Page 47 - Banking Finance September 2021
P. 47

ARTICLE

             enhanced sharing of data, increases the surface area  In many jurisdictions, including India, outsourcing
             for cyber frauds. As the open API provides uncluttered  arrangements for banks and other regulated entities are
             access to customer banking data such as transactions  covered under explicit regulations. Supervisors also have
             and balance stored within the infrastructure, it may also  certain amount of oversight over the third-party entities. If
             pose a severe cyber security risk. Losses caused to  the relationships in the open banking extend beyond the
             customers on account of cyber events would require  existing supervisory and regulatory parameters, the
             financial institutions to compensate customers for such  enforcement of standards and prudential policies may
             losses. Institutions may also face a variety of potential
                                                              become difficult.
             operational and cyber security issues related to the use
             of APIs, including data breaches, misuse, falsification,
             denial of service attacks and infrastructure malfunction.  Conclusion
                                                              Open banking is a potential disruptor in financial system and
         Y   Compliance and Reputational Risk: While open banking
             expands vistas of traditional banking and offers unique  may change the way of doing banking for both customers
             business opportunities, it also reposes extreme  and banks. New pure tech-play entities have the potential
             responsibilities with respect to compliance with  to snatch market share from established but traditional
             applicable prudential regulations and privacy laws. Risk  financial institutions because they are technologically more
             arise due to exposure to fines, penalties, or  punitive  advanced, digitally agile to cater to customer needs with
             damages resulting from supervisory actions, as well as  higher efficiency, have better use interface and are more
             private settlements due to omissions and commissions  competitive in pricing.
             of the third-party service provider.
         Y   Grievance Redressal :  With more parties and     In contrast to Open Banking initiatives witnessed in some
             intermediaries involved in the provision of financial  countries, India has embraced an approach where both the
             services in an open banking model, it is more difficult  Regulator and the market have collaborated for the
             to assign liability. If the regulations governing customer  development of the Open Banking space. In India Reserve
             grievance redressals are not updated to take open  Bank and National Payments Corporation of India (NPCI)
             banking business models into consideration, the  came out with a payment system like Unified Payment
             national authorities may find it difficult to provide the  Interface (UPI) and released its API for the banks and third-
             customers adequate levels of protections. In India,  party app providers to build upon. The market participants
             Reserve Bank has implemented a separate Ombudsman  are also driving innovation and many banks are releasing
             Scheme for Digital Transactions in January 2019. The  their own APIs and joining forces with the fintech companies
             number of  complaints received under the Ombudsman  to provide better experience to their customers. Moreover
             Scheme for Digital Transactions (OSDT) have been  with the launch of Regulatory Sandbox and Reserve Bank
             consistently increasing reflecting increased adoption of  innovation Hub, Reserve Bank's approach has been that of
             digital modes of banking.                        encouragement and guidance.


         In addition to the above, open banking frameworks also  At the same time, all stakeholders need to appreciate the
         present regulators with many challenges. In open banking,  fact that while technological innovation is of paramount
         there can be wide-ranging third-party arrangements such  importance, the customer privacy and data protection are
         as fintech firms, intermediary firms engaged in data
         aggregation and other service providers which may not have  not negotiable. We must generate trust amongst the
         a contractual agreement with the bank over which     customers that their data is safe and secure in all their
         regulators can exercise jurisdiction. Further, it may be  financial relationships with regulated entities and for that -
         possible that several of these firms may not fall under  innovation and regulation should hand-in-hand. Regulators
         regulatory purview of any financial sector regulator. In such  and Supervisors should also gear-up for the future
         situations, it may become difficult for regulators to set  challenges. Afterall, as the saying goes for
         requirements, specifications, and exercise regulatory  (Regulators)……"while they can overlook the weather of the
         jurisprudence.                                       day, they cannot ignore climate of the era". T


            BANKING FINANCE |                                                           SEPTEMBER | 2021 | 47
   42   43   44   45   46   47   48   49   50   51   52