BIS Explores Development of API to Implement Open Finance Solutions
BIS published a report that explores the development of an identification and authentication application program interface (API) that could be used to implement privately and publicly administered open finance solutions with seamless scalability. This report is intended to serve as a general reference for individual countries that want to develop their own payments initiatives. However, the decision on which type of API architecture should be implemented depends on the characteristics of each jurisdiction. Comments on this report should be sent, preferably, by January 31, 2021.
The report highlights the importance of open finance for the development of the financial system, lists the trade-offs regarding implementation schemes for open finance, and serves as background for the other, more technical documents; these documents include a technical flow diagram of identity validation based on a centralized API architecture (unpublished), general hardware requirements to implement the centralized solution (Annex A), and technical requirements for third parties on the central validator API architecture (Annex B). The Technical Task Force of the Consultative Group on Innovation and the Digital Economy (CGIDE TTF) has been analyzing an API scheme based on mobile devices to support the remote, secure, and efficient identification and authentication of users of financial institutions. The analyzed scheme is based on the establishment of a central validator that allows secure relationships to be created between financial institutions and third parties, without the need for them to come into direct contact with each other. This is accomplished by establishing secure connections between the central validator and third parties on the one hand, and between the financial institutions and the central validator on the other. The security schemes used by the central validator would ensure that all connections in the scheme are established between previously certified entities for the orderly provision of financial services through third parties.
The report describes and proposes in detail the technical requirements for the key elements of the analyzed API scheme (that is, the central validator, third-party apps and servers, authentication app and servers). It also details the technical requirements for the third parties interested in participating in an API scheme like the one analyzed in this report. While the CGIDE TTF considers that the analyzed implementation is viable, this is not the only possible scheme and the ideal solution for each jurisdiction will depend on several factors, such as the level of involvement of the industry in the design of the API architecture, the powers given by law to the authority leading its implementation, the target use cases that the open finance ecosystem expects to cover, or the desired user experience. In this regard, the report discusses the open finance models supported by different API architectures, including those in Brazil, EU (revised Payment Services Directive), India, UK, and Singapore. Thus, this document should only serve as a general reference for individual countries that want to develop their own payments initiatives and, consequently, no member is endorsing the adoption of open banking or the analyzed identification and authentication API and central validator scheme.
Related Link: Report
Keywords: International, Banking, PMI, API, Open Finance, Fintech, Regtech, BIS
Previous Article
Bank of Finland Updates Instructions for AnaCredit ReportingRelated Articles
EBA Proposes Standards for IRRBB Reporting Under Basel Framework
The European Banking Authority (EBA) proposed implementing technical standards on the interest rate risk in the banking book (IRRBB) reporting requirements, with the comment period ending on May 02, 2023.
FED Issues Further Details on Pilot Climate Scenario Analysis Exercise
The U.S. Federal Reserve Board (FED) set out details of the pilot climate scenario analysis exercise to be conducted among the six largest U.S. bank holding companies.
US Agencies Issue Several Regulatory and Reporting Updates
The Board of Governors of the Federal Reserve System (FED) adopted the final rule on Adjustable Interest Rate (LIBOR) Act.
ECB Issues Multiple Reports and Regulatory Updates for Banks
The European Central Bank (ECB) published an updated list of supervised entities, a report on the supervision of less significant institutions (LSIs), a statement on macro-prudential policy.
HKMA Keeps List of D-SIBs Unchanged, Makes Other Announcements
The Hong Kong Monetary Authority (HKMA) published a circular on the prudential treatment of crypto-asset exposures, an update on the status of transition to new interest rate benchmarks.
EU Issues FAQs on Taxonomy Regulation, Rules Under CRD, FICOD and SFDR
The European Commission (EC) adopted the standards addressing supervisory reporting of risk concentrations and intra-group transactions, benchmarking of internal approaches, and authorization of credit institutions.
CBIRC Revises Measures on Corporate Governance Supervision
The China Banking and Insurance Regulatory Commission (CBIRC) issued rules to manage the risk of off-balance sheet business of commercial banks and rules on corporate governance of financial institutions.
HKMA Publications Address Sustainability Issues in Financial Sector
The Hong Kong Monetary Authority (HKMA) made announcements to address sustainability issues in the financial sector.
EBA Updates Address Basel and NPL Requirements for Banks
The European Banking Authority (EBA) published regulatory standards on identification of a group of connected clients (GCC) as well as updated the lists of identified financial conglomerates.
ESMA Publishes 2022 ESEF XBRL Taxonomy and Conformance Suite
The General Board of the European Systemic Risk Board (ESRB), at its December meeting, issued an updated risk assessment via the quarterly risk dashboard and held discussions on key policy priorities to address the systemic risks in the European Union.