While the EU has regulated Open Banking, banks in the US market have taken a more strategic approach to partnering. BBVA has also followed this US model, but has done so on the retail side rather than with corporate, as we discussed here.
The issues associated with a mandate for Open Banking versus strategic partnering is discussed in the Mercator report “The Emergence of API Platforms: Open Banking Drives New Business Models.” More recently in the US market, Capital One, PNC, and JPMorgan Chase have all announced restrictions on 3rd party access to consumer accounts.
As identified in Banking Dive, this is said to be associated with new privacy laws and new security protocols:
“Several large U.S. banks have recently revamped and tightened their third-party data sharing practices, affecting the way some fintechs conduct business with their customers, and several industry experts say the trend is expected to grow in 2020.
A recent security upgrade at Pittsburgh-based PNC Financial Services Group kept data aggregators from gaining access to customers’ account numbers and routing numbers last fall, and last week JPMorgan Chase announced it will ban third-party apps from accessing customer passwords. The U.S.’s largest bank said it plans to issue tokens for access to a limited amount of data in a secure form.
‘As more banks begin to announce improved security practices, we can expect to see a snowball effect,’ Ray Walsh, a digital privacy expert at ProPrivacy.com, told Banking Dive. ‘Competing services that exploit account numbers and other sensitive customer data have created a new understanding among banks that the unmanaged dissemination of customer data may actually pose a risk to their bottom line.’
More banks follow suit with their own heightened levels of security, Walsh said.
‘Due to the evolving nature of privacy legislation and increasing fines for data mismanagement, the banking industry is beginning to take data privacy much more seriously,’ he said. ‘This will improve privacy and security levels for consumers, which is highly positive. However, it may also be exploited by banks to restrict the number of services consumers can freely attach their account to, perhaps forcing consumers to use similar native services provided by their bank instead.’ ”
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group