From Open Banking to Open Finance: Redefining the Financial Services Landscape

Payments Views

October 24, 2023

May Bethany

By Bethany May

The Consumer Financial Protection Bureau (CFPB) just released proposed rules for Open Banking in the U.S. which offer a framework for understanding Open Banking roles, role-based requirements and rights, and timelines for implementation, among other things. This long-awaited proposal lays the groundwork for a more mature approach to Open Banking in the U.S., or dare I say, Open Finance?

What is Open Banking?

Open Banking enables customer-permissioned data sharing and account-to-account (A2A) payment initiation, using application programming interfaces (APIs) provided by banks to authorized third parties.

For an introduction to Open Banking principles and the implications for payments industry players, read Glenbrook’s previous post: The Open Banking Phenomenon, Explained.

Open Banking supports exciting benefits.

There are numerous benefits to Open Banking, a few of which include:

  • Enables customers to own and control their payment account data;
  • Enables customer choice and supports the entry of new market players and innovative business models;
  • Allows the use of customer payment account data to offer personalized products and services;
  • Simplifies the user experience.

What is Open Finance? Markets are maturing towards Open Finance 

Markets across the globe are realizing the benefits of Open Banking. As such, market models are maturing. Moving beyond sharing payment account data, Open Finance focuses on sharing a broader range of data, both financial and non-financial, with many of the same goals of supporting personalized products and services and providing a better user experience. In addition to the consumer benefits, wider sources of data benefit providers – offering deeper insight about their customers and allowing them to better assess risk. Beyond payment account data, examples of data shared in Open Finance include loans, insurance, investments, pension data, and more.

Diagram 1: Shifting from Open Banking to Open Finance

 

CFPB sets the foundation for Open Banking and components of Open Finance

In my read, the new CFPB proposed rules anchor in Open Banking – supporting read transaction history and the basis for payment initiation (though details remain unclear). I would qualify the approach to Open Banking as relatively mature too, as ‘covered data’ in the rules includes service attributes associated with an account (e.g., things like rewards credits). We also see extensions into Open Finance as covered consumer financial products or services includes ‘Regulation Z credit cards’ (i.e., the sharing of consumer credit data).

What are the basics of the proposed CFPB Open Banking rules?

The CFPB’s recently released proposed rules would require covered entities referred to as “Data Providers” to share customer data (for example, historical transaction information), subject to the customer’s consent, free of charge and in an electronically consumable format. The proposed rules define the role types as the following:

  • Data Providers (card issuers, financial institutions, and other deposit account providers)
  • Data Aggregators
  • Third Parties (entity authorized by consumers to access their data)

These proposed rules would be applicable to all covered entities in a four-year phased approach, based on entity size.

Like Open Banking, we will likely see commercial partnerships bridge the new rules, once in place, to further support Open Finance

The CFPB’s proposed rules are still just that – proposed. While we lack official regulatory structures, market actors can still make movements towards Open Finance. We see this in place already today – companies have stepped in to facilitate Open Banking when regulations are not – as regulations and market movements are not mutually exclusive. For example, a commercial partnership may enable aspects of Open Finance for those two discrete parties. This partnership may exist in a market with formal Open Finance regulations.

Diagram 2: Approaches to implement Open Finance

 

How can we best enable Open Finance?

Increased data sharing, while offering many potential benefits for consumers and businesses, necessitates greater focus on data privacy and the need for strong requirements around the safety and security of personal and financial data. Consumers should have the right to share their data with third parties that they authorize, and those third parties should use that data only for the specific purpose intended. Further, consumers should be able to revoke third-party access to their data at any time. The technology infrastructure must also be secure to prevent unauthorized access to sensitive information and to support safe data practices. This should include the use of secure APIs and robust security protocols, including data encryption and multifactor authentication, among others. Strict requirements around technology and the transfer and storage of sensitive data are critical to engendering consumer trust in the ecosystem.

While the CFPB proposed rules address consumer protection concerns by limiting the use and retention of consumer data, and requiring that third parties provide consumers the ability to revoke access to their data, they do not define the standards for data sharing formats, and instead encourage the development of “qualified industry standards” by a recognized standard-setting body.

Lauren Jones, Director of Market Development at the Open Banking Exchange, highlights the importance of a clear regulatory framework in Open Finance initiatives: “Common technical standards and specifications enables the secure and efficient exchange of data. As countries progress on their Open Finance journey, collaboration between the regulators and market actors is essential to promote innovation and cooperation towards a safe and modern financial ecosystem.”

