One of the hottest topics in banking – for financial institutions as well as third-party providers – is data sharing. Banks and credit unions possess terabytes of such information; many organizations that are not financial institutions covet access to this data to increase the value they bring to consumers. This value could manifest in many ways, from a simpler customer experience to providing personalized offerings that anticipate the user’s need.
Open Banking regulations launched in the UK and other European countries are designed to define how the consumer data held by financial institutions should be created, shared and accessed. These standards apply to and allow for non-banking entities to access customer information (held by banks and credit unions) with the account holder’s permission. Given the technical tools available to programmers, this type of data transfer can be done faster, simpler and for lower costs.
The United States has seen no similar legislative mandates, leaving financial institutions and adjacent service providers to negotiate the terms for such exchanges independently. With more than 10,000 U.S. banks and credit unions and the several thousand other parties anxious to access the data those institutions hold, the amount of time and money necessary to connect the dots would be astronomical.
Enter The Clearing House (TCH), which recently posted a “model agreement” template in hopes of creating a de facto standard to advance the cause.
A Mercy Killing for Screen Scraping?
TCH’s model agreement tees up the key topics that must be considered in such a relationship: cybersecurity, intellectual property rights, privacy, data retention and means of access, etc. The terms are drawn to be appropriately broad, anticipating the addition of multiple exhibits to customize each agreement for the relationship at hand. On the surface, encouraging the use of a template has advantages.
For example, establishing these data-driven relationships should be a death sentence for a practice that is the bane of most of the organizations that would contemplate this type of arrangement. Screen scraping is prone to breakage whenever websites are updated and creates customer service issues that often lead to confusion and finger pointing between the parties involved.
Understanding the attractiveness of a world without screen scraping, the TCH’s model agreement addresses it quite explicitly. The agreement categorically states that, “A key objective of the Agreement is to cease the use of scraping… and shift to a more secure and industry acceptable method of accessing account information.” On the security front, this would end the practice of account holders providing their login credentials to third parties so that data can be scraped, closing at least one point of weakness fraudsters can exploit.
Beware of Greeks Bearing Gifts
TCH’s intentions are not entirely altruistic. The entity is owned by a consortium of 25 of the largest U.S. banks. It’s reasonable to assume TCH’s approach to its model agreement reflects a “big bank” perspective; i.e., there is something in it for them. How does facilitating access to consumer data held by those financial institutions not in this consortium benefit the cabal itself?
Perhaps the benefits center around the fact that TCH’s bank ownership roster overlaps almost entirely with that of Early Warning Services, the parent company behind the Zelle P2P solution. Zelle has struggled to extend its network reach beyond its big bank owners, with data ownership widely reported to be a main sticking point. Zelle could receive quite a boost if a default “rules of engagement” document were to emerge. Or, maybe this is completely off the mark and questioning the beneficence of TCH’s owners is too cynical?
The Bottom Line: With or without cynicism, it is fair to ask if what seems like a good idea – i.e., offering a template to facilitate the process – may, in reality, fizzle due to the “herding cats” principle. Time will tell. However, whether the initiative makes a difference or not, technology will continue to move forward, and already there are companies collecting data about us that our financial institutions lack.
Maybe banks and credit unions should spend at least as much time thinking about what their role will be in a relationship with these companies who can tell them more about their customers and members than they know, and not get relegated as servants of these companies. “Alexa…”