OPEN BANKING: BETWEEN COOPERATION AND COMPETITION

The emergence of financial technology companies (fintechs) has spurred expectations that they will lead to large-scale disintermediation in finance and significantly disrupt the banking industry. Regulators in several jurisdictions have supported their market entry through the adoption of open banking policies, whose purpose is to facilitate third-party access to banking data, subject to customer consent. Data access has been seen as a competitive bottleneck in the banking industry, while customers hold the ultimate ownership over their data. This paper aims to critically assess proclaimed promises of open banking by analysing existing barriers to entry and market-based collaborations between banks and fintechs as identified in the literature. Since the expected effects can vary depending on the regulatory model embraced, the paper also outlines the economic trade-offs of different regulatory solutions. Consequently, the paper may help regulators who are considering introducing or designing open banking policies.


INTRODUCTION
The past decade has seen a rapid digital transformation of the banking industry.One of the driving forces has been the emergence of financial technology companies (fintechs), which introduced many incremental innovations in banking.Fintechs are praised for their flexibility and ability to leverage cutting-edge technology to offer affordable and customer-centric services.These companies raised great expectations, among industry members, academics, and the wider public, that they would bring about a revolution in banking (The Economist 2015), disintermediate the banking value chain (e.g.Macchiavello 2021), and 'disrupt' the traditional banking business model (e.g.Anand, Mantrala 2019; Cai 2018; Oshodin et al. 2017).Fintech activity rapidly spread across different fintech verticals.Recent literature captured their presence in 22 out of 36 banking service domains, while the biggest concentration is in the area of payments and transfer of funds (Hanafizadeh, Amin 2022).
Despite the rising threat of these potential competitors, banks have largely managed to shelter their rents and accommodate fintech entry.The reason is that fintechs often depend on banking infrastructure, licenses, customer bases, products, and data, compelling them to partner with incumbents (Enriques, Ringe 2020).As industry reports in different countries have shown insufficient levels of contestability and competition in the banking sector, regulators worldwide have been incentivised to adopt open banking policies.The idea of open banking is to mandate banks to allow third-party access to their customer data upon receiving customer consent.The main regulatory goal has been to reduce informational rents enjoyed by banks and to induce market entry.Open banking resides on the premise that data is a competitive bottleneck in the banking industry, while customers hold the ultimate ownership over their data and should be allowed to share it with third party providers that can generate new value for them.
Given that the adoption of open banking policies is relatively recent, the theoretical account of this phenomenon is still emerging.While the literature on open banking is fast growing (a notable contribution is Open Banking, edited by Linda Jeng (2022)), it appears that none of the existing studies examines open banking in the context of a broader set of factors facilitating the market entry of fintechs, either as competitors or partners of incumbents.Therefore, this paper aims to explore the potential effects of open banking policies in light of existing market-driven practices of competition and cooperation between banks and fintechs.To assess the promises of open banking, the paper also explores the differences in the regulatory approaches of several prominent jurisdictions: the European Union (EU), the United Kingdom (UK), Australia, and India.The paper is among the first to discuss trade-offs of different regulatory design features and assess their expected impact on competition and cooperation in the market.In terms of methodology, this is a conceptual paper that draws upon the existing literature at the intersection of economics, finance, and law. 1 Its theoretical propositions are suitable for further empirical testing as time elapses and more data becomes available.
The paper aims to contribute to three strands of literature.An overarching framework for the paper is the literature looking into the relationship between regulation and competition in banking (e.g.Vives 2016).While the dominant paradigm is that regulation tends to soften and deregulation tends to strengthen competition (Degryse, Ongena 2008), open banking is specific as a pro-competitive regulatory intervention.The paper also aims to contribute to scholarship examining the determinants of fintech emergence and development.A growing number of papers is looking into successful fintech business models in different sectors, and factors driving fintech development at a country level (e.g.Haddad, Hornuf 2019).Recent literature has also opened up the question of why fintechs and banks tend to cooperate, either focusing on the bank (Faes et al. 2022) or fintech perspective (e.g.Bömer, Maxin 2018; Drasch, Schweizer, Urbach 2018; Gozman, Hedman, Sylvest 2018).Finally, the paper is connected to the literature examining the effects of regulations on fintech markets, which have predominantly focused on specific fintech verticals (e.g.Dushnitsky et al. 2016; Rau 2021).In contrast, open banking policies promise to have an impact across different fintech industries.
