Today, Open Banking is gaining traction globally, through a combination of banks’ internal efforts, market initiatives, and regulations like the EU’s PSD2 and the UK’s CMA Open Banking. Now Hong Kong has also gotten on board, with the Hong Kong Monetary Authority (HKMA)’s launch of its draft Open API framework.
Publication of the framework on January 11, 2018 marked the start of a public consultation that will run until March 15, 2018. Responses will feed into a final version that will be binding for the territory’s largest retail banks, although other banks will be able to join in the future.
So, what are the highlights of the HKMA’s Open API framework? It includes the following goals:
- Increase the competitiveness of Hong Kong’s banking sector.
- Generate opportunities to reach out to untapped markets through better customer experience.
- Define Open API use cases and deployment timeframes.
- Recommend Open API technical standards.
- Recommend Open API facilitation measures.
One of the most interesting aspects of the HKMA’s framework is the splitting of use cases into four phases with different product categories and timelines:
Product and Service Information: Third-Party Providers (TPP)’s access to banks’ products information, which is frequently used by customers on a ‘read-only’ basis and thus helping financial product comparison sites. Banks will be expected to implement these APIs within six months of the framework’s finalization.
Customer Acquisition/New Applications: Customer acquisition via TPPs and through online applications for credit cards, loans and some insurance products. Banks will be expected to implement this within twelve months of finalization.
Account Information: Retrieval of both stand-alone and aggregated account information. It would help TPP services that aggregate multiple accounts or perform analytics to gain customer insights. The timeline for this phase will be discussed later between HKMA and the banks.
Transaction Processing: Enabling TPPs to communicate customers’ payment instructions to banks. Again, the timeline will be discussed later between HKMA and the banks.
Comparing the HKMA’s framework with the Regulatory Technical Standards (RTS) for strong customer authentication (SCA) under PSD2, one of the biggest differences is that the HKMA’s draft is a mixture of a regulatory paper with some initial timelines, recommendations on specific protocols and data formats, and high-level specifications for each product category. PSD2 is technology-agnostic and does not define any API standards, with other initiatives like Berlin Group and STET stepping in to fill this gap.
Other differences between HKMA and PSD2:
While HKMA Open API was inspired by Open Banking and PSD2, its approach is visionary—and in many ways, unique. It remains clear that a single API standard is vital for any economy to attract global innovation and avoid fragmentation. This is a lesson that HKMA is well-placed to take on board.
*6 months (Phase 1) and 12 months (Phase 2) after release of the Open API
**To be reviewed by HKMA and banks for a Phase 3 and 4 timeline
My thanks to Hakan Eroglu for his research and analysis for this blog.