Read in this article which interactions and interdependencies exist between the different rules and regulations from an Open Banking perspective and why they need to be unified. Which parts of the overall Open Banking concept are currently missing on both the demand and supply side and why this requires a clear vision from the regulator and the industry? Finally, a look into the future of how this could be further developed into Open Finance.
Open Banking’s natural evolution is towards Open Finance and Open Data. What was once an ideal now seems to be a question of time. To better understand the proximity of Open Finance, it is important to consider what Open Banking brought along so far and what key European decision-makers have done and will continue to do in terms of initiatives, directives, and regulations. The most important ones are mentioned in this article.
Instant payments
Open Banking can turn instant payments from a payment option available only as an online banking transfer into an alternative way to also pay in-store and for other industry sectors such as investments and retail. The emergence of Open Finance could spread instant payments to other niches, such as insurance or pensions.
On 26 October 2022, the EC submitted a legislative proposal for making instant payments mandatory. The laws would apply to the EU and EEA regions. Looking to build on the 2012 SEPA scheme, the new proposal comes with 4 ‘must-haves’ for instant payments:
To be available to all
To be affordable (unlike SEPA Instant Credit Transfer – SCT Inst)
To increase trust in instant payments
SPAA could act as an enforcer of Open Banking in Europe by providing incentives to ASPSPs to share technologies and service developments with TPPs by exchanging account data
In November 2021, the Board of the European Payments Council accepted to oversee a new scheme for SEPA Payments Account Access (SPAA) and released the first version of the rulebook. The EPC expects feedback on its rulebook by September 2023.
In May 2022, the European Commission published a public consultation to gather evidence for its review of the second EU Payment Services Directive (PSD2), and to inform its continuing work on Open Finance. The results revealed that European payment service providers had to deal with ongoing online friction across the EU and a serious need for reform.
First, to foster further technological innovation across the financial industry – payments, insurance, lending, and more.
Second, to learn from the challenges of PSD2 and amend them to enable faster, yet safer, payments in coherence with EU legislation.
Third, to do what PSD2 couldn’t, that is to end European fragmentation once and for all.
Besides the consultation for the review of PSD2, in May 2022, the EC also launched a public consultation on the Open Finance framework and data sharing in the financial sector. The European Open Finance framework was announced within the EU’s digital finance strategy, referring to accessing and reusing customer financial data, with consent, across various financial services.
Through this initiative, the EC seeks to go beyond PSD2 and Open Banking, to enable more financial sectors and products outside of banking and payments to benefit from data sharing and third-party access. Similar to Open Banking, the Open Finance initiative is based on the principle that customers are in the driving seat when it comes to owning and controlling the financial data that they supply and the data that is supplied to them.
In June 2021, the EC proposed a framework for a European digital identity that would be available to all EU citizens, residents, and businesses, via a European digital identity wallet.
eID’s proposal requires EU member states to issue a digital wallet under a notified eID scheme, built on common technical standards, following compulsory certification. In the context of eID, banks have an easier time when they have to comply with KYC and AML laws and guarantee strong customer authentication requirements. With eID, banks can become identity providers and verify the identity of customers for other parties.
If the Open Finance Framework is implemented and customer data can be shared across industries, then with the introduction of eID, digital onboarding, KYC, and fraud prevention can be simplified and we could enter the world of Open Data.
It is important to note that these initiatives must not be considered in isolation. All of the above work in unison and greatly influence one another, even to a crucial effect. Let’s take, for example, GDPR and PSD2. At first, they were not aligned because they were different regulations. In 2016, the EU adopted the General Data Protection Regulation (GDPR) to replace the 1995 Data Protection Directive which was adopted at a time when the internet was in its infancy. Also in 2016, the revised Payment Services Directive (PSD2) entered into force in the European Union.
Because the financial industry and the internet were already mixed (online payments, online banking, etc.), in 2020, the European Data Protection Board released guidelines on how GDPR and PSD2 must interplay. With GDPR, the customer gained complete ownership and control of their data. With PSD2, the customer can decide if they share their data with third parties or not by giving its explicit consent, in exchange for better financial services.
With Open Finance initiatives announced in different regions across the globe, it is important to say that Open Banking is not yet complete. Considering the many obstacles that must be overcome still, Open Banking has just started. First, the supply side of Open Banking is not aligned, pointing to a lack of clarity on the business model for banks as provider of the access to the bank accounts. Outside of avoiding fines from regulators, banks have no incentive to provide Open Banking. One preferable option would be if banks would become a TPP and provide the services themselves.
