How Open Banking Works

Looking for a quick way to understand Open Banking? You’ve come to the right place.

Open Banking is the structured sharing of financial data between banks and third-party financial service providers via APIs. With consumer consent, the business's mutual customers can grant access to share data with a trusted provider of their choice. Think of Open Banking as a new paradigm that benefits individuals, financial institutions, and fintech companies.

In this guide, we not only define Open Banking, but also address its benefits, and list principles for you to follow along the way. We also show how MX can be a partner and guide as you integrate Open Banking where you work.

Just as digital literacy was a critical banking skill in the late 1990s and early 2000s, data literacy will be essential in the 2020s and beyond. To amplify your financial services career, we advise that you learn all you can about using data effectively. Knowing the essentials of Open Banking is a great place to start.

Open Banking represents a way to shift from simply selling to consumers to truly advocating for them. This partner-centered approach is vital at a time when consumers have more choices in financial services than ever before.

Open Banking as Data Sharing

If you’ve heard of Open Banking, you know it can mean different things to people. At MX, we define Open Banking as the structured and secure, consumer-permissioned sharing of data via open banking APIs between financial service providers. 

Open Banking is all about choice — consumers give consent to share their financial data with third parties of their choice. While Open Banking is typically centered on retail and investment banking, Open Finance is the next step, enabling access and sharing of consumer data to even more financial products and services. The data can come from transactions, investments, loans, consumer credit, pensions, and many other sources.

Traditionally, the majority of data sharing was done through screen scraping. This is a process whereby a person inputs their username and password so a third-party aggregator can “scrape” that information off a webpage for use elsewhere.

Screen scraping has been around for more than 20 years and is used by financial advisors, tax advisors, mortgage underwriters, payment servicers, personal finance apps, and point-of- sale services.

Although screen scraping serves a legitimate purpose, and millions of account connections rely on it, the process is limited by five key issues of concern: 

1. Lack of Comprehensive Oversight – Regulatory rules vary between countries, with widespread disagreements. For instance, a range of regulators in the United States have a say in how rules play out — from the Securities and Exchange Commission (SEC) to the Consumer Financial Protection Bureau (CFPB) — making comprehensive oversight difficult.
2. Unnecessary Risk – Data sharing carries risk, as evidenced by certain data breaches in tangential industries. Some companies don’t have enough safeguards in place to prevent fraud and data breaches.
3. Sharing Credentials – Whenever user names and passwords are shared, there’s always a chance of hacking and theft. With screen scraping, it can be very difficult to trace where credentials end up, potentially putting a consumer’s information in peril.
4. Lack of Traceability – It’s difficult to control whether the screen scraping intermediary can repeatedly access consumer data after logging in. This often happens if the intermediary is out to sell consumer data to other firms (a practice which can result in data breaches).
5. Impact on Technical Platforms – Without sufficient control over technical platform issues, it’s very difficult for financial institutions to safeguard their consumers’ data. For instance, there could be a huge technical burden for financial institutions to overcome when bots repeatedly ping their servers.

In contrast to screen scraping, the financial industry is now moving toward sharing data via APIs, which gives greater consistency and control to consumers.

This brings us to Open Banking.

What is Open Banking and Why is it Important?

Open Banking is the structured sharing of financial data via APIs between financial service providers, based on the needs of and consent by their mutual customers. With consent, consumers and business clients can grant access to a trusted third-party provider of their choice.

Think of Open Banking as a new paradigm that benefits individuals, financial institutions, and fintech companies.

Benefits for Individuals

Think of your own financial life. You likely have a couple of credit cards, a primary and secondary financial institution, insurance products, retirement accounts, and more. There’s a lot going on. To better manage these elements, Open Banking and Open Finance offer a single view across your accounts. They also allow you to make direct payments from these accounts.

Open Banking lets you choose services from a wider competitive set and access new retail banking products. With Open Finance, you can link bank accounts to loyalty programs, share data with accountants and advisors, and even speed up the loan process by automatically and safely transferring data into application forms.

Most importantly, Open Banking puts the power back in the hands of the consumer. 

Just as Amazon or LinkedIn can connect your account to multiple third-party businesses with your consent, that’s how Open Banking works with financial data.

Benefits for Financial Institutions and Fintech Companies

Open Banking brings enormous benefits for financial institutions and fintech companies. Many people believe that data sharing for Open Banking is mono-directional — that it merely consists of financial institutions “giving away” all their data. In reality, data sharing is bi-directional, meaning that financial institutions and fintech companies also receive data from the sources they connect to via API. This sets them up to use that data in innovative ways that best serve consumers.

For instance, Open Banking:

• Provides insights into held-away accounts
• Allows consumers more control over what information goes into the ecosystem
• Enables an omnichannel experience by making it easy to share data across silos
• Aggregates data to provide a holistic view of consumers’ financial lives
• Implements a more unified approach to digital identity management
• Reduces data resale and data exhaust issues

Taken together, these benefits pave the way for financial institutions and fintech companies to thrive in the future of banking.

