Tag: open banking

Six trends that will shape banking, fintechs this year, BFSI News, ET BFSI

Banking & Finance

[ad_1]

Read More/Less


The banking and finance world is moving at a fast pace, The last year was about the digitalisation of banking services among the customers. While that continues. other trends are emerging that promise to reshape the space this year.

Open banking

Open banking is a revolutionising technology that brings fintech and banking together and enables data exchange across institutions. Fintech markets in the UK and Europe have become crowded with AIS and PIS services providers and will reshape the traditional banking industry. However, there are still many traditional players in banking that are reluctant to build partnerships with fintech companies. The hurdle of Open Banking regulations has made it difficult for fintechs to get into banking and adopt the technology.

Hike in banking fees

Globally, banking and fintech firms are hiking their fees. Some banks have already announced that they are planning to charge customers for interbank payments or increase fees for payments and account opening. Fintech companies and digital banks also continue to review their commissions.

Decentralised finance

The surge Bitcoin value has put focus on other revolutionary trends of the crypto world including decentralised Finance (Defi). It is a pool of financial applications based on crypto and blockchain technology and used worldwide across banking, insurance, and other financial services. Yield Farming, a part of Defi, offers its users to maximise returns by locking up their crypto assets and, in turn, earning interest, crypto coins and tokens. Another trend is Non-Fungible Tokens (NFT), which are digital assets that span both tangible and intangible assets like music, art, virtual real estate and even virtual sneakers. NTF data are unique and non-exchangeable, thus it ensures that users can verify the authenticity of these digital assets. There is Polkadot or blockchain of blockchains that enables blockchain networks to operate together seamlessly. It is a multi-chain ecosystem that allows you to move any type of data across any type of blockchain.

Banking-as-a-Service platforms

Banking-as-a-Service (BaaS) industry has attracted many players and is set to become a US$7.2 trillion industry by 2030. There are signs of serious BaaS momentum, with leading banks such as BBVA and JPMorgan Chase ramping up significant investment into the unique API-type models. Goldman Sachs has announced its own new BaaS portal for developers.

Focus on cybersecurity

There has been a rise in fraudulent activities during the Covid pandemic. Cybercriminals have heavily exploited the disruptions and attacked financial institutions. With the recently introduced Open Banking, there are more concerns about security, privacy, and fraud in banking and fintech. Open banking has magnified the impact of breaches and cybersecurity incidents as well. To fight financial crime, banks need to implement new security measures and diversify the ways our financial data are stored. To protect data, more companies are storing their data on on-premise and cloud platforms and implementing machine learning to identify all kinds of fraudulent activities across their network and platforms.

Anti-money laundering fight

The sixth AML Directive was introduced in European law last December, which sets out that all EU members and their organisations must implement these regulations by June 2021. The 6th AMLD aims to close the gap of domestic legislation and harmonise the definition of anti-money laundering across EU member states. The new directive also focuses on predicate crime as the list of financial crimes has been expanded covering a wider range of activities not listed in the previous directives.



[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , , , , ,

Open banking may potentially pose significant risks: RBI Dy Guv Rao

Banking & Finance

[ad_1]

Read More/Less


Open banking may potentially pose significant risks and concerns around financial privacy and data security, customer liability, cybersecurity and operational risks, among others, cautioned Reserve Bank of India (RBI) Deputy Governor M Rajeshwar Rao.

Open banking is the sharing and leveraging of customer-permissioned data by banks with third-party developers and firms to build applications and services, including those that provide real-time payments, greater financial transparency options for account holders, marketing and cross-selling opportunities.

In open banking, there can be wide-ranging third-party arrangements such as fintech firms, intermediary firms engaged in data aggregation and other service providers which may not have a contractual agreement with the bank over which regulators can exercise jurisdiction, Rao said in a webinar on Open Banking organised by Tata Consultancy Services (TCS) in association with the Embassy of India in Brazil

Further, it may be possible that several of these firms may not fall under the regulatory purview of any financial sector regulator. In such situations, it may become difficult for regulators to set requirements, specifications, and exercise regulatory jurisprudence, he added.

