Open Banking is a global trend in consumer data access that is creating new opportunities and risks for banks, customers and other service providers. In Australia, Open Banking is being delivered through the Consumer Data Right (CDR), new legislation which is commencing firstly in the banking sector with the major banks required to provide limited access to accredited data recipients starting February 2020.

This requirement will gradually expand to include the majority of banking products by February 2021 (with all other Authorised Deposit-taking Institutions (ADIs) commencing 12 months later). Open Banking and the CDR is the first step in the establishment of an open data economy, starting with banking and then expanding to include other key sectors such as energy, telecommunications, insurance and superannuation.

Australian and global banks are aiming to execute their Open Banking programmes by leveraging learnings from the implementation of Open Banking in other regulated markets such as the UK, but also in markets such as India and the US where Open Banking has been instigated by market demand rather than regulator intervention.

Globally, banks are also thinking beyond compliance, considering how to use the technical capability developed as part of Open Banking to build a KPMG Connected Enterprise to serve customers through front, middle and back offices in an end-to-end data-rich model. Front office functions with frequent direct customer contact have embraced data but the opportunities for increased service responsiveness, reduced cost to serve and improved risk outcomes are starting to emerge across operations, risk and fulfilment functions.

Open Banking is increasingly being seen as an enabler of digital transformation agendas. Key issues and themes discussed by global banking executives have focused on:

• leveraging open data capability within the SME and consumer credit decisioning process
• generating rich insights to help customers and clients achieve financial goals
• developing an end-to-end view of transactions to provide deep insights into merchant banking/payment clients and support B2B2C- and B2B2B-type relationships
• partnering with fintech providers to identify granular data and incorporate that into broader analytics efforts and enable new service offerings
• integrating internal data sets with external data and open data to provide a holistic view of a customer’s financial position
• moving beyond compliance to Premium API services that customers find valuable and are willing to pay for.

As the CDR potentially opens up new sources of data for banks, data and analytics teams will be challenged to integrate these new data sources into existing data workflows. Large complex banking organisations currently struggle to cut across data silos and make sense of internal data. New external data will provide additional complexity.

New data architecture, analytics frameworks and approaches to managing data risks (including ethics and privacy) will need to be put in place in order to capitalise on potential upsides. For example, there are now questions around the banks’ obligation to act on newly captured data, particularly as it pertains to key regulatory and compliance areas like Know Your Customer (KYC) and Responsible Lending.

Efforts to date, driven by impending regulatory deadlines, have focused on compliance and being able to surface data externally. Many banks have complex internal data lineage and processes that provide adjustments to compensate for poor data quality. In an environment where internal data is now shared externally there is no opportunity for manual adjustments – banks need to focus on uplift of data quality.

Getting data governance and quality right is complex, and appropriate attention on internal efforts is key given ongoing and increasing regulatory scrutiny. Banks who are focusing on data governance now (including APRA’s prudential practice guide CPG235 for Managing Data Risk and the emerging thinking around BCBS 239 Principles for effective risk data aggregation and risk reporting) and implementing operating model concepts that involve both data producers and data consumers have started laying the ground work for an environment with appropriate data risks identified and controls implemented.

The next question then becomes how do banks move beyond compliance and towards creating services that consumers and business customers value and are willing to pay for. This needs to look beyond typical use cases such as Personal Financial Management tools and aggregation of financial position, evidence from overseas markets suggests these services are becoming a compliance requirement – everyone has one.

Commercialisation of data enrichments and premium APIs is the key to success. Banks should be asking questions around this, including:

• What customer problems can be solved with additional data?
• Who should you partner with both as enablers and/or customers?
• How do you extend those partnerships to form a true ecosystem?
• How can we move from the minimum of data sharing and compliance to concepts like identity and other services you can offer including payments?
• If you’ve built this ecosystem, how do you commercialise it?

Lessons and insights from other markets suggest that there is a promising upside in the commercial banking space, but banks need to uplift data governance, management and analytics capabilities in order to be able to capitalise fully.