Open Data, Open Finance and Open Banking in Turkey and EU

PSD2 IS THE BEGINNING OF THE NEW ERA OF OPEN DATA

We live and will live more and more in a data-driven society. Change is taking place and it cannot be stopped but it can be governed at best.  Data is the heart of the digital economy and data sharing represents a great opportunity for the whole financial ecosystem. Sharing payment data with PSD2 is just the beginning of the new era of Open Data. Turkey has also adopted the main principles of PSD2. Therefore, our views about sharing data payment cover the Turkish financial system and open banking in Turkey

The challenge for data sharing has a major role for all actors in the financial ecosystem, so:

  1. companies will have to deal with facilitating standardization;
  2. the legislator together with the various regulatory authorities to identify the public interest with an eye to future developments;
  3. people must have the certainty of checking their data.

FROM PSD2 TO OPEN FINANCE

There is no doubt that the payment services directive ( PSD2 ) (1) (2) served as a forerunner to Open Finance ( or Open Banking) because it highlighted the opportunities that arise from data and data sharing with the aim of increasing the competition and therefore improve efficiency as well as the security and convenience of payments and money management. In fact, PSD2 allows the so-called Third Party suppliers – authorized – to access the customer’s (current/payment) account data to provide services that can be grouped into two macro-categories:

  1. Customer account information such as an account of credits and expenses to highlight the financial situation;
  2. Payment initiation services such as the Third Party indicate to the customer’s bank to make a payment for a purchase made at a shop online.

The PSD2 gives the customer the right to use the services provided by Third Party – other than their own bank – and, to be able to withdraw the authorization to access bank account information at any time.

Open Finance/Open Banking is the natural evolution of PSD2. Thanks to Open Finance, the Third Parties will be able to access many other financial data of individual customers – subject to authorization -, relating for example to their mortgages, insurance, investments, pension funds but also to how much money a customer can save monthly and deposit on a possible savings account.

The Third Parties may also use the data aggregated with other data to provide new services or integrate their services with those of other Third Parties. Think, for example, of the possibility of offering customers, other companies (also in the financial sector) that offer the same services at more advantageous economic conditions or offer new types of information and information reports.

With Open Finance it is also possible to combine the two macro-categories: customer account information with payment initiation services. Among the scenarios, the possibility of service providers who make financial decisions on behalf of clients. In this case, think, for example, of:

  • transfers of funds between different savings accounts to take advantage of a higher interest rate;
  • investments on behalf of clients;
  • change of insurance company to take advantage of policies with more favorable conditions.

The range of possibilities and choices for the customer grows exponentially.

PSD2 and Open Finance are part of a much broader Turkey or Europe’s objectives: social development through regulated open data and bringing clarity – rights, duties, limits, and obligations – to practices that, in some cases, have already been carried out. Open banking in Turkey is too popular with Legislative Decree 6493 Law on Payment And Securities Settlement Systems, Payment Services and Electronic Money Institutions

AN IDEAL OPEN DATA STRATEGY OR OPEN DATA

It is clear to everyone that the digital technology that is transforming people’s habits and lives cannot be stopped but can only be governed – so that the benefits are to the benefit of citizens and businesses also by creating the framework the legislation for digital transformation.

For example, according to European strategy, The European context for the development of digitization includes:

  • the Regulation on the free movement of non-personal data (3) ;
  • the Cybersecurity Regulation (4) ;
  • the Data Protection Regulation (GDPR) (5) ;
  • the Open Data Directive (6).

A few weeks ago the European Data Strategy (7) (8) was published with the planning of activities for the realization of the digital single market of data and artificial intelligence (9). The aim of the strategy is to ” create a true single data market that ensures the security of personal and non-personal data, including confidential and sensitive data and offers businesses and the public sector easy access to large quantities of high-quality data. to create and innovate(10).

The single data market allows the free flow of data within the EU and in all sectors for the benefit of businesses, researchers, public administrations. Among the possibilities that emerge, we can think of the development of tools – for the benefit of individuals and organizations – to make more accurate decisions because they are derived from objective data. The data available could concern public and private information relating to telecommunication activities, energy consumption, geographical locations, medical and legal records, leisure activities, etc.

