Open Banking Week 8

09 March 2018

Welcome to the next in a series reviewing open banking in the UK. News items on this topic have died recently, as the excitement around the launch has reduced. With that in mind, this post will focus on a number of positive and negative developments that the community may, or may not be aware of, and then a review of the currently available development portals offered by each of the CMA9.

tl;dr:

Some positive developments but the lack of anything tangible in the public view, and stalling from most of the CMA9 means that overall, the project is running at a B-.

Negative

  • We’ve heard on the grapevine that Open Banking Ltd have extended the managed rollout that was questioned in our previous post. This has happened without announcement, thus the concerns voiced two weeks into the initiative remain.
  • We are yet to hear of an example of a service which utilises the OBIE-designed API framework being made available to the public. This clearly depends on both Third Parties and Banks having an offering ready for market, and unlike the latter, there is no regulatory obligation on the former to present such.
  • In her Brexit Speech on Friday, March 2nd, Theresa May explicitly ruled out the continuation of passporting, and appeared to imply that there will be implications for digital initiatives which come out of Europe. Here are a couple of quotations:
    • “We’re not looking for passporting because we understand that it is intrinsic to the single market, which we would no longer be a member of. It would also require us to be subject to a single rulebook over which we would have no say.”
    • “The UK will not be part of the EU’s digital single market which will continue to develop after we leave … it will be particularly important to have domestic flexibility, to ensure the regulatory environment can respond nimbly & ambitiously to new developments.”

As with everything Brexit-related, nothing is set in stone, but this looks to have major implications for the open banking ecosystem, which is built on the PSD2 principles of interoperability through common technical standards, and the ability of organisations to interact throughout Europe with one regulatory registration. It’s also confusing given that the UK was one of the Payment Services Directives’ (i.e. both 1 and 2) biggest advocates, not least because of the huge competitive advantage London has in the fintech market. Time will tell what the effects of this approach are, but the speech certainly makes establishing a base in an EU member a strategic move for any businesses seeking to a European customer base post-Brexit.

Positive

  • Open Banking Ltd has released a second version of its API Standards. Whilst a positive step toward further PSD2 coverage, the release is limited to extended coverage of account types and product data points, as opposed to being an enrichment of the data already available as part of their account information API design.
  • Two freely available sandboxes which use the OBIE standard have been made public;
    • ForgeRock - a group of Digital Identity experts, have produced a facility with a broad range of information. From our initial review, the content is good and helpful for navigating through integration and building applications.
    • O3-Ozone - a new player in the ecosystem, with a very user-friendly website and a series of useful demonstration videos to guide developers through interaction.

CMA9 Developer Portal Review

We previously pointed to the lack of CMA9-provided developer facilities as being one of the major barriers to entry for those seeking to bring applications using the Order-backed initiative to live. They have clearly moved on somewhat, so here’s a quick review of the changes we’ve seen.

  • AIB - we previously pointed to AIB as being one of the leaders in this space. We’ve now had a chance to review their sandbox, and would recommend it in line with those mentioned above.
  • Barclays - whilst a very heavy website to load and tricky to navigate, Barclays have added information covering the Read/Write APIs a reference to a Barclaycard Smartpay API (coming soon). Unfortunately, a link to their sandbox (https://developer-sandbox.barclays.com) is broken, but there is distinct improvement.
  • Danske - no changes. Still terrible.
  • HSBC - see Danske.
  • Lloyds - hasn’t been updated since our last post, but still one of the better portals available.
  • Nationwide - now have a portal available which is fairly well structured but a bit light on content. No sandbox documented at this stage.
  • RBS - extensive new portal covering RBS, Natwest and Ulster Bank. They also have a ‘sandbox’, but in reality this is a mock server in the guise of that which OBIE published some time ago. Useful for those starting their journey, but not interactive in the manner of those listed above.
  • Santander - Santander has a developers’ portal consisting of a list of API specifications, endpoints, but no guiding content and no sandbox to be seen. They are, however, running a hackathon backed by a completely different open banking initiative, the Open Bank Project. Perhaps the hackathon is to develop a portal for the bank?

So a relatively mixed bag of news items; there are positive steps being made, but nothing to (yet) justify the hype that accompanied the launch of open banking in the UK. Until that happens, we’ll maintain cynicism about the effectiveness of the initiative in stimulating change and competition.