24 July 2016
Find out more

UK sets out open banking API framework

09 February 2016  |  31411 views  |  14 London - Big Ben

The UK government has thrown its weight behind a report calling for the creation of an open banking standard that makes it easy to share and use financial data, arguing that the move would improve choice for customers, promote competition and stimulate innovation.

Having promised to work with banks and fintech firms on a detailed framework for an open API standard, in November the government set up the Open Banking Working Group (OBWG), giving it a remit to explore how data could be used to help people to transact, save, borrow, lend and invest their money.

Reporting back, the OBWG says that bank data, including information about products and services, should be made available as open data so that services such as comparison tools, can be built allowing customers to get more out of their financial relationships.

In addition, an open API should be created to enable services to be built using bank and customer data. This includes open data about products and services but also shared data about bank transactions that individuals or businesses can choose to share themselves through secure and controlled means.

By making it easier to compare products and services, the working group says the move will help people tailor a suit to their individual needs and make significant savings. Just switching overdraft facilities could save people an average of £140 a year, according to CMA research.

OBWG co-chair and Barclays executive Matt Hammerstein, says: "Banking as a service has long sat at the heart of our economy. In our digitally enabled world, the need to seamlessly and efficiently connect different economic agents who are buying and selling goods and services, is critical. The Open Banking Standard is a framework for making banking data work better: for customers; for businesses and; for the economy as a whole."

Responsibility for the project now rests with the Open Banking Implementation Entity. The report calls for a "minimum viable product" for an open banking API to be launched towards the end of the year, with personal customer transaction data included on a read-only basis at the beginning of 2018, and the full scope, including business, customer and transactional data, reached by 2019.

Commenting on the report for the government, Economic Secretary Harriett Baldwin welcomed the framework, praising not only its ability to benefit customers and businesses but also its potential to "provide fintechs with a globally unrivalled opportunity for innovation in the UK".

Speaking for the industry, BBA chief executive Anthony Browne also backed the plan, saying: "The UK has the potential to be a world leader in the way we use data to help drive competition and innovation in the banking sector, which will give customers more choice and help them save money."

Comments: (14)

Henry Chadwick
Henry Chadwick - Meniga - London | 09 February, 2016, 09:50

Makes sense, but isn't this just part of what the government should be doing as minimumto help UK FIs define a standard for PSD2 compliance?   

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Nick Ogden
Nick Ogden - C B Infrastructure Limited - London | 09 February, 2016, 10:53

Whilst all initiatives like this are a step forward, the unhealthy market control of the 4 dominant retail banks, who will always strive to continue to retain 92% of the market, will hamper (or obstruct?) the real structural changes that are required. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Brendan Jones
Brendan Jones - Consultant - Ascot | 09 February, 2016, 12:02

A big step forward in the banking and payments industry which extends the scope way past PSD2 and will no doubt drive siginifcant innovation. I'm sure there will be many FinTech's out there looking to become regulated entities (e.g. PISPs and/or AISPs) to take advantage of the opportunity presented by the open banking API framework. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Clive Munn
Clive Munn - MFTSE Affairs S.A. - Luxembourg | 09 February, 2016, 20:43

We think that this could only work if the client were in control of what data can be disributed which is far from the situation at present. To be followed with caution as far as we are concerned! MFTSE Affairs S.A.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Dharmesh Mistry
Dharmesh Mistry - Temenos - Reading | 10 February, 2016, 09:12

Wonder how many legacy systems will handle the additional load? Some can't even handle the increase from mobile and contactless today...

2 thumb ups! 2 thumb ups! (Log in to thumb up)
Markus Lampinen
Markus Lampinen - Crowd Valley Inc - San Francisco | 10 February, 2016, 14:15

We think this adds good support to the industry and we fully support creating standards in our work with technical back offices for digital finance applications. The fact is that the new online finance applications needs new models that are up to date and cant rely on outdated legacy infastructure already in place which was never intended outside publicly traded transactions. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Nick Ogden
Nick Ogden - C B Infrastructure Limited - London | 10 February, 2016, 14:51

Markus, ISO 200022 is the new standard :-) 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 10 February, 2016, 19:05

@CliveMunn + 1. I for one wouldn't want my bank to throw up its hands and blame the regulator in the event that I have to complain to it about shady transactions happening on my bank account.

On another note, this has nothing to do with legacy landscape. If mainframes are good for one thing, it is to handle extremely high volume online transaction processing. Same doubts were expressed about legacy when Internet Banking, Faster Payments, Mobile Banking etc. came into the picture. They survived the increased workload from all of them; they will survive the increased workload arising from third party API calls as a result of this regulation. A fairly common root cause for many banking system failures has been goof ups during updates, not lack of horsepower. As counterproof, there's virtually no legacy in Indian banking landscape, still the success rate of online payments is absymally poor, thanks in part to the increased workload posed by 2FA mandate.

