Open data is key to shaping the future of hyper-personalized banking
While presenting huge opportunities to improve the customer experience and drive accessibility to financial services, innovations around open APIs and open banking are also increasing interconnectivity and attack surface, introducing new new cyber risks that stakeholders need to address by rethinking their approach to network security and focusing on the broader ecosystem, experts said at a panel discussion.
At a virtual panel hosted by banking software provider Temenos on August 17, 2022, senior executives representing the nexus between Standard Chartered’s banking-as-a-service (BaaS) brand, incumbent bank HSBC and banking group Digital Tyme Group, looked at the state of open banking adoption, as well as the opportunities and challenges related to data sharing.
The global trend towards open banking increases the interconnectivity between banks and third parties, creating more points of weakness and vulnerability in the security of the banking network.
“With open banking, there is more interconnectivity between the different players in the market…a lot of dependency on external parties,…more interconnectivity and that opens up new opportunities for the bad guys to launch attacks,” said Aldrich Goh, chief information security officer. , link with Standard Chartered.
“Whether the data is stored in the bank or transmitted to fintechs, it must be end-to-end secure for people to trust individual organizations as well as the industry as a whole. Because it only takes one player to break through and people will start wondering and worrying.
Designed to spur innovation and increase competition, open banking relies on the use of application programming interfaces (APIs) to establish a connection between third-party providers and users’ bank accounts, enabling the collection bank, transaction and other financial data. .
There are many use cases for open banking. In personal finance, this includes account aggregation where all of a customer’s accounts can be brought together in one place for users to have a consolidated view of their income, expenses, loans, and investments.
In lending, open banking and data sharing can eliminate the need to rely on credit history when reviewing applications, instead giving lenders instant access to customers’ financial data. other providers and allowing them to submit a response to a loan application in just a few minutes. .
Open banking is quickly becoming a strategic priority for financial institutions and organizations need to implement appropriate API security strategies, Aldrich said. Data sharing and open APIs make perimeters porous and introduce systemic risks.
“It’s important for organizations to have API security policies to govern APIs, all your assets, ensure code is secure, etc.,” he said.
“And you also have to consider supply chain security: the partners you work with, whether they have the necessary controls you expect them to have, and the open source software you use. We cannot rely on preventive controls, but we must also have appropriate detective controls. »
Towards open data
Since the United Kingdom and the European Union (EU) pioneered open banking, requiring banks to develop APIs that third-party providers can use, the trend has spread across the world and has started to disrupt the traditional financial services industry.
According to Frankie Wai, Business Solution Director Asia Pacific (APAC) at Temenos, at least 50 countries around the world are on the road to open banking, with the emergence of two main strategies: the regulatory-centric approach and the market-oriented approach. A few jurisdictions, including India and Singapore, have adopted a hybrid approach that combines the two guidelines, but no mandatory open banking regime.
Australia stands out from the crowd, Frankie said, noting that the country has gone further and laid the groundwork for open data.
“Similar to the UK, the Australian Prudential Regulation Authority (APRA) has imposed open banking regulation for banks,” Frankie said. “In parallel, the right to consumer data is being implemented in an open data economy where citizens, financial institutions and businesses in other sectors like energy or telecommunications can share their data with third parties.”
Echoing Frankie, Alvin Lim, Head of Open Banking Engagement for Wealth Management and Personal Banking, HSBC, said open banking will eventually move to open data in its final stage. Regulators around the world are already looking at open finance, including those in the Philippines and the EU.
“Australia is hitting the right note with open data,” said Alvin.
“This means that all the data that is important for cross-industry needs to be brought together. Ultimately, we are talking about meeting customer needs.
“We are no longer talking about campaign offers based on a segment approach, but now based on your individual profile, your lifestyle – a product that suits you.”
In developing markets like the Philippines, Indonesia and South Africa, open banking holds great potential to improve financial inclusion, said Nate Clarke, President and CEO of GoTyme Bank and founding member. of Tyme Group.
Data sharing can help create value for low-income and financially excluded customers by improving access and conditions of access to credit, as well as facilitating access to accounts and financial products.
Although new technologies and fintech products, such as e-wallets, have already gone a long way in bringing basic banking products to the unbanked, there is still a long way to go.
“As an industry, we’ve been pretty successful with banking and e-wallet penetration over the last decade,” Nate said. “What we haven’t moved the needle is credit, investment adoption, insurance adoption.”
Regulators need to step in both to encourage incumbents to open up their data, but also to push big tech players to also make their own data available.
“I would like to see regulators do more,” Nate said.
“The reality is that there are a lot of disincentives for large incumbents to participate. Banks view their large datasets as an asset, even though customers tend to think they own their data.
[On the other end spectrum,] Open banking should not only include banks [either] because there is much higher adoption, in the Philippines for example, of GCash and e-wallets. There’s actually some really good data out there. We also need to look beyond the bank. E-commerce is really rich in these markets. These big tech companies have a lot of data.