How US Banks Can Get Ready For Open Banking

The Consumer Financial Protection Bureau’s open banking rule is set to be finalized this fall. With it, financial institutions across the country will need to provide access to customers’ financial data for checking, savings, and credit card accounts, prepaid cards, and digital wallets, at their request, to third parties (like fintechs). There’s plenty of material on the opportunities and risks of this, and how FIs feel about it. But, at the end of the day, they’ll have to comply if the rule goes into effect. So the real question is, “How?”

Infrastructure is a big problem for many institutions — according to data from Forbes Insights and Thought Machine, 59% of surveyed bankers consider legacy infrastructure a major business challenge. These systems make it difficult to integrate and share data, which is the prevailing idea behind open banking. In particular, the ability to share data externally in a standardized manner via application programming interfaces is key: Per CCG Catalyst’s US Open Banking 2024 Report, “There is now broad consensus that API-based interfaces should supplant screen scraping in how consumers’ financial data is shared.”

As a result, FIs need to think about how they will get their infrastructure ready to support the data-sharing interfaces that open banking will require. Except in the cases of a few megabanks that already have the foundations for this, that will mean looking for help and knowledge to inform their strategy.

There are three primary places a bank or credit union might start:

• Bank technology and digital banking providers. Core system and digital banking providers — think FIS FIS , Fiserv Fiserv , JHA, Q2, Alkami, etc. — all have the CFPB’s rule on their radar. And they are aware that they will play a major role in helping their clients comply should the regulation go forward. In particular, consent management, a focus of the CFPB draft rule, is expected to evolve along with the regulation in addition to data orchestration, aggregation, and data cleaning, Barbara Negron, senior director, platform partnerships at FIS, told CCG Catalyst in the report.
• Third-party aggregators. Aggregators like Plaid or Tink (owned by Visa Visa ) are working to get ahead of the rule by inking deals directly with FIs and partnering with other technology providers (including those that fall into the bucket above). For example, Tink has signed data access agreements with banks and vendors, including Capital One Capital One , Fiserv, and JHA. Understanding the strategies behind these players could go a long way in helping institutions get a handle on how they can take more control over their open banking futures, potentially extending beyond the rule to other use cases their current technology providers haven’t yet thought of.
• In-house developers. Those that have the option to turn to in-house talent will likely want to do so. While the ability to build all of the infrastructure needed for open banking isn’t available to most, any kind of technical knowledge that can inform an institution’s strategy will help to chart a path forward. This will be especially valuable for FIs that are forward-thinking and know they want to plan beyond compliance to a long-term strategy for open banking.

These sources are not exclusive. In fact, FIs should be looking to consult a range of experts as they build their open banking strategies. Ultimately, some will be focused on getting on top of this rule, while others will be several steps ahead. Wherever a bank is on that spectrum is fine, as long as there is a strategy behind it. While it is certainly possible to achieve compliance by waiting for your core provider to tell you what to do, there is a missed opportunity there. Knowledge is power, and by reaching out and getting informed, FIs can begin to think about open banking compliance in a way that works for them.

Importantly, the CFPB’s rule only covers certain types of data; there are many, many other use cases to be considered. Basic compliance is a necessary starting point, but the savviest will take things a step further and look for ways to differentiate. Whether your bank is one of those FIs or not, it’s at least worth understanding what that looks like.