2 thumb ups! 2 thumb ups! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF and Real Time Economy Program - Helsinki region | 16 February, 2016, 17:49

This should address the full picture - how ISO20022 account statements, PSD2 payments, e-invoicing and POS-payments create the same structured data and take them - line by line - into SME- and private customer automated accounting and cash flow estimates. The fast way being a swarm of apps with single sign-on from e-banking.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Roger Storm
Roger Storm - Storm Impact Co. - Frankfurt am Main | 17 February, 2016, 13:28

This must be the way to go, now that PSD2 is here. Have a bank common standard (e g ISO 20022 based) interface, and central testing framework for TPPs and PSPs, to minimise work for all. There needs to be a clear framework as well for what consent the data owner (account holder) must give, and how that is handled, in addition to a clear delineation of the steps by which increasing amounts of data is shared, i.e. only balance on account, reserving amounts in case of delayed booking, selected transaction history, CT initiation for predefined amount to select beneficiaries, approval of beneficiaries, etc.. A similar continental European initiative ought to be launched.

1 thumb up! 1 thumb up! (Log in to thumb up)
Clive Munn
Clive Munn - MFTSE Affairs S.A. - Luxembourg | 17 February, 2016, 13:43

As I said before here in Luxembourg, I think it would be true to say that we are more concerned about the security of our identity and privacy accross the internet and that this situation must be resolved first. This we are working on and I believe it is very important for Europe (the UK included)!!

 

1 thumb up! 1 thumb up! (Log in to thumb up)
Bo Harald
Bo Harald - ZEF and Real Time Economy Program - Helsinki region | 17 February, 2016, 13:45

Agree with Roger. In our cutting-admin-burden-in-half and get-all-financials-to-realtime work - linking the e-invoice data to the respective debit or credit automates accounting for the SMEs right away. So this should be included.

1 thumb up! 1 thumb up! (Log in to thumb up)
Denis Wicking
Denis Wicking - F C Consultants - Stowmarket | 07 March, 2016, 09:44 Some of the comments confuse legacy or heritage core banking systems, (which sit in the middle and do the daily grind of interest and charges)and the wide range of systems that sit around them to process our web interaction, provide the security layers, interface to payment systems etc. Strangely it is these newer systems that are the constraints to change. Security is going to be the key challenge for many of the proposals. I authenticate myself to my bank to transact on line; as soon as I allow another party to access my account, the bank must prove that I have allowed that third party access on my behalf - it is a bit like handing a bunch of signed blank checks over and saying "only use one when I tell you". All this at a time when sophisticated criminals are exploiting web interface loopholes.
1 thumb up! 1 thumb up! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 07 March, 2016, 15:58

@DenisWicking + 1.

Especially the part about the challenge in controlling access to only when the user wants it. Added to that is the challenge in controlling access to for what the user wants it. From my experience with many web / mobile services / apps that seek access to one another or social network credentials, this can turn into a major nuisance very soon.

  1. I want to give access for one purpose for one time but, because of the obfuscatory language on the ensuing permissions screen, I inadvertently end up giving access to more purposes and forever.
  2. Over time, it's impossible to keep a track of whom I've given what access to.
  3. Assuming I figure out a way of doing that, it's not easy to locate the feature for disabling access.

This is not a big deal when all these services are doing is relatively harmless stuff like detecting a new post on my blog and posting a link to it on my Twitter account. But, when it comes to banking info, the consequences of such behavior by these services / apps can be dire.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Payments UK launches Sepa directory and open API

Payments UK launches Sepa directory and open API

01 February 2016  |  6591 views  |  0 comments | 19 tweets | 16 linkedin
Fintech players team on API ecosystem

Fintech players team on API ecosystem

16 September 2015  |  9497 views  |  2 comments | 29 tweets | 19 linkedin
UK govt pushes ahead with plan for open banking API standard

UK govt pushes ahead with plan for open banking API standard

18 March 2015  |  23022 views  |  5 comments | 52 tweets | 46 linkedin
UK Government launches call for evidence on banking APIs

UK Government launches call for evidence on banking APIs

02 February 2015  |  13222 views  |  8 comments | 28 tweets | 21 linkedin
UK Government issues call to action on bank APIs

UK Government issues call to action on bank APIs

03 December 2014  |  12865 views  |  8 comments | 21 tweets | 14 linkedin

Related blogs

Create a blog about this story (membership required)
Find out moreVisit capgemini.comVisit VocaLink.com

Top topics

Most viewed Most shared
MasterCard agrees £700m VocaLink acquisitionMasterCard agrees £700m VocaLink acqu...
8022 views 14 comments | 32 tweets | 36 linkedin
hands typing furiouslyWhat Every FinTech CEO Should Know About R...
7823 views 0 | 14 tweets | 8 linkedin
hands typing furiouslyBanking on IoT: Security in the Internet o...
7680 views 3 | 19 tweets | 7 linkedin
Santander doubles down on fintech fundSantander doubles down on fintech fund
7573 views comments | 22 tweets | 28 linkedin
Brexit-scarred London fintech startups enquire about moving to BerlinBrexit-scarred London fintech startups enq...
7472 views comments | 16 tweets | 16 linkedin

Featured job


Brussels (Belgium) or Paris (France)

Find your next job