Open Banking and Fintech in the COVID-19 Wind

‘Banking is necessary, banks are not’ was stated by Bill Gates all the way back in 1994, and has served as the mantra for the first wave of Fintech. Nowadays the pandemic has many losers, but it already has one clear winner: Fintech. The large digital business technology and platforms will come out of the crisis even stronger.

The financial services industry is undergoing a revolution in how software solutions are manufactured and delivered to end customers and one of the most important digital transformations is the concept of open banking; which enable individual customers and businesses to share their financial data with third parties. As a direct result, consenting customers can now benefit from a host of innovative applications for use outside of their bank’s ‘walled gardens’ – people with hearing issues might use an app which speaks their account balance to them, young graduates living on a tight budget might benefit from an app which helps them manage their finances and saves automatically, SME’s can quickly compare loan products from various banks to choose the most appropriate.

The banking industry, conservative and puritan, is being forced to rethink its basic model to work in a more collaborative manner (with both banks and up-and-coming fintech startups). This response to customer demand comes of course with a plethora of challenges; issues of security, liability, business models and partnership at scale are all radically new dimensions unimaginable only a few years ago. The concept of open banking was first introduced in the United Kingdom in 2014 and then started a new era of transformation in digital financial services quickly.

As the technology matures rapidly as per the pandemic, a number of banks begin to show the way forward in Open Banking, some regulators have stepped in to regulate (or at least provide guidance) for the rest of the industry. It is estimated that regulators in 50% of G20 countries will create an open banking API standards or gateways this year and more countries announce their intentions to engage with the Open Banking regime advising Regulators and industry bodies to seriously engage with Open Banking in preparation for an imminent open future.

Turkey developed a legal infrastructure for the digital world of banking and payment services with the Law on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions number 6493, dated 27 June 2013 (The Law), as well as with secondary legislation. All the new legislation was largely inspired by the EU Payment Services Directive 1 number 2007/64 (PSD1).

The Law was amended in line with evolving financial services on 12 November 2019, effective from 1 January 2020.(The Regulation) One of the major amendments is the introduction of new payment services which brought about an initiative for open banking. This was the first step toward establishing a legislative basis for open banking in Turkey.

The legislative framework of open banking is very similar to the EU Payment Services Directive 2 number 2015/2366 (PSD2), which is known to be the dawn of open banking in Europe, as well as in the rest of the world. To that end, sub-paragraphs (f) and (g) were added to the first paragraph of Article 12 of the Law, which regulates the types of payment services. In wording almost identical to that of PSD2, the Law defines "payment initiation service" as, "a service to initiate a payment order at the request of the payment service user with respect to a payment account held at another payment service provider," and "account information service" as, "an online service to provide consolidated information on one or more payment accounts of the payment service user held by payment service providers upon the approval of the payment service user".

With recent amendments, the Law designates the institutions which will provide payment initiation or account information services as payment service providers, imposing on them the obligation to comply with the related provisions. However, it will not be necessary to comply with the requirement to issue shares against cash and in the name of the holder, and the minimum capital requirements will not be required for those who will only provide account information services. Within the scope of recent amendments, the Central Bank of the Republic of Turkey (Central Bank) will be authorized to adopt regulations regarding this issue.

Furthermore, the Regulation on Information Systems of Banks and Electronic Banking Services (The Regulation) dated 15 March 2020, which will enter into force by 1 July 2020 and which determines principles and procedures regarding electronic banking services and information systems of banks, accepts open banking services as electronic banking services, and defines them as, "an electronic distribution channel where customers or parties acting on behalf of customers can remotely access and complete banking transactions or give orders to the bank to complete transactions by accessing financial services offered by the bank through API, web services and file transfer protocols." Rules similar to the Regulatory Technical Standards related to PSD2 on strong customer authentication, security measures for transactions, monitoring transactions regarding the risk of fraud and informing customers concerning electronic banking services will also be applicable to open banking services in Turkey. However, there is a slight difference from PSD2: since the Regulation brings obligations for banks only, the obligations of open banking service providers are not yet defined.

The secondary regulations regarding open banking should be introduced by 12 November 2020, in other words, within one year following the introduction of the amendments to the Law. As determining the standardization of open banking by the Central Bank was emphasized in the Parliament commission negotiations regarding the Law, the standardization of API and similar interfaces is expected to be included in the relevant secondary regulations. 

Another significant innovation brought by the Regulation is "remote authentication," which will possibly further pave the way for open banking services, enabling banks to remotely authenticate the identity of new customers or to receive services from another bank that has previously identified such a customer through open banking services

However, there are some uncertainties such as:

• How the client instructions to be gained and kept related to transactions and GDRP issues
• Complying sides obligations (Banks, AISPs, PISPs, TPPs)
• A clear picture of the involved parties liabilities within the system

It is possible to say that the concrete reflection and benefits of Open Banking are in close proximity. This situation will bring great gains on the customer side and may also result in the differentiation of the competitive balance of banks and Fintechs in the market. The advantages and disadvantages of both sides will determine the cooperation and competitive attitudes of the parties. However developments and adaptations of ‘Open Banking’ will be much faster in countries with financial sector players that are advanced in technology and innovation.

Footnote:

The Law

PSD1

PSD2

The Regulation