First Edition of the Tastemakers Wine Series Hosted by Vendease

Fintech

Will Open Banking expose Nigerians to cybercrime and data breaches?

With the launch of a Regulatory Framework for Open Banking by the Central Bank of Nigeria (CBN) last Wednesday, Nigeria has joined the vanguard of other countries that poised to deepen innovation and increase the range of products available to customers in the financial service industry, reports Ibrahim Apekhade Yusuf

BANKING in Nigeria is showing a lot of promise thanks to the setting up of the Regulatory Framework for Open Banking, which many analysts say is primed to further deepen innovation and increase the range of products available to customers in the financial service industry.

In a circular released on Wednesday, the apex bank said the framework allows banks and third-party exchanges to obtain customers’ data.

This, according to the industry regulator, will ensure financial inclusion and lead to innovations that meet customers’ demands.

The approach of the new banking model will rest on the customer-approved data made available on the Application Programming Interface (API) with the firms making the data available called API Providers (AP), and the companies using such identified API Customers (AC).

The CBN said participants in open banking must secure consent from the data owners while the consent shall be re-validated annually and/or where the AC had not used the service for 180 days.

“Customers can approve and revoke consent to the usage of their data, “Customers shall always have control over their data and be able to access, manage or withdraw their consent at any point in time; and Participants shall develop and agree on a consent management mechanism which includes a clear set of policies and procedures,” CBN wrote.

In a memo signed by the director of payment services management department at the CBN, Musa Jimoh, the apex bank said the guidelines were in furtherance of its mandate to ensure stability in the nation’s financial system.

According to the guidelines, the CBN is required to establish and manage an Open Banking Registry that will serve as a regulatory oversight tool for participants in the open banking ecosystem. This registry is also designed to enhance transparency and provide a means for regulating operators within the system.

The guidelines also outline a Consent Management framework, which mandates that customers must provide explicit consent before their data can be accessed for open banking products and services, among other uses.

“The adoption of open banking in Nigeria will foster the sharing of customer-permissioned data between banks and third-party firms to enable the building of customer-focused products and services.

“It is also aimed at enhancing efficiency, competition, and access to financial services,” the memo shows.

The making of Nigeria data protection bill

The Federal Executive Council (FEC) has since approved the Nigeria Data Protection Bill which will be transmitted to the National Assembly as an Executive Bill through the office of the Minister of Justice and Attorney General of the Federation.

It will be recalled that President Muhammadu Buhari approved the establishment of the Nigeria Data Protection Bureau on the 4th of February 2022.

The Bureau was mandated to study, and implement the Nigeria Data Protection Regulation (NDPR) and to coordinate the passage of an enabling Act for data protection.

The Minister of Communications and Digital Economy, Professor Isa Ali Ibrahim Pantami presented the Bill to the Federal Executive Council which was presided over by Vice President, Professor Yemi Osinbajo.

This is contained in a statement signed by the Head of Legal, Enforcement & Regulations, NDPB, Barr Babatunde Bamigboye.

According to the statement, “The central objective of the Bill is to safeguard the fundamental rights and freedoms, and the interests of data subjects, as guaranteed under the Constitution of the Federal Republic of Nigeria, 1999, by providing for the regulation of the processing of personal data; “Promoting data processing practices that safeguard the security of personal data and privacy of data subjects; ensuring that personal data is processed in a fair, lawful and accountable manner.

“Protecting data subjects’ rights as well as providing means of recourse and remedies in the event of the breaches; ensuring that data controllers and data processors fulfill their obligations to data subjects; “Establishing an impartial, independent and effective regulatory Commission to superintend over data protection and privacy issues and supervise data controllers and data processors.

Strengthen the legal foundations of the national digital economy and guarantee the participation of Nigeria in the regional and global economies through the beneficial trusted use of personal data. The National Commissioner and CEO of NDPB, Dr Vincent Olatunji who accompanied the Minister to the FEC called on all stakeholders to cooperate with the Federal Government in ensuring the sustainability of the abundant opportunities in Nigeria’s digital economy.

“With the full support demonstrated by the administration of President Muhammadu Buhari, a clear signal has been sent to the global data processing ecosystem that Nigeria is committed to safeguarding fundamental rights and freedoms of Nigerian citizens which may be impacted one way or the other by the activities of data controllers and data processors,” he added.

Global outlook

According to Faustine Ngila, open banking is considered a nascent idea in Africa but 11 countries are already tapping on its potential to deepen financial inclusion in rural areas.

Open banking, the practice of sharing third-party access to financial data through the use of application programming interfaces (APIs) within data privacy rules is gradually gaining prominence in Africa, which still grapples with several pain points in payments.

Also a report by Quartz during Seamless Africa fintech summit in Nairobi on Oct. 4 last year revealed that “Open banking brings the needed agility by fintechs to provide multiple services across borders. It allows you to send money from the US to Malawi as well as pay for your electricity, water, or home internet bills. These APIs enhance contactless payments, further pushing down the cost of transactions,” Willie Kanyeki, east and southern Africa regional manager at UK-based fintech Terrapay.”

Several startups are already investing on the frontier fintech concept and innovations around it. Last month a McKinsey study projected that Africa’s e-payments market will see revenues grow by 20% per year, hitting $40 billion by 2025. The global open banking market amassed a revenue of $13.9 billion in 2020, and is expected to hit $123.7 billion by 2031.

With 57% of Africa’s adult population still underbanked, and many lacking access to affordable credit, the sharing of APIs among banks, fintechs, and mobile money providers, according to fintech experts, presents a huge opportunity for the continent to expand financial inclusion to the rural areas.

