Open banking , according to VISA , involves sharing a customer ’ s financial data with other financial institutions ( FIs ) through application programming interfaces ( APIs ) with their consent , enabling the distribution of innovative financial products and services . 1
In the past , a common practice by individuals and businesses was the consolidation of their various products and services at one or two FIs ; this provided a unified view for decisions ranging from deposits , transferring funds to different accounts and making payments for credit products . However , competition in the banking industry and the prevalence of internet-based access to banking services have played a significant role in the development of open banking models that provide standardized , seamless and secure access to user data and payments . Open banking offers customers a consolidated view of their accounts from all their FIs from a single login . This enables the customer to make quicker and more informed financial decisions .
While open banking offers customer-centric benefits and data ownership , it also introduces various avenues for increased financial crime risks . These may include account takeover , impersonation , cyberattacks and identity theft . Criminals may target the aggregated customer data stored by fintech companies , exploiting unauthorized access to customer information from multiple institutions simultaneously . This poses threats such as fraudulent transactions , unauthorized payments , terrorist financing and money laundering .
This article will take a closer look at the impact of financial crimes in open banking and explore effective strategies to address these risks . Account takeovers can be easily achieved since fraudsters only require one username and password to access a customer ’ s accounts from different FIs . This opens the door for making fraudulent payments and conducting unauthorized transfers from the customer ’ s accounts . Another angle will be using the victim ’ s accounts to receive funds from fraudulent sources , thereby committing money laundering . In the U . K . and Australia , where open banking has been implemented , reported cases of financial crimes recorded a significant increase .
Open banking regulatory framework
Any product or service in the financial mediation space is an essential service and requires regulation to ensure the public interest is protected . Open banking , being a novelty , requires active stakeholders from technology for its complete implementation and needs a different approach to its regulatory framework than traditional banking . Technology companies are less regulated compared to banks , and their inclusion in open banking ’ s implementation will require regulations that can protect all the stakeholders . The U . K . and Australia are good examples of countries that implemented open banking with a different regulatory framework .
In the U . K ., the Financial Conduct Authority ( FCA ), which regulates all financial services , implemented open banking with the passage of a new law named the Payment Service Regulations . This regulation enables customers to access payment initiation services and account information services through third parties . This ensures that any customer of a bank can safely and securely log into thirdparty service providers ’ websites to gain access to all their financial information from different institutions at once . The Competition and Markets Authority ― an entity tasked with enforcing compliance regulations in the financial services industry ― mandated the nine largest banks in the U . K . to develop APIs with standard specifications as a compliance measure . They focused primarily on authenticating customers for access to their information and security for platforms accessing open banking information .
ACAMS Today | December 2023 – February 2024 17