In January 2018, a sweeping new set of rules hit the UK financial sector. Collectively referred to as Open Banking, they’re designed to give ordinary consumers more control over their financial data. While the intentions behind the new regulations are noble, the consequences could be dire.
On the face of it, Open Banking is a good thing. In essence, it requires banks to hand over their customers’ data to third parties, if those customers request them to do so.
So, for instance, Open Banking would allow services such as Xero and Sage to access your banking data and populate your bookkeeping and accounts in real time. Anyone who’s spent hours entering banking transactions into your accounting software will tell you how much more convenient this makes their lives.
That’s just one area where Open Banking stands to benefit consumers. The hope is that the regulations behind Open Banking will encourage competition and innovation in the financial services sector, leading to more and better products to help people better manage their money.
Startups and security
While that sounds good in principle, there is the potential for serious security risks. Ironically, much of this risk comes from the very startups Open Banking is meant to encourage.
Even in the most open markets, banks are far more tightly regulated than startups.That’s understandable. Banks look after vast sums of money and sit on immense amounts of data. The consequences of them doing anything irresponsible with that money and data are so dire that they need rules to keep them in check.
The same cannot be said of startups, even though Open Banking legislation requires any parties playing in the space to have the same level of security and data protection that a bank has, the truth is that they just don’t.
By their nature, startups are disruptive and far more likely to try and find ways around rules than simply complying with them.
Even if we put regulations aside for a moment, your average startup is far less equipped when it comes to security and data protection than your average bank.
Most startups have fewer than 100 employees. Your average bank has over 1000 in compliance and data security alone.
So, is our data really safe under Open Banking? No, it simply cannot be.
The data war zone
If you need a reminder of why that’s so worrying, you only have to look at the fallout from every major data breach over the past few years or the furore over the Facebook / Cambridge Analytica scandal.
Consumer data of the kind held by banks is immensely valuable and there’s a war on between them and the less savoury elements who want it for their own nefarious means.
Open Banking makes data accessible to fintech startups with the bare minimum of data security protections. Cybercriminals know this and you can rest assured that these startups will be their prime target.
As we move to a digital future, data security is where the battles will be fought, won or lost.
Did you enjoy the read? Then be sure to subscribe to our blog to receive more great posts from our expert bloggers.
Michael Wright
Co-Founder and Non-executive Director
Michael studied finance and accounting, graduating with B.Com (Hons) and becoming a Chartered Accountant (CA SA). He articled at PWC and rose to Principal Manager for Consulting & Assurance Services. He joined VWV Interactive as managing director, a web design and e-commerce agency, before following his entrepreneurial instincts.
He founded Striata in 1999 with the vision of providing digital communication services to corporate South Africa. Two decades on, Striata is an award-winning “visionary” in the CCM market and provides digital communication strategy, services and software to financial services, utilities, insurance, retail and telecommunications companies across 6 continents. Striata was acquired by Doxim in 2020.
Read more of Michael's guest blog posts here or connect with him on the following social channels:
