As CEO of a small security software startup, I am acutely aware of the fact that it’s difficult to compete with massive incumbent businesses. Recently, I read an article published by Bloomberg Law entitled Small Banks Urge CFPB to Phase in Open Banking Tech Requirements, that brought into focus just how similar other industries are to mine with regard to competition between small and large organizations. The article highlights how smaller banks and credit unions in the US are pushing back on the CFPB (Consumer Financial Protection Bureau)’s plan to rollout requirements around Open Banking due to the cost of the software and the level of effort required to move to an API-based service delivery strategy. What is made very clear (from the statements made in letters to the CFPB), is that smaller financial institutions are concerned about being at even greater disadvantage than they are today as a result of the push toward Open Banking.
The concerns appear to be in two primary areas: technical sophistication and spending power. I completely understand that smaller banks and credit unions in the US don't want to be forced into a technology investment as part of a compliance exercise. However, I don’t think that there is broad enough understanding from smaller FI’s about what Open Banking will really cost to implement and what benefits Open Banking will provide beyond simply checking a box for compliance.
The National Association of Federally-Insured Credit Unions (NAFCU)’s letter to the CFPB (quoted in the article referenced above) says:
“In the long run, commoditization of financial data driven by the CFPB’s goal of ‘reducing switching costs’ could have the opposite of its intended effect: rewarding the largest, most technologically sophisticated companies at the expense of credit unions and other community institutions focused on relationship banking.”
In general, I don’t believe the “opposite effect” will be the end result; this is definitely not what other regions where Open Banking has already taken hold have experienced. However, this statement backs the commonly held idea that the largest banks are automatically going to be the most technically adept. In fact, one of the primary benefits of Open Banking is that it very effectively levels the technological playing field so that any bank can provide any customer with the best services using the best security and privacy controls. This makes credit unions and small banks just as powerful from an end-user perspective as a large bank, which is really something larger banks - rather than smaller banks – should be more concerned about.
Even though larger banks may fret over Open Banking narrowing their technological lead against smaller competitors, they're still pushing toward Open Banking as a standards-based approach to consumer data privacy and control. The reason for this is simple: it's the most secure way to share data with third parties and it gives the user, not the bank, responsibility for how and where their data is shared. Given the very scary current state of cybersecurity in the global business community, I don't see why anyone would want to wait for better security and privacy controls.
The Independent Community Bankers of America (ICBA)’s letter to the CFPB (also quoted in the article referenced above) says:
“Moving to data sharing portals like APIs is expensive and may be beyond the reach of smaller financial institutions.”
Right or wrong, this makes it clear that many (if not all) smaller FI’s believe implementing APIs as part of adopting an Open Banking standard will be cost prohibitive. The fact is, however, that Open Banking does not have to be a huge investment - there are a wide range of services and software offerings that provide predictably low costs based on utilization volume. These solutions are a quick, easy and inexpensive way to get started with Open Banking.
Furthermore, there is a wealth of knowledge and help available in the area of open standards such as FAPI (Financial-grade API), which is maintained by the OpenID Foundation and will likely form the underlying security profile for whatever standards we end up with Open Banking in the US. Another is FDX, which is an open data exchange standard that is already widely being implemented by FI’s in the US.
About a quarter of the engineers at Cloudentity are involved in one or more of these standards bodies and working groups and I know that all of us are more than willing to help people understand what is needed in order to adopt one of the standards. The bottom line is that smaller FI’s who are concerned about the level of investment required in this area can get help easily.
Cloudentity in particular provides the ability to implement a full-scale demonstration of an entire Open Banking environment in just a couple of minutes. This demonstration includes:
- Running and integrated instances (including source code) of a sample Fintech app
- Banking APIs
- Consent management UIs
- All of the compliant identity and authorization mechanisms needed to participate immediately in an FDX, Open Banking UK, Open Finance Brazil or the CDR (Australia) ecosystem
You can use this software for free by creating a tenant. The best part is that the moment you create the tenant someone will reach out from our team to offer you whatever help and support you need!