Since the rise of digital banks and fintech companies, the traditional banking model has come under heavy pressure. On the one hand, new competitors constantly appear with more agile digital proposals, maximizing user experience and massively using data to generate insights and provide customized products and services. On the other hand, new regulations such as Open Banking are emerging, encouraging the opening and controlled exchange of bank data through APIs (application programming interfaces). The expectation is that the regulatory movement will radically change the way business is conducted in the financial sector, increasing competition and efficiency of roughly 550 fintech companies currently existing in Brazil, according to data from the Fintech Mining Report study.

In line with the maturing of the topic in Europe, Hong Kong, Australia and other regions of the world, the Brazilian Central Bank is creating the rules and guidelines that will guide the implementation of the measure in Brazil. The goal is to standardize the Open Banking model, as well as bringing greater legal certainty to banks that have customer data and to users who wish to share this data, while maintaining alignment with the General Data Protection Act (LGPD).

What are the changes for users after all?

The concept of Open Banking is based on the idea that the consumer is the owner of their own data, as opposed to the bank. By opening information to other channels, users will be able to search for products and services that bring more advantages and convenience, organize their financial life in just one application (without having to download several apps to organize each expense), and bring their financial history to others banks, which will be able to make customized offers, according to each profile. These are some scenarios for using Open Banking.

On this journey, the potential for innovation and new solutions is astounding. Chip is an example of an application connected via Open Banking with some banks in Europe. Its function is to analyze the user’s spending profile through their financial transactions in their bank and credit card accounts. By applying an artificial intelligence algorithm, the application makes investments automatically without impacting the user’s daily expenses. In summary, Chip “hides” the money automatically, facilitating the process of making personal financial savings.

The expectation is that the requirement for banks to open their customers’ information for other financial institutions will increase competition for services, lower prices for consumers and create new products, services, and forms of payment.

But what about banks, is Open Banking an opportunity or a threat?

Open Banking often sounds like a major threat. The fact is that there is an ocean of opportunities to be explored, in addition to the purity of the regulations. The strategic positioning adopted by each financial institution will direct the benefits to be extracted from Open Banking. The following are three examples of positioning:

• Regulatory compliance: The financial institution wishes to comply with the rules in the most limited manner possible in order to allow TPPs (third-party providers) to perform payment services and have access to basic information about products and services offered and access to customers’ registration and transactional data. Essentially, it complies with the regulation commitments as defined by the Central Bank.

• New experiences and leveraging products: The financial institution uses the opening of transactions for its services and products (through APIs) as an opportunity to leverage revenues or generate new value. At this level, the idea is to use the API as a new channel that amplifies the distribution capacity of its products, supported by a revenue-generating business model. Cielo’s QRCode is an example of this type of positioning, where different partner applications can create a customer payment experience for its QRCode product through APIs. At the current level of maturity, Open Banking is no longer merely a regulation and begins to leverage revenue.

• Expanding ecosystems: The financial institution positions itself as a service platform (BaaS – Bank as a Service), allowing other companies to build new solutions composed with their financial services exposed through APIs. A major example of this type of positioning is Banco Topázio, which also offers a platform of digital financial services through APIs.

At this moment, in which the regulation of Open Banking in Brazil is under discussion, the positioning on the level of “New Experiences and Leveraging Products” is something relatively easy to achieve (a low-hanging fruit). Products and services already established in traditional financial institutions can be quickly modernized for exposure in an Open Banking layer. This strategy allows not only the leveraging of revenues from these products and services, but also enable the institution to prepare for future regulations by anticipating the creation of technological, legal and security structures, thereby making it a competitive advantage. In other words, the institution enters the game and increases its digital maturity level.

The four pillars of Open Banking

The start of the Open Banking journey can be based on a number of work fronts. Nevertheless, four pillars are fundamental:

• API exposure: In light of the regulation currently being drafted, the data and transactions to be opened do not create a competitive differentiator from the standpoint of those who provide the data, unlike those who carry out consumption, who can work with the information, enrich it and use it intelligently for business. Value generation should be the main driver for APIs to be exposed first in Open Banking. Imagine that the API has to be in the way of money. A next step would be to ensure that the purpose of the API is clear, its access design is simple, and consumption is free of friction.

• Strategic partnerships: With Open Banking, banks can create B2B partnerships, not just with fintech companies, in order to make better use of customer data or their services and financial products exposed by APIs. These partnerships initially first focus on the business segment or customer profile with which the financial institution already operates, taking advantage of the partner’s relationship network to gain capillarity.

• Security: Among the basic items of any bank are liquidity and security, which generate trust and credibility. When exposing financial data and transactions, it is crucial to ensure that this is being done in the most secure way possible. Here, encryption technology is important to ensure that sensitive information is secure during data transmission. API consumption requires authentication and authorization – mechanisms that are similar to other digital channels that exist today in banks. In terms of open data (Open Banking), the terms lead to believe that the customers’ information in a bank will be exposed. This is not true, as access to data is controlled and secure. Only those who are allowed access it will do so. Access by TTPs (third-party providers) can be revoked at any time.

• Governance and compliance: Data and open transaction providers are required to have legal mechanisms in place to support liability in the event of a security breach or unauthorized transaction. Informing customers – whether they are natural persons or legal entities – about how their data is being used, how they can control it, how it is stored or how the company is audited are ways of ensuring transparency. The availability of transaction records is essential in this case – knowing exactly who is consuming the APIs, when, where, and through which device and application. Another aspect in this subject is the management of the consent to access financial data. Access to a bank account’s data, as well as its transactions, by TPPs (third-party providers) is only possible if there is consent to access the data, which by the definition of Open Banking, must be given by the account owner, that is, the bank user.

Banks that take these first steps will be much better prepared to comply with the regulations: with the technological structure installed and planned, the threat of merely meeting one more regulation can be diverted to a look at how new businesses can benefit these companies.

But is Open Banking intended only for banks?

Open Banking will be responsible for creating a more open and integrated market in the financial sector. This trend follows new business opportunities, not only for banks, but also for companies in other segments in which the flow of money is significant. This is the case with retail: there is a trend and a very strong movement that is transforming large retailers into financial institutions. Premiums paid for fintech companies are high, and this movement is gaining scale, taking advantage of the capillarity of large retailers. With the purchase of the fintech company Ewally, the stores Riachuelo, Pernambucanas, ViaVarejo and Carrefour are positioned in this trend.

The Open Banking game is taking place now. Looking at the topic far beyond the issue of regulation is a way to ensure a privileged position in the new economy of the financial sector.