On the 7th of March 2023, two years after the first Open Banking framework circular was released, the Central Bank of Nigeria shared its most defined regulatory document yet with operational guidelines for Open Banking, making Nigeria the first country in Africa to adopt clearly stipulated Open Banking regulation.
Before we delve into the provisions of the operational guidelines and what it means for all players and consumers in the industry, let's look at what Open Banking means.
What is Open Banking?
Open Banking is a process where banks and other financial institutions allow third-party providers to securely access and share customer data or facilitate account-to-account payments through Application Programming Interfaces (APIs), with the customer's consent.
Open banking makes it possible for businesses and financial institutions to securely get access to valuable customer financial data in order to build innovative and personalized products and services.
Here's an illustration of how data flows from the banks to API providers to API consumers (other financial institutions).
[You can watch our 7-part Open Banking series to also learn more about Open Banking.]
What the Central Bank's operational guidelines for Open Banking cover
The CBN’s operational guidelines for Open Banking in Nigeria cover many important considerations relating to different parts of the Open Banking system, the types of institutions involved, rules of engagement, technical specifications, consent management, and data privacy.
Apart from outlining these standards, the bigger role of the guidelines and this regulation is to promote healthy competition in the financial industry, encourage rapid financial technology innovation, and in turn, make it possible for financial services consumers to leverage their valuable financial data to access more relevant and personalized services.
Now, let's take a look at a few highlights from the guidelines.
Regulatory requirements and engagement
The guidelines lay out the expected requirements of players in the Open Banking chain, from international business standards to other CBN licences. It also covers the responsibilities of each participant at different tiers, the level of administrative governance required of them, and Service Level Agreements.
The Open banking Registry
The guidelines also expand on the creation of an Open Banking Registry which will serve as a repository of all approved Open Banking activities and APIs available in Nigeria, providing regulatory oversight, and ensuring that registered participants in the Open Banking ecosystem are listed and adhere to the regulations.
This section covered institutions qualified to participate in Open banking and the different tiers under which they can exist. These institutions include:
i. API Providers
ii. API Consumers - other financial institutions that require access to data provisioned by API Providers
iii. Customers - bank/financial account holders
Guidelines for engagement
This covers responsibility and governance requirements for each participant in the open banking system. The guidelines also recognize the risks that can be associated with Open Banking innovation and the various expectations of the CBN on preventing and managing those risks between participants of various tiers in the Open Banking ecosystem.
As the Apex Bank, the CBN is highly concerned with consumer privacy. At the centre of Open Banking, the user's permission remains the most important piece in the journey, and without it, the banks, providers, and consumers of APIs cannot share or receive data.
The guidelines make important points on the responsibility of each participant in the open Banking chain in ensuring that users are always made aware of :
request to access data or funds from their account(s)
exactly what data will be shared and with whom
the duration for which these parties will maintain access to the information. In addition, the guidelines further stress that users must retain the right to grant consent, revoke previous consent, or decline data-sharing requests. It also covers important requirements for consent, authentication, and authorization stages in the Open Banking user journey.
Data Privacy & Data Security requirements
The guidelines stress the importance of ensuring that all parties involved in Open Banking employ the best possible data security practices. The guideline shares a series of consumer protection regulations that must be adhered to as well as the recommended standards for technical data encryption protocols like TLS, and more.
Impacts and benefits of the Open Banking Regulation on Consumers of Financial Services
The centrepiece of the concept of open banking innovation is the need to create more modern money experiences for everyday people. It is the idea that consumers, beyond being able to consent to the sharing of valuable data, should begin to benefit primarily from the innovation that Open Banking makes possible.
There are about 135 million active bank accounts in Nigeria, distributed across various banks and institutions. Each of these accounts holds data points that create a financial profile of the account holder. As a user, when you consent to sharing financial data with a business you trust, you're sharing valuable insights and patterns on your finances.
Access to improved fintech services
Open banking makes it possible for these businesses to build innovative and personalized financial services with the insights gleaned from your financial data, to meet your growing financial needs.
The benefits of this regulation trickle down to you as a user because it first makes it easier for Open Banking infrastructure companies like Mono to adhere to regulation and partner with banks that keep your data, this, in turn, makes it easier for innovators in the fintech space to build more relevant products that leverage Open banking, making it easier to deliver the best services to you.
As a consumer of financial services, you can start to expect a lot of connected operability between multiple financial services that you use. This could mean never having to fill out very long forms to open a new financial service account because these institutions can now communicate through Open Banking APIs.
This could also mean access to financial services that enable you to manage a variety of assets in one place, and open you up to more opportunities.
For example, today, your investment, savings, pensions, and insurance assets sit in different apps and with different companies. This is distributed value that can be unified by Open Banking.
A business can leverage Open Banking APIs to enable you to connect these asset accounts in one place, making it possible for you to more easily view and manage your assets at once, and even go as far as creating financing opportunities for you, from business loans to mortgages.
Data Privacy control
The innovation of Open Banking will also benefit users by keeping them in control of their privacy. As a user, your consent is the key that unlocks any sharing of data in the Open Banking process, putting it completely under your control.
In addition to powering some of the most innovative services and money experiences, you remain in control of how your data is used, who has access, and how its value benefits you.
Impacts and benefits of the Open banking Regulation to Financial Services providers
Just as the possibilities for consumers are near-endless, innovators in the fintech space will also see a lot of change in the industry following the Open Banking regulation.
Businesses in the fintech industry can start to build out more innovative and personalized products with more ambitious use cases for their customers, because they can leverage Open Banking APIs through infrastructure providers in more ways than before.
Finance sector cross-collaboration
This regulation will foster collaboration across the financial industry; incumbents such as traditional banks and non-banking financial institutions like investment and insurance, for example, will collaborate more with fintech players to move Open Banking innovation forward. This will enable a connected network of financial services, the creation of more diverse APIs, and a more robust infrastructure that other fintech businesses can plug into and build with.
Business creation and expansion
With clear regulation in place, nascent financial technology startups with both powerful and niche product offerings can start to spring up leveraging this layer, either to service consumers or even open banking ecosystem players. We can also see Open Banking as an area of expertise that experienced individuals in financial services can also branch out to.
In addition, Financial service providers in other countries may potentially expand their services to Nigeria because Open banking innovation can be leveraged in this market.
What's next and what can we learn?
Regulation is a highly important part of innovation for all parties involved. This regulation for Open Banking is the start of an important journey that will have a collaborative effect on the financial ecosystem in Nigeria. This will potentially change financial services as we know them and bring the future we've envisioned much closer.
We hope this breakdown has helped you understand the possible impact and contributions of the new Open Banking regulation to fintech services and consumers.