The structure of the paper is as follows.The next section explores the bank-fintech interaction landscape, trying to systemise different models of fintech entry.Section 3 discusses the foundations of open banking, outlining key concepts and regulatory objectives.Section 4 explores variations in open banking approaches in different jurisdictions, such as mandatory vs voluntary nature, the (un)existence of technical standards for data access, the scope of data to be shared, the regulatory perimeter regarding market participants, etc. Section 5 examines whether and to what extent open banking frameworks will likely drive competition and collaboration in banking, given the theoretical considerations on market-driven practices (Section 2) and different regulatory design features (Section 4).The last section concludes by elaborating on the potential developments of open banking and sets a research agenda.
1 Additional insights come from personal work in the capacity of a tutor for the Cambridge Fintech and Regulatory Innovation programme (CFTRI).

BANK-FINTECH INTERACTION LANDSCAPE
To understand the 'disruptive' potential of fintechs and the implications of open banking policies for their expansion, it is helpful to better understand the existing modes of fintech market entry.Fintechs encompass a wide range of different innovations, which can roughly be divided into those that concern the delivery of (core) banking services and those that employ advancements in general-purpose technology (e.g.artificial intelligence (AI)), cloud computing, distributed ledger technology (DLT) to enhance existing banking products and processes (Bank for International Settlements 2018, 9).Examples of fintechs that fall within the latter category include fintechs that provide software for customer digital authentication and customer onboarding (e.g.Onfido), programmes that enable algorithmic credit-scoring (e.g.Aire), or programmes that facilitate regulatory compliance (also known as RegTech).These companies essentially provide inputs for the delivery of financial services.The banks' incentives to integrate their services are straightforward, i.e. banks can streamline processes, save on human resources expenditures, and provide cheaper and more reliable services.
Fintechs that deliver core banking services seldom do so independently and in direct competition with banks.Banks typically engage in a broad spectre of activities (Boot 2016, 436), thus performing a set of interrelated functions: maturity transformation and liquidity provision by accepting shortterm deposits and extending medium and long-term loans, and payment and transaction services.In contrast, fintech services usually intend to target specific customer needs or even specific customer segments.Thus, fintech competition that involves market entry along all or most banking activities is rare.Nevertheless, two types of fintech business models compete directly with banks.The first type is so-called neo (digital, challenger) banks, which are essentially licensed entities that engage in banking activities exclusively via digital means, without any physical location and traditional branch networks.Depending on the jurisdiction, they hold a full blown banking licence or, as of recently, new types of lighter licenses aimed at facilitating market access. 2Examples include Monzo Bank and Fidor in the UK, WeBank in China, N26 in Germany, etc.The second type of fintechs, whose products can be deemed substitutes for banking services, are companies whose business model is built on the premise of banking disintermediation.They offer technology platforms that stand as an alternative to 'balance-sheet intermediaries' and 'trusted third parties', and instead, provide matching 2 For example, the Swiss regulator, FINMA, introduced a fintech licence to boost innovative financial companies (FINMA 2022).services between lenders and borrowers, or two sides of a payment transaction (Bank for International Settlements 2018, 20).Examples include licensed crowdfunding platforms in the area of lending and capital raising, and cryptocurrencies in the area of payments.The ability of these fintechs to compete with banks is constrained by increased exposure to counterparty risk, among other factors. 3ong the fintechs that deliver banking services independently, there is an increasing number of companies that offer banking services to unbanked or underbanked parts of the population.These fintechs developed innovations 'where incumbent service providers were not present and in market segments where customer needs were not met' (Carletti et al. 2020,  7).Examples include mobile money payments in developing countries, such as M-Pesa in Kenya.In essence, these companies are not direct competitors to banks as the markets they operate in are not in the banks' sphere of interest.
An increasingly large number of fintech entries is enabled or facilitated by cooperation with a bank, which leads to the shared delivery of banking services.This phenomenon is often described as 'disaggregation of the banking value chain' or 'unbundling of banking services'.It involves the departure from the premise that 'the offering to the customer is exclusively created and distributed in-house by a bank' (Gozman, Hedman, Sylvest 2018, 7).Cooperation can take various forms, such as direct equity investments, joint ventures, alliances, incubation, etc. (Drasch, Schweizer, Urbach 2018, 10; Oshodin et al. 2017, 8-9).