The single biggest benefit of Open Banking for financial institutions and 
fintech companies is the added security in the form of tokens, consent and privacy, and transparency.

Tokens

Open Banking and Open Finance introduce a higher level of security because it replaces sharing credentials (including username and password) with anonymized, single-use digital tokens. This prevents the wrong entities from accessing personal user information during a transaction. 

Consent and Privacy

With Open Banking, all consumers must give consent and permissions before their data is shared. These permissions are set on a case-by-case basis by the consumer, empowering them to choose what they do and don’t want people to see.

For example, if you’re setting up a budgeting app, you can grant permission for a particular set of data that allows you to get to your goals, rather than share all of your data with the world.

At MX, we believe that there is room for increased disclosure around consent, and we also believe the industry could go a step further by disclosing intent as well. If someone has consented to having their data accessed for a new budgeting app, they should also know what the company intends to do with that data.

Transparency

Transparency is fundamental to Open Banking. If consumers don’t give permission for a particular company to access it, that company can’t access it — and certainly cannot sell it. In short, Open Banking is an open ecosystem. The consumer sees all the data that goes in and out.

Open Banking can also require third parties to register their use case for their fintech business, as happens in the UK. Each business must go through a governance process to get registered as an authorized third party. We don't have any such thing in North America right now, but it’s being worked on with industry groups such as the Financial Data Exchange.

Why Now? An Inflection Point in Banking

The digital revolution has changed the way financial institutions engage with their consumers, putting the industry at an inflection point of increased competition. The upside is that there are more opportunities to engage consumers in a positive way. Open Banking — and more broadly, Open Finance — augments this inflection point by making it easier for consumers to choose the services they want most — an essential move in an era where consumers no longer stay at a financial institution for loyalty alone.

The consumer has increasingly become the center of the financial services ecosystem — having the ability to pick and choose the combination of services they personally want most.

How to Get Started with Open Banking

If you want to be an advocate for Open Banking and data sharing within your organization, you should know that there’s already a large amount of activity in the marketplace. Many of the largest financial institutions are jumping in early and granting access via APIs, so if you haven’t moved already, you’ll likely be a fast follower rather than a leader in the industry. 

It’s better to start now instead of later, especially because people are overwhelmingly choosing digital channels over traditional ones (indicating consumer demand to optimize digital channels).

APIs and data sharing must be a strategic imperative, not a regulatory check box.

To get a competitive edge, it's best to play offense. Successfully implementing Open Banking is not just about focusing on data leaving your organization. It's also about using your consumers’ incoming data to actively provide better insights. After all, you can’t give the right advice if you only have access to your consumers’ held accounts. You also need to see held-away accounts. Data aggregation and Open Banking enables you to have a better view of your consumers.

The Journey to Open Banking

Let’s explore what this journey looks like for financial institutions focused on financial wellness and strength.

To start, note that financial strength is not financial literacy. It's not about checking boxes to offer the “right” financial products to your consumers. Financial strength is about giving consumers the option to withstand financial hardships and take more risks. For many people this means going from living paycheck to paycheck, to saving, investing, and eventually being able to live off of interest and returns.

Financial strength plays out differently depending on the individual, but at the end of the day, the tools that people need to get there are really not that different. They want to know information such as, “Am I on track?” or “Am I meeting my goals?” or “What does my cashflow look like?”

So how do you, as someone in financial services, help consumers on this front?

Highlight

Citi’s Developer Hub enables developers from various digital companies to connect to Citi via API. Notably, Intuit uses this connection to authorize data sharing with Quickbooks and Mint, Quantas uses it for their credit card offerings, and SingSaver uses it for instant account verification with Citi cards. The offerings in the developer hub vary by country, but Citi allows account aggregation, access to transaction data, authorization, and reward information in many places. By creating this developer hub, Citi is positioning itself for flexibility and stronger connections for their customers who use thirdparty apps, resulting in customer satisfaction and retention.

First, you need clean data. It's impossible to empower people to be financially strong if data isn't cleansed, categorized, and classified — or if it’s living in silos across different business units. Regardless of what you want to do to empower your consumers, you won’t get far without first creating a foundation of clean data.

Second, you need to create a couple of key programs with the perspective of both the financial institution and the individual in mind. In the past, you may have done what many companies in financial services have done, which is to try to drive up sales and revenue by telling consumers what you think they need. But with Open Banking and (clean) data sharing, you have the ability to present personalized information and tools to help consumers change their behavior. This way, you’re not telling consumers what you think they need. You know what they need.

For instance, you might create a hyper-personalized offer for a financial product with a better rate than the one they have, because you can see that you offer a better product. This represents a huge opportunity to provide contextual advice and present tools that empower your customer.

