You may have heard the term ‘Open Banking’ and wondered what it is and whether it will affect your business. If so here is a simple explanation.
Open Banking is a series of UK reforms which focus on how banks handle your financial information. (It was introduced by Europe’s Second Payment Services Directive (PSD2) which came into force in January 2018).
PSD2 means all UK-regulated banks must let you share your financial data with authorised third party providers. That means more personalised services, whether you’re using accounting software or other financial products, and greater security of your financial information.
In the past, for example, you may have been asked to provide six months bank statements when applying for a loan. Under Open Banking this will no longer be necessary as you can just authorise the lender to have access to your bank account.
No more password sharing
Open Banking also allows you to share data and financial information without handing over any passwords or login details to anyone. You’ll simply use your online banking credentials to authorise requests.
Third-party providers will ask for your consent to access your banking information. A request will be sent to your bank where you log in and authorise the request, and give consent to share your data. Banks are obliged to do this if you consent. However, you can easily withdraw your permission at any time.
If you’re not comfortable sharing your account data with anyone else, you don’t have to.
If you use cloud accounting software your current bank feeds will be replaced by a new type of direct feeds. If you have connected to your bank, you’ll need to switch to new feeds in September 2019. It’s very straightforward and we’ll provide full guidance and support.
Know who you’re dealing with
Third parties in the UK will be regulated by the Financial Conduct Authority (FCA). Once registered, they appear on the FCA’s Register, and/or the Open Banking Directory.
It’s easy to check if a company you’re going to share your details with is authorised under the new banking regulations. Providers should make it clear on their website or app and list their registration number.
Strict limits on access
Providers will only be able to access the data they need to fulfil the service you’ve signed up to. So for example, if you’ve authorised a provider to access your current account with a particular bank, they wouldn’t be able to look at a credit card account you hold with that bank unless you give specific permission.
Real-time security measures
Banks require strengthened security as part of Open Banking and PSD2. The security measures they take are likely to include real-time webpage monitoring solutions – which are designed to detect signs of malware infection, data capture or manipulation by unauthorized parties.
These additional layers of security will allow financial institutions to react immediately to deter potential fraud, instead of trying to recover funds after they’ve been stolen. So you can bank with greater confidence.