This paper sets out a number of amendments to the Proposed Amendments to the Agreed Arrangements to fulfil the objectives of the Retail Banking Market Investigation Order 2017.
Open Banking Standards to Expand Functionality and Cover all PSD2 Products
The Open Banking Implementation Entity (OBIE), the body set up by the Competition & Markets Authority (CMA) to enable a new, secure way for customers to take control of their financial data and share it with organisations other than their banks, today announces a series of important enhancements to its original scope as set out in the CMA Order (published in August 2016).
As referenced in the Chancellor of the Exchequer’s Autumn Budget today, the OBIE has now been asked by the CMA9 and Her Majesty’s Treasury to create open banking standards for all payment account types covered by the European Union’s second Payments Services Directive (PSD2). This means customers using credit cards, e-wallets and prepaid cards will also be able to take advantage of open banking services. In parallel, the CMA has today approved amendments to the agreed arrangements under the CMA Order, to include a programme of enhancements to ensure that Open Banking delivers maximum benefits for retail customers and SMEs.
The Open Banking project was created in 2016 by the CMA to bring competition and innovation to the personal and small business current account markets. The CMA mandated the nine largest current account providers in Great Britain and Northern Ireland (the ‘CMA9’) to create the OBIE and work with it to build a common set of API standards that would allow regulated companies safe and secure access to their accounts with the explicit permission of the customer.
The enhancements announced today will build on the core requirements of the CMA Order, which come into force in January 2018, and form a programme of releases throughout 2018 and into 2019.
Imran Gulamhuseinwala, Trustee of the OBIE, said:
“This is a truly innovative project and the UK is leading the world in opening up the banking system to new services and, ultimately, re-shaping it around the customer. Key to any innovation is the process of discovery and it became clear through the second half of 2017 that there is much more the OBIE could do to drive adoption of Open Banking and create a richer environment for new services. These enhancements should give even greater confidence to the FinTech community to seize the opportunity to participate fully in the financial services ecosystem.
“They will create standards for future dated, recurring and international payments as well as all the payment and product types covered by PSD2. These enhancements will maximise the benefits of open banking services for the customer. The OBIE will continue to work with the CMA, HMT, CMA9 and other stakeholders to drive this forward.”
Adam Land, Senior Director at the CMA, commented:
“Today’s announcement is a major milestone in the delivery of open banking, which will transform UK banking for retail customers and small businesses. This will make it easier for customers to manage their money, find the best deal for their needs and avoid overdraft charges.
“There is huge interest globally in the way that UK regulators have worked together with the banking industry, the FinTech sector, consumer groups and others to drive this project forward at pace. This plan, which the CMA has approved today, is both deliverable and bold in scope.”
The full details of the enhancements will be made available today on the Open Banking website which can be accessed here.
A copy of the CMA’s Notice of approval of changes to the Agreed Timetable and Project Plan will be made available today on the CMA website which can be accessed here: https://www.gov.uk/cma-cases/review-of-banking-for-small-and-medium-sized-businesses-smes-in-the-uk.
This note aims to address some of the market confusion in relation to the rights of firms to move between EU jurisdictions when performing operations related to the second EU Payment Services Directive (PSD2).
Leading fintech trade association calls launch “the first waypoint on a long journey”
The Financial Data and Technology Association, the leading advocate of open banking in the UK and around the world, has welcomed the parallel implementation of PSD2 across Europe, and the launch of Open Banking amongst the large banks here in the UK.
FDATA, which is chaired by Gavin Littlejohn, who represents the fintech industry on the Open Banking Implementation Entity Steering Group, was set up by six fintech companies in 2014 at the request of HM Treasury, and has been working directly with government, regulatory authorities and financial industry stakeholders in our mission to open up Britain’s financial sector to the benefits of financial data and technology.
FDATA has members from across the financial sector who provide innovative financial applications and services to empower personal and small business consumers to make better decisions and take fuller control of their financial lives across all their bank accounts, credit cards, loans and investments.
PSD2 and Open Banking empower the customer, through his or her explicit consent, to ensure that their chosen third party provider can access their data, make payments and provide them with innovative financial solutions.
Commenting on today’s launch, FDATA Chairman Gavin Littlejohn said:
“This is an important day for consumers and small businesses. From today, PSD2 gives consumers the right to share their payments data with their chosen third party app without any lingering fear that they are breaching the terms of their bank account, and those third party providers are being brought into a regulated environment to further increase consumer protection. And, in the UK, the delivery by the nine largest current account providers of a common Open Banking standard has provided the opportunity to reduce fragmentation, enhance innovation and provide additional security measures for the whole ecosystem.
“The standardisation of Open Banking delivery will see the continued expansion of fintech companies, models and products, and this is an extremely exciting time for the consumer and for UK plc.
“However, Open Banking in the UK is merely the first waypoint on a long journey. The scope of this launch – only current accounts and only from certain banks – is limited, and customers will only experience the full benefits when the scope is expanded.
“FDATA has successfully campaigned to get us this far, and we will now campaign with renewed vigour to bring all financial products, from all over the world, into a standardised open banking system.
“The drive towards open banking has been, and will remain, customer outcome led. The fintech industry exists because customers required better outcomes. Today is the day where consumers of financial technology in the UK can know for sure that they are being listened to.”