Second, on the demand side, the consumers are not fully convinced in using these new services. Beside Open Banking having a branding problem, customers need to understand and benefit from the initiative’s products and use cases they receive. To solve this branding issue and convince customers somebody needs to invest in the marketing effort. Is Open Banking an alternative to cards, are consumers really in control of their data, how can they recognize legitimate players, and other branding issues, all these questions have to be answered clearly to increase the confidence in this initiative.
The United Kingdom is an exception where Open Banking seemingly has a good take-up. It is difficult to expect the same results in a heterogenous region, such as the EU, where different governments, regulators, banks, and fintechs, must align to one thing. For example, Germany has a high level of digitization but its strict rules and standards especially around data protection prevented a take-up similar to the UK.
Some expect that PSD3 will be the answer to many of the barriers mentioned above but until then, we have to see what happens within the other initiatives. The SPAA scheme already aims to solve several issues. Ideally, PSD3 can help clarify at least some of them (for example, the full scope of the initiative, creating or improving standards to improve the user experience, on setting clear business models to incentivise consumer banks).
However, for banks, it will not be enough to have a clear business model, they will have to find a balance between incentives and regulation. Having an incentive may lead to increased competition between banks with card schemes, on card transaction data for example, the latter of which have a working business model.
As a response, banks decided to set up schemes on either an EU-wide level, such as the SEPA Payment Account Access (SPAA) scheme, or locally (Germany’s GiroAPI). However, such initiatives are somewhat contradictory to PSD2’s ‘no contract’ rule (Article 66.5). While working as incentives for banks, schemes would require new rules, new platforms, new interfaces, higher transaction costs and so on. Without a scheme and interchange fees, account-to-account payments in the context of Open Banking are currently relatively cheap.
PSD2 set out to encourage a marketplace-like environment, in which licensed players could leverage banking infrastructures. However, banks themselves seem more in favour of schemes, with rules, liability, SLAs, and more. A scheme, such as SPAA, proposes some key benefits such as:
building on investments made with PSD2;
collaboration between retail payments players and end users;
innovation in payments and data services beyond PSD2;
a supposed stepping stone towards Open Finance; and more.
However, are schemes necessary? The marketplace approach of PSD2 allows other initiatives to exist. For example, instant payments are one use case of PIS (Payment Initiation Services), allowing POS and ecommerce payments marketed as ‘instant’ (and they should be genuinely instant). Another example is the eID, which can boost a bank’s authentication process, allowing authorized requests for payments to be sent to banks.
Such a market-oriented framework can be easily replied to in other industries, as opposed to schemes, which are more rigid by nature. As a result of PSD2, Open Banking became a global initiative, with different ramifications across the world, each market coming up with its interpretation of the European directive.
Transitioning from Open Banking to Open Finance will give rise to similar questions related to clarity, customer education, business models, and others. However, some aspects will differ. With Open Finance, other financial institutions (e.g. insurance providers, pension funds, credit institutions, electronic money institutions, investment funds, etc.) besides banks will develop new innovative use cases with sometimes new disruptive business models based on exchanging data.
Regarding security and risks, Open Finance needs a somewhat ‘lighter’ regime than what is currently in place for payments. Based mainly on account information services, Open Finance would ideally not need AML laws and sanction screening. The main challenge for the initiative will be to handle GDPR and for service providers to control how data is used by all third parties involved. However, if it builds on the foundation laid by Open Banking and all issues related to the latter are resolved, it is up to regulators to find lenient rules that enable Open Finance to thrive, yet not sacrifice the security of its consumers.
The framework for Open Finance could be built on a structure similar to PSD2’s, by establishing a minimal set of mandatory APIs, that require no contract and are accessible for authorised third parties at no costs. These APIs are necessary to enable access to the Open Finance infrastructure on top of which parties can build and provide their services.
The Open Finance Association, of which Worldline is a founding member, released a response to the European legislative proposal in which the organisation indicates how SEPA Instant can be improved.
From payment initiation and channel solutions that directly benefit the end customer to back-office processing and clearing & settlement, Worldline has the unique capability to cover the whole value chain for instant payments or in combination for example with Open Banking.
Tom Wijnen is a Senior Product Marketing Manager with extensive experience in the payment industry. Currently he is responsible for the strategy on Open Banking services within Worldline.
Worldline [Euronext: WLN] is a global leader in the payments industry and the technology partner of choice for merchants, banks and acquirers. Powered by c. 18,000 employees in more than 40 countries, Worldline provides its clients with sustainable, trusted and innovative solutions fostering their growth. Services offered by Worldline include in-store and online commercial acquiring, highly secure payment transaction processing and numerous digital services. In 2021 Worldline generated a proforma revenue close to 4 billion euros.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now