For those who are just getting an understanding of digital payments, or just entering the world of open finance, it may seem chaotic -- at least at first glance. But frankly, nothing could be further from the truth.
The world of open banking is, and has been since its inception, extremely strictly regulated. After all, it does concern the sharing of sensitive financial data and information. That means that all the entities involved, as well as the rules regarding privacy, data sharing and more, are under strict scrutiny and regulations. If you’re wondering whether you can trust open banking, the answer is yes, definitely.
If you’re wondering who regulates it and how, read on:
It’s no secret that Europe is the global hub of open banking; this is where open banking was born and this is where rules and regulations regarding open banking were first developed and put into place.
The biggest marker of this is PSD2 (Payment Services Directive 2), the legislation which was adopted by the European Parliament in 2018. It refers to the list of regulations that govern Open Banking around Europe, including strong customer authentication, anti-fraud measures, rules that strengthen user rights and more (read a detailed understanding of PSD2 here).
While PSD2 is the core regulatory framework that lays out the rules for open banking, it’s still up to several entities to oversee those rules and ensure that all entities (financial institutions, Third Party Providers and more) actually follow them. The EU is the main governmental body responsible for overseeing that PSD2 is followed by those parties, but there are other bodies responsible, too.
Generally in Europe, open banking is regulated by the European Banking Authority, which maintains a strict set of standards and regulations regarding privacy and data protection in open banking. They also maintain a central register of all payment and electronic money institutions that are registered in the EU to provide PSD2-related services.
When you’re looking at open banking across Europe as a whole, then the EBA is the main regulatory body. But each individual country has its own regulatory body, as well. And they work with the EBA to ensure that institutions providing open banking services are registered and comply with all PSD2 regulations.
For example, the KNF is the Polish regulatory body, and it maintains a register of all institutions that are legally allowed to provide open banking services. In Lithuania, that regulatory body is called the BOL (Bank of Lithuania). In Portugal, it’s the Banco de Portugal.
All of these individual regulatory bodies collaborate with the EBA, which maintains the central register.
Because Europe is the hub and birthplace of open banking, it makes sense that it would have the most developed regulatory system. But other areas around the globe are looking at implementing open banking now, too. And many countries are beginning to start with developing their regulatory bodies (read more about where different countries around the world stand with open banking regulations here).
As open banking continues to grow in popularity, it's likely you'll see more and more regulations put into place to ensure data security, privacy and to enhance the overall experience for everyone involved.
For more updates and analysis on open banking, follow Kontomatik on LinkedIn
APIs are essential to the process of Open Banking because they pave the way for data sharing in a safe, secure, standardized and efficient w
A package of new draft proposals, PSD3 and PSR, includes plans to strengthen customer rights, combat fraud and improve APIs
Open banking is extremely popular around Europe, not just the UK