Proposals announced yesterday by the Competition and Markets Authority would make it mandatory for the main UK high street banks to use open APIs (Application Programming Interfaces) for bank account data. APIs are instructions or protocols that allow data to be transmitted between different software or systems; and "open" APIs are APIs that can be accessed and used by anybody at no cost. There is a common view shared by the CMA and by the joint industry/government Open Banking Working Group that the adoption of open APIs in retail banking (for both personal and business clients) would improve competition by making it easier for customers to access their transaction and spending data, share that data with other providers or with price comparison tools, and compare different financial products and services to identify those that offer the best value based on the customer's spending patterns. Making the use of open APIs mandatory would likely widen the market in banking-related price comparison sites and apps. It could also lead to an increase in sophisticated personalised apps capable of mining the user's financial data – with user consent - to provide tailored "financial-health" recommendations and services using advanced data analytics and big data techniques (so-called "robo advice").
So far, sector initiatives to give customers more choice have had limited success. Personal account holders can currently use the government-backed "Midata" current account comparison tool. Launched in March 2015, the tool allows personal account holders to download 12 months' worth of their own transaction data into a single file that can then be uploaded to comparison sites. Consumer groups and banks have however reported shortcomings, including a slow and cumbersome user experience and incompatibility with iOS which means that the tool can't be used on iPhones or iPads. The Midata tool does not extend to business current accounts, leaving SMEs unable to readily compare bank products and services. Historical attempts to aggregate or scrape bank data have been met by resistance by the banks who have sometimes used their terms and conditions and security barriers to avoid effective sharing of customer data.
Under the CMA's proposals, the affected banks - Royal Bank of Scotland Group, Lloyds Banking Group, Barclays, HSBC Group, Nationwide, Santander, Danske, Bank of Ireland and AIB Group – will have to:
- adopt and maintain open standards for APIs on both personal current account and business current account transaction data sets. A timetable will be agreed with the CMA and the deadline for adopting open standards would be no later than the transposition deadline for PSD2.
- release and make available through open APIs certain prescribed information by Q1 2017. This includes prices, charges and terms and conditions for personal and business current account products, service quality indicators, eligibility criteria for loans, as well as "Midata" data sets.
The CMA's proposal to mandate open APIs is contained in its "Retail banking market investigation – provisional decision on remedies" and is open to consultation until 5pm on Tuesday 7 June 2016. The CMA will publish its final decision in early August 2016.