Open Finance is the next phase in the modernization of financial services. It expands the pie of opportunity for providers and promises a more seamless customer experience and better insights into their financial well-being for end-users.

Is your company evaluating how you can capitalize on the newly proposed rules? Let Glenbrook help you develop your strategy. Get in touch with us here.

Around the World

Curious about Open Banking and Open Finance activities around the world? Here are a few highlights:

 

  • Australia: Australia’s Consumer Data Right (CDR) regulation provides the regulatory foundation for data sharing and portability.  While formal regulation for payment initiation is still in progress in Australia, the instant payment system, NPP, has implemented an innovative consumer-facing interface, called PayTo, that enables end users to permission third-parties to initiate payments on their behalf and provides the ability to control all of their provisioned NPP third-party authorizations in one centralized place.
  • Brazil: Brazil has implemented formal Open Banking regulations that enables the standardized sharing of data and services through APIs, bringing innovation and promoting competition in Brazil’s financial system. Brazil’s Central Bank (BCB) has been implementing Open Banking and progressively moving towards Open Finance in a 4-phased approach. In parallel, third-party payment initiation is currently supported in the Pix instant payment system.
  • Europe: PSD2 provides the regulatory foundation for Open Banking in Europe and requires banks to develop secure channels for third-parties, with the customer’s permission, to transmit data and initiate payments. However, PSD2 did not specify how the banks’ secure channels must be implemented. The EU is currently in the process of modernizing PSD2, slated to become PSD3, and is simultaneously advancing towards Open Finance through a legislative proposal designed to establish a framework for financial data access beyond payment accounts, encompassing a broader spectrum of finance verticals, such as savings, investments, and more.
  • India:  While India does not have comprehensive Open Banking regulations, it does permit certain activities. Licensed Account Aggregators can consolidate consumers’ financial information retained at different financial institutions, with the consumer’s consent. Similarly, there is no specific regulation that explicitly permits payment initiation; however, UPI provides scheme-level rules for the role of third-party app provider (TPAP) and technical infrastructure for the use of third-parties for payment initiation. This has been wildly successful in India, and monumentally transformational to the India payments market.
  • Singapore: The Monetary Authority of Singapore (MAS) developed API Exchange (now APIX), which is a cross-border, open-architecture API marketplace and sandbox intended to streamline collaboration between financial institutions and fintechs.
  • UK: Building on PSD2, the UK’s regulatory body, the Competition and Markets Authority (CMA) created a private entity, Open Banking Implementation Entity (OBIE), to design the architecture for Open Banking (e.g., APIs, data structures and security protocols), which aimed to simplify integration for third-parties by providing standardized APIs for a variety of functions, including payment initiation.

Recent Payment Views

Payments Post #17: Cutting Costs

Payments Post #17: Cutting Costs

In this Payments Post, we discuss the DOJ bringing a lawsuit against Visa that alleges the company operates an illegal monopoly in the debit card space. Does the argument have merit in our non-legal minds? And if so, what could the DOJ’s move mean for an evolving payments landscape?

read more
Payments Post #17: Cutting Costs

Payments Post #16: The Apple Drops

It’s time for another edition of Payments Post and (surprise!) we’re thinking about the Visa Flexible Credential again. Now that Apple has plans to open up the NFC chip and Secure Element to third party developers, we’re scratching our heads. Who benefits from this newfound NFC access? What opportunities can fintechs unlock? How will conventional financial institutions react? And to tie it all back, does the VFC still matter?

read more
Payments Post #17: Cutting Costs

Payments Post #15: BNPL Battles

In this month’s Payments Post, we revisit the prime use case for Visa Flexible Credential (VFC): BNPL. How are buy now pay later providers positioning themselves in the current environment, how are consumers using their tools, and how are regulators and issuers responding?

read more

Glenbrook Payments Boot CampTM workshop

Register for the next Glenbrook Payments Boot Camp®

An intensive and comprehensive overview of the payments industry.

Train your Team

Customized, private Payments Boot CampsTM workshops tailored to meet your team’s unique needs.

OnDemand Modules

Recorded, one-hour videos covering a broad array of payments concepts.

GlenbrookTM Company Press

Comprehensive books that detail the systems and innovations shaping the payments industry.

Launch, improve & grow your payments business