40亿英镑的开放银行生态系统

Grasping the Opportunity March 2023 The Great Open Banking Crossroads | March 2023 Authors Charlie MercerHead of Economic Policy Dom HallasExecutive Director Luke KoskyFintech Policy Lead About Coadec Coadec is an independent advocacy group that serves as the policy voice for Britain’s technology-led startupsand scale ups. Coadec was founded in 2010 by Mike Butcher, Editor-at-Large of technology news publisher Coadecfights for a policy environment that enables early-stage British tech companies to grow, scale andcompete globally. We have over 2000 startups in our network and have been instrumental in buildingproactive coalitions of businesses and investors on issues that are integral to the health of the UK’s startup We have been an ardent supporter of the UK’s Open Banking ecosystem for years, and published ourfirstreport urging action to accelerate the sector in November 2020. This was followed by a report in September2021 calling for a Smart Data Right to accelerate data portability across the economy. Introduction “UK open banking is at a crossroads”, said Bryan Zhang, Independent Chair of the Open Banking StrategicWorking Group (SWG) in the Final Report for the Joint Regulatory Oversight Committee (JROC) in February A multi-billion pound sector stands on the precipice of takingflight beyond payment account data, to openup a new frontier of innovation and competition… Or alternatively, the darling of the UK’sfintech ecosystemcould stagnate, condemned to tread water and not fulfil the promise of the last few years, with the best and This short report aims to capture the urgency of the moment through quantifying the value of the UK’s open The Story So Far… Consumer data is disparate and underused, guarded by incumbents like dragons hoarding treasure in caves.There is no incentive for large incumbents to proactively enable consumers to share their data in real-time,and the Right to Data Portability under Article 20 of General Data Protection Regulation (GDPR) has the Open Banking has cut this 30 days to a matter of seconds for transaction data on payment accounts. How Did We Get Here? Open Banking was introduced in the UK through two actions: ●The 2017 Retail Banking Competition Order, an intervention by the Competition and Markets Authority(CMA) to inject competition into the retail banking sector by compelling the nine biggest banking groupsto take action to make it easier for their account holders to ‘port’ their data and make account to account ●The Payments Services Regulations 2017 (PSRs), the UK’s transposition of the Second Payment ServicesDirective (PSD2) from the EU. This is now under complete UK Government responsibility post-Brexit, with The Great Open Banking Crossroads | March 2023 However, while frequently referred to as the world leader, it could be fair to suggest that the UK has sprintedahead but is starting toflag, whilst other markets, who started later and at a gentler pace, have begun to Despite the two vital actions above, the UK Government has never proactively led the way withOpen Banking, so far we have the CMA and the EU to thank for our ‘world leading ecosystem’. The But This Could All Be About to Change… …as a result of Smart Data legislation. Through the Data Protection and Digital Information Bill (DPDI), theGovernment will introduce primary legislation to give Secretaries of State the ability to mandate sector The primary legislation will inherently be sector agnostic and principles based, with nofirms compelled todo anything in the short term. Whilst there is a balance to be struck, with the Australian experience Beyond the primary legislation, Coadec wants to see a commitment to afirst ‘Smart Data Scheme’ Why is a Regulated Approach Necessary? Consumers will, and want to, share their data if they get value out of doing so safely, securely and whereclear limitations of use are articulated: the seven million users of open banking to date demonstrate this. There are three ways that data could be exchanged: ●Throughcredential sharing, known as “screen-scraping”: consumers share their username and passwordwith a third party, who then log-in on their behalf and “scrape” the data they see to then be re-used in ●Through aprivate Applied Programming Interface (API). Instead of sharing credentials, users canconsent to connect a data source to a third party data consumer via a direct integration. This directintegration exists because of a pre-existing commercial agreement between the data source and the ●Through aregulated API. Instead of the direct integration existing bilaterally on commercial grounds,it is the result of a regulatory mandate compelling the data source to make the API available to regulated The Great Open Banking Crossroads | March 2023 Thefirst route leads to consumer credentials being exposed to third parties, jeopardising the security of theirdata, and leading to high costs of entry forfirms as screen scraping can be very costl