Open Finance is a huge opportunity that is predicted to unlock $230 billion in new revenue by 2025. It is the next stage in a journey that started just over four years ago when PSD2 came into force and created Open Banking, which is now an established part of the financial landscape. Adoption of Open Banking has been fast and impressive, with the UK recently celebrating the landmark of five million active users. If Open Finance is to surpass the successes of Open Banking, it must focus on building trust across the ecosystem.
Open Finance builds upon the foundations of Open Banking, which enables third parties to access end-user account data and funds to facilitate the provision of better and personalised products and services. With Open Finance, this access is extended to a wider range of financial services covering wealth management, insurance, pensions, and mortgages.
Entities involved in Open Finance will enable trusted third parties to access their APIs in order to build new services focused around customers’ needs. Some of the new players involved in this ecosystem will be regulated. Others will be unregulated. All must be trusted. If a Financial Services provider cannot ensure the legitimacy of its transactions, it will lose the trust of its customers.
We don’t yet know what Open Finance will look like in Europe and beyond. Data exchange will certainly take place more frequently because there will be more players in the ecosystem. Draft legislation will be proposed in mid-2022 and is expected to be passed in 2024. This will make the landscape clearer. It is very likely there will be a larger number of players and a lot more complexity, bringing an inevitable increase in the misuse of data and opportunities for fraudsters to attack these new verticals. When increased numbers of financial and non-financial entities enter the market, the risk of unauthorised third parties gaining access to users’ funds or account data will increase dramatically.
High profile incidents will hurt individual companies by damaging their reputation and leaving them at risk of non-compliance fines. But negative headlines will also damage trust in the wider ecosystem, leading to lower adoption rates and hitting the bottom line of companies in the space.
Trust is therefore key to the successful implementation of Open Finance. Data providers need to know who is accessing their systems, and whether those parties are authorised to offer those services. Data providers need to be certain only legitimate and authorised third parties are granted access. At the same time, consumers and businesses must also be sure that their data is held securely and only accessed by entities to which they have provided consent. If end-users cannot trust the security and privacy of Open Finance services, they will not use them. This will result in a limited return on the infrastructure that will have already been built, hit adoption rates, and ultimately hinder the ecosystem’s growth.
The Lessons of Open Banking
The existing Open Banking ecosystem demonstrates the potential risks. In the EU, third-party providers (TPPs) that provide Open Banking services can change legal identity or regulatory status overnight. If this happens and a TPP is incorrectly granted customer account access, the Financial Institution responsible for granting access could face a fine or other regulatory action. Open Finance will see thousands of additional entities having the necessary permissions to access consumer financial data and funds, resulting in an anticipated increase in transactions. PSD2 was limited to banks. Open Finance will enable up to five times as many data providers to join the market.
Open Finance represents a significant commercial opportunity for banks. By offering API integration to all services, financial institutions can create a broader product range to attract new customers and improve retention. Banks could also introduce fees for APIs that enable access to premium services. An API architecture offers significant cost savings in operations and maintenance, as well as improved flexibility and ease of change. To participate and be successful in the ecosystem, Financial Institutions are increasingly looking to partner with tech suppliers to build the security and infrastructure they need to be successful.
Although we do not yet know exactly how Open Finance regulation will work, data exchanged under Open Finance could consist of Premium API data from banks, EU and UK regulatory data, and Open Finance Scheme data gathered by entities who are members of a “scheme” such as an open pensions scheme or open insurance scheme.
Having a holistic view of the permissions and levels of access that can be given will be extremely complex. When passporting is added into the equation, it will be even harder to understand which companies can “play in your market” and what data they can and can’t access.
Trust in an Open Ecosystem
If Open Finance players want consumers and businesses to trust them, they must be able to guarantee the identity and authorisation status of TPPs that interact with customers’ data at the time of the request. Realistically, this task is too difficult for most financial institutions to perform alone. Checking the authorisation status of TPPs involves drawing upon data from multiple databases and registers in real-time, as their permissions can be withdrawn or amended very quickly.
Financial Institutions will need to partner with solution providers to successfully participate in the open ecosystem and benefit from cost savings and reduced complexity. By outsourcing legal, regulatory and data complexities, banks can focus on what they do best. Partnerships between banks and providers will reduce risk, ease friction and streamline processes.
The framework has yet to be released but all discussions point to a much more complex ecosystem than Open Banking. Open Finance is already happening and players will need to keep abreast of market developments to ensure solutions are future-proofed and scalable to cope with the additional data sources and ecosystem members and different implementations.
If you are looking to become a player in Open Finance, you will need to trust the ecosystem members and have the correct tools and processes in place to enable the system to work seamlessly, without friction and with better financial outcomes for the end-user. If you are interested in innovating and succeeding, your efforts should be focused on these priorities. Outsourcing risks to specialised players enables Open Finance pioneers to focus on changing the world without worrying about trust.