The shared delivery of banking services by banks and fintechs is enabled by the use of application programming interfaces (APIs).This interface allows to synchronise and connect the database or services of a bank with different third-party applications or programs (Chakray 2022, 8).APIs in banking (or open banking in a broader sense) are 'about letting third parties build applications and services around the platforms of the financial institutions' (Gozman, Hedman, Sylvest 2018, 6).In other words, by decomposing the banking value chain, APIs enable service creation and distribution by third party providers.
Bank-fintech collaborations are driven by the banks' need for faster access to innovation.Their cumbersome legacy systems and bureaucratic and complex governance infrastructure make the internal innovation process sluggish.Fintech innovations can help banks enrich their service Аnali PFB 1/2023 Аnali PFB 1/2023 offer, or improve their distribution channels and customer experience.Partnerships with fintechs can also open new revenue streams for banks.The fintechs' incentives for cooperating with banks are diverse and directly relate to barriers to entry into the banking services market.The most important barriers are the lack of an established customer base, limited data on potential customers, lack of reputation and brand recognition, relatively high cost of capital, regulatory infrastructure, 4 and the need to integrate banking products into their services (Bömer, Maxin 2018, 11; Carletti et al.  2020, 7).
If one were to roughly decompose the banking value chain into service creation and distribution (customer interface), fintechs can perform both (Gozman, Hedman, Sylvest 2018, 6-8).Most often they serve as distributors of banking products, such as the case with mobile wallets (Google Pay, AliPay), marketplaces for banking services (e.g.platforms that match borrowers with bank lenders), or different kinds of information aggregators.The case of aggregators is interesting (especially in light of open banking, as will be discussed below), as they offer customers a single interface through which they can manage financial accounts held at various institutions (including the option of initiating payments).
In many instances, banks enable the provision of services created by third party providers, either through their distribution channels (e.g.offering 'robo-advisor' investments to their clients) or by lending their regulatory license.In the latter case, also called 'white-label bank' (Bömer, Maxin 2018,  17), a fintech can offer deposit-taking, lending, or payment services under its brand, while the bank providing the regulatory infrastructure remains in the background, often not visible to the fintechs' customers.The outsourcing arrangement is established on a contractual basis. 5dependently of the fintech's place in the value chain (service creation vs distribution), it is important to understand who can claim ownership over the customer base, which is tightly related to the question of which brand is visible to customers.In instances in which a bank has a relegated role (Bank for International Settlements 2018, 19-20), which is typically 4 Regulatory infrastructure, in this context, is understood as a regulatory license complemented with necessary systems and procedures in place to ensure regulatory compliance.5   An example of this model is the German-based fintech Penta, which cooperated with Solarisbank.For detailed regulatory implications of this model, see Enriques,  Ringe (2020).
the case with the 'white-label bank' model, but increasingly more so with information aggregators, bank-fintech cooperation can indirectly lead to more competition in the market as well.
Despite a proliferation of bank-fintech cooperation, banks' willingness to voluntarily integrate a third-party provider, i.e. the 'troublemaker' (Drasch, Schweizer, Urbach 2018), is often constrained for several reasons.Firstly, banks continue to bear all the regulatory compliance risk without being in full control over the fintech's operations.Simply put, bilateral contracts may not be effective enough in inducing fintechs to meet all the regulatory standards, while monitoring efforts by the bank may be limited and costly.Moreover, due to legacy systems, banks usually find it complex and costly to modernise their infrastructure and create APIs for third-party access.Finally, in collaborative models in which fintechs are customer-facing, banks may be afraid of ceding their customer base to their partners.
In summary, limited direct competition between fintechs and banks and factors hindering bank-fintech partnerships suggest that there is a need for more contestability in markets for banking services.Financial markets regulators with a competition mandate have sought to address this issue by adopting open banking policies.The following sections will explore the basic concepts of open banking, discuss major regulatory models, and assess their potential effects on competition and cooperation in the market.