Loss/theft of personal data

“In open banking frameworks, risks associated with the loss or theft of personal data on account of poor security, data protection violations, money laundering, and terrorist financing concerns cannot be ruled out.

“Therefore, large scale adoption of open banking frameworks should ideally be preceded by strong data protection and privacy laws,”the Deputy Governor said.

Rao emphasised that such laws should anchor the ownership rights and ensure control and consent-based use of the data. They should also establish the boundaries of rights and obligations of third-party use, down-streaming data to fourth parties and reselling it.

“India has already embarked upon the same and The Personal Data Protection Bill, 2019 has already been introduced. The Bill seeks to provide for the protection of personal data of individuals and establishes a Data Protection Authority for the same,” the Deputy Governor said.

Redressal of grievances

Rao noted that in the absence of explicit arrangements for redressal of customer grievances and limiting their liability in case of erroneous or fraudulent activity, the acceptability of open banking frameworks may remain limited.

Therefore, the jurisdictions should address customer liability for third party access of data through customer protection or indemnity laws.

In this regard, Rao underscored that RBI had issued Charter of Customer Rights in December 2014, which lists ‘right to privacy’ along with ‘right to grievance redress and compensation’ among others.

Increase in surface area for cyber frauds

Rao cautioned that open banking architectures, which are premised on the enhanced sharing of data, increase the surface area for cyber frauds.

As the open API (Application Programming Interface) provides uncluttered access to customer banking data such as transactions and balance stored within the infrastructure, it may also pose a severe cybersecurity risk, he added.

“Losses caused to customers on account of cyber events would require financial institutions to compensate customers for such losses.

“Institutions may also face a variety of potential operational and cyber security issues related to the use of APIs, including data breaches, misuse, falsification, denial of service attacks and infrastructure malfunction,” the Deputy Governor said.

Difficult to assign liability

Rao remarked that with more parties and intermediaries involved in providing financial services in an open banking model, it is more difficult to assign liability. Suppose the regulations governing customer grievance redressals are not updated to consider available banking business models. In that case, the national authorities may find it challenging to provide the customers with adequate levels of protection.

In India, RBI implemented a separate Ombudsman Scheme for Digital Transactions in January 2019. The number of complaints received under the Ombudsman Scheme for Digital Transactions (OSDT) has been consistently increasing reflecting increased digital modes of banking, he said.

Potential disruptor

“Open banking is a potential disruptor in the financial system and may change the way of doing banking for both- customers and banks.

“New pure tech-play entities have the potential to snatch market share from established but traditional financial institutions because they are technologically more advanced, digitally agile to cater to customer needs with higher efficiency, have better user interface, and are more competitive in pricing,” the Deputy Governor said.

At the same time, all stakeholders need to appreciate that while technological innovation is of paramount importance, customer privacy and data protection are non-negotiable, he added.

[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , , ,

‘PSD2 & open banking to reshuffle Europe’s banking & financial sector’, BFSI News, ET BFSI

Banking & Finance

[ad_1]

Read More/Less


European Union’s Payment Service Directive 2 (PSD2) has gone into full implementation in this year and European Banking Authority (EBA) has asked National Competent Authorities (NCAs) to take necessary steps for its compliance and implementation. PSD2 norms are aimed towards making Europe into a single payment market and from there on improve customer experience and protection, boost innovation and competition and development of new payment methods and e-commerce.

Further it will bring out new models of business across the financial ecosystem in the form of open banking and leveraging of Application Programming Interface (APIs).

Sam Theodore, Senior Consultant at Scope Group in the ‘The Wide Angle’ report says, “PSD2 is arguably Europe’s most important piece of non-prudential financial regulation for decades.”

