Open banking: the financial system of the future

The 2018 Montreal FinTech Forum brought together local and international game-changers in the financial industry. These companies incorporate technologies such as the blockchain, biometrics and open banking services, applying them to every industry from marketing to environmental preservation. My two main takeaways from the conference are the upcoming implementation of open banking alongside cybersecurity threats, and the use and regulation of data in FinTech companies.

 I attended two open banking panels at the Forum. Open banking is a system that provides a user with a network of financial institutions’ data through the use of application programming interfaces. The simplest way to understand open banking is by comparing it to the mobile service providers. A few years ago, consumers were contractually-bound to a specific provider and could not freely change providers. Nowadays, through phone number portability, consumers can switch to any company they desire, thus creating a competitive market. The banking industry is moving in the same direction with multiple firms facilitating the transfer of consumer funds.

According to the panelists, the average consumer will never understand the intricacies of open banking, but they should be able to reap the benefits of the system. This difficulty to understand the field also applies to regulators who are often out of touch with new technologies but yet seek to regulate it. Excessive regulation could lead to a decrease in innovation and an exodus of Canadian FinTech startups to more unregulated countries. Governments must walk a fine line between over regulating (which could lead to a stagnant economy) and under regulating (which could increase the risk of fraud and cybercrime).

Cybersecurity is a major topic of discussion in the FinTech industry. By making data accessible to multiple companies, the open banking system is vulnerable security breaches. In the panel “Cybersecurity”, a software engineer showed the process of uncovering vulnerabilities in a network to gain access to sensitive information. He described how sensitive information can be sold for profit to hacker groups such as Magicard.

With groups of dedicated and experienced hackers, what is the best way to prevent a breach? Surprisingly, the most important piece of advice given is to create strong passwords consisting of numbers, letters and symbols and never reusing the same password for more than one service. The second major way to prevent data breaches is increased communication between finance specialists and engineers to educate analysts who are often unaware of what can cause vulnerabilities.

The FinTech field is adopting security by design. Security experts should be part of the development team at all stages of the company. Despite precautions, data breaches are an inevitability in an open banking system. It is easy to be desensitized to the impact of cyber attacks when big companies like Google and Facebook’s data is compromised frequently, but it is important to remember that there are real victims behind every incident. Only 13% of Canadian companies have a contingency plan for breaches. Procedures for responding to the breach and to public outcry need to be defined by the banking network to minimize damage. Furthermore, there should be clear guidelines for where to attribute blame for a data breach in the open banking network. It is rare for one party to be the sole culprit for a breach. A shared responsibility system should develop over time where every node on the open banking network will collaborate to increase security.

Data: the lifeblood of the new economy

The word “data” is often overused, especially by FinTech professionals, and there are good reasons for that. An individual’s data has predictive qualities. It can be used to estimate future purchase decisions, allowing companies to target advertisements and promotions more efficiently. Consumers are often not in control of the information that is gathered about them, many accept Terms of Service Agreements without reading, and most people allow website cookies to track them. The current FinTech movement aims to give consumers ownership over their information. This control of personal data would give consumers additional freedom when deciding to switch from one service company (such as a bank) to another.

In the conference talk “New business opportunities in the Canadian market”, the speakers called data intoxicating because companies can never get enough. They believe that data will one day be so abundant that data itself will be free and value will be created from interpreting the information. Their proposed solution is a real-time rail: a channel where information travels as soon as it is generated. Canada is set to start implementing real-time rail technology in the banking industry in 2020 to start democratizing information.

New data management technologies can sometimes come in conflict with the law. According to the speakers at “Panel with Canadian regulators”, lawmakers are monitoring banking and data management industries by attending conferences and by going into major FinTech companies. One such conference is the ISCO where 11 regulators from around the world get together to discuss the use of data and the state of banking systems and new technology. Canadian regulators suggest that FinTech startups disclose their financial information to investors and clearly define their business model and their use of consumer data to make sure they do not infringe any laws. 

The 2018 FinTech Forum was a wonderful learning experience that taught me the risks and opportunities of open banking and data. The conference gave the stage to multiple industry experts, regulators and startups looking to create a name for themselves. I learnt a great deal from each panel I attended, and my eyes are now open to a whole new industry that I am looking forward to monitoring in the coming years.