开放银行的可持续价值：开放数据视角的见解（英文版）.pdf

The Sustainable Value of Open Banking: Insights from an Open Data Lens Kevin OLeary University Colege Cork kevin.olearyucc.ie Tadhg Nagle University Colege Cork t.nagleuc.ie Philip OReily University Colege Cork philip.oreilyucc.ie Christos Papadopoulos-Filelis University Colege Cork christos.filelispapadopoulosucc.ie Milad Dehghani University Colege Cork milad.dehghaniuc.ie Abstract Open Banking has emerged as an initiative which has the potential to disrupt the retail banking sector by improving competition and innovation in the industry. But is Open Banking capable of producing sustainable value? This is a question that is relevant for all open initiatives given the transfer of value from incumbents to newer entities with the aim of improving innovation and customer benefit. It is particularly relevant for Open Banking at this stage of its maturity. This study undertakes a global analysis (acros 17 regions) on Open Banking through the lens of Open Data. We contribute to the open data lens and provide insights into the potential suces of Open Banking. Specifically, we synthesise a definition of Open Banking, we highlight that Open Banking is not entirely open compared to other open initiatives, and we discuss how Open Banking may provide sustainable value for consumers, Fintechs, and traditional banks. 1. Introduction Within IS research, openes as a phenomenon has gained an increasing focus in conection with fundamental organizational operations such as: software development, innovation, competitive advantage, and digital transformation 1. Indeed, such has been the interest in openes it has expanded beyond research boundaries and now become mainstream as a source of innovation and disruption for industries such as housing 2, government 3, and transport 4. Focusing on Open Banking, this paper explores the value that openness has brought to the financial industry. While there are many working definitions of Open Banking in the industry, there has ben litle efort to understand what it actually is within academic circles. For instance, the most succinct definition to-date comes from Currie, Gozman 5 who refer to Open Banking as a shift from an old institutional regime of opacity to an increased openes and transparency. While quite vague this definition has led to the acknowledgement that Open Banking chalenges many of the institutionalized assumptions around the aspects of information asymmetry 6. This in particular highlights the central nature of openness around data and information and a point of focus when exploring the Open Banking, which has received litle or no interest from academics 6, partly because many of the relevant interactions are taking place outside the view of researchers 7. The retail banking industry has traditionaly ben referred to as a walled garden environment, exclusively reserved for an elite cohort of established banks 8, however the emergence of Open Banking seeks to disrupt the status quo by puting control in the hands of the consumer, giving them ownership of their financial data and allowing them to share this data with TTPs who are ofering new products and services 9, 10. Open Banking is an emerging initiative which has the potential to disrupt retail banking globally, improving competition and innovation in established markets 1, increasing financial inclusion in developing economies 12, and potentially extending to other industries in the future 13. With a wide range of definitions used in practice, we sought to develop a synthesized definition. To achieve this, we focused on the definitions proposed by two stakeholder groups; the nine prominent UK banks who were mandated to implement Open Banking initiatives, along with three advanced regulatory standards (see Table 1). These were selected from the sources we gathered for our global analysis as they represented the leading banks and regulatory standards available today. The purpose of this aproach was twofold; first, we provide a clear definition for Open Banking, and second, we highlight how diferent Proceedings of the 54th Hawaii International Conference on System Sciences | 2021 Page 5891 URI: 978-0-9981331-4-0 (CC BY-NC-ND 4.0) stakeholders are interpreting the potential of Open Banking. Therefore, we propose the folowing definition for Open Banking: An initiative which facilitates the secure sharing of account data with licensed third parties through Application Programing Interfaces (APIs), empowering customers with ownership of their own data. The initiative aims to increase competition in retail banking by developing innovative products and services which wil bring increased value to customers. In the definitions outlined by the banks, data sharing was mentioned in every case highlighting the centrality of open data to the implementation of Open Banking. The second most comon aspect was the potential to collaborate with licensed. The ned for licensing would suport the sensitivity of banking data