Consent Management for Open Banking | HCL Blogs

Open banking consent management

Open banking consent management
January 02, 2020

Open banking provides customers with the ability to securely share financial data among banks and accredited fintechs. Data management in open banking has pushed banks to kick start innovations around payments and customer financial management with many potential use cases on spend analytics, credit decision, anti-money laundering (AML)/know your customer (KYC) and collateral management being developed as proof of concepts. Four types of data are shared in open banking - account, product, customer, and transaction data leading to improved customer-centric solutions and services.

One of the most important pillar of open banking is customer consent. The growth in products and services through open banking has resulted in customers providing consents to every subscription. The open banking regulation has prescribed the architecture for obtaining and maintaining consent between the parties involved.

This blog is an attempt to focus on how banks can manage customer consent for effective financial management and how HCL can help in this journey.

This blog is an attempt to focus on how banks can manage customer consent and how HCL can help in this journey. Read Blog @hclfs #consentmanagement #openbanking

All the services rendered on open banking need customer consent to be captured at the bank. When a customer signs up for a service with a fin tech, the request to access data is sent to the customer’s bank for his explicit consent. After the consent is provided the bank exposes the required data to the fintech.

Banks being the custodians of consent data, the regulatory responsibility to build secure and safe consent management practices is of paramount importance. Consent management should be incorporated into the data governance lifecycle of the bank to assign responsibilities to effectively manage the consent lifecycle.

Banks should focus on these three areas to improve on customer consent management:

Governance Framework:

Banks already have sound data management and governance practices. As an extension, consent related data should also fall into this purview. Definitions of consent related data management and metadata are the need of the hour. Banks should consider linking the consent acceptance and revocation process into its data governance to complete the consent management life cycle. This will enable them to have end-to-end tracking of consents, traceability, and data lineage for regulatory appraisals. The benefits of this approach are two fold, regulatory compliance and data insights which the bank can utilize to maximize revenue subject to regulatory compliance. Data stewards and operations data managers should have the responsibility and accountability for the consent data for proactive financial management.

Customer is King:

Banks can take one step further and publish consent data of the customer on the secured internet banking portal and mobile apps. Customers will get the opportunity to manage their consents with respect to view/accept/modify/revoke services at the click of a button and data available on portal or mobile app rather than in the back-end systems of the bank. Personal financial management services can also become a channel to deliver this experience. The upside for the banks is that if customers are using multiple fintechs or banks for similar services and upon seeing duplication in the login, customers might choose to limit such duplications and consolidate. This can result in opportunities for banks to retain customers and grow the wallet share whereas the customer can consolidate the services within his bank. At present the consent data is managed at the back-end and exposing it to customers will bring transparency to customers, leading to better customer satisfaction. This, can lead to potential revenue streams with customer recommendations and increase in net promoter score for the bank.

Consent aggregation:

Similar to credit bureaus where banks contribute and gain access to credit information, consent data can be managed by certified third party. The benefits of such a collaboration can lead to

  • Standardized approach to consent management
  • Regulatory reporting synergies, data mapping to GDPR or other data privacy standards.
  • Central repository of all consents provided by customers to manage retail transactions
  • Act as a single point of contact for the customer to enable and manage consent

HCL Advantage:

HCL is strongly positioned to help banks navigate the various opportunities presented by open banking, with capabilities in data management, API frameworks and thought leadership. HCL can help banks to seamlessly incorporate consent management by:

  • Sharing best practices in data governance, data management frameworks, and incorporating new domains into the governance
  • Experience in building AML/ KYC solutions
  • Solutions based on industry standards and past implementation experiences to achieve first time right
  • Reusable application programming interface (API) developed for proof of concepts can be retuned and used for plug and play.
  • Enable platform agnostic user experience for better financial management
  • Workflow management to make data flow simple and better
  • Analytics to extract maximum leverage from data on open banking