A few years ago it was reported that the average current-account contract lasts longer than the average marriage. For whatever reason, British people have greater loyalty towards their bank than their spouse. But is it loyalty or laziness? Or is it the nature of the market?
Imran Gulamhuseinwala is the global head of fintech at Ernst and Young, but is currently on secondment working as the implementation trustee leading the Open Banking Implementation Entity. He says that a financial revolution is coming and, if all goes to plan, it should be here in under a year. “If we get this right we can build a financial services sector in this country that is more inclusive, that is personalised, and is effortless”. He is referring to open banking, a radical new system of commercial banking that allows customers to share their financial data through open application programming interfaces (APIs).
The Open Banking taskforce was established by the Competition and Markets Authority (CMA) to oversee the adoption of open banking by early 2018, something that is expected to radically shake up what is seen as a stagnant sector. When the CMA published their report Making banks work harder for you, the chair of the retail banking investigation Alasdair Smith declared that they were “breaking down the barriers which have made it too easy for established banks to keep a hold on their customers.”
For many people the idea that their bank would share details of their salary, savings, outgoings and overdraft would be a horrifying proposition. But, as with email and GPS maps, opening up personal data brings important advantages. By sharing your data and making it securely accessible, banks will be opening their customers’ eyes to competition. It will allow third parties to access that data and develop services that are tailored to consumers’ particular circumstances. It will be much easier to compare quality of service and switch providers, and consumers will be prompted to assess the value of the products they have bought, including mortgages, loans, current-accounts and ISAs. Instead of being encouraged to stick with one provider for all your financial needs, the market will be cracked open for consumers to pick and choose, all through a shared platform.
The CMA is not the only organisation pushing open banking. Much of the impetus comes from two transformative pieces of EU legislation that aim to make digital banking faster and more secure. The first of these is PSD2, the second Payment Services Directive, which gives customers the choice to pay directly from their account rather than having to send their credit or debit card payments through a third party such as Visa, and must be implemented by January 2018. The second is the General Data Protection Regulation (GDPR), which takes effect in May 2018. The GDPR introduces fines of up to four per cent of global turnover for companies that lose EU citizens’ data. For banks, this puts a premium of billions on data security. Gulamhuseinwala is emphatic about their influence: “PSD2 along with GDPR have always been some of the fundamental catalysts behind making open banking happen. I sometimes define open banking as the combination of PSD2 and GDPR.”
He is insistent that the nine big banks are playing ball –“We’re really advantaged in that we have the wholehearted support of all of those nine banks to get it done” – but this begs the question of why such forceful legislation was required to help bring about open banking. While the big banks have been perceived to be dragging their feet, challenger banks have been embracing the technological gap in the market.
The most prominent challenger is Monzo, which launched its own API in 2015. Monzo is known for its distinctive bright coral cards, its well-designed app, but the key difference is the real-time expenditure information it offers consumers, by “building our systems from scratch, using the latest technology used by Amazon and Google”. CEO Tom Blomfield says Monzo offers a switch from “anxiety and loss of control to a feeling of peace of mind”, and the appeal of this feeling of control is rapidly becoming clear. Two years after it was founded, the company hit 200,000 users.
Blomfield says the big banks have “historically resisted” open banking because they are unwilling to relinquish control of the data they have “sat” on, and are “obsessed” with selling financial products. “They sign you up very young as a customer and they try to flog you their own products throughout your life.” As Monzo is not seeking to sell its own financial products, he insists that when it comes to customers surveying the market, they have “no vested interest”. He believes open banking “opens up this new kind of service … this central aggregating platform that helps you control all of your money.”
Blomfield adds that banks have been trying to water down PSD2 legislation, but thinks this is due in part to panic: “It is happening because the timelines are now just so tight that getting something live by January 2018 seems less and less likely.”He thinks that the major concern is whether the banks’ systems can support open banking safely, referring to recent high-profile data breaches as examples. “The BA crisis, the RBS systems outage, the Tesco breach, the NHS… it wasn’t like they had cutting-edge technology and hackers managed
to defeat them. They just haven’t upgraded their systems in 15 years.” Blomfield describes this negligence as criminal. The possibility of consumers’ financial data being stored and shared by banks that rely on “tacking on pieces round the edge of their core systems” may be increased by the tightness of the deadline. It is now less than a year until the APIs to support open banking are supposed to be ready.
Blomfield is not the only person voicing concern about data security. Jim Killock, executive director of the privacy campaign group Open Rights, says that although “the sharing of data in itself is not necessarily a negative development, there are many things that could go wrong. Financial companies need to ensure that they can store and protect it securely”. While Killock acknowledges that GDPR “does improve things somewhat”, he also highlights concerns about consumer control. “A lot depends on whether we can genuinely consent to this valuable data being shared and control what happens to it afterwards”, he says, arguing that the financial sector faces “particular challenges, in that consent is a condition of getting credit, so it’s very hard to opt out from. Agreements to share data are not usually a fair bargain”.
For Gulamhuseinwala, however, open banking will offer consumers more control than ever. “It is recognising that the data belongs to you and not the financial institution and you should be able to use it as you like in a private and secure way.” When probed on the banks’ ability to safely store and share the data, he states that APIs are “the safest and most secure technology. What we’re doing does not require a consumer to share their username and password.”
What is certain is that change is imminent. Blomfield says pressure is mounting on the banks, not just from consumers and the CMA but also from other levels of government. “There’s huge political will behind this. The Treasury is pushing this and they are not going to give up.” However, he remains sceptical of the timescale targets.“This will happen, but it might not happen by January 2018.” Gulamhuseinwala is clearly awake to the enormity of the task but remains more optimistic. “Even though it’s really hard, I’m confident that we will get it done on time.”
The task is indeed great, but his enthusiasm seems to shadow any doubts. “I personally am really excited about what we can create here and the benefits it will give consumers and the opportunities it will give the market. I’m really grateful to get the opportunity to lead this.” Still, if the big banks don’t transform the market, the challenger banks will.