Open Banking a Blueprint for a New Data Economy
Source: Australian Financial Review Feb 12 2018
Senior Treasury officials say the “open banking” report by King & Wood Mallesons partner Scott Farrell is one of the best policy documents they have ever seen produced by a professional in the private sector. It needed to be, given its implications.
Open banking will empower a customer to direct their bank to send their data to another provider. It promises to level the competitive playing field by reducing the costs of account switching and facilitating price discovery.
The banking sector is the first cab off the rank with customer data to be liberalised across the economy under a new Consumer Data Right announced in November. Telecommunications and energy will follow. Beyond that, data relating to health and education, and broader financial services such as insurance and superannuation, could also be put under the control of the customer.
A new data industry could be created as more people realise their data has a value and should be treated as an asset.
Farrell may work in rarefied air atop Governor Phillip Tower as a partner at King & Wood Mallesons, but his is a report centred on the person on the street. Under open banking, it will be customers in control of what data is shared and when.
He is also willing to stand up to the power of the banks. In its submission to the review, the Australian Bankers’ Association called for the accreditation utility that will determine who can receive data to be run by the industry. Farrell rejected this, preferring the independent ACCC.
“Accreditation criteria should not create an unnecessary barrier to entry,” the report says.
The banks will also be distanced from controlling the technical standards for facilitating the data transfer. “Although financials institutions have largely welcomed the prospect of open banking, conflicts between their commercial considerations and the interest of consumers could easily arise,” Farrell writes.
Delivery will be via application programming interfaces (APIs). For technically minded readers, Farrell favours the OAuth2 framework for authorisation, providing minimal disruption to the user experience, with RESTful (representational state transfer) API architecture as the method of delivery.
The blueprint is Britain’s technical standard; it was designed by the British Open Data Institute, co-founded by world wide web inventor Tim Berners-Lee, and Fingleton Associates. Local standards will be developed by a data standards body.
There are a few other striking features of Farrell’s 158-page report, which was released on Friday. The Australian Competition and Consumer Commission is a big winner: it will take the leading regulatory role to ensure the system works for consumers, with the Office of the Australian Information Commissioner overseeing privacy. The financial regulators will be interested onlookers.
Security will be paramount and customer trust will be enhanced through an accreditation regime and a liability framework.
There won’t be any centralised storage of the data, avoiding a “honeypot” that could tempt hackers, like those that penetrated Equifax and got access to the credit information of 143 million Americans.
“Fortunately, the principles used with money, communications and energy systems should show what could be needed for the sustainability of a stable, broader data ecosystem,” Farrell says.
In terms of timeframes, Morrison wants the regime up and running by July 1 next year. While API development work will be needed; the major banks are understood to be able to meet it.
Farrell also points to how open data will improve the quality of artificial intelligence engines. Perhaps the regime’s biggest impact will not come from what one bank can do with data from another bank, but what a company in another industry does with banking data.
A customer directing their bank to send data to their telco “could enable an entirely new field of products and services to be offered, enhancing choice and convenience”, Farrell predicts.
A risk for incumbents is they fail to grasp the opportunity to turn open data to their advantage, rendering them a mere utility providing the pipes, but not the customer experience.