There is a growing sense of urgency in Australia of the need to embrace open data sharing or be forced to work within an imposed regime. But what lessons can be learnt from trailblazing regions such as the UK and South Africa? Poli Konstantinidis explains.
The Australian financial sector’s progress towards a new legislative framework in support of Open Data Sharing is seeing growing traction in response to the Productivity Commission’s Report on Data Availability and Usage, released in May.
The report recommends the introduction of a ‘Comprehensive Right’ for consumers to access their ‘consumer data’ or direct that it be provided to third parties.
The Comprehensive Right could be utilised by bank customers to require their bank to send transaction and other account data to another bank or other competitor such as a fintech provider, who could use it to identify and price alternative financial products and services.
These recommendations accord with the government’s support of giving banking customers power over their own data and a wider push to offer standardised practices on financial data aggregation.
These movements in our own market recognise a sense of urgency in Australia to embrace the global phenomenon already deployed in regions such as the UK and South Africa to varying degrees of success – with the former being slow to realise its potential, and forced to work within an imposed regime.
Open banking has been gaining significant momentum across the globe, especially in the European Union where it is driven by changing regulatory mandates that aim to standardise, integrate and improve financial efficiency with the aim of making the banking sector more customer focused.
The change in legislation poses challenges, not the least of which is the need for participants, financial institutions and customers to establish trustworthy connections with data sources and in particular, a secure means of data transfer.
Legal issues
UK banks are facing this marginalisation, legislated to provide data to every ‘accredited’ organisation, from large competitors to the small fintechs. In response to the enormous scale required with this roll out, several legal issues have surfaced around data breach responsibility.
At the same time as support for sustainable, standardised APIs is seen in their increasing implementation across the UK to reach their own mid-2018 deadline, confidence is high that innovation in data delivery will meet the accompanying challenges.
South Africa’s financial services industry faced similar forces but responded with a different approach. After a new set of affordability validation regulations came into effect under South Africa’s National Credit Act, regulators recognised the need for a standardised platform to enable secure data sharing – significantly reducing credit application fraud, enabling a single authentication process and significantly reducing labour costs.
There are valuable lessons for Australia’s credit industry from the countries which have embarked on the open data journey before us.
South Africa is one of the world leaders in facilitating greater financial transparency and innovation through open data, creating new forms of distribution channels and servicing capabilities by taking advantage of standardised APIs Borrowers are increasingly taking control of their data and simultaneously empowering banks and financial institutions to use data efficiently using agreed industry standards around the data itself and the controls and processes that protect it.
Open banking initiatives in South Africa are setting out to open doors to new forms of distribution and servicing, providing access to third-party application marketplaces, whilst at the same time complying with emerging regulatory norms through the standardisation of APIs.
Each of the approaches taken in South Africa and the UK highlight the benefits of having a secure framework in place before regulations are imposed, allowing for a more seamless transition that can reduce workload and enhance customer experience through transparency.
Security, governance, authentication
Country-wide solutions underpinned by security, governance and authentication controls must be implemented for this open access regime to reach its full potential.
Legislation changes based on parliamentary and the Productivity Commission recommendations are currently under consideration. Key considerations include the scope of banking data sets to be shared, technical and customer consent mechanisms, and security and privacy requirements.
It’s clear that productivity and innovation will be key outcomes of open data for the financial services industry. Most importantly, however, it will be customers who will be empowered. They will be able to use access to and transfer of their own data to seek out banking products better suited to their needs and better priced, allowing them to achieve their financial goals.
For all participants in the industry in Australian and internationally nevertheless, banks, fintechs and the customer, data security remains the issue of paramount importance. In light of international contexts, the onus is on Australian financial institutions in developing a path for the implementation of Open Banking to put this at the top of the list of best practices before a mandate is imposed.
Last April, Experian surveyed 1,000 Australian banking customers to identify their pain points. Not unsurprisingly, they reported paperwork and lengthy application processes as a major pain point for Australians applying for a new credit card, loan or mortgage (41 per cent).
Even more importantly though their biggest pain point were security concerns as banking customers, with almost half (43 per cent) stating they were worried about emailing personal information to banks due to the risk of interception or hacking.
Open data solutions that can reduce friction and improve customer experience in the application phase while also offering secure channels of communication that instil confidence in customer will be key in Australia’s new open data environment.
The new framework is expected to address customer experience and security considerations, by providing the means for credit providers to more thoroughly assess a consumer’s financial position from a holistic perspective. The implications of this are far reaching, providing opportunities for lower cost of credit and greater financial inclusion.
Thoughtful custodians of data
Beyond the responsible lending requirements outlined by ASIC and the Federal Courts, the incoming changes are giving credit participants the opportunity to deliver a responsible disclosure regime, which encompasses being a thoughtful custodian of data and adding value to the customers’ transactional experience by lowering stress and increasing confidence that their best interests are at the heart of the engagement.
It’s important to consider that while open data sharing is often construed as open access to new market entrants, the reality is far more nuanced. What we can expect from these new industry standard practices is a mandated framework that ensures customer transaction history sharing involves data encryption and defined conditions by which data can be used and shared.
South African banks’ leadership in security measures provides a useful model that can be leveraged here. The South African banks adopted a philosophy of working ahead of the legislated changes by building a common API called Secure-X which became the standard across the country. It has been seen as an industry benchmark for sharing consumer data – from statements to utility bills – in over 40 South African financial institutions.
With the consumers’ consent, institutions can access statements almost instantaneously, speeding up application processes beyond what was previously thought possible. In addition, real-time SMS notifications are delivered to clients when statement data is shared, which creates a newfound trust in the data’s security and creates an opportunity for consumers to identify and control the flow of data.
Application fraud associated with the manipulation of bank statements has been virtually eliminated with banks on a roadmap towards a digital future, whereby data is known and trusted and participants understand and adhere to set rules on how data can be shared and processed.
We are living in exciting times. Banks, those responsible for protecting consumer’s transaction data, are set to become net data disclosers to a plethora of new data-consumers in a new open data sharing ecosystem. Ultimately, all parties benefit when information can be shared securely and with the right consents to enable a better customer experience and to facilitate operational and regulatory obligations.
This has been recognised by the Australian Productivity Commission and is part of the rising global trend towards transparency, automation and an enhanced digital experience. Australian financial institutions are at a pivotal point in developing their strategic path, not just to cope with these changes, but to thrive in a new and developing data ecosystem.