Open banking in Turkey

WHAT ARE THE CRITICALITIES AND HOW TO OVERCOME THEM

It is good to underline that the sharing of data is not an easy and automatic thing but the experience, even if recent, of the PSD2, can serve to remove some obstacles to get Open Finance to take off and guarantee:

  • standardized Third Party access to consumer financial data;
  • the “long-term” legislation adequate to protect European interests and take into account the laws of individual countries;
  • the full trust of people for the control of their data.

1. Standardized data access. The difficulty of accessing data and the lack of standardization of the tools to facilitate access ( API – Application Programming Interface ) are the causes of the fragmentation of the market for PSD2 services. Fragmentation makes it difficult for third parties to offer their services across Europe in scalable form, effectively limiting the possibilities and economic benefits for customers. The recent entry of the Integrators – intermediaries between Banks and Third Parties – allows limiting fragmentation.

The advantage of open data ( Open Data ) for the benefit of the whole society is only captured with: a) standardized data access by third parties (to avoid fragmentation); b) efficient and secure access.

2. Legislation that looks to the future. Cooperation and dialogue between legislators, regulators and public authorities involved in data sharing are desirable in the planning phase of laws and regulations to enact long-term rules.

Two dimensions are to be taken into consideration: the international one; and protecting public interests related to data sharing.

International dimension.

Consider, for example, that:

  • the different implementation of the laws in the individual States can favor the choice of the operators of one country rather than another based on possible legislative gaps that allow easy loopholes or excessive permissiveness;
  • through the ” European passport ” – of the financial sector – or the outsourcing of ” cloud services ” to companies in other countries, the risk can be spread within the EU.

Ex-ante cooperation, ie in the planning phase of laws and regulations precisely to mitigate the risks of contagion, becomes fundamental. In this sense, the EU legislative acts of December 2019 are to be considered to strengthen the role of the European Supervisory Authorities ( AEV ) (11) with the aim of promoting the convergence of National Supervisory Authorities.

Protection of public interests.

The use and analysis of data is an area characterized by recent and innovative developments with still little jurisprudence, where the risk scenario linked to possible conflicts between the various protected public interests is real (for example security, privacy, risks of concentration). The recent news that the judge has declared illegal for a violation of the right to privacy, the system used by the Dutch government to counter fraud in social assistance benefits and the tax authorities.

Cooperation and dialogue allow us to make a decisive contribution upstream – in the planning phase – and create regulations that achieve public objectives, are projected into the future and smooth out possible conflicts (ie privacy, fraud, security, etc.). In the case of sharing financial data, the stakeholders include the central bank, the competition and market authority, the authority for the protection of personal data.

The full trust of people for the control of their data.

The Trust – with a capital letter – is the basis of the relationship with consumers. In fact, if consumers do not trust they will not allow access to their data and will not use the services offered by Third Parties. Consumers are unwilling to share their payment data with their bank, are reluctant to share with other banks and even more so with non-bank entities. For Third Parties it is essential to build and maintain consumer confidence: it is the key to accessing their data. So, clarity on who are the parties that have access to their data and ease to grant or withdraw explicit consent to the use of the data.

The development of Open Finance allows third parties access to large quantities of sensitive financial data but with an exponentially negative impact in the event of any abuse and fraud. Real consumer protection and safety are essential to ensure that sharing with third parties becomes the rule and you can fully benefit from the opportunities of open finance and open data.

Digitization and open data can revolutionize the economy and change people’s lives.

If you would like to more information on macroeconomic analysis for Europe or Turkey, we welcome you to get in touch with our specialists.

For further information and regulations, consult the following links and / or references:

(1)    EU Directive 2015/2366, Payment Services in the internal market

(2)    EU Delegated Regulation 2018/389, Authentication and Communication Standards

(3)    EU Regulation 2018/1807, Free movement of non-personal data

(4)    EU Regulation 2019/881, Cybersecurity

(5)    EU Regulation 2016/679, Protection of Personal Data (GDPR)

(6)   EU Directive 2019/1024, Open Data

(7)    European data strategy (EN)  – European Commission, 19-02-2020

(8)   Shaping Europe’s Digital Future – A European Strategy for Data – European Commission, 10-03-2020

(9)    White Paper on Artificial Intelligence – European Commission, 19-02-2020

(10)    Europe’s Digital Future, Questions and Answers – European Commission, 19-02-2020

Bir cevap yazın

E-posta hesabınız yayımlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir