In very simple terms “Open Banking” means opening/exposing the bank’s data (customers’ accounts, transactions) for third parties (FinTech) in a secure manner using a well defined regulatory and technology framework; so that third party (FinTech) can come up with different innovative products and provide better financial services to the customers. FinTech can use the data exposed by banks to come up with different value-added services for example:
- Affordability Checks/Smart Lending: With income data and spending data (credit and debit transactions) FinTech can assess the creditworthiness of a customer and make smart lending decisions
- Finance Dashboards: Consumers can connect multiple bank current accounts to apps like Revolute to create a single unified view, through open banking account aggregation. This gives them greater oversight and control over their money
- Intelligent Payments based on checking products prices from different vendors
- Auto Saving Features: Open banking data powers the auto-saving features in fintech allowing users to set saving goals, analyze their finances, and automatically put money aside each month
The key ingredient of Open Banking is customer’s consent and without customer’s consent, their data can not be shared with FinTech. The regulatory and technology framework provided by regulatory bodies needs to ensure that there is a well-defined secure way FinTech can ask for customers’ consent and use this consent to get data from banks.
Open Banking in different countries
Open Banking is 4-5 years old in the UK and its enforcement came into effect from 2017-18. The key institutions in the UK are:
- Open Banking Limited: A non-profit organization created for promoting Open Banking provides standards and guidelines for implementing Open banking standards by banks and FinTech
- CMA (Competition and Markets Authority) which ensures enforcements of Open Banking standards by banks and FinTech
Open Banking is relatively new in US wherein FDX (Financial Data Exchange) was formed in 2018 as a non-profit consortium to onboard FinTech and Banks. FDX intends to propose the framework and standards for driving Open Banking.
In India, financial service regulators, namely RBI, SEBI, IRDAI, PFRDA collaborated to make a well-defined and secure approach to financial data sharing — the AA (Account Aggregators) Framework. The framework went live recently, on September 2, 2021, with prominent banks joining.
In India, also DigiSahamati Foundation (Sahamati) helps in providing useful information for participants who want to join the AA framework. https://sahamati.org.in/about/
RBI has also published a standard set of API interfaces that need to be adopted by the participants in the AA framework.
- AA API: APIs that need to be exposed by the Account Aggregator
- FIP (Financial Information Provider) API: APIs that need to be exposed by institutions that are the source of the personal or business data of a customer. These are the banks, mutual funds, pension funds, etc.
- FIU (Financial Information User) API: APIs that need to be exposed by FinTech ( like Banks, Lending agencies, NBFCs that receive the digitally signed data from Financial Information Providers (FIPs) via AAs and can use this data to provide value-added services.
Open Banking in India (Account Aggregator Framework)
Few participants in India have acquired the license to operate as AA and come up with their mobile and web apps. The details can be seen here https://sahamati.org.in/account-aggregators-in-india/
Opportunities for participants
As of now, the AA ecosystem is still evolving and there are quite a few opportunities where organizations can provide solutions/services.
- A FinTech can register itself as an NBFC and implement all the APIs needed to become an AA. A complete cloud-based AA implementation that can handle scale and evolve as new standards emerge
- Acts as a TSP and provides tool kits to different AA eco-system participants As the AA ecosystems grow, there will be banks, FIUs, and new AAs who would want to implement the AA specification.
a) Provide AA APIs implementation as a ready-made deployable product on client’s chosen infra (on-premise/cloud) and AA Web and Mobile SDKs.
b) Provide FIPs APIs implementation as a ready-made deployable product on the client’s chosen infra (on-premise/cloud)
c) Provide FIU APIs implementation as a ready-made deployable product on the client’s chosen infra (on-premise/cloud) and FIU web and mobile SDKs