The national budget passed by Parliament this February requires the Department of Finance to offer findings and recommendations for a move toward open banking. Lawmakers didn’t set a deadline, but Finance Canada is already engaging with industry stakeholders to solicit input.
Canada’s movement toward open banking cannot come soon enough.
The march toward open banking is well underway globally, from Europe to Australia, and India to the Middle East. Market stakeholders in all of these jurisdictions are now beginning to realize the significant advantages open banking frameworks provide. In the name of consumer and small business financial empowerment, and also for the sake of global competitiveness, it’s time to advance the revolution in Canada, and we are encouraged by our initial engagement with the finance ministry and members of parliament.
At the center of this debate are questions about user-permissioned data access: the right of the consumer or small business to affirmatively grant access to the third party tool of their choice to connect to or see the financial data required to provide them the product or service for which they have provided their consent.
In Canada today, financial institutions control individual customers’ account data. It is therefore difficult for consumers to share their information with third-party technology tools that can assist them in managing their finances—even though they choose to—since financial institutions can heavily restrict or even prohibit third-party access to customer data.
In practice, this impasse has led to a disparate market for consumers and small businesses, with different outcomes depending on the financial institution with which they have their primary banking relationship. Further, in the absence of clear standards regarding whether and how end users can use third-party, technology tools to help them improve their financial wellbeing, the market currently relies on credential-based authentication, which some institutions — and even some regulators — argue violates the terms and conditions to which customers agree when they enter into a relationship with a bank.
One need only look to Europe to see there’s a better way.
The United Kingdom’s Open Banking architecture relies on standardized data feeds implemented by financial institutions, which provide a uniform method of accessing data on behalf of the consumer or small business. The system includes prescriptive consent flows that ensure that a consumer’s or small business’ experience granting or revoking consent to access their data to any third party in the open banking environment is uniform. Accordingly, consumers in the open banking ecosystem experience the same consent-granting process across every third-party application they use, regardless of the financial institution with which they have their primary banking relationship. Offboarding is similarly uniform.
One key issue that must be resolved to create an open banking ecosystem is accountability; the question of who makes an end user whole in the event of financial loss and how. In the United Kingdom’s framework, a vibrant cyber liability insurance market, implementation of objective traceability, and regulations that require minimum security thresholds for all players, in addition to the modernization of existing laws and regulations such that any entity responsible for consumer financial loss is also responsible for making the consumer whole, address the issue. In exchange, no financial institution is permitted to restrict access to a financial services provider that meets or exceeds the requirements for entry into the open banking system.
Under this regime, individuals and families would have more choices about whom they bank with or lend from, would gain access to a broader array of credit providers and financial advice tools, and would have enhanced visibility into their financial state. Regulators and financial institutions would gain significantly more visibility into the third-party ecosystem. Financial institutions wouldn’t be held liable for fraud that didn’t happen under their watch, and, with their scale and existing customer relationships, would be well-positioned to bring their own technology-based tools to market.
An open banking regime that provides standards for liability, privacy, technology, authentication, and consent will significantly increase the deployment of fintech applications to the benefit of consumers and small businesses. With the UK, Australia, and other countries moving quickly to make these changes, Canada risks being left behind. Finance Canada’s efforts to push this issue forward are as timely as they are important.
Boms is a member of the board of directors of the Financial Data and Technology Association, which played a pivotal role in crafting the design and implementation of open banking standards in the United Kingdom and Europe, and is executive director of the organization’s North American chapter.