news.cuna.org/articles/113918-gear-up-for-open-banking
Open banking

Gear up for open banking

Prepare for the impact open banking will have on member relationships and competitive positioning.

April 2, 2018

Open banking is coming to the U.S. Although this claim is now approaching conventional wisdom, the consensus extends no further.

Diverging views abound on how soon it will arrive, its effect on traditional financial institutions, and, in some cases, even what “open banking” means.

But one thing is certain: Credit unions must prepare for open banking’s impact on member relationships and competitive positioning.

Broadly defined, open banking is the ability for outside parties to access banking information to deliver services to shared customers.

Precursors have existed for decades—think of products like Quicken and Mint, which requested consumer login credentials and/or resorted to screen scraping to populate their data-dependent offerings.

More recently, Venmo and PayPal have leveraged bank account capabilities to craft front-end experiences that some consumer demographics—particularly millennials—find highly appealing.

Now, extend this concept to a “plug and play” landscape in which nonbank fintech firms or competing banks can link into financial institution data systems to extract information, combine it with other sources, and create products addressing all manner of consumer and small- business needs.

This prospect is both exciting and scary.

History has shown app developers are capable of spurring customer engagement far greater than members have ever adopted with banking apps. Such hybrid solutions—addressing needs we might not yet even be aware exist—have the potential to foster more intimate relationships with members.

But you also have the offsetting fear that financial institutions could become distintermediated in the process, relegated to back-office “plumbing.”

Many credit unions are buying into open banking’s potential, perceived risks notwithstanding.

“We understand the need for open banking,” says George Rudolph, senior vice president of operations and technology for $8.2 billion asset Alliant Credit Union in Chicago and a member of the CUNA Technology Council executive committee. “Our members are probably best served when they have access to best-of-breed front-end services, and some of those might not necessarily be provided by us.”

Alliant’s online-centric service model heightens the stakes for the credit union to stay ahead of the curve in its digital offerings.

“We’re lucky that we do a lot of our own development,” says Al Pitcher, Alliant’s vice president of technology. “We develop customer-facing tools ourselves because of our small branch footprint.”

Such data access often is made possible through application programming interfaces (APIs), which are standardized conduits through which information can be provided in a prescribed format.

“We can get insights through APIs on which services our members are and aren’t using,” Pitcher explains.

Companies like Plaid have emerged to support libraries of published APIs enabling this process.

The credit union member experience carries personal resonance for Zach Perret, Plaid CEO/co-founder. He grew up in North Carolina using a credit union “and I loved it. But when I entered the working world I had to switch to a big bank because I found that my credit union account didn’t work in the places I needed it.

“When building Plaid, we made a big push to ensure consumers don’t have to make that same tradeoff,” he continues, “and can still access the financial products they need no matter where they choose to bank.”

NEXT: OBI in the U.K.



OBI in the U.K.

The first practical experiment in systemic open banking is currently underway in Europe under the auspices of the European Union’s Payment Services Directive (commonly referred to as PSD2) and the U.K.’s Open Banking Initiative (OBI).

In both cases, governing bodies determined they could accelerate financial services innovation by creating a clear path for fintechs to access banking data. Regulators also adopted the stance that banking data was the property of the customer, and as such should be made available to service providers with their permission.

These experiments remain in their early stages. The first phase of OBI merely required British banks to provide sortable access to nonsensitive information such as ATM and branch locations.

As the playing field expands in 2018 to include transaction data and personally identifiable information, complicating factors will rise to the surface. For instance, customers might face confusion as to whether the bank or service provider should address a support issue.

More important, some banks have expressed concern that their valued role as customers’ financial stewards could be compromised.

In theory, once a customer has issued instructions to share data, the financial institution should be absolved of responsibility. But consumers’ tendency to accept contractual terms and conditions with a cursory reading (at best) is well documented.

Consider a scenario where a consumer accepts the terms and conditions for a limited solution that, in fact, confers far greater data rights. Does the financial institution have the ability or obligation to refuse release to suspected bad actors?

Initial interpretations of PSD2 seem to leave financial institutions with disproportionate liability paired with limited power to serve as gatekeeper. One must assume these details will be worked out.

Perret suggests the risks aren’t as dire as they might sound, however. “ ‘Open banking’ is actually a bit of a misnomer,” he says. “There are no truly open APIs in financial services. Due to security, regulatory, and privacy concerns, it’s essential to properly vet each developer and use case.”

Most experts agree it’s highly unlikely the U.S. will see a regulator-driven approach such as PSD2 for several reasons. Stateside culture favors market-driven solutions over regulatory mandates. With at least 20 times more financial institutions than most countries, both paths are more complex in the U.S. Arguably, however, the endgame is similar under either scenario.

