Ahead of the Payments Services Directive 2 and Open Banking coming into effect this Saturday, Ruth Milligan, Head of Financial Services and Payments, at industry body techUK provides an overview of what the legislation will mean for consumers and businesses alike.
This Saturday 13th January, landmark new legislation will kick-start greater choice in the way consumers and SMEs can manage their finances and make the most of their money.
This is the first step in major changes for the way banking operates, shifting from stand-alone banks, which provide a specific range of products to an ecosystem where many players collaborate to offer a much wider range of services. The benefits for consumers and businesses are many. Competition will be enhanced, innovation will thrive and the options for the customer will be greater and more targeted to their specific circumstances.
This legislation is of course the Payments Services Directive 2 (PSD2). PSD2 states that banks must allow customers to decide which other companies, known as ‘third party providers’ (TTPs), can have access to the data held in their current accounts, according to the services they want to use. Account users will own and manage their individual payment information, rather than the bank. There will be two types of service: payment initiation and account information.
And, in the UK, ‘Open Banking’ will provide the rules and the platform to make sure that banks and third parties can communicate easily and securely with each other. The communication under Open Banking will be done via APIs – the same type of computer ‘language’ used by Uber when it links up cab drivers with payment information. These are highly secure ways for computer systems to talk to each other.
TTPs or the ‘other companies’
Third-party providers might be other banks, or they could be non-banks – technology companies, or fintechs – such as the many companies already offering comparison websites.
The difference under the new legislation is that TPPs will all have to be authorized by the Financial Conduct Authority, which will ensure they are legitimate, well-run companies.
How will this benefit customers?
First of all it will let them choose. Up to now, only individual banks/building societies have held current account data. PSD2 will allow customers to share this data and access services from other providers which suit them better. For example, if an account user gives permission to a comparison website to look at their data, the options they get back would be targeted specifically to their own situation. Just some of types of service on offer will be:
- Easier access to credit for individuals and SMEs
- Access to cheaper overdraft services.
- Budgeting apps, which track spending and suggest ways to save.
- Automatic savings systems which move unused balances to interest-bearing accounts or regular savings products.
- Comparison services for loans, mortgages, and insurance targeted to individual circumstances.
- Dashboard type aggregation services allowing customers to see all their different bank accounts in one place.
- Ways to make payments directly from your bank account and not through a payment card.
What is Open Banking?
Open Banking is a platform and a set of standards put in place by the nine big UK banks following an order by the Competition and Markets Authority (CMA). It is the technical infrastructure by which TPPs and banks communicate with each other.
A TPP wishing to use the system will register with Open Banking and can then, through a set of standardised APIs, communicate with all the nine big UK banks, initially. All other banks may join this system if they decide to do so. It is therefore the technical underpinning which will allow the PSD2 rules to work in the UK.
As well as the technical interface among the providers, Open Banking has created detailed rules on what the system will look like from the point of view of the customer – for example, rules on what information the customer has to be given when they consent to allow a TPP to access their data.
So how swiftly will this come in?
The changes made possible by PSD2 and will take time to appear. There will be no ‘big bang’ change. The Open Banking system is not fully complete and not all the nine banks will be ready on 13th; also the technical infrastructure will have to be tested and verified to make sure it works seamlessly. Work will continue throughout 2018 to ensure that all the technical systems necessary to enable the requirements of PSD2 are put in place. It will also take time for the TPPs to ‘plug in’ and to get their product offering up and running.
It is then up to the customers: Each TPP will be putting their own service onto the market and promoting it. Customers will decide, according to the benefits they get, which services to use.
Is there a data risk for customers?
We are in an age where consumers’ data is highly valuable. Millions of people give companies access to their data freely for benefits. PSD2 and Open Banking allow bank account users to decide what data to share, for what purpose and to see a specific benefit in return. This truly gives the customer ownership of their own data.
Further rules on customer authentication, designed by the European Banking Authority and applicable from next year, will increase security for payment transactions made online. The General Data Protection Regulation, which comes into force in May 2018, will also force companies to improve data security and cyber technologies are becoming more and more sophisticated to cope with fraud risks. The focus of governments, regulators and the industry alike is very much: security first.
Open Banking is a monumental step towards a fully open, digital ecosystem covering all financial services. techUK and its members hope to see a more open, inclusive and transparent governance come about as a result of this legislation. Yet there is still work to be done and we ask Government to help build a long-term strategy to make this happen.