It’s been three years since PSD2 extended the scope of Open Banking to third-party solution providers in Europe. With the global Open Banking market opportunity touted at $43.15 billion by 2026, expectations were high. Fintech companies of all kinds – payment service providers, remittance companies and challenger banks – lined up to connect. But it’s only in the past year that the reliability and range of APIs connecting accounts have begun to live up to that promise.
For consumers, the benefits are wide-ranging. Open Banking gives them greater control over their finances and a streamlined user experience. They can access all their accounts and integrate non-banking financial services in one place, for example.
Open Banking has proven its worth for businesses too, offering lower operational costs, efficiency savings, and powerful insights into customer behaviour that can underpin new products and services. These benefits have taken on even greater significance since the onset of the global pandemic. Digital payments became a must and an accurate view of consumers’ financial position is invaluable in retaining business.
The speed at which these API-driven services can be up and running and the ease with which a company can integrate them into a secure, customer-friendly solution creates tangible benefits for all. So why has it not gone further?
Many banks have been understandably reticent to release their monopoly on customer data, viewing Open Banking as a threat. With banks viewing the building and maintaining of APIs as a compliance exercise, the quality and reliability of the technology have inevitably suffered. Add to this the fact that PSD2 did not set out any specific technical standards for APIs (only in the UK is there any official quality control via the Open Banking Standard) it is not surprising that standards vary between providers and countries.
There are sure signs that adoption is gathering momentum as more banks recognise the possibilities offered by Open Banking. From growing start-ups like Swedish fintech challenger Brite to Open Banking platforms like Token (€12.8m funding to expand in the EU), which supports standardised APIs across all banks. Also, Truelayer, which boasts most of Europe’s major banks as customers and UK-based Volt which raised €19.7M in June. Meanwhile, some big names are bringing functionality in-house, like for example, Visa acquiring Tink for €1.8bn.
While Europe might reasonably claim to be the pioneer of Open Banking, around 58 countries all over the world are now working on Open Banking frameworks. Outside the EU, Hong Kong and Australia are among the key markets taking a regulatory-driven approach. But regulators are beginning to make more noise even in those jurisdictions that have previously been market-led. President Joe Biden’s executive order earlier this month is expected to provide a much-needed boost to Open Banking in the US, for example. While a new Interstate Treaty comes into effect in Germany this month that sets out required security and technical standards for online gaming companies. Gambling operators that fail to demonstrate a robust age verification solution risk having their licences revoked.
There is a fine balance between the customer-centric approach of PSD2 and the ability to adhere to strict data protection and anti-fraud and AML regulations. With many firms struggling to comply with the extended deadline for PSD2’s Strong Customer Authentication requirements, these pressures are ushering in a new era in which innovation and compliance must be intrinsically linked.
Pressure is also mounting from consumers. While Open Banking as a concept may not have been high on the average customer’s radar, the technology is behind many of the most innovative retail and banking solutions launched in the last year. As customers grow to expect these services, it will be financial institutions that get the blame if they underdeliver - those that fail to make their data available in a standardised format are likely to lose their competitive edge.
As Open Banking moves increasingly under the spotlight for both market participants and regulators, there is a great opportunity for companies that can deliver innovative data-centric services while also protecting against financial crime and safeguarding customer data. Having a flexible AML and transaction monitoring partner that understands the complexity of needs in this area could be the key to unlocking its full potential.
At Sentinels, we are ready to support both financial institutions and Open Banking businesses with intelligent and secure AML and transaction monitoring platform. Curious to learn more? Go to https://www.sentinels.ai/
Sentinels (‘us’, ‘we’, ‘ our’’) is dedicated to protect the confidentiality and privacy of your personal data and information entrusted to us. This Privacy Statement provides an overview of our standard data processing activities and sets forth your rights in relation to the processing of your personal data.
Slimmer AI Sentinels B.V. a limited liability company incorporated under the laws of the Netherlands, Chamber of Commerce number 82155313, having its registered office at The Rock Atoomweg 6-B 9743 AK Groningen (‘Sentinels’).
We are responsible for processing your personal data in accordance with the European General Data Protection Regulation (‘Data Protection Regulation’).
We have appointed a Data Protection Officer (DPO) for you to contact if you have any questions or concerns about this Privacy Statement and/or your rights set forth in this statement. Please contact us at email@example.com.
This Privacy Statement provides information about collecting, storing and processing of your personal data that you disclose to us when you use our services.
The type of personal information we collect may depend on how you interact with us and our platform and which services you choose to use. Generally, we collect, store and use the following personal information: name, surname, job title, company, business type, and email address.
When you choose to use our services, you agree to provide us with most of the personal data when you:
We process your personal data in accordance with the provisions of Data Protection Regulation. We will only use and process your personal data we obtain in the context of commercial relationship. We intend to use and process your personal data under the following conditions:
In case we rely on consent as a legal basis for processing your personal data, please note that you have the right to withdraw your consent at any time by contacting at firstname.lastname@example.org. However, please consider that withdrawing the consent may affect the legal basis of processing of your data, hence we may not be able to provide certain products or services to you. If this is the case, you will be advised accordingly at the time you withdraw your consent.
We are committed to maintaining organizational and technical security measures to protect the personal data we hold about you. We have implemented a set of controls and relevant policies and procedures to prevent the personal data we hold about you from being accidentally or deliberately compromised.
Your personal data is stored in accordance with the provisions of the contractual agreements and/or applicable statutory obligations. We maintain adequate retention policies and procedures so that your personal data are deleted after a reasonable and prescribed time. The data will not be stored longer than is strictly necessary to achieve the purposes for which the data have been collected.
Data collected via the website will be retained until users unsubscribe (after which a new consent will be requested)
We do not transfer your personal data to third parties unless it is mandatory by law or court order, in order to protect the rights of the parties involved in the performance of the agreement or if you give your consent to do so.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. We use functional cookies that are essential for technical operations necessary for the users’ navigation on the platform. These cookies also support the website security and basic functionality.
You can set your browser in order not to accept cookies. However, in certain cases, some of our website features may not function as expected.
For more information regarding the cookies in use can be found in our Cookies Policy.
You have the right (under the certain circumstances and subject to the exceptions), pursuant to Data Protection Act to:
You can exercise any of the above-specified data protection rights, by contacting us at: email@example.com.
Should you have any questions or concerns about this privacy statement or you would like to exercise one of your data protection rights, please do not hesitate to contact us at: firstname.lastname@example.org.
However, if you feel we haven't addressed your concern in a satisfactory manner, you have the right to contact the Data Protection Authority.
Address: PO Box 93374, 2509 AJ DEN HAAG
Telephone: +31 70 888 85 00
Privacy Statement Version
This Privacy Statement was last modified on September 1, 2021.
We reserve the right to update or change our Privacy Statement at any time and you should check this Privacy Statement periodically. Your continued use of the service after we post any modifications to this Statement will constitute your acknowledgement of the modifications and your consent to abide and be bound by the modified Privacy Statement.
If we make any material changes to this Privacy Statement, we will notify you either through the email address you have provided us or by placing a notice on our website.