Banks, fintechs and other financial institutions (FIs) often have what you could call an “uneasy alliance.” All those FIs provide products and services that consumers need and use – in many cases, daily – but they do not necessarily cooperate or coordinate when it comes to data.
In the US, some of the largest banks have made headlines for their reluctance to work with third-party fintech providers for access to data. The primary concern that banks cite for this stance is data security, and rightly so. Data breaches have impacted a number of entities in the industry, from fintech providers to credit bureaus, exposing sensitive consumer information, account information and more.
Yet there is a growing chorus of voices crying out for more access, more connection and more cooperation. Can the industry as a whole effectively answer the call?
What, Exactly, is Open Banking?
Open banking has been defined as:
“[A] banking practice that provides third-party financial services providers open access to consumer banking, transaction, and other financial data from banks and non-bank financial institutions through the use of application programming interfaces (APIs).”[i]
Throughout Europe and the UK, open banking has been mandated by “laws that explicitly require their banks to create [APIs] and open those…to third-party developers.”[ii] In the US, however, there are no legal requirements for banks and other FIs to develop APIs that are open and available to any third parties – at least not yet.
What we have in the US is an industry-led push to standardize and publish APIs for the secure, consumer-consent based sharing of financial data. Organizations like the Financial Data Exchange (FDX) are establishing ties and engaging individuals from a number of stakeholder companies to identify the best way to facilitate open banking here.
There are also agreements happening between established entities and newer fintech companies, like the recent announcement of a data exchange agreement between Wells Fargo and Envestnet Yodlee. These formal agreements are usually undertaken by two specific organizations rather than broadly in the industry, and rely on specific APIs rather than universal standards.
What Are the Benefits?
The perceived benefits of open banking depend on who you are. For consumers, the primary benefits are “services that make financial management easier, such as being able to compare bank services, integrate financial data, and personalize budgeting tools.”[iii] But consumer opinion is largely split along generational lines; a Deloitte survey found that younger demographic groups (18-36 years old) see much more value in open banking than older groups (37+ years old).
For fintech providers, the benefits can be significant. First, they can much more easily access consumer data, which has previously been held by banks. Second, they can streamline implementation of their products and services for consumers. Third, by inking partnership agreements with banks, these newcomers can readily and quickly increase their potential customer base. It’s a potent triple play for fintechs, and that helps explain the fervent desire to truly open up banking services.
For traditional banks and credit unions, the benefits are less clear, although there is increasing positive sentiment about the potential of open banking. These financial institutions (FIs) stand to benefit by meeting customer demands for these new products and services, which if properly implemented can improve customer experience and loyalty. The Deloitte survey overview notes that “[o]pen banking provides banks with an unprecedented opportunity to serve customer needs more holistically and become even more relevant in consumers’ lives.”[iv]
Traditional FIs have also identified that open banking can provide potential growth opportunities. Finastra recently published a post that highlights the enthusiasm bankers have for potential, stating that “65% of bankers viewed open banking as more of an opportunity than a threat…[and] 90% expect open banking to boost organic growth by 10%.”[v]
So in theory, open banking could be win/win/win. Are there any drawbacks?
What Are the Concerns?
The primary concerns surrounding open banking, whether stated by consumer, fintech or traditional FI, are all focused on data security.
Consumers are most concerned with identity theft and misuse of data. Fintechs and FIs cite data security and customer privacy as their top areas of concern, followed closely by loss of control of customer data. All that personal financial information is an extremely attractive target for malicious actors, and companies are right to be concerned about the potential for breaches.
Some of the key questions that come up include:
“How vigorous are the security measures used by banks and third parties to monitor APIs and data everywhere they go? What controls are in place to enforce consumer decisions on how, when and by whom their data is being accessed? How are financial institutions validating third parties to make sure rules are being followed? What are the penalties for violations?”[vi]
These are thorny, important considerations for any organization thinking about opening up access to their data. And because of these significant issues, only “26% of bankers recently surveyed said they feel ready for open banking. And 61% said they are looking at significant IT changes to make it happen.”[vii]
Another concern, albeit much less prominent on the radar of banking and fintech executives, is the potential to get left behind as competitors establish connections and data sharing agreements with fintechs and other service providers.
Is There a Better Way?
While the potential benefits and drawbacks of open banking loom large, there are other ways financial institutions can approach the concept without having to throw their data out into the wild. One model that works today – and works well – is to partner with an organization that allows your bank to centralize all of its connections to other organizations.
This “hub and spoke” model can provide a beautiful blend that gives traditional banks, and their customers, the best of all worlds. Using a third party to build, manage and maintain API connections can free up organizational resources while still providing access to the products and services that your institution and your customers desire. And with the right partner, your company still maintains complete control over your internal data, and has no need to share or expose it to other companies.
In this context, the right partner will have existing connections that your company can quickly and easily integrate into your existing services. The right partner will also have a tremendous breadth and depth of pre-built connections, to give you the best advantage when it comes to identifying and implementing the right products and services for your unique customer base. Finally, the right partner will be able to launch those connections immediately, letting you beat competitors to market and immediately meet customer demands.
For the last 30 years, that partner has been Zoot Enterprises for many of the largest banks in the country. If you’re thinking about how to take a step forward, let’s talk. We can help you make the connections you need with our nimble, powerful solutions, while keeping you and your customer data safe and secure.