Application Security

Security and compliance concerns limit ‘open finance’ expansion, execs say

Security and compliance concerns limit ‘open finance’ expansion, execs say
Written by ga_dahmani
Security and compliance concerns limit ‘open finance’ expansion, execs say

The popular push to adopt app-based financial services is further hampered by concerns about security risks, according to a recent study by an identity management company.

While 7 in 10 finance executives who responded to a recent survey said they plan to adopt “open banking” strategies within the next 18 months, more than 3 in 5 (61%) finance executives admitted that concerns about compliance and security risks were holding back its progress, according to research from Curity, an API identity management platform, published last week. Skills and knowledge shortages (51%) and “shifting business priorities” (45%) also heavily influenced financial firms’ reluctance to launch or expand open banking initiatives.

Jacob Ideskog, chief technology officer at Curity, noted that as technology evolves, “so do the regulations associated with its development and implementation. Understandably, there are hesitations in adopting open banking as regulations tighten and rules continue to be updated and changed.”

That said, the survey found that almost half (43%) of financial firms interviewed for the report “Enabling the future of open financethey have already launched some sort of “open” app-based banking options, according to Curity.

Given the rapid pace of change in financial compliance, “an investment made in 2019 may not satisfy in 2022,” Ideskog said. More than 3 in 5 (62%) of those surveyed by Curity said that outdated or incompatible systems led them to admit that they are concerned that their systems do not “support the exchange of data in a way that meets regulatory or compliance requirements.” consumer protection”.

Emerging privacy compliance also raises concerns.

“Privacy regulations like GDPR, CCPA and the like are the biggest concerns,” Ideskog said. “It’s hard to ensure compliance in large systems, and the idea of ​​exposing more data just introduces more risk than many are comfortable with.”

These findings coincide with the fourth anniversary of the launch of PSD2, which made Open Banking a regulatory requirement in the UK. Curity’s study surveyed more than 200 financial professionals involved in open banking around the world.

According to the Open Banking Implementing Entity (OBIE), there are now 4.5 million regular open banking users. Open finance is expected to expand to a market of more than $43 billion by 2026, according to the report published by Allied market research.

Virtually all financial institutions (96%) believe that consumer adoption is crucial to the future of open banking, according to Curity research.

“Organizations should communicate with customers simply and concisely about data privacy without relying on jargon to overcomplicate matters, ensuring that customers feel secure in how their data is handled and managed within the open banking process,” said Travis Spencer, CEO of Curity. in a prepared statement. “Understanding the implementation of modern authentication methods is key to consumer adoption, according to more than half of the respondents. [56%].”

Given the emergence of “proven standards” in open finance for security, Ideskog said that taking this app-based approach “makes a lot of sense rather than inventing new security schemes for already solved problems.” Applying these standards to your own use case sets up your organization to be able to expose APIs to third parties in the future, so that’s a double win.”

“Few organizations these days are satisfied with single platforms for single use,” added Ideskog. “A complete omnichannel strategy requires a lot of reuse of back-end components to be successful. And let’s be honest, as customers we expect to be able to do the same thing on our phone as we do on our laptop. Therefore, when creating an omnichannel strategy, you should consider FAPI [financial grade API] and related standards to protect your systems and set up your organization for future openness.”

About the author


Leave a Comment