Banks’ and FinTechs’ pursuit of collaboration in recent years is an especially positive development, given that United States regulation around open banking likely will make it a necessity. In October, the Consumer Financial Protection Bureau (CFPB) unveiled an open banking framework that will have far-reaching consequences for both FinTechs and banks when it eventually goes into effect, potentially in 2024.
The CFPB’s framework mandates that banks provide qualified third parties with access to consumer financial data — including settled and unsettled transaction and deposit data, consumers’ personal information and other miscellaneous information — through the use of application programming interfaces (APIs), much as Europe has been doing for years now. Although the specifics may change by the time the rules go into effect, banks and FinTechs will need to rely on each other to ensure compliance.
The proposed rules will require banks to make certain information available via two API accessible portals: one consumer-facing and the other offering third-party access. At present, however, many banks are unable to comply with the CFPB’s requirements.
The reason is that the majority of banks are using legacy back-end systems that do not easily support such capabilities. Even outside the context of open banking, banks have had API difficulties. According to a study, 81% of surveyed banks cited a lack of API experience as a challenge when partnering with FinTechs.
Fortunately for banks, FinTechs can help. Because FinTechs use primarily cloud-based systems that are far more dynamic and customizable, they do not have the same challenges as banks in implementing APIs to make the most of open banking. Banks can thus leverage FinTechs’ agile systems and technological expertise to comply with the CFPB’s forthcoming rules, expand their customer bases and tailor products and services to consumers’ individual needs.
The bank-FinTech relationship is a two-way street, with FinTechs also standing to benefit from closer ties to banks when U.S. open banking is instituted. Although FinTechs have the technology capabilities to meet open banking requirements, banks can help FinTechs in the areas of data security and compliance.
Unlike FinTechs, banks have spent decades implementing data security measures and, as regulated financial entities, must comply with rigorous privacy and safety rules. If third parties are ultimately held liable for misuses and abuses of sensitive data — as banks are advocating — FinTechs will be on the hook for ensuring that customer data is safe and secure. Banks can help them implement data security best practices to limit their potential risks.