THE FOUNDATIONS OF OPEN BANKING
Customer data has always been one of the key inputs in financial intermediation services.The very existence of banks is often explained by their ability to overcome or mitigate pronounced information asymmetries, which lead to trade frictions in direct interactions between lenders and borrowers (Damme 1994). 6Namely, banks are considered superior in the screening of borrowers ex ante, and monitoring the contract execution ex post, thus reducing adverse selection and moral hazard.While banks have different ways of gathering relevant information about borrowers' creditworthiness, banks have traditionally relied on their lasting relationships with their customers -a concept also known as relationship 6 In addition to trade frictions caused by asymmetric information, banks can mitigate trade frictions arising because lenders prefer to hold liquid assets, while borrowers prefer a longer maturity of their loan (a bank's function of maturity transformation).For an overview of microeconomic theories in banking, see Damme (1994).
Аnali PFB 1/2023 Аnali PFB 1/2023 banking or relationship lending (Elyasiani, Goldberg 2004).It is often held that long-lasting relationships with customers, together with the continuity of the organisation, determine a bank's value (Boot 2016, 433).Empirical studies also document that continuous relationships between banks and their clients are associated with lower interest rates, less strict collateral requirements, and a lower likelihood of credit rationing (Berlin, Mester  1999, 579).Moreover, banks' insights into customer transaction accounts, savings accounts, lending patterns, and repayment history over time give them a competitive advantage in cross-selling other banking products and services.The abundant data that customers produce as a by-product of their financial activities serves as a basis for offering, for instance, wealthmanagement services.
As in other segments of the economy, the importance of data in financial services is increasing.Data is often colloquially referred to as the 'new oil' (The Economist 2017).This is due to the technological progress, which reduces the costs of collecting, storing, and processing data (such as via machine learning, AI, and prediction algorithms), thus, enabling to extract a greater value from it (Acquisti, Taylor, Wagman 2016, 444; Allen, Gu, Jagtiani 2021, 2; Carrière-Swallow, Haksar 2022, 128).Being aware of this trend, regulators in several countries have adopted, or are considering adopting, open banking policies to facilitate the access and use of available banking data, thus promoting innovation and competition in the market.According to some studies, open banking policies are 'on the way to adoption' in more than 80 countries (Babina, Buchak, Gornall 2022, 19).
The concept of open data implies that customers are permissioned to share their data held at banks with third party providers.The access to data is provided under controlled standards, while individual customer data is usually retrieved in a standardised format, allowing for easy analysis and comparison.Open banking, mandated by regulation, resides on three interrelated premises.The first premise is that customers are the ultimate owners of their data, and they have the right to decide who will have access to it and for which purposes.Customers' explicit consent to share their data presupposes that the value of services they receive outweighs the disutility that comes with reduced privacy. 7The idea is embedded in the term 'data portability', as part of a broader concept of 'active data rights'.The latter 7   This assumption implies that the customer (data subject) has sufficient information and control over the consequences of collecting their data, such as when their data is collected and for what purposes, which is often not the case in the digital economy (see Acquisti, Taylor, Wagman 2016).implies that individuals not only enjoy protection from their data misuse or theft, but can also take actions concerning information about themselves (Asrow 2022, 33-34).
The second premise is that financial institutions have the incentive to shield the customer data they gather from their competitors.From an efficiency point of view, banks' exclusive use of their customer data is suboptimal.The non-rival nature of the data, i.e. that the same information can be used by multiple economic agents, suggests that society would be better off if the data is shared among different agents that can derive value from its exploitation (Carrière-Swallow, Haksar 2022, 130-131). 8 connection to this, the third premise is that customer data can be a competitive bottleneck in the banking industry (e.g.Dell' Ariccia 2001; He, Huang, Zhou 2023).The essential idea is that established incumbents benefit from relationship banking, i.e. proprietary information gathered through continuous interactions with their customers allows them to better assess their creditworthiness.Based on this, they can acquire some market power over their customers to their competitors' disadvantage. 9erefore, allowing customers to share their transactional data with third party providers of their choice should lower barriers to entry in the banking sector and increase competitive pressure on incumbents, thus leading to lower prices and greater innovation in the provision of banking services.Another argument that further supports open banking policies is that data is at the heart of fintech businesses (Wolberg-Stok 2022, 17).As technology companies that focus on specific customer needs, they can use individual granular data more efficiently than banks.In other words, they can better exploit customer heterogeneity, bringing change along three important dimensions (Babina, Buchak, Gornall 2022, 15).Firstly, fintechs can offer better customised products (for instance, financial advice or wealth management services).Secondly, using advanced tools of data analysis helps 8 It is worth noting, however, that there is a difference between situations in which information on an individual customer is used for selling different banking products (e.g. consumer loans and mortgages) and situations in which such information is used for selling a unique banking product but different market players compete in offering the best terms to the customer.In the latter case, even though all competitors who have access to information can derive value from its exploitation, only the competitor that offers the best terms will ultimately conclude the transaction with the customer and actually benefit from it.Nevertheless, this will improve allocative efficiency.9 This has to be understood in the context of a wider 'data economy where the size of the data pool determines competitive strength' (Arner, Buckley, Zetzsche 2022, 150).
