Customer Disruptions in the Open Banking Era
The Open Banking era signifies a major shift in how systemic risk is managed, transitioning from the customer to the bank. Traditionally, customers bore the responsibility for managing their data and interactions with financial services. However, Open Banking has placed the onus on banks and third-party service providers to securely handle and share sensitive customer data through APIs. This shift has heightened the risk for financial institutions and altered the dynamics for customers.
With Open Banking, banks are now responsible for ensuring the secure transmission of customer data to third parties. While this reduces risk for customers, it increases it for banks. Institutions must safeguard customer information and ensure that data is securely transmitted and stored when working with third-party providers. Under Section 65 of the Data Protection Act, banks, as data processors or controllers, are liable for damages resulting from security breaches. Unauthorized disclosure, sale, or access to personal data can result in fines up to KES 3 million or imprisonment for up to 10 years.
Data controllers are required to adhere to strict data processing principles, which include processing data fairly, accurately, and only for specified purposes. Personal data must not be transferred outside Kenya unless adequate safeguards are in place. Banks must also comply with international regulatory frameworks, such as the European Central Bank’s Payment Service Directive 2, which increases their legal responsibilities for data handling and security. Failure to comply with these regulations can lead to fines, reputational damage, and increased regulatory scrutiny.
Open Banking also elevates the liability of banks, particularly in cases of fraud by third-party providers. Banks must ensure robust security measures and provide consent-based access to customer data. According to Section 30 of the Data Protection Act, data processing is only lawful with the data subject's consent, to fulfil a contract, or to comply with legal obligations.
The advent of Open Banking introduces new dynamics that can intensify risks for banks, especially by reducing the time available to manage liquidity crises. Customers now have more immediate access to their accounts through third-party apps and services, which increases the risk of a digital bank run. In such scenarios, withdrawals can occur rapidly, leaving banks with less time to respond effectively.
Recommended by LinkedIn
Historically, banks had a buffer period during a bank run, as customers needed to visit a branch or deal with slower transfer processes. Open Banking eliminates this buffer by enabling real-time digital fund transfers, which reduces the time banks have to manage liquidity through acquiring emergency funds or selling assets.
The transparency and competition brought about by Open Banking can drive customers to quickly transfer their funds to perceived safer institutions. Heightened expectations for real-time access and control can exacerbate panic during financial crises, leading to faster runs on banks.
In Kenya, where customers are particularly vulnerable to economic shocks, this shift in risk management and liquidity handling could result in notable inconveniences. To manage liquidity, banks might impose withdrawal limits or delays on large transactions, which could be burdensome for customers needing urgent funds. For instance, a customer might experience delays in accessing Kshs 500,000 for an emergency due to daily withdrawal limits.
To address the increased need for liquidity, banks may raise transaction or withdrawal fees, adding to the financial burden for customers, especially during tough economic times. This can reduce disposable income and increase the cost of banking services.
Increased reliance on digital banking also necessitates strong infrastructure. However, Kenyan banks may struggle to handle surges in transactions during crises, leading to system outages or delays. For example, a customer attempting to move money during a cash crunch might face delays due to system overloads. Furthermore, digital contingency plans might not always be robust enough to handle a surge in customer support inquiries, resulting in long wait times and unresolved issues.
Regulatory safeguards could also introduce stricter rules that inconvenience customers. For instance, regulators might enforce transaction limits during periods of economic volatility, preventing customers from accessing large sums of money when needed most. Additionally, stricter authentication processes during volatile periods could delay transactions, adding further frustration.
In conclusion, while Open Banking aims to enhance financial innovation and customer access, it also introduces significant challenges for both banks and customers. The shift in risk management and the need for robust liquidity and contingency planning are essential for navigating the evolving financial landscape.