FDATA is hosting a Summit in December to chart the Open Banking journey to 2030.
Open banking is the midwife of innovation. It is driving innovation at a breathtaking rate. The consumer tools of the future have not yet been invented. This is the fintech revolution in action. But the journey is long, and we’ve barely left the start line. So where do we go next? How do we get there? What scope of data can we expect to access? What technology will take us there? How can we bring the whole world along for the ride? And what will open banking in 2030 look like?
Join us for a day of expert speakers, lively panels and Q&A as we chart the journey to 2030.
More information and booking details can be found here.
Fintech Connect Live 2017: 6-7 December
FDATA is delighted to be a media partner of Fintech Connect Live 2017 taking place on the 6 and 7 December at Excel London.
Combining the hustle and bustle of an exhibition featuring over 3000 visitors, and 200 exhibitors and partners from over 50 countries, FinTech Connect Live is the UK’s largest fintech event. Playing host to four strategic conference sessions with inspirational case studies from around the world, a technology buyers theatre with 50 product demos, 12 educational workshops tackling practical fast growth challenges, and two full days of dedicated mentoring clinics for start up leaders, all brought to you from over 300 of the industries finest speakers, FinTech Connect Live is the ‘must have ticket’ for stakeholders from across the full fintech eco-system.
FinTech Connect Live provides a platform for all those attending to collaborate, differentiate, form connections, source solution, conduct and generate business with new, existing and upcoming fintech players in the market.
Get involved and find out more by visiting www.fintechconnectlive.com
Please click the link below to read FDATA’s response to HMT’s consultation on the implementation of PSD2.
The Financial Data and Technology Association has responded to the European Banking Authority’s consultation on authorisation and registration under PSD2.
The responses (submitted online) are:
Q1: Do you consider the objectives of the Guidelines as identified by the EBA to be plausible and complete? If not, please provide your reasoning.
FDATA considers the objectives to be plausible and almost complete. Our key concern, though, is to ensure that smaller applicants providing narrower services are not subject to the same requirements as large multi-state applicants with broad services. An adjustable, tiered system would be preferable to facilitate this.
Q2: Do you agree with the options the EBA has chosen regarding the identification of payment services by the applicant; the way information is to be submitted to the competent authority; the four-part structure of the Guidelines, and the inclusion of authorisation for electronic money institutions? If not, please provide your reasoning.
FDATA has no objections to these chosen options. However, we would ask you to clarify the process for an applicant with multiple lines of business.
Q3: Do you consider it helpful how the EBA has incorporated proportionality measures in the Guidelines in line with PSD2? If not, please explain your reasoning and propose alternative approaches.
FDATA does consider this helpful and has no specific objection. In general terms, however, we would ask the EBA to constantly assess whether barriers to entry are too high and may stifle innovation. Would the EBA consider an exemption for some applicants under defined conditions?
Q4: Do you agree with the Guidelines on information required from applicants for the authorisation as payment institutions for the provision of services 1-8 of Annex I of PSD2, as set out in chapter 4.1? If not, please provide your reasoning.
Please treat this answer as a catch-all for questions 4, 5 and 6.
Again, FDATA’s key concern here is the potential stifling of innovation which would result from barriers to entry for early-stage applicants. In this respect, the requirements around business plans, marketing and forecasting seem overly onerous.
Secondly, some of the information required appears too granular and technical in nature and lacks focus on the more important issue of the quality of an applicant’s information security management system.
Furthermore, for applicants with dynamic, cloud-based systems, some of the information requested is likely to change on a regular basis. We would ask the EBA to clarify whether notification of every change would be required.
In all these cases, it is possible to be more selective in the information required and still ensure that the approval process ensures only well-qualified applicants.
Finally, we would ask the EBA to clarify why ISO27001 has not been recommended as a standard to apply, having been mentioned in the Regulatory Technical Standards and recommended by the UK’s Open Banking Standard. Adoption of this would reduce the workload on competent authorities.
Q5: Do you agree with the Guidelines on information required from applicants for registration for the provision of only service 8 of Annex I PSD2 (account information services), as set out in chapter 4.2? If not, please provide your reasoning.
See answer 4.
Q6: Do you agree with the Guidelines on information requirements for applicants for authorisation as electronic money institutions, as set out in chapter 4.3? If not, please provide your reasoning.
See answer 4.
Q7: Do you consider the Guidelines regarding the assessment of completeness of the application, as set out in chapter 4.4 to be helpful? If not, please provide your reasoning.
FDATA would recommend an addition. We would ask the EBA to explicitly state how long an incomplete application can wait before it is invalidated, after which a new application will be required.
The Financial Data and Technology Association (FDATA) has responded to the CMA’s draft order following its publication of the retail banking investigation, which led to the creation of the Implementation Entity.
Commenting on the submission, which can be read here, FDATA’s Executive Director Andy Maciver said:
“FDATA’s interpretation of the purpose of this order is that it should reflect the letter and spirit of the CMA’s final Retail Banking Investigation report. In that sense, we are broadly satisfied that this Order achieves its purpose.
“However, in our response we have taken the opportunity to make a series of general points which we believe are critical to the successful delivery of ‘open banking’, surrounding three areas: the ‘live market’ for fintech, the market for cyber-insurance and the need for a public awareness programme.”