Аnali PFB 1/2023 Аnali PFB 1/2023 them to predict better customer willingness to pay for certain products or services, thus facilitating price discrimination.While price discrimination allows service providers to extract more consumer surplus (primarily from willing to pay customers), it also enables them to provide services to previously underserved customers with low willingness to pay.Moreover, fintechs often combine banking data with non-traditional data sources, providing more efficient tools for risk pricing and credit decisions (Babina, Buchak, Gornall 2022; Berg et al. 2020; Langenbucher, Corcoran 2021). 10etter estimation of individual customer risk is essential for mitigating adverse selection, which is a result of a 'pooling equilibrium' -situation in which 'good' and 'bad' types of borrowers receive loans under similar conditions because they are non-differentiable. 11 is important to note that the optimism about open data policies resides on the idea that the amount of data produced within the banking sector will remain unchanged.Nevertheless, the fact that open banking regulations will turn customer data into a common good can alter the incentives of market participants involved in its production: customers and banks.Customers may reduce data production if they are unsure how their data is used (Babina, Buchak, Gornall 2022, 19) or if they are afraid of incurring costs as a result of it, for instance, if the data reveals that they are risky customers.An important interrelated question to understand is whether and when they will decide to 'opt in' to share their banking data with third party providers.Banks usually do not incur significant costs when collecting customer data that is a by-product of regular financial activities.However, all the costs borne to establish and maintain relationship banking may now be futile due to a lack of exclusivity over customer data, again potentially reducing the total amount of data available (Carrière-Swallow, Haksar 2022, 140-141). 10For instance, Upstart is a US-based lending platform that uses AI to predict creditworthiness based on alternative data, such as educational background and current employment, and provides consumer loans in cooperation with banks (Langenbucher, Corcoran 2021, 142-143).Berg et al. (2020) analyses the importance of simple and easily accessible digital footprint variables for predicting default rates.It analyses data typically available to a e-commerce website (device type, operating system (iOS vs Android), email address (with or without a personal name), etc.) to show that simple digital footprints variables are equal or superior in predicting default rates when compared to credit bureau scores.They also show significant complementarity between traditional and non-traditional risk assessment methods. 11While efficient risk pricing helps low-risk customers to obtain loans under more favourable terms, it can also lead to the exclusion of the riskiest customers, who would otherwise go unnoticed in a large pool of borrowers that are difficult to discriminate (Carrière-Swallow, Haksar 2022, 137).
Regarding more technical aspects, for open banking policies to be implemented, banks have to reconfigure their IT architecture to allow third party providers to access customer data via APIs (as explained in the previous section).Open banking presumes 'open' or 'public' APIs, implying that they are accessible by anyone (who satisfies pre-defined criteria set out by the API provider or the regulator) (Zachariadis, Ozcan 2017, 6-7).This stands in contrast to private APIs, used for voluntary cooperation arrangements between banks and fintechs, which are highly customised, non-visible to the public, and subject to specific contractual obligations between the two parties.It is debatable whether 'openness' also implies that access to APIs is loyalty-free (Cardinal, Thomas 2022, 93; Zachariadis, Ozcan 2017, 6).
