Click Here to read the First Part of the Article: Open Banking: Future Of Banking Industry
In my last article, I had discussed about the concept of “Open Banking”. In this article, I will discussed about risk and regulatory issues of Open Banking. Open banking is centred on the promise to delight customers with personalized financial services, but we should not forget to balance the view of the risks being taken. Pretty challenging things to do in these early stages of the Open Banking evolution. Since customers are expected to exercise increased control over the use of their data, their participation will also be required as critical ingredients in the success of Open Banking.
Open banking as a “system” whose: players, technology, processes, and data are constantly evolving and inherently introducing risk. In open banking, players will be banks and non-banking entities like Fintech Company. Non-Bank entities like Fintech Companies are not regulated by central banks. The new risks that emerge, due to sharing of data among bank and non-bank entities, because ecosystems partners from non-banking industries will not always share the same level of sensitivity towards customer data as regulated banks do. As I said, the players for open Banking expands beyond traditional financial institutions to include Fintech firms, digital banks, data aggregators, credit bureaus, payment networks and third-party providers (TPPs). Firms from telco, healthcare and retail have also joined the game. Risk enhances the moment data is shared, so the data risk is critical. The globalization ushered in under the innovation of open banking also presents a regulatory risk, on a global scale. No longer are due diligence processes limited to one country, language, or regulator. It is now paramount to have a real-time global view of all regulated entities so customer data and financial information can be protected, and the Open Banking ecosystem can operate as intended, in a secure way. A concept of “integrated E-KYC” can be thought of. By collaborating and sharing intelligence, learnings and data, organisations will be better able to identify the financial crime activities that are endemic in the system. Enabling this sort of collaboration will require leadership and vision from within the industry, as well as the regulatory support necessary to overcome data privacy and jurisdictional regulatory differences. Open Banking, if not implemented with proper security and extensive analysis of probable gaps along with identification of controls, it is bound to give rise to process failures, data & security breaches leading to regulatory wrath.
Over recent years, open banking has become synonymous with the digitalization and transformation of the financial sector. New regulation has been one of the major drivers, starting in Europe before quickly spreading around the world. An array of different policy initiatives across jurisdictions have emerged to try to make this a reality, ranging from direct regulatory requirements (such as in the India, EU, UK, Mexico, Turkey or Australia) to market-coordination (Japan, Hong Kong), guidance (Singapore) and industry-led initiatives (New Zealand, Colombia). Most of the regulations initiatives are pushing towards the approach of standardisation – the degree to which data formats, security rules (like customer authentication), API frameworks, and elements of the user experience are common across entities. Standardisation makes life easier for third parties and can ensure minimum requirements are met, but also risks increasing costs and reducing flexibility.
In the era of Open Banking, no bank can afford to stay away from it not only to stay competitive, but also to survive. However, it will definitely require focus effort to build the secured technology & capabilities to measure and manage risk. While the objective is to improve customer experience, it cannot come at the cost of customer’s security and permanent reputational damage that will take the banks out of business.
Contributed by –
Dr.Chiragra Chakrabarty
CEO-KATIC CONSULTING LTD
*The views expressed are personal.