Nairobi-based Solve Kenya, a subsidiary of Standard Chartered bank, which has utilized open banking in the past five months to provide over 800 small and medium sized businesses access to credit, believes the era of waiting for days for a business loan to be approved is long gone.

Kenya’s central bank gave open banking a green light in 2020 paving the way for Cooperative Bank of Kenya to pioneer the new business landscape, integrating its systems with 12 APIs to reach more customers.

Clear and present danger

However, while open banking is meant to innovate the banking system in Nigeria, it will also expose customers to various risks including cybercrime and data privacy breaches, among others.

“The basic risks in open banking include cybersecurity, data privacy and integrity, contract management, product management, money laundering, regulatory and compliance.

“At the minimum, participants shall address all identified risks, by developing and implementing effective risk management frameworks, policies, and procedures for open banking, approved by the Board of Directors, as well as institute a culture of sound corporate governance,” it added.

Open banking revolution sweeping across Africa

Open banking is considered a nascent idea in Africa but 11 countries are already tapping on its potential to deepen financial inclusion in rural areas.

However, despite a lack of cross-border standardisation, it’s clear that open banking has become a global phenomenon. More than 50 countries are rolling out their own initiatives – with six markets developing their own PSD2-style legislation, and more than 10 others working on open banking market standards.

Nigerian startups OnePipe, which aggregates APIs from banks and fintechs into a unified gateway, and Mono which builds open banking infrastructure for banks, are driving the revolution in the country and believe that all financial service providers should allow for free API integrations for inclusion to work in Africa. In May, Nigeria’s central bank laid down guidelines for open banking in the country.

Stitch, also South African, has developed an API that allows developers to connect apps to financial accounts within minutes. There are now six South African banks offering open banking services.

Morocco’s CIH Bank has been working with Finastra, an open banking fintech to digitize its services so customers can access them on a mobile app while improving customer experience and generating more revenue.

Tanzania’s most notable pioneer of open banking is NMB Bank, which launched the country’s first fintech sandbox in October 2021 to allow fintechs to access banking APIs meant to make payments faster. CEO Ruth Zaipuna says the sandbox “allows startups to experiment, test, and pre-certify integration with our banking services.”

Banks in South Africa, Kenya, Tanzania, Rwanda, and Malawi are also betting big on APIs to entrench WhatsApp banking, which is meant to make sending and receiving money as easy and fast as chatting on WhatsApp. Open banking is also active in Uganda, Egypt, and Ghana.

The future of open banking in Africa

However, the continent has the world’s lowest internet speed, many people still rely on feature phones, internet penetration is low, and some countries even censor it.

Some legacy banks are also not ready to open their APIs to fintechs or share customer data with competitors. The lack of regulation is also crippling attempts to make the concept mainstream, as only two countries in Africa—Kenya and South Africa—have a data privacy and protection law.

One of the hardest things about open banking is that we are asked [as customers] to share more data, in an age where privacy is more valued,” says Richard Dent, founder of Finger Finance, a California-based online lending startup.

Andrew Ma, chief operating officer of South Africa’s Stitch says though Africa is ready for the revolution “most regulatory regimes continue to treat third-party open banking players as security and exposure risks, and warn consumers against use of products enabled by them.”

But Africa’s informal economy, which accounts for almost 90% of the economy, remains a prime space for open banking innovation, offering players the chance to provide safe, secure, and innovative financial services to the 370 million unbanked consumers. A reduced cost of mobile internet is expected to raise financial inclusion in Africa and improve the continent’s GDP by 30%.

While reviewing open banking operations in the US, Jeremy clan noted that the US looks at best practices for open banking in the rest of the world as market participants doubt the country’s regulators will ever provide a roadmap, although industry bodies are providing direction.

Looking ahead

In the view of David Strachan, Head of Deloitte’s EMEA Centre for Regulatory Strategy, United Kingdom, open banking initiatives remain in very early stages of implementation.

 

More needs to be done by firms and regulators to raise consumer awareness and reach scale, even in jurisdictions such as the UK where Open

Banking regulations are already fully in place. The creation of a safe and fully functioning cross-industry data sharing ecosystem will take even longer.

In the view of David Strachan, Head of Deloitte’s EMEA Centre for Regulatory Strategy, United Kingdom, open banking initiatives remain in very early stages of implementation.

 

More needs to be done by firms and regulators to raise consumer awareness and reach scale, even in jurisdictions such as the UK where Open Banking regulations are already fully in place.

The creation of a safe and fully functioning cross-industry data sharing ecosystem will take even longer

Yet, there is little doubt that markets believe that Open Banking, closely followed by a broader cross-industry data sharing ecosystem, are the way forward.

As the boundaries between financial services and other industries break down, firms’ relationship with their customers, as well as the distribution of risk and liability between firms and sectors, are going to change fundamentally.

To respond effectively regulators will need to break down their own sectoral and geographical siloes and put the protection and fair use of customer data at the top of their agenda.

 

On the other hand, any financial services firm wishing to participate successfully in this new environment will need to go through a radical review of its long-term strategy, as well as its technological and operational capabilities.

Above all else, firms will need to recognise that from now on putting customers fully in control of their ‘data lives’ will be both a commercial and regulatory imperative.

 

 

 

Related posts
FintechTechnology

Google to accept naira payment on Play Store

Brands & PeopleFintech

Glo, fintech reward customers

Brands & PeopleFintech

CBN unblocks Bamboo, Nairabet, AbokiFX and 437 accounts

Fintech

Threads: Tinubu, 30 million others join, Zuckerberg projects billion

Sign up for our Newsletter and
stay informed

Leave a Reply

Your email address will not be published. Required fields are marked *