NEXT: Finding partners



Finding partners

This process has already begun in the U.S., with the largest banks striking agreements with individual nonbank financial service providers.

In late 2017, Intuit announced the aggregation of the data assets behind its Mint and TurboTax products under the single banner “Turbo.” In doing so, Intuit invited banks and credit unions to partner with them to leverage these assets—a likely harbinger of things to come.

Ben Morales, chief technology and operations officer at $2.7 billion asset WSECU in Olympia, Wash., has a similar perspective: “The ability to access your data is the key to being nimble and getting your innovative solutions to market quickly.”

Morales advises credit unions to embrace extensible APIs to push/pull data from the likes of Facebook and Microsoft—and ensure their service providers can support such capabilities.

“In some sense, CUFX [Credit Union Financial Exchange] was the precursor to open banking,” he says. CUFX is an open, vendor-agnostic, broad integration standard designed by leading credit unions and vendors to reduce the time and cost of systems integration.

Negotiating an enormous number of permutations of financial institution/fintech agreements will be a laborious and lengthy task, and fintechs will prioritize large financial institutions to quickly achieve critical mass. With few exceptions, individual credit unions lack the scale to strike these deals.

At the same time, it’s critical for credit unions to participate in open banking opportunities to keep pace with large bank competitors, especially for the tech-savvy younger demographic.

Credit union service organizations and legacy service providers are well positioned to negotiate collectively on credit unions’ behalf. The key is to ensure system flexibility. “With technology changing so quickly, you need an open system foundation for future growth,” says Pitcher.

The ability to leverage APIs—whether through custom development, as large credit unions are doing, or via a service provider—provides an avenue to level the playing field.

Open banking has clear implications for the branding and control of financial services. As markets evolve, fintech firms have dropped some of their initial swagger, looking to be friends rather than foes of financial institutions.

While lingering trust issues are inevitable, an undeniable symbiosis exists. Financial institutions are a natural source for a base of financial services customers, and they have the expertise and infrastructure to address regulatory requirements.

Fintechs bring demonstrated skill in developing applications that resonate with consumers, and are equipped to rapidly deliver such solutions.

But credit unions won’t allow themselves to become a mere back-office accounting system while ceding valuable member relationships.

The key is to protect data assets—for the good of both member and credit union—while seeking win/win opportunities with fintechs offering the potential to enhance your credit union’s suite of member services. After all, if your credit union doesn’t meet a member need, someone else will.

Morales has a straightforward approach to this dynamic tension. “Bring it on,” he says. “Let’s solve the problem together. Good ideas can help us both be better.”

While many large credit unions have explored how to leverage open banking, many mid-sized and smaller institutions have yet to prioritize the topic.

“If I were leading a smaller credit union, I’d be looking to pair with providers with robust open systems that can connect to the outside world, or look at whether they conform to emerging standards like CUFX,” says Rudolph.

One smaller institution that has gotten ahead of the trend is $94 million asset Platinum Federal Credit Union in Duluth, Ga. CEO Kabir Laiwalla is quick to draw a distinction between open banking in the U.S. and overseas.

“I think in Europe they’re going one step further in the sharing of data,” he says. “It’s going to take a long time—everyone wants a piece of that cake.”

Platinum Federal recently changed mobile platforms for the second time to take advantage of open API flexibility.

“We’ve enabled APIs for shared branching and surcharge-free ATMs,” Laiwalla says. “Right now, we’re working on payments.”

The strategy is paying off for Platinum Federal, even as it continues to provide a strong branch experience for its 1,200 small-business members—primarily retailers. “We’re growing at 20% by keeping up with technology,” Laiwalla says.

“After a recent town hall meeting, a 10-year-old came up to me and said ‘I want to bank with you’—not because his parents did but because the tech is cool,” Laiwalla adds. “That’s why we do this.”

Who’s driving?

Open banking is virtually certain to arrive in the U.S. in some form. “People want to develop their own experience, and we need to enable that access,” says Morales.

And while there’s no burning platform yet, “PSD2 will become an issue the minute we find out someone has been disadvantaged because of lack of access,” Morales says.

The question becomes, who will drive the process, financial institutions or fintechs? Recent actions by Intuit relay its intentions to play a proactive role.

Data-sharing agreements by Wells Fargo, Bank of America, and J.P. Morgan Chase make clear the largest banks’ direction. Credit unions can’t afford to play catch-up.

“Going forward, our success will depend on us thinking more about partnerships,” says Rudolph. “It will be less about partnering or opening up access because the regulatory framework requires it, and more about opening up because our members demand we do so.”

GLEN SARVADY is managing partner at 154 Advisors.