API-based open banking initiatives are quite common around the world. However, the degree of openness varies greatly from country to country based on the robustness of each country’s regulatory framework.
With open banking, developers can integrate financial data from multiple institutions within the same application or share financial data between applications more easily. The heart of any open banking effort is to expose such data and services via APIs. Technologically, open banking will allow the development of new services and greater customer control of their accounts. However, the technology must be backed by a robust regulatory framework, something that varies greatly around the world.
The concept of using APIs to open access to data and services is obviously not new. Many modern applications in numerous industries leverage APIs, microservices, and event-driven architectures (EDAs) to move away from monolithic applications to more flexible and dynamic composite applications.
In the world of banking, however, integration is a relatively new phenomenon. Most banks have traditionally built apps that work only within their own ecosystems. Finance tools that could pull a consumer’s data from multiple institutions were rare, and their methods for collecting data were usually technically complicated.
Open banking seeks to change those conditions. Some estimates show that up to 87% of countries now offer open banking in some form or other. One big factor that has helped propel the concept and its use was the European Union’s implementation of the Revised Payment Services Directive (PSD2), which mandates that banks make consumer data available to third parties at the customer’s request, typically via application programming interfaces (APIs).
The main objectives of the PSD2 are to:
- contribute to a more integrated and efficient European payments market
- further level the playing field for payment service providers by including new players
- make payments safer and more secure
- enhance protection for European consumers and businesses.
With such attributes, the EU claims the PSD2 supports innovation and competition in retail payments and enhances the security of payment transactions and the protection of consumer data.
Another notable embracement of open banking is in Brazil. There, The Banco Central do Brasil (BCB) and the National Monetary Council (CMN) define the Brazilian Open Banking environment as the sharing of data, products, and services between regulated entities — financial institutions, payment institutions, and other entities licensed by BCB — at the customers’ discretion, as far as their own data is concerned (individuals or legal entities). Last month, the third phase of the open Banking initiative in Brazil went live. The intent of this phase is to enable the introduction of new environments for instant payments.
U.S. open banking lags on the regulatory front
The U.S. has a less formal approach to date. There is a lack of open banking regulations that lay out very specific requirements for banks to stay compliant. Without similar regulations to PSD2 and the Brazilian Open Banking environment, U.S. institutions have taken a more cautious approach.
A CCG Insights research report earlier this year categorized the situation as follows: “There are different degrees of openness, and the level you’re able to achieve in the U.S. depends on what kind of bank you are. For example, if you are a large bank, you can build all the APIs you need and set the standards. If you are a smaller bank, or even mid-size, your level of openness is likely to be tied to your core provider and how they approach open banking.”
It noted that FIS, Fiserv, and JHA, the leading providers in the U.S., all have API strategies with varying degrees to openness. And they offer API gateways to deliver their services. Such an approach allows banks to develop new applications and work with partners to deliver new and innovative services and products.
Interestingly, some of the biggest open banking developments enabled through the use of open APIs are happening in non-bank sectors. For example, earlier this year Walgreens and Walmart announced new banking initiatives. And they are not the only ones.
In many cases, these non-FinServ companies are partnering with FinTech and payment processing companies to offer banking services. Cloud-native and EDA play a role in letting the organizations bring applications to market that share data and deliver real-time information.
The impact such undertakings might have on traditional banking is enormous. Analysts have noted that while FinTech firms like PayPal and Square have been nipping at their market share, the entry of Walmart or Walgreens into the banking space is a more potent threat.
These new entrants into the market are likely to be the fire needed for traditional banks to embrace open banking. If they do, they will be able to make use of open APIs to modernize applications, open access to their data and services, and more. This will allow them to develop innovative offerings to counter the market erosion caused by FinTechs and other startups entering the banking space.