Blog article
See all stories »

The Asia-Pacific way of Open Banking regulation

With the introduction of the European Union’s PSD2 and Open Banking in the UK, the concept of Open Banking has arrived in Europe and is clearly here to stay. But what is happening in other parts of the world? What can we in Europe learn from these developments? And which initiatives will prevail—whether driven by the regulator or the industry?

Asia is widely considered to be the world's most innovative region in terms of payments technology, with the Chinese market at the forefront. Platforms and Open API business models are already standard there, with the leading providers in the Chinese market being Ant Financial with Alipay and Tencent with WeChat. In addition to payments services, Alipay and WeChat also are offering more and more regular banking products. Given these developments, the Chinese government in not focusing on Open Banking or related regulations. But what about the other fast-growing nations in the Asian region?

I wanted to find out the answer to this question at first hand. So, in my role as Global Open Banking Expert Lead at Accenture, I teamed up with our other experts in the spring of 2019 to host an Open Banking Roadshow, which included workshops and panel discussions with major banks, regulators and banking associations in the APAC region. My journey started in Tokyo, followed by Bangkok, Singapore, Hong Kong, Melbourne and Sydney. Here’s a summary of what I discovered at each stop on my tour of Asia.


Open Banking in Japan is focused on efficiency, not competition

Tokyo: The Japanese regulator has implemented a kind of “soft” Open Banking regulation this year. By 2020, this should persuade the big Japanese banks to release APIs that provide access to payment accounts and enable the delivery of payment instructions by third parties. However, these core use cases are just the beginning, and during the following year more use cases are scheduled to be implemented, such as know-your-customer (KYC). The regulator plays a moderating role, and is willing to grant banks a flexible timeframe for implementation. Importantly, the regulation does not include explicit API standards or infrastructure and processes for licensing and TPP onboarding. Banks continue to be the gatekeepers of the data and – in contrast to PSD2 and UK Open Banking, where these services must be provided free of charge – can set their own prices. In Japan, the focus is not on promoting competition, but on increasing efficiency and automation. However, many banks in Japan are seeking to introduce new use cases and digital ecosystems beyond regulation to enable them to further monetize their API-based services.


Data protection regulation is coming first to Thailand
 

Bangkok: In Thailand, Open Banking is not yet widespread and no corresponding regulation has been introduced so far. So while I was in Bangkok, I took the opportunity to engage with the large state and private banks, and discuss the opportunities that Open Banking presents as a new business model. Currently, Thai banks are pushing to transform their legacy systems into an API architecture. I talked with the Thai Central Bank about the global trend of various Open Banking regulations and the potential advantages and disadvantages in the local context. In my recent article on Finextra I have already reported extensively on my findings regarding Open Banking regulation across the world. A distinguishing factor in Thailand is the important role played by digitization of SMEs. Many micro-entrepreneurs do not have access to bank accounts and services, and Open Banking could become an innovation driver for the development of new financial services for this customer segment. In light of such opportunities, representatives of Thai state and private banks are eager to learn from best practices in Open Banking from other parts of the world. Thailand is expected to pass a GDPR-like regulation later this year – the Thai Personal Data Protection Act (PDPA), which is a streamlined version of the European GDPR. Of great relevance here is that the creation of Open Banking and API standards go hand-in-hand with the data protection legislation.


Singapore uses APIs to lure fintechs to innovate

Singapore: Singapore is by far the most advanced country in Asia in terms of Open Banking and APIs. Singaporean banks are regarded as role models in terms of applying use cases and providing an intuitive and developer-friendly developer portal. A few years ago, the Monetary Authority of Singapore (MAS) published an "API Playbook" to encourage banks to open up their systems and services in an innovative way. Of course, there is no regulation in place in bank-friendly Singapore. However, despite the numerous APIs exposed by banks, their actual utilization remains comparatively low. According to my discussions with market, the reasons are the lack of standardization of the APIs, the use cases introduced so far, and the lack of common infrastructure and processes. A FinTech will be reluctant to invest time and money in developing apps that will only work with a certain bank in a relatively small market like Singapore. The regulator is therefore exploring new ways in which this problem can be solved.


