PSD1 and PSD2 in the EU
When open banking is discussed, PSD2 is often mentioned. But most people are not aware of PSD1. Payments Services Directive or PSD1 was devised by the European Commission at the end of 2007 and aimed to grow competition and increase participation in the payments industry by banks and non-banks. It put an emphasis on consumer protection and the rights and obligations of payment providers and users.
In 2015, the European Parliament adopted a proposal by the European Commission to add new rules to protect online and mobile payments. This new proposal, PSD2, would go into effect in 2018. PSD2 opened banks up to third-party providers, which meant banks needed to provide an interface and usually did this by creating APIs, which would enable third-party providers to directly initiate payments or request account information. Additionally, PSD2 introduced Strong Customer Authentication(SCA), or new security requirements that involved the use of two authentication factors. PDS2 had a profound impact on open banking, as it made electronic payments more secure, it increased innovation, and welcomed a huge rise in API creation.
CMA Order or CMA9 in the UK
The CMA Order is another important step in the development of open banking. In 2016, the Competition and Markets Authority (CMA) published areport that focused on the UK’s retail banking market. This report found that the more well-known UK banks did not have to compete for business and that smaller or less-known banks found it difficult to grow and gain access to the market. To counter this, the CMA Order was enacted. This ruled that the nine largest UK banks had to allow authenticated startups direct access to their data. HSBC, Barclays, RBS, Santander, Bank of Ireland, Allied Irish Bank, Danske Bank, Lloyds, and Nationwide (also known as the CMA9) all had to comply when it was enforced in 2018.
The CMA Order required these nine banks to implement APIs in order to deliver this information. In fact, the CMA created theOpen Banking Implementation Entity (OBIE) in order to aid in API delivery and the creation of data structures and security architecture that would make it easier and safer for individuals and SMEs to share financial information held by their banks with third parties. Its funding was paid for by the CMA9.
The CMA Order worked alongside PSD2 and the two are structurally very similar. However, while PSD2 saw an increase in API creation, only the CMA OrderrequiredAPIs to be used. Additionally, PSD2 is universal in the EU, while the CMA Order only applies to the nine UK banks mentioned above.
Alipay in China
While major changes in online banking and payments were occurring in Europe, China also had a strong focus on innovation in these sectors. Alipay is a third-party mobile and online payment platform that was first launched in 2003 by a company called Taobao. According toThe Book on Open Banking, Alipay made a deal with major Chinese banks in 2010 that would allow users to use Alipay’s authentication software to access their bank account and transfer money to merchants that had been pre-authenticated. Basically, they implemented open banking on their own. This led to an uptick in payment apps and an increase in their popularity in China.
By 2012, Alipay had integrated into mortgages, utilities, public services, and more. Essentially, they filled a void by creating a secure environment where users could verify their identity and securely pay online. In fact, it’s estimated that Chinese banks lost as much as €20bn in deposits as a result of Alipay. Alipay was able to redefine the role of a payments app and rose above banks to cement its position as the top payment provider in China, redefining the financial landscape across the continent.
One of the main reasons that Alipay was able to be so successful is due to the general attitude of the Chinese population towards online banking. In fact, 78% of China’ssmartphone users have adopted mobile banking apps, which is by far the largest percentage in any country. Additionally, the attitude of the Chinese towards sharing data is much different than the attitude in western countries. Consumers view sharing transaction information with FinTechs as a positive experience and are more open to doing so.
While there had previously been few open banking guidelines in China,regulationwas introduced in 2018 by the Hong Kong Monetary Authority (HKMA) to help facilitate open banking. The regulation needed to strike the proper chord of encouraging firms to continue to innovate at the quick level that customers know and expect, while also creating the proper framework for a more sustainable, secure financial sector. The framework has four phases, with Phase 1 completed on schedule and entailed 20 participating retail banks making more than 500 open APIs available, offering access to their information to a wide range of banking products and services. Phase 2 began in October 2019 and involved those same 20 participating banks to begin processing applications for banking products and services. Phases 3 & 4 are considered more complex and there is not yet a timetable for their rollouts. However, it will be interesting to see how these new open banking guidelines affect the current financial climate.