and need be mindful of security at all times, which is also mentioned frequently in the banks definitions. Aspects such as new products and services, increased customer value, and customer data ownership (and consent) are also frequently mentioned. However, there are only two mentions of data standards (API development), which would suggest that while data is central the need to create standardized access has yet to be fully considered. Analysing the definitions set out by the regulatory bodies, it is aparent that their focus is on increasing competition in the market with all three highlighting the topic. However, it is interesting to note that this was not mentioned by the banks. What is also striking is the lack of explicit focus on data standards and customer data ownership in their definitions. Given the role of the regulators in digital governance it would be assumed the focus on these aspects of Open Banking would be a top priority. This poses the question of the sustainability of open banking. Is open banking creating sustainable value for key stakeholders? To examine these questions, this study leverages the work of Jetzek, Avital 2, which presents a model to explain how open data generates sustainable value. The remainder of this paper is structured as folows; first we introduce the open data research lens which we use to analyse Open Banking. Second, we detail our methodological aproach and the industry resources which were included in the study. Third, we discus Open Banking in the context of each element of the framework developed by 2. Finally, we discuss our findings and the contributions made to both research and practice. Table 1: Definition of Open Banking Sharing Account data Licensed Colaborati on (TPs) Security New Products and Services Customer Data Ownershi p Increased Customer Value Data Standards Increased Competiti on Ba n k s AIB Barclays Lloyds Nationwide RBS Bank of Ireland HSBC UK Santander Danske Count: 9 8 6 5 5 5 2 0 Re g u l a t i o n CMA PSD2 CDR Count: 1 1 2 2 0 2 0 3 Total Count: 10 9 8 7 5 7 2 3 2. Open Data as a Research Lens Open data is data which has ben made available to public users, including citizens, businesses, researchers, civil servants, and others, to be freely used, modified, and shared for any purpose. Intellectual property rights are outright relinquished or reduced to a minimum, and often such open data is made available through open APIs in machine-readable formats 2, 4, 14-16. Indeed, open data is an appropriate lens to for the analysis of Open Banking as both initiatives lok to create value by taking what was once proprietary data and sharing it with external parties to facilitate new products and services. Illustrated in Figure 1, Jetzek, Avital 2 Page 5892 framework, developed through Open Government Data highlights a number of mechanisms on how sustainable value is created, a key aspect for the longevity of the initiative, just as it is for Open Banking. As a result, this study seeks to aply the structure of this model to Open Banking. The enablers listed on the left of the model include Digital Governance, Openness of Data, and Digital Infrastructure. These enablers facilitate the development of digital assets in the form of new products and services for retail banking, which in turn generate sustainable value. Adapted to focus on Open Banking these concepts are outlined as follows: Digital Governance: digital leadership and regulatory data and privacy protection frameworks, which together reflect the governance aspect of an Open Banking initiative. Openes of Data: the degree to which bank account data is available, affordable, and sharable, published in a usable and interoperable format, and made both discoverable and acesible. Digital Infrastructure: a collection of technological and human components that contribute to the functioning of an Open Banking platform. Digital Assets: includes (i) Shared Digital Content, which is banking data that has ben procesed to become digestible information and then shared to external parties, and (i) Digital Products and Services, which is the combination of open and proprietary resources to produce diferentiated products and services. Sustainable Value: a contribution that simultaneously delivers both short- and long-term economic, social, and environmental benefits. Figure1.Research Model(adapted from 2) 3. Methodology Given the term Open Banking is a term ainly used in practice 6, this study primarily focused on documents produced by key industry players: regulatory bodies, banks, licensed technology third parties (TTPs), and industry research/consultancy organizations. Collated over a period of 5 months, a total of 81 documents/sources were analysed, focusing on 17 regulatory jurisdictions, across multiple geographic regions and both developed and developing economies (Australia, Brazil, Canada, China, EU, Hong Kong, India, Indonesia, Japan, Malaysia, Mexico, New Zealand, Nigeria, Singapore, Thailand, UK, and