Open data for Australian banks and other industries

Melbourne and Sydney: The next stop on my roadshow was Australia, where the major banks are headquartered in either Melbourne or Sydney. With the large Australian banks, I did not talk just about Open Banking, but more about Open Data – because the Australian regulator has put the consumer at the center of the Consumer Data Rights Act (CDR): the data that is collected about the consumer belongs to the consumer. In line with this core principle, financial institutions must release APIs to enable third parties to retrieve the data on the consumer’s behalf. While the first phase of the regulation is targeted at banks, subsequent phases should see it applied to companies from other sectors, such as energy and telecommunications. And throughout, the focus is on information about products, customers and transactions. So, what does this highly evolved Open Data approach mean for banks, and what roles can they play in an Open Data economy? I discussed these questions in panels with the Australian Banking Association (ABA) and member banks. A key finding that emerged was that banks are very willing to actively position themselves as third-party providers and to go to market early on with their own offerings. The banks do not want to lose valuable time by repeating the initial hesitation shown by European banks with PSD2.


More to come on Open Banking in Hong Kong

My last stop was Hong Kong, Asia’s most important financial center next to Singapore. The Hong Kong Monetary Authority (HKMA) started its journey to Open Banking in 2018 by launching its four-phase Open Banking regulation, "Open API". While the first two phases involve setting clear deadlines for tier 1 banks to process queries for product data and product opening requests through APIs, phase three addresses the provision of account information and the enablement of transaction initiation. However, the deadlines for phases three and four have not yet been defined – and the regulator is currently investigating how to nudge the banks to open up account data and enable the initiation of transactions by third parties as well. Banks are well aware that opening up to third parties in such a way could cannibalize their existing business models. Nonetheless, Hong Kong is eager to become an innovation hub for FinTechs worldwide, and there is great interest in creating a functioning Open Banking ecosystem with standardization and infrastructure in Hong Kong.

What’s more, the competition never sleeps – and Singapore will also move towards more standardization.


The post PSD2 era

Overall, during my roadshow tour of Asia I've talked to over 30 banks, regulators and bankers’ associations. My key observation from these discussions is that Open Banking has arrived in Asia – and is already being replaced by Open Data and Open Services as the next phases of development. The big technology companies are specialists in the exploitation of data. In this respect, Open Data benefits them. In the future, the ability to understand and interpret data will become ever more important – and artificial intelligence also plays a key role in Open Data.


What Europe can learn

In the coming years, the development of Open Banking in Asia and Latin America will set new standards worldwide, and influence the European markets at both an industry and regulatory level. The post-PSD2 period is also pre-PSD3: a newly formed Euro Retail Payments Board (ERPB) working group called "SEPA Access API" is aiming to develop a pan-European scheme for data and services with the focus on payments. The goal here is to develop standardized payment processes using PSD2 and Instant Payments, as well as to provide access to further asset classes and non-bank data. So we can see a further evolution of the PSD2 taking place, into which global trends are already incorporated.

My own home base – Switzerland – is largely excluded from these developments: no PSD2, no Swiss Open Banking regulation. Instead, there are numerous individual initiatives for API standardization. The world's most relevant competitors to the Swiss financial center, Singapore and Hong Kong, have either softly regulated or encouraged the market to go in new, innovative ways. Given these developments, Switzerland must act now and create an Open Banking standard to prevent FinTechs from moving to the EU. If the industry does not take the initiative soon and act on its own, the regulator is likely to step in.

7590

Comments: (0)

Blog group founder

Retired Member

Member since

19 Mar 2009

Location

Blog posts

5,550

Comments

5,832

More from Retired

This post is from a series of posts in the group:

Open Banking

Open Banking regulation, innovation and technology and it's potential to revolutionise the Financial Services Industry.


See all