Open-banking: new recommendations published by the Joint Regulatory Oversight Committee
Open banking is a secure way for retail consumers and businesses to give regulated third-party providers (“TPPs”) access to their bank account information and transaction data, and initiate payments. Open banking has emerged as a significant development in the financial services industry with the potential to transform the way people and businesses manage their money, make payments and access financial products and services. In the UK, the next phase of open banking is expected to bring significant changes to the financial sector.
Open banking has made a significant progress since its launch in 2018. On 17 April 2023, Joint Regulatory Oversight Committee (“JROC”) co-chaired by the Financial Conduct Authority (“FCA”) and the Payment Systems Regulator published a report that sets out recommendations for the next phase of open banking in the UK, outlining ways to improve the operational resilience, sustainable and efficient of the UK financial sector, including open banking.
Over seven million consumers and businesses (of which 750,000 are small to medium-sized enterprises) are using innovative open banking enabled products and services to manage their money and to make payments. Open banking payments have more than doubled, with over 68 million open banking payments in 2022 (up from 25 million in 2021).
Three Visions
The JROC identified three priorities to deliver their visions:
- to establish a sustainable and competitive footing for the ongoing development of the open banking ecosystem: the purpose of this priority is to grow open banking beyond the current functionalities and bring further benefits to end users. The ecosystem should encourage and facilitate new commercial agreements to be emerged between participants while ensure that appropriate protections are in place;
- to unlock the potential for open banking payments: open banking provides an additional payment method as an alternative to card payments. This provides consumers and business with greater choice and better services when making payments; and
- to adopt a model that is scalable for future data sharing propositions: the JROC recommends that data privacy and security are maintained. This will ensure the customers’ data is protected and encourage the sharing of data between different providers.
Five Themes
The JROC’s also identified five themes that will be progressed in the next two years:
- levelling up availability and performance – such as data collection for Application Programming Interfaces’ (“API”) availability and performance;
- mitigating the risks of financial crime – such as data collection on fraud, money laundering and border financial crime;
- ensuring effective consumer protection if something goeswrong – such as establishing appropriate dispute resolution processes;
- improving information flows to TPPs and endusers – such as the certainty of fate regarding payment status; and
- promoting additional services, using non-sweeping variable recurring payments (VRP) as a pilot – such as introducing premium APIs economic model principles.
Three-Phased Delivery
The JROC sets out a three-phased delivery approach through which open banking can continue to evolve and grow in a sustainable way within the next two years:
- 2023: the JROC will collectively improve visibility and understanding around the level of financial crime across the open banking ecosystem and the availability and performance of APIs across different account servicing payment service providers;
- 2024: the JROC will aim to lay the groundwork for the end state by improving data sharing to prevent fraud and financial crime, supporting the development of commercial and liability frameworks and improvements in information flows to TPPs on API calls and payment messages; and
- 2025: the JROC anticipates a sustainable commercial model will have been developed and piloted and innovative business models will have been tested.
Regulatory Framework
While open banking continues to promote greater competition and innovation for the benefit of consumers, businesses and the wider economy, there is a need of clarity on the regulatory oversight over the open banking ecosystem and its participants.
The report outlines the principles that will underpin a long-term regulatory framework, which the Government is intending to legislate for. The current model, in which Open Banking Implementation Entity is overseen by the Competition and Markets Authority (“CMA”) for obligations under the CMA Order. It was suggested that FCA should regulate firms in relation to the provision of open banking services.
Moreover, the government intends to create a smart data scheme. The Data Protection and Digital Identity (“DPDI”) Bill was introduced on 3 March 2023 and currently is progressing through the Parliament. Under the DPDI Bill, the secretaries of state and the Treasury will be able to pass secondary legislations to establish and mandate participation in smart data schemes.
Conclusion
The report highlights the progress which has been made in open banking sector since 2018. It also identifies areas for improvement and makes several recommendations to expand open banking beyond financial services sector, increase customer awareness, improve data quality and standardisation, foster innovation and encourage international cooperation. By implementing these recommendations, open banking can provide more benefits to customers, promote innovation and competition and enhance the UK’s position as a leader in the financial sector.
We provide legal advice on arrange of issues related to open banking, including compliance with regulations, contractual arrangements with TTPs, data protection and intellectual property. We also provide regular updates about the latest developments in open banking.
For further information on this topic please contact Jeremy Ladyman and Melody Li