The rise of open banking could be a major boon for consumers, but it also poses major challenges in area such as regulatory oversight, cybersecurity and changing business models, according to a report from the Basel Committee on Banking Supervision.
Traditional banking is evolving into open banking, as customer data is increasingly shared with thirds parties, says the report, but how the evolution is progressing varies widely between markets.
In some jurisdictions, screen scraping and reverse engineering are still prevalent, posing banks the challenge of balancing security against ease of access.
Elsewhere tokenised access through APIs offers banks greater control over the data shared and more secure access. APIs also give third parties and consumers better efficiency, privacy and data protections, says the report.
However, APIs require time and money to build and maintain, while a lack of commonly accepted standards is also a problem in some places.
Whether data is shared via screen scraping or APIs, there is still a "bigger surface area" for cyberattacks, says the report. And, as more data is shared and with more parties, the possibility of a breach increases.
Meanwhile, as more third parties access data, more regulators become involved, making it vital that they coordinate and remove any inconsistencies to their approaches. In addition, open banking makes it more complicated to assign liability in the event of financial loss or the erroneous sharing of sensitive data.
The UK has established itself as an early leader in the open banking era. In a speech this week, Sheldon Mills, director of competition at the Financial Conduct Authority, set out the regulator's vision for building on open banking to create a new model of open finance.