Promsvyazbank and Tochka are the first participants of Russia’s open banking initiative. Promsvyazbank is a state-backed, formerly private Russian bank from Moscow. Tochka is a bank for entrepreneurs and businesses. They started using the Open Banking API developed by the Bank of Russia and the Russian FinTech Association (RFA).
Both banks passed all of the exams at the Open API Certification Stand, which is run by the Russian FinTech Association. The organization is in charge of establishing Open Banking in the nation. The testing confirmed that Promsvyazbank and Tochka adhere to the regulator’s Open API criteria. For Russian banks, using APIs and adhering to standards is optional.
Participants use open API standards and adhere to common regulations without having to sign any additional agreements.
First Use Case
SME account data exchange between banks will be the first use case for open APIs in Russia. Companies will no longer need to present paper account statements from other banks when applying for a loan; instead, agreement to the transfer of this information in a digital version will suffice.
In October 2020, the Bank of Russia adopted the first Open Banking recommendatory standards. API standards for account information, payment initiation, and information security are among them. The Russian FinTech Association runs pilot projects with local banks and fintechs to put the standards to the test in real-world scenarios. Tatiana Zharkova, СEO of the Russian FinTech Association said:
Open API is a global trend. The Certification Stand and the Open API Portal were developed by the RFA together with market players and the regulator. They are fundamental components of Open Banking in Russia”
How Open Banking Works?
Banks and financial organisations must come up with new ways to assist their consumers in managing their finances, making payments, and so on. While providing clients with automated accounting and simplified lending, they must also concentrate on upgrading their services in order to boost business revenue. Open banking helps to achieve this by a collaborative model in which financial data and services are shared between diverse parties via APIs.
Open banking works by establishing a connection between a bank’s information about its customers and third-party service providers who use APIs to provide services. While the technical method varies each bank, the end effect is the same: customers get control over their financial data.
They no longer need the bank’s consent to view these facts. If they need to share data to acquire services, it makes the process go much more smoothly. Third parties can use this information to deliver services on behalf of the user, such as data analysis and transaction processing. APIs can only do so with the user’s permission, lowering the danger of sensitive data being shared.
Risk of Data Breach: There is a danger of data breaches while utilizing the open banking API, although it is not considerably larger than the risk of a data breach with competent software.
Customers leaking information: Customers may have issues as they may give account information to scammers or fraudsters in general. Scams will not affect banks because they employ trained employees, but it is easier for users to be duped.
Lack of insights into protecting personal information: Ideally, banks should educate their customers on how to protect their personal information. However, because most consumers do not have direct talks with their banks, this type of banking is unlikely to occur.
Lack of appropriate security measures: Third parties relying on open APIs are beneficial. But these third-party organizations may also be hacked and unwittingly send thieves customer information. Banks have a very high-security requirement as their business depends on it. However, a small startup company may not be able to afford cutting-edge security systems, making it an accessible target for hackers.