Reflections on the UK Open Banking initiative
The UK Open Banking initiative is gathering pace, and is looking to deliver a first version of its read/write API specifications for testing early July 2017. This is welcome, and is a significant milestone in creating a single set of APIs that UK banks can adopt to enable the delivery of payment initiation (“PIS”) as well as account information services (“AIS) by authorised providers.
The benefits the initiative delivers are tempered however by the limited scope of the work, addressing consumer and SME bank current accounts, being restricted to UK Sterling currency, and being subject to a number of limitations to the technical design work, driven by the January 2018 Competition and Markets Authority (“CMA”) deployment deadline. Notably the solution only caters for single immediate payment transaction initiation – so a user is required to separately authorise each payment transaction with their PIS provider, and cannot for example authorise multiple transactions in a single step.This means that it continues to be easier to authorise a service provider to access funds through a credit or debit card than to initiate PIS payments. Secondly, the specifications require customer authentication to be undertaken directly with the ASPSP (Bank or PI or EMI), and does not provide for authentication to be undertaken through the PIS provider.
This means that a separate parallel communication channel has to be created and the user redirected to their ASPSP before returning to PIS platform to complete the transaction. This results in a poor customer experience, and one which restricts business models, limits the roles played by different parties in the value chain and can inhibit the deployment of innovative technical solutions.
The initiative does not cater for the AIS obligations relating to cards, to the needs of ‘decoupled’ card issuers (PSD2 Article 65) or to electronic money products.
The Open Banking Implementation Entity (IE) employs a steering group to advise the Trustee on decision making, but does not have decision making power. The objectives of the IE were set by the UK CMA and are directed at the 9 banks that were subjects of its competition review. The banks are also required to fund the work of the IE as part of the CMA remedy.
This has created a limitation that the Open Banking initiative is struggling to overcome. This would be merely a shortcoming had this not been the only significant ongoing UK based standardisation effort in this space. It is funded and run by the CMA 9 banks and required to deliver a CMA remedy, rather than a PSP wide (bank, PI and EMI) solution, taking into account the needs of the wider constituency. It furthermore falls far short of the requirements of PSD2, and would not therefore deliver PSD2 compliance for participating PSPs.
In creating the IE, the CMA has galvanised the UK payments community to work together to create a common standard. In setting out the terms of the remedy and the deliverables it may have inadvertently laid the ground for the next wave of anti-competitive behaviour. This could not have been contemplated by the CMA, but now that the impact is clearer, I believe that an adjustment is necessary.
The design of the specification is being driven by the CMA 9 banks, and other parties have little or no influence on the direction, decision making or priorities of the initiative. This is formalised in the terms of reference of the IE steering group which excludes a decision-making role for the body. Similarly, the Project Management Group and Technical Design Office, the two bodies with meaningful decision-making roles have only CMA 9 representation and do not provide for non-CMA 9 payments industry participation.In the context of the delivery of a CMA remedy for the 9 banks, this is entirely reasonable; it is run by them, funded by them and is operated for their benefit.
In the context of delivering a meaningful Open Banking initiative however, a PSD2 compliant industry solution that can benefit all PSPs, FinTech providers and the wider payment user community, this is entirely inappropriate.
There needs to be a change; and the change needs to happen while the different parties remain engaged within the current process. Quite soon alternative standardisation initiatives, driven by EU institutions that aim to deliver a more inclusive outcome, will start to deliver draft PIS API specifications and the restrictions of Open Banking will be set in stark contrast.
I believe the CMA needs to urgently review the initiative and consider whether it delivers the outcomes it had intended in the new world of AIS and PIS services, and not just for competition in ‘current bank accounts’. This is a world driven by use cases and technologies that mostly reside with non-bank participants, it promises significant user benefits and enhanced competition, but only if the entire value chain is able cooperate in its delivery.
In the immediate term, a binding commitment by Open Banking to broaden the scope of the work to include the interests of other payment industry participants is needed, accompanied by a change to corporate governance to give all participants a say in decision making. This is so, even if outcomes cannot be delivered until after January 2018.
Article written by Dr Thaer Sabri, CEO of the EMA published on LinkedIn Pulse
Join in the conversation and also voice your views or comment on twitter and LinkedIn.
We like to hear what you think.