Open Banking By The Book

Open Banking By The Book

Land rushes. Gold rushes. Now comes the rush to digitally onboard consumers who, driven by the fear of touching things that could be contaminated with COVID-19, are turning in droves to online solutions.

Banking isn’t immune, as it is also undergoing pandemic-induced change. The open banking push in the European Union (EU) and the more nascent movement in the U.S. are key beneficiaries of this digital shift, as in-person branch banking now freaks some people out.

Along with new opportunities, however, come new regulatory burdens. Compliance is essential, even as companies try to onboard large numbers of new customers with minimal friction.

Noting that the U.K. temporarily eased some of its strong consumer authentication (SCA) rules in response to the pandemic, PYMNTS’ June 2020 Merchants Guide to Navigating Global Payments Regulations, done in collaboration with Ekata, reports that “these adjustments to SCA are designed to mitigate COVID-19’s effects, but they could also have a more far-reaching impact on open banking. The shifts to SCA payment limits as well as its deadline are showing regulators how the rule is currently working for merchants and consumers and suggesting how it could indicate broader, more complex upgrades to open banking in the future.”

It Starts With SCA

That broader, more complex future for open banking is actually unfolding in real time as consumers flock to digital ways of doing nearly everything. Financial institutions (FIs) have to be on their toes in this environment, where new digital-first and digital-only brands are being forged against a backdrop of intense governmental scrutiny and punitive actions.

“Banks and merchants in the EU must still deal with changes brought about by payment regulations like SCA as they work to support [a] flood of new online purchases,” the Merchants Guide To Navigating Global Payments Regulations states. That necessitates better risk analysis.

“SCA requires consumers to be authenticated with two out of three factors: knowledge-based identifiers like passwords, body-based identifiers like voice or fingerprint biometrics or factors they possess, such as the hardware on their smartphones. Authenticating these factors means banks and retailers must be able to conduct transaction risk analysis assessments instantly, which was already difficult even before online spending surged,” Arjun Kakkar, vice president of strategy and operations for global identity verification solutions company Ekata, told PYMNTS.

To U.S. operators, open banking’s data regulations may seem far off in the EU, but the fact is they’re already here. As the June Merchants Guide To Navigating Global Payments Regulations notes, “several U.S. lawmakers on the country’s Senate Committee on Commerce, Science and Transportation recently proposed a privacy bill called the COVID-19 Consumer Data Protection Act, motivated by how data is being utilized during the pandemic.”

Dealing With Data Privacy

Given open banking’s virtual nature, it is a concept whose time has arrived. It’s not been easy, though, as open banking is paused for now in Canada, for example, even as the movement presses on here and elsewhere despite a tangle of new privacy regulations.

“The pandemic is acting as a quick litmus test on whether SCA – and open banking by proxy – is truly scalable. The problem has a simple fix, however, and regulators are able to respond with some ease: the U.K. Financial Conduct Authority (FCA) postponed the SCA deadline by six months, while the EBA increased contactless payment limits from €45 to €50 ($49 to $54 USD) to help merchants process transactions at scale, though these measures may be temporary,” said the Merchants Guide To Navigating Global Payments Regulations. “The more crucial effect of the pandemic on open banking concerns data privacy, and it is in this second area that FIs and regulators everywhere are facing the most scrutiny from merchants and consumers.”