Whilst the FCA was inhibited from requiring any bank or payment provider to implement standards, the CMA was restricted from mandating any banks that were out with its competing investigation. As a result of this, the implementation in the UK of open banking became both narrow in scope, restricted to payments data and also 2-tier as a result of the legal parameters within which the regulators were working. Soft power and incentives (of an easier way to become compliant) were used to encourage other providers to adopt the standards. This was largely successful although OBIE has no power to mandate and supervise the technical qualities of the providers who were not subject to the CMA order.
As the first country globally to require API standard delivery of open banking, there were a lot of operational, technical, governance, security and user experience challenges to overcome. Whilst the implementation was expensive and took a lot of time, it remains from a technology perspective the benchmark by which other global implementations are measured.
Following the initial implementation of scope in 2019, the FCA formed a working group of private sector and regulatory actors to explore the journey to open finance, bringing other financial verticals into scope. In parallel, other ‘Open Data’ sectors, such as utilities, property, transport, telephony and health, were contemplated by the UK government following the lead of Customer Data Rights (CDR) from Australia. This work which represents an update to privacy law (GDPR) has been encapsulated in the smart data legislation (Data Protection and Digital Information Bill). This bill has had numerous delays but is generally viewed as bipartisan and as of July 2024, the market is expecting the new government to pursue the bill and make it law.
Following Brexit, the UK had some autonomy to address some of the structural issues in the law-making and rule-making that had led to a 2 tier system where the various stakeholders in government and regulatory agencies combined to seek to level the playing field by bringing other providers up to the standards of the CMA9. One of the key challenges with the blocks on the bill has been on providing the regulators with sufficient power to drive the change. At the same time, there have been challenges in considering the future of open banking and the role of the entity set up to deliver it. There have been various attempts by trade associations in the market to provide a platform for forward planning of governance and funding and the evolution of the technical standards.
In parallel to the role of the FCA as the lead regulator for PSD2, the Payments Systems Regulator (PSR) has been developing belief in the role of payment initiation in stimulating competition in the UK payments market. There has also been a lot of work done by both regulators in exploring consumer protection and preventing scams and fraudulent activity. In order to remain coordinated on planning the future of open banking and open finance in the UK, and the role of the OBIE, the PSR, FCA, CMA and HM Treasury formed a Joint Regulatory Oversight Committee (JROC) which has received reports and market input which will maintain levels of mandation in key areas whilst also fostering an environment for commercial activities.
In January 2023, the CMA announced that the standards had been fully implemented by the six largest banks in the UK.
In April 2023 the JROC released their much-anticipated report, outlining the regulatory landscape for the next two years. It highlights the ambition for Open Banking payments to rival card payments. The report also promises concrete steps, including establishing a framework for fraud data collection, a crucial step for wider Open Banking payment adoption. Additionally, it expects the future entity to facilitate multilateral agreements for variable recurring payments (VRPs), addressing a longstanding challenge in creating a sustainable commercial model for the industry.
The report envisions a commercially sustainable environment for all stakeholders, with a focus on premium APIs like VRPs and data APIs. While it mentions improvements in API performance and error message reporting, specifics are lacking. The report also addresses the design of the future entity, with broader representation and funding from all authorised payment service providers (ASPSPs). It explores various funding options, excluding the use of the FCA levy or similar mechanisms, emphasising the need for a more adaptable approach.
Looking to the long-term regulatory future, the report expresses optimism about Open Banking’s prospects in the UK. It outlines 29 actions to ensure scalability and readiness for Open Finance. Furthermore, the report discusses the Data Protection and Digital Information bill, which delegates powers to create smart data schemes, including Open Finance, under the relevant ministers of state.In July 2024, the new UK government brought back the bill as the Digital Information and Smart Data Bill, which opens new areas for data access such as mortgages, pensions, investments and savings, as well as creating powers to build on OBL by creating a standards body. . The OBL response to JROCs proposal as at May 2024 can be found here
In their European Open Banking league, Yapily ranked the United Kingdom 1st out of 18 countries. The UK comes out on top as the leading adopter of Open Banking, with its clear functionality and more widespread mandating of other features, such as Bulk Payments and VRP (variable recurring payments). Yapily states that Open Banking has been implemented successfully in the UK and continues that the focus should now be on fixing some of the remaining issues in the technical implementation, such as the user experience and API quality.
The UK also tops Yapily’s Open Banking League table due to high digital readiness among the public, a pro-innovation regulatory environment, and the most TPPs (Third-Party-Providers) across Europe.