Open Finance: A case study for the regulatory sandbox approach
On June 17, the Bangko Sentral ng Pilipinas (BSP) issued Circular No. 1122, which set out guidelines for the adoption of the Open Finance Framework. Open finance is part of the BSP’s Digital Payments Transformation Roadmap for 2020-2023, which aims to promote financial inclusion. The salient provisions of the Circular are discussed below.
1. OPEN FINANCE AND APPLICATION PROGRAMMING INTERFACES
Open Finance is defined under the Circular as the “leveraging on and sharing of customer-permissioned data among banks, other financial institutions, and [third party providers (TPPs)] to develop innovative financial solutions, such as among others, those that provide real-time payments, promote greater transparency to account holders, and provide marketing and cross-selling opportunities to banks, other financial institutions and TPPs.” In other words, it is a data-sharing scheme whereby TPPs such as Financial Technology (Fintech) companies will be provided access to financial information held by banks and financial institutions for the development of applications and services. Such access shall be with the customer consent and will be facilitated by application programming interfaces (APIs).
The BSP defines APIs as “a set of rules and specifications for software programs to communicate with each other, forming an interface between different programs to facilitate interaction.” Some authors have also defined APIs as “a way for two computer applications to talk to each other over a network (predominantly the Internet) using a common language that they both understand.” APIs may be used internally within an organization or externally with the organization’s partners or even TPPs.
In this regard, an open API is a software technology interface that provides a means for data access based on a public standard. In the banking and financial services industry, it can facilitate data exchange between financial institutions and TPPs, even if they do not have formal or contractual relationships with one another.
BSP-supervised financial institutions (BSFIs) with a composite rating of at least “3” under the Supervisory Assessment Framework or its equivalent, are automatically eligible to become participants of the open finance ecosystem, while those that do not meet the criteria will be required to obtain prior BSP approval. Non-BSFIs may also be eligible to participate in the open finance ecosystem, provided they comply with the registration requirements set by the Open Finance Oversight Committee (OFOC). The OFOC shall be a self-governing body which will exercise governance over the activities and participants of the open finance ecosystem. It shall also adopt standards, agreements, policies, and guidelines governing the Framework.
The OFOC shall be established by the BSP together with industry stakeholders and will be subject to the supervision of the BSP.
3. REGULATORY SANDBOX
The BSP is taking a collaborative approach to regulating Fintech companies and intends to utilize a regulatory sandbox approach in developing standards for open finance. Accordingly, the BSP shall allow the deployment and testing of open APIs in a live environment and within specified parameters and timeframes. The BSP has expressed its hope that by taking this approach, it will be able to understand emerging business models and adequately assess and mitigate possible risks of innovation.
BSP will take on a tiered approach to implement the Open Finance Framework. The first tier involves sharing of product and service information and other details of financial products or services that are readily accessible online. The second tier involves sharing of information on subscription and new account applications. The third tier involves sharing of account information or personal and financial information provided by a customer. The fourth tier refers to transactions data, including payments and other financial transactions data. The fifth tier covers other more complex financial products or use cases and those not covered by tiers one to four.
The foregoing listing of tiers is not intended to be sequential. Hence, they may be implemented simultaneously.
As a closing note, it is perhaps important to recognize that the advantages and disadvantages of open finance in the real-world context are not yet fully known. Only time will tell how effective the Framework will be, particularly since it has not been formally implemented. Neither has the OFOC been established. The challenges in the implementation of the Framework are also unknown, although the Circular itself has acknowledged that the development of a local sandbox may be difficult considering the cost. On another note, data privacy and data protection issues are likely to be among the top concerns of stakeholders. The Circular addresses these by requiring participants to recognize that customers shall retain ownership over their customer and transaction data and will have the right to control the use of their data. Participants are also mandated to comply with Philippine data privacy laws, but the BSP may need to provide more guidelines to assure customers of their data privacy. Nevertheless, open finance appears to be a useful tool for financial inclusion and innovation in this jurisdiction. The fact that the BSP is taking on a regulatory sandbox approach also bolsters confidence in its success.
This article is for general informational and educational purposes only and not offered as and does not constitute legal advice or legal opinion.
Monique B. Ang is an associate of the Corporate & Special Projects Department of the Angara Abello Concepcion Regala & Cruz Law Offices (ACCRALAW).
(632) 8830 8000