What Nigeria can learn from the UK open banking
Open banking in Nigeria is taking off on an organic level, unlike in the UK where it was done under compulsion. While the group of nine largest banks targeted by the Competition and Marketing Authority, collectively called the CMA9, did not have the luxury of time and choice. Nigerian banks can count themselves very lucky.
Open Banking in the UK has been operational since 2018 and there are quite a lot of positives to be applied to the Nigerian implementation while dodging the pitfalls that almost derailed it.
Consumer education
Open Banking in the UK is regulatory-led and as such, there was not much emphasis on customer education in the early days. As of 2018, only 22% of consumers had heard of Open Banking; a report by Statista shows that as of February 2021, open banking products were used by 3 million consumers. Yolt found out that an unfriendly regulatory environment is one of the major factors for why Open Banking is not as widespread as it should be.
Open banking in Nigeria is an industry-led effort and as such, it is expected that the responsibility of consumer education will fall on the industry and stakeholders. Open Banking Nigeria publishes free-form articles, thought leadership publications, and short videos where we take a deep dive into what open banking means and the implications for FIs, fintechs, and end-users.
Strong Customer Authentication (SCA)
PSD2 wants to protect customers and it requires open banking to implement Strong Customer Authentication, which is a function that seeks to secure online payments on e-commerce platforms and reduce the risks of fraud. Under SCA, the user’s identity is verified by 2 of these 3 factors, something they own (card, phone), something they are (fingerprints, facial scan), and something they know (PIN, password). The PSD2 requires that SCA be required for every transaction which, unfortunately, does not work well with e-commerce where customers may be charged for recurring services or without having to input these details again. This has led to the stunted adoption of open banking for payments by global e-commerce giants like Amazon, Google, etc.
Dodging this challenge would require the Nigerian open banking implementation to use tokenized access to customer accounts which would be SCA compliant the first time it’s added and then the token can be used for subsequent payment transactions. The Central Bank of Nigeria would also have to decide how to handle customers at the bottom of the pyramid who could only access financial services using USSD on feature phones due to its limited capabilities.
Funding
While open banking in the UK was created and enforced to increase competition and give smaller players a chance, open banking in Nigeria is majorly being implemented to foster innovation and tackle financial exclusion.
Nevertheless, the CBN may explore a similar option where commercial banks would contribute to the development of the common standard, artifacts, and infrastructure.
Unintended consequences
A major unintended consequence is the imposition of the 90-day re-authentication of the customers of TPPs. According to FDATA, this imposition has no merit, has zero impact on the security of ASPSPs, and is also a hassle for customers.
The Nigerian implementation should take heed of this but could protect customers by ensuring tokenized access without any activities after a period of 180 days.
Learning from the UK is a smart move
Despite the challenges, the UK has done a good job of making open banking go mainstream, a lot of which the Nigerian implementation will learn from. Most importantly, the few rare missteps would be wisely sidestepped by the industry stakeholders to deliver an open banking regime that would be a global benchmark.
