Open banking: advance or retreat?
Whether you’re on the side of deregulation or tougher oversight of financial services, there’s no denying that the latest regulatory requirements are going to have a major impact on retail banking.
Three pieces of legislation in particular are set to transform retail banking as we know it:
This raft of new regulations is about stimulating collaboration and innovation via API-connected communities of existing and incumbent providers of financial services.
While banks will be obligated to share their data to enable third parties - such as Google, Amazon, Facebook or Apple - to build the next generation of financial services, this should never be at the cost of poor security. In fact, security is an issue closely linked to customer loyalty, as Peru recently highlighted.
Although it may seem the traditional banks are at a disadvantage, actually they are uniquely placed to take advantage of this disruption by:
The danger in creating financial ‘mash-ups’ – as witnessed by the telecoms sector - is that incumbents don’t see the benefits in collaboration and try to hinder any meaningful cooperation to protect their market position.
According to the Open Banking Working Group (OBWG). which has recently launched The UK Open Banking Standard, services may be affected in six main areas:
For UK banks and challengers, this standard will roll out in phases across 2019 to cover Data, API and Security standards and younger customers who expect more flexibility and fluidity from service providers will undoubtedly seize the opportunity to move.
The main challenge to data security is in data consumption, particularly via web and mobile applications. While the Open Banking initiatives will force banks to develop new APIs to allow transfer and access to customer data, hackers will be hard at work seeking vulnerabilities and entry points.
As regulations become more widely understood, banks must provide a balance between openness and security by hardening existing web and mobile applications and defending new APIs to the same level as legacy back office systems. A complete API review and assessment, combined with appropriate controls, will stand banking organisations on a firmer footing.
In addition, strategic sourcing and identification of the right technologies and partners; the design and development of appropriate and scalable architectures; and clear integration governance will all be crucial in delivering robust, flexible and future-proof digital retail banking.
As one of Peru’s Principal Consultants, Elliot Daly is a strategic technology professional with 20 years’ experience covering IT strategy, architecture, digital transformation, software engineering and enterprise application sourcing mainly in professional services environments.
He was formerly Chief Architect at Control Risks, a world class political, security and terrorism analyst organisation which provides research into business operational risks globally to security directors and others.