The central bank of the Philippines, Bangko Sentral ng Pilipinas (BSP) on 17 June 2021 issued Circular No. 1122 that sets out guidelines for the adoption of the open finance framework. Open finance is part of the BSP’s digital payments transformation roadmap for 2020-2023, which aims to promote financial inclusion.
Open finance is defined under the circular as the “leveraging on and sharing of customer-permissioned data among banks, other financial institutions and third-party providers (TPPs) to develop innovative financial solutions such as, among others, those that provide real-time payments, promote greater transparency to account holders, and provide marketing and cross-selling opportunities to banks, other financial institutions and TPPs”.
In other words, it is a data-sharing scheme where TPPs such as fintech companies will be provided access to financial information held by banks and financial institutions to develop applications and services. Such access shall be with customer consent, and will be facilitated by application programing interfaces (APIs).
The BSP defines APIs as “a set of rules and specifications for software programs to communicate with each other, forming an interface between different programs to facilitate interaction”. Some authors have also defined APIs as “a way for two computer applications to talk to each other over a network (predominantly the internet) using a common language that they both understand”. APIs may be used internally or externally with the organisation’s partners, or even TPPs. In this regard, an open API is a software technology interface that provides a means for data access based on a public standard. In the banking and financial services industry, APIs can facilitate data exchange between financial institutions and TPPs, even if they do not have formal or contractual relationships.
BSP-supervised financial institutions with a composite rating of at least “3” under the supervisory assessment framework, or equivalent, are automatically eligible to participate in the open finance ecosystem. Those that do not meet the criteria will be required to obtain prior BSP approval. Non-BSP-supervised financial institutions may also be eligible to participate, provided they comply with the requirements set by the Open Finance Oversight Committee. The committee shall be a self-governing body that will exercise governance over the activities and participants of the open finance ecosystem. It shall also adopt standards, agreements, policies, and guidelines governing the framework. The committee shall be established by the BSP and industry stakeholders, and will be subject to the supervision of the BSP.
The regulatory sandbox
The BSP is taking a collaborative approach to regulating fintech companies and intends to utilise a regulatory sandbox approach to develop standards for open finance. Accordingly, the BSP shall allow open APIs to be deployed and tested in a live environment within specified parameters and timeframes. By taking this approach, the central bank hoped to understand emerging business models, and adequately assess and mitigate possible risks of innovation.
The BSP will take on a tiered approach to implement the open finance framework. The first tier involves sharing of product and service information and other details of financial products or services that are readily accessible online. The second tier involves sharing of information on subscription and new account applications.
The third tier involves sharing of account information or personal and financial information provided by a customer. The fourth tier refers to transactions data, including payments and other financial transactions. The fifth tier covers other more complex financial products or use cases, including those not covered by tiers one to four.
The above-mentioned listing of tiers is not intended to be sequential. Hence, they may be implemented simultaneously.
It is perhaps important to recognise that the advantages and disadvantages of open finance in the real-world context are not yet fully known. Neither has the Open Finance Oversight Committee been established. The challenges in implementing the framework are also unknown, although the circular itself has acknowledged that developing a local sandbox may be difficult, considering the cost.
Data privacy and data protection issues are likely to be among the top concerns of stakeholders. The circular addresses these by requiring participants to recognise that customers shall retain ownership over their customer and transaction data, and have the right to control the use of their data.
Monique B Ang is an associate at the corporate and special projects department of ACCRALAW