Like Europe, the U.S. Is Headed for Open Banking – and Innovation that Puts Consumers First

December 28, 2017         By: Nick Caley

As digital disruption blurs the lines between banks and fintechs, the way financial data is regulated will come to shape the business models of every player in the market. With open banking standards and data portability rules, Europe is ahead of the U.S. on data regulation, but the same shift is coming to the U.S., driven by market forces and consumer choice.

The digital disruption that started with payments is rocking the entire financial services industry. Fintech startups are transforming how people interact with their finances, extending consumer choice straight out of their bank account and into the digital space.

As documented in PwC’s 2017 Digital Banking Consumer Survey, connecting consumers’ bank accounts with their digital lives delivers a superior, frictionless customer experience. Marketplace lenders like Prosper are transforming personal credit. Robinhood offers free stock and ETF trades. In the Netherlands, the fintech provider MoneYou advertises customers can now take out a loan completely online in as little as seven minutes.

According to Capgemini’s World Retail Banking Report, these fintech providers are more likely than traditional banks to deliver a positive banking experience to consumers. Fintech innovations make it easier for consumers to optimize their cash flow, spend more efficiently, and meet financial goals across every bank account they own. Fintech firms are succeeding at delivering the customer-centric promise through innovation and lightening quick development. And yet, as Federal Reserve governor Lael Brainard points out, “the software stacks of almost all fintech apps point to a bank at one layer or another.

Open APIs and Innovation

Meeting customers’ expectations for convenience and ease-of-use requires more collaboration than ever between banks and fintech firms. This interdependence has led to the emergence of Open Banking and APIs (Application Program Interface), using customer data and innovations to create more contextual services that deliver new revenue streams.

Through open APIs, transactional data is made available to third parties that may not have a formal relationship with the bank, for example connecting a money transfer account like Venmo to a personal checking account from a banking institution. Participating in this market-driven collaboration ensures banks won’t be left behind and will remain a central part of a customer’s life.

The implications of this data-driven shift extend beyond bank balance sheets. As retailers, with their integral position in the financial ecosystem, gain access to banks’ APIs, they are enabling customers to close out a purchase with the tap of a button in their smartphone app. It is only right, given the inherent nature of open APIs and their public availability to proprietary software, that many banks have expressed concern around their security and privacy. This is where regulations for banking data are shaping business models – as we can already see in Europe.

Open Banking and PSD2

Until now, regulators have stayed relatively silent over financial data ownership. But in 2018, the UK’s Open Banking standard and the EU’s Revised Payment Services Directive (PSD2) are due to come into effect, and they will have big impacts on customer trust relationships.

At the heart of Open Banking is the issue of user consent. For the first time, a customer will be able to control his or her banking data – who gets access to it and what they can do with it.

Customers will be able to:

  • Utilize services to aggregate all of their banking transaction data with one provider.
  • Enable registered third party accountants to directly access their transaction data.
  • Pay for purchases directly with a bank account rather than a debit or credit card.

While financial regulators in the U.S. don’t have similar regulations in the works, the shift to open banking is still coming. Ultimately, Open Banking and PSD2 aim to improve the customer experience through digitization. The European rules reflect an understanding that sharing bank data through open APIs offers consumers more personalization, ease of use, and insight. To prepare for this shift, the whole market needs to define open APIs that are secure. If not, then the market runs the risk of individual definitions without standardization.

American banks should view these changes happening in Europe as evidence of market forces sweeping across the globe. The era of open banking, typically coupled with immediate payment mechanisms that often bypass cards, is a major influence that is being codified with PSD2 and similar initiatives worldwide. We have no reason to believe U.S. regulators will act any differently. Indeed, even without the spur of regulation, the disruption will continue to be driven by consumer demand.

Forward thinking institutions will take the first mover advantage in this new era by keeping the customer at the center, holding customer’s digital identity secure while creating a personalized, friction-free experience.  


About Nick Caley

Nick Caley, VP of Financial Services and Regulatory – EMEA

With ForgeRock, Nick is responsible for Financial Services and Regulatory with a focus on guiding organisations to deliver successful outcomes beyond compliance with GDPR, PSD2 and Open Banking.

With twenty years’ experience covering all aspects of Information Security, Nick Caley has advised global clients in industry and government on security strategy and the operational capabilities that enable organisations to protect their most valuable assets.

Engagements over the last two decades have provided Nick with detailed knowledge of enterprise infrastructure and the protection of sensitive, high value data. As Enterprise has developed hybrid architectures and data driven business models, Nick has advised on how to enable digital transformation whilst reducing risks.