The closing of the 2010s and the dawn of a new decade herald an early milestone in the development of the UK's fintech ecosystem. It is now two years since the legislation underpinning Open Banking came into effect. OK, not a typical standout birthday, but one to take note of this time.
A lot has changed, not least the crystallisation of a new term ‘Open Finance’ (more on that later) in this relatively short space of time. Consumer adoption, however, is still some way from reaching a critical mass and regulations around the broader idea of open banking, that of empowering consumers with personal data portability, are still evolving.
Will the next year bring a tipping point? Alan Ainsworth, Head of Policy at the Open Banking Implementation Entity (OBIE), says it could well do as banks continue to improve their APIs.
“We are now seeing increasing numbers of customers using Open Banking-enabled services. This is because more third party providers are in the market giving customers services they value," he said.
“The past two years were building the foundations, getting TPPs onboard and into the ecosystem, getting more organisations using the Open Banking standard. 2020 will be the year where customers start using the propositions," he added.
The first three months of the year will drive to what extent this is true. The first of two important dates will fall sometime in the next few days when the OBIE updates its roadmap on Open Banking Standards for 2020. This document outlines what banks have to do to be compliant with the regulations, thereby holding them accountable, and could contain a few new points of interest regarding the delivery of features and functionality.
A key question is whether banks will have a bit more ‘breathing space’ this year. The CMA9 – the top nine banks obliged to implement Open Banking – argue that 2020 should see a period in which no new features are mandated so that they can spend the time on stabilising and improving performance. TPPs, on the other hand, have argued that this is just a question of resource and that the objectives of the CMA Order (section 14) are still far from met.
“What the CMA9 are asking for is time to focus on getting the basics right,” Ainsworth said.
“Whilst it’s important that the CMA9 banks stabilise performance and fix the basics, TPPs will want to make sure that they quickly deliver high performance, high availability and APIs that meet PSD2’s requirements.”
The state of the mandate around variable recurring payments, which is due to come out of the consultation period in February, will be an early indicator around which viewpoint is winning out. The Retail Banking Market Investigation - the report that kicked off the current Open Banking regime in the UK - specifically calls out the ability for users to sweep money between their accounts. However, there has been a tussle between TPPs and the CMA9 banks over whether this should be classed as a mandatory feature. If the roadmap consultation process concludes with the implementation mandate removed it will be a clear sign that the banks are winning the argument and that we can expect slower progress in 2020.
The OBIE roadmap is not the only key date in the quarter, however, with those facing the implementation of the Strong Customer Authentication (SCA) regime hitting a hard deadline in March. Whilst SCA should have come into effect in September 2019, firms now have until 13 March 2020 for an ‘adjustment period’ to help them comply with the new regulations and avoid interrupting services provided by third-party providers (TPPs).
SCA is core to PSD2, strengthening payment safety across all sectors, but it’s also an ambitious challenge.
Sheldon Mills, Director of Competition at the FCA, said in a recent speech that the regulator and the wider financial sector "must think carefully” about how the SCA regime might broaden out as the idea of data portability moves beyond payments.
“[It] is essential in ensuring that fraud and scams do not become the primary blocker. Whether that be in Financial Services or in other sectors,” he said.
Anna Mitchell, Head of Marketplace at Starling Bank says the firm is seeing regular week-by-week increases in customers using its third-party marketplace and is optimistic that 2020 will see increasing numbers of third-party providers (TPPs) of Open Banking services further feeding an acceleration of momentum for customer adoption.
However, she adds that the bank would like to see new regulatory rules around the 90-day re-authentication requirement for customer consent to the sharing of their data with third-party providers.
“We - together with most of the open banking community - feel this requirement works against the whole ethos of open banking and greater competition to the benefit of consumers - therefore we hope the requirement might be re-evaluated at some point,” she said.
Again, this is an area addressed in the proposed Revised Roadmap. It states that “customers must be provided with convenient mechanisms for 90 day re-authentication” though references to development of the standard for this were removed following the consultation. Starling is not alone in its analysis - many TPPs see this as a key barrier to overcome - progress against this area will be closely watched.
A hint of further regulation down the line is also palpable in the term Open Finance, whereby the core tenet of Open Banking - sharing transaction data with third parties - is extended into other financial services products such as savings or mortgages to insurance, pensions, etc.
The FCA is currently calling for input via consultation that will end in March.
“That is a big step. There are going to be a lot of people thinking about [Open Finance],“ Ainsworth said.
While a new level of regulation may be needed when this process has ended, now the OBIE faces the choice of whether to give the largest banks breathing room or push them further towards new features.
If 2020 does become a ‘breather’ year for Open Banking regulation, albeit one that sees gains in customer adoption and the improvement of the quality and reliability of APIs, 2021 could see a new chapter entirely in the story. One that broadens out Open Banking to Open Finance and perhaps beyond. You can have your say on the FCA’s exploration of Open Finance here.
We put out a newsletter roughly once a month with highlights from the blog and updates on new roles. Sign up if that's your thing.
Bud® is authorised and regulated by the Financial Conduct Authority under registration number 765768 + 793327.