Open financial application programming interface (API) standards are continuing to enter the U.S. banking space. They will propel fintech invention and partnership, advance user permissions and transparency, and help safeguard consumer information.
The development and the increasing importance of digital banking to consumers, financial institutions and financial technology suppliers revolves around the emergence of open banking and even more broadly, open finance systems — strongly aided by application programming interfaces.
Banks, credit unions, and fintechs progressively adopt open API standards, which help them connect with customers and deliver innovative fintech services that improve customer financial health and the financial data ecosystem. But there has been no official standard framework for APIs in the U.S.
Whereas around the world government authorities set the standards, in the U.S., it is the fintech participants that stepped in to create a framework that all participants could buy into. The Financial Data Exchange (FDX), dedicated to unifying the entire financial services ecosystem around a common, interoperable, royalty-free standard for secure access-permissioned data-sharing began in early 2017 as a grassroots effort led by financial institutions, financial technology companies and data aggregators.
Regulating Open Banking Overseas, But Not in the U.S.
Prior to the last several years, the open finance ecosystem mostly relied on screen-scraping and shared login credentials to access consumer information. Parties from all sides agreed these methods were certainly not the best path forward.
The concept of open banking continues to evolve internationally as policymakers push for consumers to have better control over their banking information.
The United Kingdom in its open banking oversight over the last several years outlawed screen scraping for accessing consumer payment account data; required third-party providers, including fintechs and data aggregators, to acquire regulatory consent and establish proper data privacy, insurance, and security measures; and permitted participants to only collect consumer data for the product or service consumers authorize. The UK favors sharing consumer financial data through an open banking API, which consists of five distinct types of specifications that cover read/write, open data, directory, dynamic client registration, and reporting.
In 2019, the European Union mandated open banking and APIs under its revised Payment Services Directive (PSD2) and General Data Protection Regulation (GDPR) to govern data protection and privacy. The EU provided regulatory framework that requires financial institutions to allow third-party providers access to customer data via open APIs, and outlines how financial institutions and third-party providers can share and protect the consumer data they collect and use.
To date, U.S. regulators have taken a mostly hands-off approach to open banking by delivering non-binding guidelines. But the FDX reasons in the U.S., the market is best suited to define and adapt the technology much quicker than the regulators can react to rapid fintech changes.
FDX API Holds the Open Banking Key
Standardized API protocols allow banks and credit unions with a straightforward, safe way to share consumer data with the fintechs developing services consumers want such as auto, personal, business, and real estate lending and credit; and personal finance management, investments, and retirement funds.
“Consumer demand to share financial data with fintech apps continues to expand. Consequently, we believe it is only fitting for the financial industry to occupy the role of defining the technical means and methods to accomplish consumer-centric financial data sharing through FDX,” said FDX Managing Director Don Cardinal in a press release announcing 28 million consumer accounts now use the FDX API for open finance and open banking data sharing.
The FDX API standard, fully grounded on consumer and business permissioned access to their financial records, will not access data without a consumer’s full permission and control. In addition, FDX has recently laid out the “Five (5) Core Principles of Data Sharing” centering around control, access, transparency, traceability, and security in a white paper. “The Global Industry Standard for Consumer Access to Financial Data” delivers operating principles for FDX, as well as guidelines for the financial industry on the essential elements of a secure, transparent consumer-first approach to the sharing of financial data.
FDX is currently on version 5.0 of the FDX API, which significantly increases market standardization of financial data sharing around consent, user control and consumer dashboards, and aligns with other global standards. The FDX API covers more than 620 financial data elements so that consumers can use and share a wide range of their own financial data to their benefit.
In addition, FDX’s User Experience Working Group is further strengthening control and permissioning mechanisms by developing and providing focus group-tested user experience guidelines, which will make granting, modifying, and revoking data access an intuitive, seamless experience.
FDX plans to include any future regulatory requirements put in place by policymakers or regulators in its FDX API model, while also allowing for new technology and market innovations to continue quickly.
Gathering Industry Buy-In
Partnerships between fintechs and financial institutions are mutually beneficial. For credit unions and banks, an open-banking solution tapping into new technology can extend their market reach, connectivity to customers and provide new revenue opportunities. Meanwhile, partnering with financial institutions by gaining access through open banking application programming interfaces, such as the FDX API standard, allows fintechs to strengthen their offerings. An API marketplace — which includes an API manager, gateway, security, publisher, and developer — helps bring the financial institutions and fintechs together.
FDX, which has global membership and predominantly operates in the US and Canada, has more than 200 member organizations comprised of financial institutions, financial data aggregators, fintechs, payment networks, consumer groups, financial industry groups, utilities and other stakeholders. FDX board members include Bank of America, Capital One, Charles Schwab, Citigroup, Experian, Fannie Mae, Fidelity Investments, JPMorgan Chase, Wells Fargo, Envestnet | Yodlee, Finicity, and Plaid. Members include three of the major banking cores FIS, Fiserv, and Jack Henry; and secure data solutions software platform supplier NXTsoft.
NXTsoft, which provides API connectivity between fintech companies and financial institutions, provides its OmniConnect Platform, an open banking marketplace for all API needs with connectors built for 99% of U.S.-based core accounting systems including those from Fiserv, Jack Henry, and FIS.