At EBA Day 2019, Mastercard and Finextra invited a number of guests to participate in a roundtable discussion on the commercialisation of Open Banking. Moderated by Kevin Brown, Independent Director and Adviser at Payment Industry Insights, it featured contributions from Liz Oakes, Executive Vice President for Market Development at Mastercard, and Liisa Kanniainen, Vice President and Strategic Partner for Digital Banking at Nordea.
Read our summary below.
The industry has rallied in response to the implementation of PSD2 and we are in the nascent stages of Open Banking. Banks have invested heavily in meeting the regulatory and compliance obligation, and are now turning their attention to the commercial opportunities. The focus for many is how to unlock the commercial potential of Open Banking as part of the wider digitally-led transformation of the financial services industry.
“We were surprised to see 700 registrations in the first three weeks that our Open Banking portal was available,” said Liisa Kanniainen Vice President, Strategic Partner Digital Banking at Nordea. But banks and other providers need to understand how to use APIs, what premium APIs are available, and how to generate revenue from them. “Many banks are looking at it from a technology perspective and asking how they monetise it: instead they should be looking at Open Banking as an enabler.”
Open Banking is something of a misnomer: “It’s neither ‘open’ nor is it just about ‘banking’”, said Liz Oakes, Executive Vice President of New Payment Platforms at Mastercard. “Open Banking — by which I mean the sharing of customer account information with their consent — is about developing thoughtful and meaningful services to support the end user’s wider needs.” In Mexico, for example, and more broadly across Latin and South America, the imperative for Open Banking is coming more from areas such as healthcare and automotive industries than it is from financial services.
“We also see various ways in which the concept of ‘Open Banking’ is being interpreted,” added Oakes. “In Europe, many players are developing propositions based on customer account information, rather than payment initiation, which they’re finding easier to bring to market than payment services.”
But the role of the ‘account information service provider’, or AISP, is throwing up a number of challenges for regulators: in the UK, for example, the Financial Conduct Authority has no way of categorising a business model that’s based on using transactional data to offer non-financial advice. Oakes again: “We need to change the way we think about Open Banking — it’s not about banking; it’s about lifestyle.”
Early adopters will dictate which services will fail and which will succeed: if they work and are valuable, then they’ll use them; if not they’ll discard them. And they’re savvy: they’ll look for solutions that give the best rewards or allow them to do things in more intuitive ways.
But what obstacles are there to overcome? “The implications of Open Banking and PSD2 are much more numerous and extend far wider than is generally being discussed,” offered Kanniainen.
One of the biggest issues is around consent, on which there was consensus around the table: “Can we as individuals decide if there are transactions that we don’t want to be shared? Anything that could expose my politics, or related to my health or my children?” The rules around this vary by country, and they can be opaque — do people really understand the consents they’re giving? “Informed customer consent is extremely difficult: people just hit the consent button and then it only gets flagged when something goes wrong?”
As might be expected given their relative immaturity, not all Open Banking-enabled services currently offer the consumer equivalent levels of protection or customer service as more mature payment methods when things go wrong. While PSD2 legislation does provide consumer protections in the case of fraud or unauthorised payments, for other types of refunds and chargebacks the roles and responsibilities of parties are not as clearly defined.
Oakes again: “Consider this: someone uses an app to set up automated transfers between their accounts in order to hit the thresholds to receive the benefits associated with these accounts. However one of their scheduled Direct Debits doesn’t go out on the expected day because it’s a weekend, throwing their sophisticated money movement out of the window; the knock-on impact is that their mortgage doesn’t get paid. Who gets the blame? Most likely, their bank.”
And what about when a transaction involves a chain of third-party providers? If something goes wrong and the consumer tries to get their money back, the end seller isn’t liable because the transaction wasn’t made with them direct; it rests with the first third-party provider in the chain. “It’s already happening that people don’t get their money back, and of course they get very upset.”