Site icon Connectnigeria Articles

A Summary of the CBN’s New Operational Guidelines for Open Banking

Open Banking

The Payments Association

  On Tuesday, March 7, the Central Bank of Nigeria released operational guidelines for Open Banking in Nigeria. The new rules were written up to enable banks and third-party firms to share customer data with each other, subject to customers’ consent. Musa Jimoh, Director of the Payments System Department at the apex bank, explained this in a stamen made available to the public.
Read more about Finance
Open Banking involves banks and other financial institutions sharing consumer account data, banking transactions, and additional information (through Application Programming Interfaces or API), with organizations that may leverage such data to build better consumer products.

Why the CBN’s Open Banking Guidelines Matter

Open Banking has been adopted by several first-world countries, with more on track to roll out guidelines governing the practice. It’s growing in popularity due to a push by FinTechs which want greater freedom to source and utilize banking data. Such data could help them tailor their solutions to the actual needs of their customers. With the guidelines introduced by the CBN, Nigeria has become the first country in Africa to issue this guideline. This results from six years of interaction between stakeholders in the financial services industry and the industry’s regulators.

A Run-Through of the Open Banking Guidelines

Here are some of the more important points we have gleaned from the CBN’s open banking guidelines:

What the CBN Aims to Achieve with the Regulation

The central bank says that it wants participants to know what their responsibilities are with respect to sharing, using, and protecting customer data. Its rules are designed to “ensure security across the open banking system,” guarantee financial stability within the space, and improve access to financial services. It intends the regulation to define the requirements for participation in the open banking arena, and allow for healthy competition between players in the industry.

Entities Eligible to Participate in the Open Banking Ecosystem

According to the CBN, organizations that possess customer data and can exchange them with parties that use them to develop innovative financial services are eligible to take part in the Open Banking ecosystem. This definition covers licensed financial service providers, Fast Moving Consumer Goods (FMCG) companies and retailers, and Payroll Service Bureaus, among others. Customers of these organizations, whose data may be exchanged with their permission, are also a part of the ecosystem.
Sign up for the Connect Nigeria daily newsletter

The Open Banking Registry

The Open Banking Registry (OBR) is a platform the CBN introduced. According to the apex bank, the registry will contain details of registered participants in the ecosystem, all of which will be identified by their CAC business registration number. Through the Open Bank Registry, producers of the APIs through which customer data will be accessed can manage the registration of companies that want to use their APIs. The CBN expects that data sharing via the registry will have the permission of customers. It also wants data shared to be accurate, up-to-date, and complete.

Responsibilities of Participants in the System

The Open Banking Guidelines outline players’ responsibilities. These participants include API producers, which develop the APIs through which customer data can be accessed; and API consumers, i.e. entities that source and utilize data from API producers. The CBN’s rules concerning the responsibilities of these parties cover access to customer data, Service Level Agreements (SLA) executed between API producers and consumers, service monitoring, incident management, and performance monitoring, among others.

The Treatment of Data and Information

The CBN requires parties that exchange customer data to document a clearly defined approach to collecting, analyzing, storing, and retrieving data. They are expected to comply with the Nigerian Data Protection Regulation (NDPR), a government legislation which guarantees the privacy of customer data. What’s more, the Open Banking guidelines from the CBN encourage organizations that exchange customer data to take steps to protect such data from cyber-security threats and disruptive disasters.
Register to attend the CN Business Mixer

Information Sharing Under the New Open Banking Regime

As we have already noted, the new Open Banking regulation stipulates that an API producer should only share their customer data with API consumers if they have the permission of those customers to do so. The regulation demands that API producers determine the authenticity of the approval (i.e. ensure that it really comes from customers), and present evidence of approval before exchanging the data concerned.

Final Words

The new Open Banking regulations introduced by the CBN pave the way for greater collaboration between financial institutions, whether they are traditional or FinTechs. The data sharing regime that the rules usher in could give startups and established businesses access to data that will enable them to build better solutions for their customers. Featured Image Source: The Payments Association
Got a suggestion? Contact us: editor@connectnigeria.com
Exit mobile version