It’s something that consumers are hungry for. In fact, we found that 77% of consumers said they would value such a feature.

In addition, consumers expressed interest in having the ability to see all their recurring subscriptions at a glance, with 79% saying they would value such a feature — a feature that’s possible by making use of the data available via Open Banking initiatives.

You might also minimize risky behavior such as predatory lending. With Open Banking and clean data, you can use algorithms to scan transaction-level data, searching for patterns and outflows that indicate whether someone is paying down a high interest loan. 

Once you’ve flagged these instances, you can educate the consumer, present them a lower interest debt consolidation loan, and then follow up with guidance so they can avoid future debt pitfalls.

In consumer words, you’re not blasting your entire consolidation loan. Anybody can do that. Instead, you’re the true cost of high interest lenders. This way you deepen the relationship and show that you value each consumer's business.

In this same vein, you can help consumers redirect spending into investing accounts to change long-term outcomes. For example, you might track a consumer’s progress toward a savings goal, showing them ways to save money by the end of the month for their upcoming trip by adjusting their habits.

When you start to roll out these projects, you might be confronted about ROI. Someone might ask, “What is the business case for this?” or “What are the business objectives?”

The truth is that your consumers are demanding these solutions. When we asked consumers if they wanted their financial institution to tell them if they could give them a better deal on a financial product, 94% of them said yes. They’re looking for you to put their data to use in ways that benefit them.

The ROI from these initiatives comes in three ways.

First, you build trust and long-term loyalty with your consumers, setting you up for success.

Second, you position yourself to sell your products to the right person at the right time. No more mass blasting shiny mailers to your entire consumer base.

Third, you create new revenue opportunities for your business.

Consider these four steps to implement this shift in your approach to your consumers:

1. Start with clean data. Make sure that you know essential information about your consumers, including who they are and what they need based on a 360-degree view of their finances.
2. Get tools that help your consumers succeed. It’s not enough to gather data. You also have to be able to put that data to use and help your consumers.
3. Create a culture of customer obsession. How many have leaders are specifically tasked with advocating for their customers? How many have built a culture of obsession from top to bottom
4. Build systems that deliver on data-driven customer obsession. To do this, analyze your technology infrastructure and see if it mirrors a data mindset. Build a plan that can actually bring programs to life that can improve the outcomes of your customers.

Lyft reimagined transportation, Amazon reimagined shopping. You could be a small credit union that figures out completely new ways to capture market share from the big banks. Or you could be a big bank that finds markets that financial services haven’t yet tapped into. The end goal of Open Banking should not be to check regulatory boxes, or control data ownership. In fact, it should leverage the new landscape and truly engage consumers with data-driven innovation. 

It’s not often that the financial services industry gets an opportunity to reinvent customer engagement, but that’s what Open Banking means. If you can change the conversation from only selling products to identifying and meeting needs in new ways, you’ll enjoy a huge differentiator in the competitive landscape.

MX’s Data Philosophy

At MX, we stand by nine principles around data sharing on the basis that consumers own their data:

1. Portability
   Regardless of where a consumer has their money and data, if they choose to change, they should be able to take data with them.
2. Intent
   Beyond giving consent, people should be clear about the intent and implications of data sharing. Fintechs and financial institutions must disclose their intent when collecting data.
3. No resale
   Personal data should not be resold without the express approval of the data owner. People should be able to access a list of companies to whom their data has been sold or shared.
4. Real-time
   Critical decisions are being made based on data in real-time. Institutions need to commit to real-time accessibility at industry standard up-times.
5. Compliant
   When people share data, they should be advised if the ecosystem they are sharing into is compliant with existing and next generation
   regulation (e.g., GDPR, FCRA), Institutions should have governance in place to hold bad actors accountable.
6. À la carte
   People should be able to share the data points that they believe are important — not a prescribed list of attributes.
7. Private
   Personal data is personal. Personally identifiable information should not be shared with third or fourth parties, and systems should be in place to delete or revoke access. Until token usage is widespread, credentials should be handled with the highest security protocols.
8. Secure
   Financial institutions and fintech companies must commit to their data being secure, in easily understandable language, with clear implications for breaches.
9. Governance and remedy
   The ecosystem must agree on reporting, oversight, and actions for bad actors.

MX believes that the world is moving toward giving consumers full control over their data, which is good for the consumer and good for financial institutions and fintechs. In fact, FDATA has declared: “The first step towards an open finance ecosystem must be the assertion by policymakers of a consumer’s financial data right – the legally binding notion that the end user – not the financial institution – is empowered with control over their own financial data.” 

The CFPB adds that their bureau “advocates strongly for consumer control of the consumer’s data and transparency.” As the industry heads in this direction, we believe this is an essential component to making finances as they should be — and empowering the world to be financially strong.