However, a mere regulatory requirement for banks to create open APIs is insufficient for creating a reliable and secure system that will foster a large-scale exchange of customer data.The first set of necessary conditions entails the implementation of data rights, broadly speaking.This includes 'passive data rights' (e.g.standards regarding data protection, cybersecurity, appropriate use of data, etc., and 'active data rights' (e.g. the above-mentioned data portability, standards regarding customer consent, the right to delete or correct data, etc.) (Asrow 2022, 33-34).Some aspects of data rights are embedded in the technical architectures and solutions of APIs.APIs are a set of protocols that govern communication, authentication, and data functionalities/payloads (Cardinal, Thomas 2022, 96-99).Communication standards define how two systems connect and exchange data in a secure manner.Authentication standards are there to ensure that approved third party providers gain access to customer data without using or possessing customer credentials (ID and password) for accessing their accounts, but instead relying on a substitute object.Data functionalities/payloads determine the type (scope) of data that third party providers are allowed access to.Access to data is sometimes limited to 'read only', or can include a 'write' function as well, meaning that third party providers can initiate transactions on behalf of customers.It is important to emphasise that APIs architecture and technical (security) standards are sometimes prescribed by the regulator, sometimes recommended by industry associations or other self-regulatory bodies, or merely governed by internationally-accepted best practices, leading to varying degrees of Аnali PFB 1/2023 Аnali PFB 1/2023 uniformity (World Bank 2022, 17-18). 12When designing their APIs, banks have the option to develop them in-house or get a 'ready-made' solution from API providers. 13 addition to data rights that follow from technical standards of APIs, all market participants involved in data handling and storage (banks, fintechs, data intermediaries) are usually subject to an additional set of rules that ensure the robustness of their systems.Such rules may be part of the open banking framework, but they can also stem from operational risk management requirements for licensing of financial intermediaries/third party providers, or general data protection regulations (e.g. the General Data Protection Regulation (GDPR) 14 in the EU).A related issue is how to delineate liability between banks and third party providers in instances of a system failure, i.e. data breaches, misuse, unauthorised login, unauthorised transactions, etc.While financial institutions have been per se liable for 'protecting their customers from financial loss as a result of fraud', open banking practises require modernisation of regulatory rules and specific guidance, since appropriate apportionment of liability is usually difficult to achieve through contractual arrangements between market participants (Boms, Taussig 2022, 59, 56-72).
In addition to creating a robust and secure data exchange system, including associated consumer protection issues that may arise, the second prerequisite of an effective open banking policy is achieving a certain level of interoperability of API standards across the industry.Interoperability implies the use of standardised data protocols and a customary interface that allows external systems and applications to simply 'plug in', without the need to understand the particularities of the APIs' provider's system 12 It is interesting to note that, in terms of regulatory remit, implementation of an open banking framework (defining (technical) rules and their effective monitoring) is delegated to various authorities and entities in different jurisdictions.It can be a banking authority (e.g. in the EU, India, Singapore, Hong Kong), competition authority (e.g. in the UK, Australia), an entity created and/or financed by financial industry members, or a combination thereof.This has to do with the fact that not all banking supervisory authorities have a competition mandate, or the necessary technical expertise and capacity within the institution to set the standards and enforce them. 13A growing number of banks rely on API platforms whose role is to create an additional layer of interface between banks and third party providers, ensuring the necessary level of compliance (World Bank 2022, 18-19). 14Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).(Zachariadis, Ozcan 2017, 6).Interoperability also entails standardisation of data recording formats, ensuring that data stored by one market participant can readily be used by other market participants (incumbents and fintechs) (Carrière-Swallow, Haksar 2022, 141), avoiding the unnecessary costs of adapting to the customised protocols of individual banks.Thus, common API standards are important for the ability of third party providers to achieve economies of scale in regard to data collection, aggregation, and analysis.
While this section outlined some of the cornerstones of open banking policies, abstracting from design features of specific countries, the following section will offer a comparative overview of regulatory solutions in 'frontrunner' jurisdictions in terms of open banking (the EU, the UK, Australia, and India).Other than being among the earliest adopters, the selected jurisdictions exhibit some interesting differences that bear importance for the main research question -whether and to what extent open banking is likely to foster competition and cooperation in banking.The overview is meant to be a high-level synopsis of key characteristics, leaving a more detailed comparative analysis to (future) legal scholarship.The factual basis for the synopsis relies on the findings in the recent World Bank report on open banking policies (World Bank 2022) and is complemented by scholarly research.

