Open banking shakes up the financial services world

Photo courtesy Wikimedia Commons

A push for a new architecture surrounding banking information could transform the way customers use banks. It could also transform the ways that banks evaluate customers.

“Open banking” is a catch-all term describing how banks can make account-related information easier to share between different financial institutions. In concept, it would make it significantly easier to transfer funds between accounts held in different banks, or even use a third-party application to watch and schedule these transfers or create a sort of financial dashboard that will let them monitor their entire net worth across multiple banks and brokerages in real time.

On Oct. 19, the Consumer Financial Protection Bureau (CFPB) announced plans to implement the Personal Financial Data Rights rule, which is an implementation of Section 1033 of the Consumer Financial Protection Act of 2010. That rule comprises regulations for open banking, and the CFPB has issued a request for comment on regulations related to open banking which will close on Dec 29. The rules are set to be finalized by autumn 2024.

The Personal Financial Data Rights rule is intended to ensure that consumers have access to their own financial data without having to pay junk fees, and enshrine the legal right to share their data with other banks and third parties.

Rohit Chopra, director of the Consumer Financial Protection Bureau.

“In some markets, competition is fierce,” said CFPB Director Rohit Chopra in a statement regarding the need for the rules. “When you go to a restaurant that is overpriced with lousy service, it will be hard for that restaurant to stay in business. That’s because customers will stop coming back and they’ll tell others to stay away.”

“But sometimes, markets are structured in ways that don’t allow us to easily vote with our feet,” Chopra added. “In the 1990s, wireless phones quickly grew in popularity. Choosing a wireless phone provider was a high-stakes decision. That’s because switching was an enormous headache. If you switched your carrier, you couldn’t take your phone number with you. You’d have to tell everyone about your new number and the costs of making a mistake were high, especially for those operating businesses or dealing with medical care. Our proposed rule builds on existing efforts in the industry today to promote decentralization. For firms operating globally, it also aligns with many of the guidelines in place or under consideration in other major jurisdictions around the world.”

Asked for comment on the proposed rule, a spokesperson for the American Bankers Association (ABA) referred to a statement issued by Rob Nichols, the trade group’s president and CEO.

Rob Nichols, president and CEO of the American Bankers Association.

“The principles-based approach taken by the CFPB to date has allowed for market-led efforts to innovate and standardize secure data access, and we hope this proposal will continue to support this progress,” said Nichols. “While we are evaluating the full scope of the proposal, we welcome the contemplated move away from screen scraping, the role of an industry standard-setting body, and the clarification around nonbanks’ obligations to protect consumer privacy. However, it is critical that the Bureau right-size the scope of the rule pertaining to the types of accounts involved and the information data providers are required to share, as well as addressing the question of liability if something goes wrong. In addition, we remain concerned with the significant implementation costs our members will face, as well as the ambiguity caused by the CFPB’s parallel efforts in amending the Fair Credit Reporting Act.”

Dr. Xiang Zheng, an assistant professor in the finance department at University of Connecticut’s School of Business, noted that improving the ease with which this data can be shared between financial institutions could have a major impact on banking, and spur the growth of smaller, more agile businesses in the banking space.

Dr. Xiang Zheng of the University of Connecticut.

“Some third-party apps ask you to share your login credentials, we call that ‘account with PIN,’” Zheng said of platforms like Cash App or Venmo. Zheng noted that while many people find these apps convenient, they also pose security risks as anybody who gains access to the account will also have unrestricted access to a user’s banking information and log-in credentials for any associated account.

One existing alternative is Zelle. The application is a joint venture between several large American banks and is designed to enable faster and smoother transfers between users, but without the sharing of significant amounts of financial data or transfers to accounts not associated with one of the banks backing Zelle.

Bank of America, Wells Fargo, US Bank, PNC Bank, JPMorgan Chase, Capital One Bank of America and Truist banks co-own Zelle, which declined to comment on open banking for this article.
Some financial institutions are however exploring launching their own application programming interface (API), such as Mastercard’s Fincity which seeks to leverage the credit card company’s data sharing agreements with numerous banks, including several involved with Zelle.

“Previously, we had this sort of pseudo-open banking,” Zheng said. “So, we kind of have a split where you can share your financial information with a third party, but in one way that’s inefficient or in one way that has exposure to many risks including cybersecurity. Now, everything will be automatic. They can have an API that can call your information from your original bank and forward it to whatever the third party is. These new regulations will allow you to share your financial information with peace of mind.”

Yet account access and easier transfers are only a small part of what Zheng foresees changing as adoption of open banking protocols becomes widespread.

“There’s a recent paper that looked at 80 countries that implemented open banking,” Zheng said, noting that the U.S. would not be stepping into untested waters. “When they started up open
banking the fintech startups in those countries received more venture capital interest.”

Another risk Zheng identified was that the third-party fintech startups that are best positioned to make use of this increased access to data from open banking do not face many of the regulations that more established banks do. He believed that regulations for those companies will be necessary for the industry to balance agile innovation and consumer protections.

“My overall view is very positive towards open banking,” Zheng said. “I think the benefit is way greater than the potential risk.”