Featured Product

    HKMA Outlines Consumer Protection Measures for Open API Framework

    October 29, 2019

    HKMA published a circular to clarify its expectations on the consumer protection measures of authorized institutions in respect of the Open Application Programming Interface (Open API) framework. The Annex to the circular lists sound consumer protection practices for Open API Phase II and beyond. To strike a balance between innovation and consumer protection, HKMA emphasizes that authorized institutions should adopt a risk-based approach and implement the consumer protection measures that are commensurate with the risks involved.

    The circular also clarifies the requirements about engagement of intermediaries by the authorized institutions, as the use of third-party service providers under Open API Framework may constitute the use of intermediaries by authorized institutions. For the avoidance of doubt, Simple Redirection Model is not considered as use of intermediaries by authorized institutions and the authorized institutions should still comply with the HKMA-issued applicable requirements for engagement of intermediaries. Authorized institutions should establish clear liability and settlement arrangement with the partnering third-party service providers for compensating customers’ loss arising from unauthorized transactions, with clear upfront communication to customers. They should also and adhere to the principle that a bank customer should not be responsible for any direct loss suffered by him/her as a result of unauthorized transactions conducted through his/her account attributable to the services offered by the third-party service providers using the Open API of authorized institutions, unless the customer acts fraudulently or with gross negligence.

    Authorized institutions are expected to put in place consumer protection measures when implementing the Open API framework. These institutions are expected to uphold consumer protection principles set out in the Code of Banking Practice and comply with other applicable regulatory requirements; this is expected regardless of the underlying technology adopted for the banking products and services and regardless of whether the authorized institutions provide the products and services themselves or in partnership with the third-party service providers.

    Keywords: Asia Pacific, Hong Kong, Banking, Open API Framework, Fintech, Open API Phase II, HKMA

    Related Articles
    News

    BoE Clarifies Approach to Treatment of Payment Holidays on Form PL

    BoE published a statistical notice (Notice 2020/9) explaining the approach for treatment of payment holidays on the profit and loss return or Form PL.

    August 11, 2020 WebPage Regulatory News
    News

    BoE Provides Reporting Update on Form AS and Form FV

    BoE updated the known issues document for the statistical reporting Forms AS and FV.

    August 10, 2020 WebPage Regulatory News
    News

    FED Announces Capital Requirements for Large Banks

    FED announced individual capital requirements for 34 large banks and these requirements go into effect on October 01, 2020.

    August 10, 2020 WebPage Regulatory News
    News

    SRB Publishes Guidance on Implementation of Bail-In Tool

    SRB published a set of documents to give operational guidance to banks on implementation of the bail-in tool.

    August 10, 2020 WebPage Regulatory News
    News

    BIS Publishes Update on G20 TechSprint Initiative

    BIS published an update on the G20 TechSprint Initiative, which was launched in April 2020 and aims to highlight the potential for technologies to resolve regulatory compliance (regtech) and supervisory (suptech) challenges.

    August 10, 2020 WebPage Regulatory News
    News

    OSFI Provides Update on Implementation of IFRS 17 in Canada

    OSFI published a letter that provides an update on the milestones for the implementation of the IFRS 17 standard on insurance contracts.

    August 07, 2020 WebPage Regulatory News
    News

    EBA Provides Clarity on Implementation of Guidance on COVID Reporting

    EBA updated the report on the implementation of selected COVID-19 policies.

    August 07, 2020 WebPage Regulatory News
    News

    FSI Note Discusses Challenges Associated with COVID Relief Measures

    The Financial Stability Institute (FSI) of BIS published a brief note that examines the supervisory challenges associated with certain temporary regulatory relief measures introduced by BCBS and prudential authorities in response to the COVID-19 pandemic.

    August 06, 2020 WebPage Regulatory News
    News

    BCBS Consults on Principles for Operational Risk and Resilience

    BCBS is consulting on the principles for operational resilience and the revisions to the principles for sound management of operational risk for banks.

    August 06, 2020 WebPage Regulatory News
    News

    BoE Updates Template and Definitions for Form ER

    BoE updated the reporting template for Form ER as well as the Form ER definitions, which contain guidance on the methodology to be used in calculating annualized interest rates.

    August 05, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5649