An article I wrote, but never published. I think that the concepts of platform architecture, extensibility and openness are vital for any modern business. Check our the article below and let me know what you think via comments.
Over 80% of UK citizens bank with Barclays, HSBC, Lloyds, Santander or Royal Bank of Scotland. However, the introduction of Open Banking regulations a year ago could change our approach to banking. Open Banking has encouraged financial institutions to make their data available in a secure, standardised form, so that it can be accessed more easily by authorised organisations. For consumers, this means they can more easily select banks for different purposes by managing all accounts and payments in one centralised app. For example, Barclays and HSBC have already made their information available so that customers can view information from multiple banks on a single app, centralising their finances.
This improved access to payment information and spending data means that there will be increased innovation across the market. In theory, this will lead to better banking products that offer more efficient service to consumers, particularly from smaller, technology-led outfits. And as data sharing becomes the norm, financial organisations are having to address their data security approaches. Thus Open Banking is creating an opportunity for IT and security teams to assess their legacy management platforms and simplify and secure their IT environment for better visibility and control.
The regulation revolution
Although a recent YouGov poll revealed that still only a third of Britons have actually heard of Open Banking, for a new regulation this isn’t all that surprising. In 1997, Nationwide Building Society launched the UK’s first online banking service, a major turning point in personal finance management. While this made it easier for consumers to make payments, get loans and better manage their spending, uptake was slow due to the concerns on sharing personal information – particularly when it comes to money. We’ve seen the same slow start from some banks in improving endpoint visibility and strengthening cybersecurity and IT operations measures, and in some cases this has led to disastrous consequences, in the form of technical disruption or cyber attack.
The case for Open Banking standards
Historically, businesses have taken a ‘walled garden’ approach to data security, fortifying their data centres with perimeter security solutions and proprietary infrastructure. But, one year on from the introduction of Open Banking, over 100 regulated providers have achieved compliance by making their data available and accessible. We are far from where we need to get to, but mindset shifts are taking place as banks begin removing proprietary processes and fragmented endpoint management. It’s safe to say that the closed platform model of old is changing. Just as Open Banking has laid the foundations for a frictionless consumer experience, so too has it widened the scope for security and IT teams to develop frictionless integrations and API driven automation.
In part this is due to the Open Banking regulation itself, but what’s really driving this mindset shift is a realisation by banks and other large organisations that customers are demanding more openness and extensibility from their products and services. And this openness and flexibility does not just benefit consumers, but the banks too. Moving towards a more flexible, agile approach is vital in an increasingly competitive environment. Across all industries, companies need to be able to pilot new products and systems, fail fast and then try again. Innovation needs flexibility, and flexibility needs fresh approaches to project management and development cycles.
Refreshing data management solutions
The Open Banking regulation is also helping banks modernise their data management systems by allowing cross-organisational access to customer data in the interests of improving the customer experience. This has the potential to vastly improve IT operations and security for larger banks that are currently struggling to identify and combat potential threats due to a fragmented array of legacy or alleged endpoint management platforms that make it hard to detect IT infrastructure vulnerabilities and therefore effectively patch them.
With more stories in the news of high-profile service outages and cyber attacks affecting big organisations, banks should relish this opportunity to re-evaluate their IT systems and processes, to strengthen their resilience and ultimately help protect them against disruption. It’s no longer sufficient in this constantly evolving threat landscape to have a legacy database management system or a narrow point solution that updates asset information sporadically and contains outdated data, just as it’s no longer acceptable for consumers to have to wait days to gain accurate visibility of their finances.
This is a pivotal moment for banks to drive technological change in line with the regulatory requirements necessitated by Open Banking. The need to conform to the new standards will have hugely positive implications on data transparency and security and in turn, strengthen resilience of banks.