“Open banking” sounds a lot like online banking to most people, and unless you’re in the payment services business in Europe, the acronym PSD2 is probably a mystery. Nonetheless, the two terms are closely related.
The European Union initiated the second Payment Services Directive (PSD2) to standardize payment and banking systems and their access to customer banking data. It’s also meant to stimulate the European fintech industry.
The Open Banking Standard is a parallel initiative the U.K. drafted while it was still a member of the EU. It’s intended to link the U.K. banking and financial services with the rest of Europe and to shake up domestic retail banking. The Open Banking Standard is compatible with PSD2 — or it was prior to Brexit — but it’s not identical to PSD2.
Open banking isn’t simply the name of a British banking regulation — it’s a vision for a customer-centric banking and payments system. Open banking will transpire online (rather than in the manager’s office at your local bank branch), but open banking isn’t a technology. It’s a powerful idea that both PSD2 and the Open Banking Standard are translating into law.
Now that PSD2 is in force throughout the EU (as of New Year’s Day 2021), bank customers essentially own the data that banks have about them. And they have the authority to share that data with third parties to help them find a better car loan or mortgage. They can also authorize third-party payment processors to access their accounts to make or receive payments.
Open banking is already fueling a fintech boom in Europe.
Open banking isn’t just more convenient banking
The traditional banking business model of taking deposits and making loans within the context of a durable customer relationship has weathered several tech disruptions. Traditional banks, with their ubiquitous branch offices, simply made incremental adjustments to their business model and technology to respond to changing demands — such as incorporating telephone banking in the 1980s and online banking beginning in the 1990s.
Developing new banking services based on new technology has made banking far more convenient for many years. To some extent, these new services have allowed new market competitors to gain a foothold in the industry. But through it all, traditional banks have kept their grip on the customer relationship and the treasure trove of customer data it provides.
Legacy banks, stabilized by immense government bailouts in the aftermath of the 2008–09 global financial crisis, are generally thriving despite the fintech industry boom, increased use of mobile banking, and very low interest rates.
Open banking is a fundamentally different challenge to traditional banks. Open banking, enabled by technology, relies on new regulatory structures — such as PSD2 and the Open Banking Standard — to make customer banking data available to third parties with the customer’s permission. Achieving that open data approach has required both new rules and new technical standards to prevent fraud and guarantee customers’ funds and data are secure.
Now that the rules are on the books, and everyone has incorporated the tech standards into operations, banking in Europe and the U.K. is expected to change drastically in the coming years as a result of significant competition.
Differences between PSD2 and the Open Banking Standard
The European Banking Authority, which has overseen the implementation of PSD2, and the U.K.’s Competition and Markets Authority (CMA), which is implementing the Open Banking Standard, have written open banking regulations on shared principles.
Both PSD2 and the Open Banking Standard give bank customers ownership of their data. Both make it safe and convenient for customers to authorize third-party providers (TPPs) to access their data and their accounts to facilitate payments, funds transfers, and data-dependent financial actions (such as shopping for car loans or mortgages online).
The two rules overlap quite a bit, but they also have significant differences. Unlike the Open Banking Standard, PSD2 did not establish common API (application programming interface) standards for data and funds access. Instead, banks may make their data available using a variety of compliant (but different) technical standards. This adds a layer of complexity for account aggregation that the Open Banking Standard avoids.
PSD2 doesn’t address price comparison websites (PCWs) at all, but the CMA established separate “whitelisting” arrangements in the Open Banking Standard to authorize PCWs. Also, PSD2 opens customer transactional data only for specific institutions — those licensed as payment service providers (PSPs). The Open Banking Standard creates a whitelisting process that grants access to a broad range of third parties.
The two regulations vary in part because they were meant to achieve somewhat different goals. The European Banking Authority sought to encourage the growth of a payments market spanning all 26 EU countries by updating the original PSD of 2007.
The CMA saw an opportunity to address its long dissatisfaction with the retail banking industry in the U.K. In particular, U.K. banks make it notoriously difficult to move accounts. High fees — and particularly high overdraft fees — on personal accounts are the primary source of income on personal accounts in this extended period of very low interest rates.
The CMA sees the Open Banking Standard as the solution for consumers who are eager for banking alternatives. It’s also a means of creating competition among banks, and the entry point for fintechs eager to market new services.
For instance, the Open Banking Standard makes it easy to envision new fintech services that monitor a customer’s bank account to prevent overdraft fees by automatically transferring money from another account — or perhaps even making a short-term loan.
How will Brexit affect open banking between the EU and U.K.?
Originally, the U.K. began writing the Open Banking Standard in response to an EU mandate requiring all member states to make domestic banking regulations compatible with PSD2. Regulators, banks, and fintech companies in the U.K. wrote and implemented the Open Banking Standard while the country was still a member state of the EU. The tortuous, multiyear Brexit process is now officially (and finally) complete.
U.K. financial regulators have delayed PSD2 compliance until March 2021 for online banking and September 14, 2021 for online shopping. So, even though the U.K.’s banking, payments, and fintech sectors have been preparing for years to compete in the EU, we still have a few more months to see if they will be allowed to.