Application Programming Interface (API) open banking is an important improvement to the financial market. Even though it is quite a technical term, everyone can understand its meaning. API is a software developed to interact with other softwares. It is like a representative of a product that takes data from one place and provides it to the other in a required way. For instance, API open banking gathers information from a bank (as requested by the end-user), processes it and transmits it to the third software which then displays this processed data to the end-user (consumer, business or a financial institution).
API open banking benefits
APIs are a part of open banking and the main benefit that they bring is the ability to use open banking as a method. The essential purpose of open banking is to aid with the increase of innovation within the financial market. So how can APIs increase the level of innovation? The API’s are used to access consumers’ financial data from a bank. They enable Third Party Providers (TPP’s) to gather the required information in a secure and efficient way by using consumer consent.
The TPP’s usually are Fintechs that can rely on stable infrastructure created by legacy banks via APIs though provide additional services that customers require, but banks are unable to offer. Therefore, TPP’s can provide great personalised customer service without the enormous investment in the infrastructure which they would need if API’s weren’t a thing.
It may sound like legacy banks are the ones losing in this situation, however, by opening their data and cooperating with TPP’s banks can broaden their offered products and advance services. This in turn also aids with cost-cutting and increases legacy banks revenue. The ecosystem in the financial field is changing, therefore, legacy banks must adapt in order to stay on top of the game and use the situation to their benefit.
API open banking application methods
There are plenty of API open banking application methods that warrant a diversity of products and services. However, they all can be grouped into three categories – digital identity, finance management and product matching. Digital identity systems and hubs create a connection between sellers and financial service providers by verifying user’s identities. They support Know Your Customer (KYC) and Customer Due Diligence (CDD) methods that legacy banks had completed to confirm the validity of consumer’s identities. Third-Party Service Providers (TPSPs) strive to separate KYC from the financial data in order to safeguard the ID data in another server.
Finance management includes Third Party Providers (TPPs) that supply bank account aggregation. Aggregation means that TPPs gather all the consumer’s financial data from various financial institutions and present it to the same dashboard or app.
Last but not least is product matching. Product matching means that there are plenty of options to choose a service provider. By implementing API open banking, TPPs can provide personalised services whether it would be related to borrowing, making transactions or just finding the best offer.
The security of open banking
APIs are a very secure and reliable way to access and share data. It doesn’t require a user to share their sensitive information like passwords to their financial accounts and any transfer or payment can only be made after obtaining consumer consent. Therefore, unlike when using screen scraping systems the user is in control of when, why and how the accessed information will be used. In the case where the screen scraping method is utilised, a consumer must provide their login details to the app or otherwise it won’t work.
Furthermore, it is not so easy to gain the access to the APIs as only authorised and licensed Third Party Providers (TPPs) can do it. API open banking is highly regulated, therefore, the possibility of fraud is minimised. TPPs should have authorisation from the Financial Conduct Authority (FCA) and be registered in the FCA directory. Also, a legitimate TPP would never ask a user for the password or other sensitive information to log in to their account. Instead, a TPP creates a redirect to the banking account, whether it’s personal or business and consumers have to perform logging in themselves.
API open banking and FCA
FCA is the regulatory body that creates standards and regulations concerning API open banking in the UK. It also provides required guidelines for regulatory implementation. Before a TPP obtains its authorisation to legally function it must undergo an FCA verification process. During this process, FCA checks if the methods, systems and security arrangements adhere to the implemented industry standards. After the TPP is authorised it has to undergo FCA’s auditing regularly to preserve the authorisation.
Failure to comply with the regulations or audits may lead to revoked license and damage to the business. Therefore, TPPs are considerate and approach compliance and data security very seriously to avoid any disturbances.