These norms are directly challenging the traditional bank-customer value chain (which asymmetrically benefits the bank) as it allows the transfer of customer financial data ownership from banks to their businesses and individual clients through Open APIs. The report adds, “Customers can then freely choose between their existing bank or third-party providers (TPPs) – other banks or authorised non-banks – to carry out their payment instructions. TPPs’ access to accounts (XS2A) occurs solely with customers’ prior agreement, which in effect puts them, not their banks, in the driver’s seat.”

This essentially leads to the implementation of PSD2 norms in play with European Bank’s revenues related to payments and account services. The report cites a McKinsey report which estimates that these revenues are no less than 35% of total bank revenues as compared to 51% from lending and 14% from other products.

Sam says that market participants shall start looking at how European banks adjust to the post PSD2 environment. Further, not only awareness of the top management with respect to PSD2 but also how compliant the bank is with these norms and focus on specific strategy and planning to implement with cloud-based platforms, big data management, use of artificial intelligence and robotics.

Sam adds, “There is often a degree of inertia in how the market investigates new aspects of relevance, which is why those banks with a clear vision of where they want to position themselves in the open-finance world and how to get there should bring up the topic themselves on analyst calls and meetings to try to educate their analysts and investors. For everyone’s benefit.”

Clouds & Platforms
The EU has seen a 79% growth of third party service providers and players including big techs from 237 in 2019 and 410 licensed players in 2020. This growth is fueled by a desire to tap an open market enabled by PSD2 and the rush for digital services due to the Covid-19 pandemic disruptions.

European banks are exploring “build, buy or partner” avenues for the new world at a different pace but for the same goals. One common central element in all of these is migrating activities and operations to cloud native platforms. Top cloud providers have actively partnered with top names amongst European banks and fintechs partnering with incumbent banks to build open APIs.

There are also concerns around viability of smaller players. The report cites the example of the recently launched European Cloud User Coalition (ECUC) with the aim of broadening and facilitating cloud usage by a larger number of peers in various European countries.

The report cites it as a systemic weakness by saying, “the absence of viable European cloud providers to compete against the US and Chinese giants. Both EU governments and banks have all the interest in the world to address this weakness in the not-too-distant future.”

Implementation Challenges

PSD2 Implementation was scheduled back in September 2019 but concerns with data security led to EBA putting out a paper through Regulatory Technical Standards (RTS) on strong consumer authentication (SCA) protocols.

The SCA protocol mandates at least two of three categories from “What you know” (your password or PIN), “what you own” (your device like smartphone or tokens) and “what you are” (biometrics like face recognition or fingerprint).

The idea is now towards moving to biometrics over static passwords or SMSs which are more prone to cyberattacks. The report says, “Cyber-security firm Kaspersky recorded a tripling of distributed denial-of-service (DDoS) attacks over the 12-month period ending in mid-last year.”

As the ecosystem wasn’t prepared for the September 2019 deadline, the compliance was further pushed to January 2021 and a few supplementary months have been added till September 2021 to ease the SCA implementation pressure on pandemic affected smaller merchants.

The report said, “Another initial problem with implementation was the fact that PSD2 did not specify a specific standard format across the EU for setting up open APIs. There were several competing standards, although now those adopted by the so-called Berlin Group (a coalition of EU banks) seem to be prevailing, suggesting smoother sailing ahead.”

Banks have also planned for a review and focus on lessons learned in recent years around security enhancements and looking at better standardisation for APIs across EU.

The report said, “One inherent challenge for regulators involved in these areas is keeping up with the fast advances in technology and rapidly changing industry standards.”

Open Banking in the UK has advanced with more than 2.1 million active open banking users in the UK, as the API call volume increased to six billion in 2020 from only 67 million in 2018.

Citing this growth in the UK, the report states, “There is every reason to believe that open banking will end up being adopted by an increasingly large share of businesses and individuals. This clearly raises the stakes for financial institutions still on the sidelines.”



[ad_2]

CLICK HERE TO APPLY

Leave a comment , , , , , ,