banks who take the extra mile to educate customers will compete not just on customer experience but also customer trust.
Why will you be speaking at Finance Edge’s Open Banking Summit, and what do you hope to get out of the event?
WSO2 provides the only purpose-built solution for complete regulatory compliance in Australia. We are keen to meet all the stakeholders of Open Banking Australia and understand specific requirements and pain points so that we address them through the WSO2 Open Banking solution. We also hope to share our expertise and experience of providing open banking solutions in other regions and use some lessons learned to help you comply in an agile manner.
View more information about WSO2 here.
Nick Rugg, Senior Underwriter,Financial Institutions and Fintech, Markel International.
Transactions involving the sharing of data and the movement of funds will always carry risk. Where there are multiple parties involved in these transactions there is clearly heightened risk. The exposure to fraud, theft and data loss for banks, account information service providers and payment initiation service providers will no doubt be a key concern for these companies.
As well as having strong customer authentication and data protection procedures it is vital that companies also have the right insurance policy in place. The right insurance policy is key for companies that wish to gain FCA authorisation to offer account information services and payment initiation services and to protect themselves against the liabilities that may arise from offering these services.
The market for the type of insurance that AISPs and PISPs need in order to gain FCA authorisation is very small, however the Markel fintech insurance policy has the covers required for these companies to become authorised and we are very proud to say that our insurance policy has formed part of many companies successful applications for authorisation from the FCA.
The right insurance policy is critical for FCA authorisation so it’s important that companies wishing to offer account information and payment initiation services speak to an experienced insurance broker or insurer of fintech companies in order to arrange the right level and breadth of cover required for successful authorisation.
It will be a great opportunity to meet some interesting people within the Open Banking sphere and to hear about their ideas and experiences. And hopefully they will be interested to hear what I have to say too!
The “open source” marketing label is a bit like “organic” — you need to dig deeper to understand what it really means. Some “organic” products may contain up to 30% non-organic ingredients! Thriving FOSS ecosystems share some common characteristics though: at a minimum, an open source license is fundamental — everyone in the ecosystem must have the right to modify and redistribute the code. Versioned packages are important as well–operations teams can’t compile source code and need easy-to-use binaries. And finally, freely available documentation and an active community are essential for productivity.
When all cylinders are firing (code, packages, docs, and an active community), the FOSS development process results in a product which has the most features, the fewest bugs, the simplest user experience and the quickest updates. More eyes on the code, more contributors building features, and more trained engineers makes community the super-power for open source products.
There is no intrinsic security advantage for proprietary commercial software — hackers don’t need to see source code to find flaws. There is, however, a clear security benefit derived when many organisations pool their penetration testing results and share findings. An open source community leads to more discussion on the impact of announced security vulnerabilities and faster bug fixes. Community collaboration is the secret power of open source software, and is a “super-safe” choice!
Open source software works best for standards, security and infrastructure–areas where cooperation is more important than competition. Banks compete, but nobody wins if hackers get richer. Sharing know-how on software that implements security standards is a win-win for all legitimate players in an ecosystem.
The Internet is a layered fabric of standards. Routing data packets, browsing web pages, sending email, using mobile applications — none of this can happen without Internet standards working together. Important new standards for authentication, single sign-on (SSO) and consent management are proliferating even as older identity security standards are just gaining adoption. Even experts in the industry find it difficult to keep track of it all!
Three standards organisations are developing identity standards that will have an important impact on Open Banking: the OpenID Foundation (OIDF), Kantara and the FIDO Alliance:
We are looking to build the community of collaborators for the Gluu Server, an open source OAuth 2.0 and FIDO access management platform.
The increased use of open API’s will impact banking institutions of all sizes, opening up financial services and payments markets to new competitors and service providers. Open API’s will provide new opportunities to make use of banks’ internal data and external market information in real-time and at scale as part of delivering customer services.
To meet the requirements around open banking, consolidation of data should be a priority. By looking at how to manage data at scale, banking IT teams can implement new cloud applications that can meet new customer experience expectations. Without the ability to consolidate data effectively, understand the relationships between the data elements, and achieve all this in real time, banks will find it difficult to implement new services that customers will value and face a potential loss of those customers to competitors.
Opening bank systems to third party access is a huge risk unless banks organise themselves to leverage data as a differentiator; this is the opportunity. This goes beyond looking at current data sets that are held in individual silos and instead involves thinking about how to use external and internal data sets together. The alternative is to let competitors take this approach. The strategy is to hold the data in an operational data layer to have a 360 view of your customers to better deliver a fully personalized experience in the context of where they are on their journey with the bank right now.
This is a hot topic at the moment with the deadline of having a GDPR compliant strategy looming fast, especially when looking at hybrid cloud or multi cloud architectures. You need not only a data platform that comes with advanced security, encryption, access controls, audit trails, but also the ability to maintain data autonomy. For example, in a hybrid cloud architecture you need the ability to control which data resides on premise and which data resides in the cloud. DataStax has the ability the address this and other data autonomy requirements.
Having a customer-centric strategy where an organisation demonstrates that it has robust data privacy capabilities that are to the benefit of the consumer is a major USP that will drive customer engagement.
As a software vendor it is vital for us to be in regular contact with customers and potential prospects in order to better understand current market trends and emerging market requirements.
Open Banking, powered through Open APIs, puts the consumer, who is now fully empowered to use their own financial data to take advantage of whatever products or services they choose, at the center of the financial services ecosystem. In this new, innovation-driven environment, those market players that provide solutions to consumers where they most demand them will flourish, whether they are traditional banks or fintech firms. Incumbency will no longer be a significant competitive advantage.
The first order of business remains ensuring that the APIs that power Open Banking are up and running and reliable so that consumers can fully benefit from the new ecosystem.
The beauty of Open Banking is that we don’t yet know its full potential; we only know that the benefit to consumers will increase in the long run. Over time, it will enable account information and payment use cases driven by consumer demand that we couldn’t envisage today. Who would have imagined just 10 years ago that we would be able to conduct almost all of our personal banking using a mobile phone? While we can’t know what the technology landscape will look like 10 years from now, the Open Banking ecosystem provides the consumer the right to use their financial data in whatever manner they choose, and ensures that banking services will be provided wherever they will want to use them.
Open Banking is a triumph of collaboration among all of the stakeholders – banks, policymakers, consumers, and fintech firms – to create an ecosystem that addresses the security and liability issues associated with data sharing in the banking sector. Beyond Open Banking – a framework under which these issues have been painstakingly addressed – it is only through this type of determined, exhaustive, private/public sector collaboration that these types of concerns can be adequately addressed.
Financial management is an emotionally charged topic. While traditional PFM tools offer consumers the convenience of getting a consolidated view of their finances, they don’t provide personal guidance and recommendations on next steps. This lack of guidance is a key contributor to lack of engagement. Next generation tools that use data analytics and domain expertise to provide contextual education and personalised recommendations have a much higher likelihood of engaging consumers and empowering them to improve their financial outlook.
As Open Banking became a reality in the UK earlier this year, all of us with a stake in its success must ensure continued dialogue. Finance Edge’s Open Banking Summit is one of the best opportunities for such critically important stakeholder engagement.
“The seminar was very well balanced between visionary aspects, market aspects, policy issues, regulatory & risk management.”