Innovative Fintechs Don’t Need No Open Banking Regulation

Pink Floyd fans won’t need any explanation for this post’s title. As for the others… well, it’s never too late to become fans of Pink Floyd! 

The recent buzz around Artificial Intelligence and Machine Learning has spawned the next generation of Personal Finance Management applications. While the forerunners in the cateogory like Mint (now part of Intuit, Inc.) are still available on the web, most of the new players are mobile-only. Going by monickers such as Mobile Money Management App and Money Management Bot – herewith termed MoMMA for the sake of convenience – they all require access to their users’ banking credentials. In the early days of PFM, they got it by simply asking their users to share the usernames and passwords of their banking and other financial accounts.

Of late, that approach has stopped working because banks have started warning their customers that they’re not allowed to hand over their online banking credentials to third parties. I don’t know why it took so long for all but a handful of banks to assert a fairly old clause in their TOS (actually, I think I know, but that’s a blog post for another day).

MoMMAs now need a another way to access banking info.

Enter “Open Banking”, “PSD2” and other regulations. For the uninitiated, PSD2 mandates banks to allow fintechs to access banking data of customers.

Needless to say, fintechs are gushing all over these regulations.

But they shouldn’t.

Because, for one, banks won’t take these regs lying down. Already big banks are lobbying to reduce access to customer data envisaged by PSD2, which would substantially dilute the original provisions of “open banking”. According to Sebastian Siemiatkowski, chief executive of Swedish online payments company Klarna, who is quoted by Financial Times,  “If it (PSD2) goes ahead as currently written it will not create open banking as the law originally envisaged.”

For another, successful fintechs have always stayed away from regulation. As I’d highlighted in Fintechs Need Marketers And Lobbyists – Not Lawyers and Fintechs Need Guts More Than Lawyers!, many successful startups have flourished by leveraging “regulatory gaps” rather than regulation.

If MoMMAs should shun regulation, what should they do, then?

IMO, they should become truly innovative and enhance their value proposition. And there are huge opportunities for improvement in both areas.


Intuitively, everyone knows that “earn more, spend less” is all the money management mantra they need. As a result, it’s basically very hard to persuade people that they need a separate app for this. The task is made harder by the lame feature set offered by the current breed of MoMMAs:

  1. Transform the customer banking experience by enabling consumers to compare and save on current accounts, … look for mortgages more easily and access better terms for loans (Source: Finextra article titled Consumers unaware of Open Banking – Equifax)
  2. Answer questions like “How much have I spent on Uber this month?” and “Can I afford to go for dinner?” (Source: Finextra article titled Personal Finance bot Cleo)
  3. Protect customers from bankruptcy by telling them to skip that $5.00 coffee. Okay, I’m joking about the bankruptcy but the part about the coffee is true.

IMHO, these features are quite lame because:

  • MoneySuperMarket, Which? etc. have been letting us do comparison shopping for current accounts and mortgages for ages without needing any access to our banking info.
  • What can we do about the money we’ve already spent on Uber?
  • If we can’t go for dinner, do we starve?
  • We don’t need a fancy MoMMA to tell us that $5.00 for a coffee is a big rip-off – whether or not it busts our budget.

Okay then, how can a MoMMA offer true value to its users?

I can readily think of a few ways by which it can do that. A MoMMA can

  1. Give truly useful money management tips e.g. Earn $$$ more by sweeping X amount from a checking account to a savings product.
  2. Indemnify customers from losses caused by data breach arising out of third party access to customers’ banking info. According to New York Times, “It is also not entirely clear who would be held liable if a data breach at a service like Venmo or Mint led to financial losses for a customer.”
  3. Access only the info that customers permit them to access and prove that they’re accessing nothing more, nothing less. Screen-scraping by using online banking password – currently the most widely used data access technology – fails this test. Once customers have given away their online banking passwords, they’ve very little visibility into what info the app is actually accessing. As the NYT article observes, as of now, the fintech could very well be accessing information related to charges and interest rates that are clearly proprietary to the relationship between the customer and the bank in question.
  4. Make data sharing UX frictionless. OFX is one prevailing technology that lets the user download only the info they explicitly want to share with the money management app or bot. However, most MoMMAs require frequent updates of transaction info to offer valuable tips, which means they need to tell users to keep logging into their online banking portals regularly to download their latest transactions. This can be painful.
  5. Give credit card / account usage reward points that never expire!

Personally, the moment a MoMMA provides the above value, I’ll start using one.


Now let’s examine the feasibility of building these features.

#1 is related to consumer behavior and product management. #2 has a legal and financial angle. They’re both within the control of a fintech, at least a well-funded one.

#3 and #4 are related to technology. As I’d highlighted in P2FM Services Walk The Tightrope Between Convenience and Security and How Many More PFMs Do We Need?, data access modalities have posed existential challenges to the first generation of PFMs 8-10 years ago. But, that’s all history now. OFX-API seems to have cracked the Holy Grail of data access, going by the gung-ho views expressed by executives of both data provider JPMorgan Chase and data receiver Intuit while announcing their data partnership agreement based on this technology in a recent edition of American Banker.

#5 might have Revenue Recognition (“RevReq”) challenges under US GAAP but innovative fintechs have overcome harder challenges by leaning on regulatory gap, so this one shouldn’t be such a big deal.

As a result, fintechs are closer than ever before to being able to leverage their innovativeness to develop a compelling value proposition for PFMs. If they achieve that, they can kick out their ‘open banking’ and PSD2 crutches. I’m saying this based on how, in return for a frictionless UX, tens of millions of customers otherwise perceived to be highly security-conscious make payments with India’s largest mobile wallet app PayTM without entering a single password or PIN.

If MoMMAs give them a similarly compelling value proposition, people won’t care about sharing their financial data with them – with or without PSD2.

I’m not alone in this belief. As Metia’s Steve Ellis comments on Finextra, “…the question on sharing personal data is the wrong way round. No-one agrees to share personal data without being offered some kind of fair value exchange for it. Show the consumer a compelling value proposition and they will do it in the blink of an eye.”

Fintechs who’re still not convinced that they should shed their reliance on ‘open banking’ should just pause to contemplate their future if said regulation becomes two-sided and requires fintechs to share their customer info with banks.

Gasp!

I’m sure they’ll now agree with my call:

Hey! Fintechs! Leave Them Regs Alone