USA). Incorporating Jetzek et al.s 2 Open Data model as a theoretical frame, each of the 81 documents were analysed by utilising the open data concepts of: (i) digital governance, (i) openness, (ii) digital infrastructure, (iv) digital assets, and (v) sustainable value. The results were then analysed across the 17 regulatory jurisdictions. Once completed the coded data was further interrogated by the research team through systematic questioning and triangulated interpretations to generate more consistent results. Furthermore, to reduce the impact of analysis bias the principle of dialogical reasoning was followed to highlight an awareness of possible contradictions and improve the separation betwen any predeterminations and our actual findings 17. The result of this analysis provides a global perspective, the first of its kind on Open Banking. Furthermore, having operationalized the Jetzek et al. 2 model of open data for banking, the concepts in the model are applied to the sources collected providing a theoretical underpinning to the analysis. These results can be generalised to other open trends such as Open Energy or Open Telecom. 4. Data Analysis 4.1 Digital Governance Digital governance includes work structures, organizational behaviours, governance, and the regulatory environment which influences the motivation of individuals and organizations to generate value through data 2. From our analysis we found the digital governance of Open Banking to be following several approaches and at various stages of maturity across the globe, see Table 2. We found the UK to have the most mature digital governance for Open Banking, with an established regulatory framework in the CMA Order of 2017 which placed a legal mandate upon the nine largest UK banks and building societies (the CMA9) to make their customers personal and business current account banking data available to authorized TPs through secure APIs 10. Also, the UK wil adopt PSD2 and GDPR as introduced by the EU. In adition to this, in the UK, an Open Banking framework and API standard have been mandated by the Competition and Markets Authority 10) and wil be overseen by a dedicated Page 5893 body, the OBIE 18. The aim of the Open Banking Working Group was to determine how data sharing might work in practice. In 2016, the OBWG published a high level framework for sharing banking data and Table 2. Open Banking Digital Governance Global Landscape Approach Region (Regulation or Regulator) Sources Established Open Banking Regulation and API Standards UK (PSD2/GDPR/CMA) 10, 18 Established Open Banking Regulation - No API Standards EU (PSD2/GDPR) 9, 2 Actively Developing Open Banking Regulation Australia (Consumer Data Right (CDR) 23, 24 Mexico (The FinTech Law) 12 Brazil (COMUNIQU 3,45 Brazils General Data Protection Law) 25 Canada (Personal Information Protection and Electronic Documents Act (PIPEDA) 26 New Zealand (PaymentsNZ) 11, 12 Japan (Japans Banking Act) 11, 12, 27, 28 India (Data Empowerment and Protection Architecture (DEPA) 11 Regulatory Sandbox Aproach Singapore (Monetary Authority of Singapore) 28-30 Hong Kong (Hong Kong Monetary Authority (HKMA) 11, 30 Malaysia (Bank Negara Malaysia (BNM) 30, 31 Indonesia (Bank Sentral Republik (BSR, the central bank) 30, 32, 3 Thailand (Personal Data Protection Act) 30, 34-36 Suporting Financial/TTP Regulation USA (Dod-Frank Act) 21, 37, 38 No Regulation Market driven China (None yet GDPR Equivalent expected) 39, 40 Nigeria (None) 11, 41 guidelines on how to implement them 18. These additional structures offer an extra layer of maturity to the governance aproach of this region. The EU difers from the UK in that, while it has established a strong regulatory framework, there is a lack of API standards. The key relevant regulations, include PSD2 and GDPR. PSD2 updates and complements the rules set out in PSD1 and takes new providers of innovative payment services into account. PSD2 opens the payment markets to these new entrants to encourage increases competition and offer greater choice and better prices for consumers. PSD2 outlines two types of regulated Trusted Third Party that will be granted direct access to customer accounts 19, namely Account Information Service Provider (AISP) and Payment Initiation Service Provider (PISP). GDPR came into force across the EU on 25 May 2018. GDPR aims to harmonize data privacy laws within the EU. It applies to all personal data, of which Open Banking data is a subset 19, 20. However, at present, the EU Open Banking ecosystem can be summarized as being fragmented and lacking agreement on IT and data exchange standards 21. Most regions fal under the categorization of Actively Developing Open Banking Regulation. As outlined in Table 2, Australia, Mexico, Brazil, Canada, New Zealand, Japan, and India have all taken significant steps to introduce regulation or develop API standards to suport Open Banking. These regions stil require a significant amount of work to further mature their digital