OPEN BANKING REGULATORY MODELS
The trend of adopting open banking policies is relatively recent, yet jurisdictions exhibit significant differences regarding institutional details.The reasons for the significant disparities can be found in different regulatory remits and institutional objectives of the competent authorities, their administrative capacity and internal technical expertise, as well as market-driven factors, such as incumbents' readiness or level of resistance, the banking market structure, and the level of fintech penetration.Existing financial regulations (such as licenses for non-bank financial intermediaries) and the current data protection frameworks undoubtedly influence the regulatory architecture of open banking policies.Open banking regulatory models can be roughly divided into mandatory and voluntary.Within the mandatory regimes, one can also differentiate between regimes that also prescribe technical standards for APIs, and those embracing more flexibility in this regard.A complementary institutional trait is whether banks are allowed to charge royalty fees.Voluntary regimes, in contrast to mandatory ones, typically leave it up to the banks to decide on charging fees for access to their customer data (World Bank 2022, 19).Another important Аnali PFB 1/2023 Аnali PFB 1/2023 differentiating design feature is the scope of data that is subject to data portability, as well as functions that third party providers are allowed to perform concerning this data ('read' and/or 'write' access).Finally, banking regimes differ regarding the rules on market participants, including both the supply (financial institutions) and the demand side (fintechs) of the data exchange process.

The EU
The EU was the first jurisdiction to create a mandatory open banking regime, with the implementation of the Second Payment Services Directive (PSD2) in 2015. 15The Directive came into full effect on 14 September 2019.The requirement to allow third party providers to access consumer financial data was coupled with strong customer authentication measures (also known as multi-factor authentication).In addition, the implementation of open banking was facilitated by the adoption of a comprehensive data protection regime embedded in the GDPR, effective as of 2018. 16ile the PSD2 did not introduce a technical framework for 'common and secure open standards of communication' between banks and third parties, this task was delegated to the European Banking Authority (EBA), which issued complementary second-level texts. 17Yet, the EBA merely requires banks (account servicing payment service providers) to offer a 'dedicated interface', without specifying the technical standards of communication, to ensure technology and business model neutrality. 18Instead, 'to ensure the interoperability of different technological communication solutions, the interface should use standards of communication which are developed by international or European standardisation organisations'. 19In the meanwhile, the industry autonomously adhered to standards created by several market-led initiatives. 20With regard to the scope of data, the European regulator was rather conservative, allowing access only to payment accounts.'Data from a loan, mortgage, saving, investment, pension, and insurance accounts' falls outside the scope (Littlejohn, Boskovich, Prior 2022, 182).The PSD2 was created with the view of facilitating entry into the payment-related services market.For this reason, 'read' and 'write' access to data is allowed, so that fintechs holding an appropriate license can also initiate a transaction from an account held at another institution.Regarding market participants subject to open banking regulations, the European regulator does not differentiate between banks of different sizes, creating a level playing field across the industry.
One distinctive feature of the open banking regime in the EU is that it introduced a set of new licenses for market players, who can build their business model around open access to customer data.Namely, the PSD2 created licenses for 'payment initiation services providers' (PISPs), and 'account information services providers' (AISPs).PISPs are businesses that initiate the transfer of funds between the customer's account and the merchant's account, without the need to go through the online platform of the bank where the customer account is held.PISPs offer customers low-cost payment solutions for their online transactions, without the need for a card intermediary (Vezzoso 2018, 32).AISPs are businesses that offer customers a comprehensive overview of their financial situation by collecting and aggregating information from payment accounts held at different banks and displaying it in an informative and accessible manner.Based on this, customers can change their spending/saving patterns or provide consent for this data to be shared with fintechs that provide additional services, such as banking products price comparisons, personalised advice regarding banking products, etc. (Vezzoso 2018, 32). 21Neither AISPs nor PISPs are authorised to hold customer accounts directly.The approach of the European regulator -to allow only licensed third parties to access customer dataalso bears significance on potential liability.Namely, the PSD2 prescribes that authorised third parties must comply with specific risk management requirements and hold indemnity insurance (or an equivalent guarantee) against specified liabilities (World Bank 2022, 17).

The UK
Open banking was introduced in the UK following the adoption of the PSD2 in 2018, as the country was still a member of the EU at the time.The mandatory regime was set up by the Competition and Markets Authority.Open banking in the UK embraced most of the EU solutions, such as that it mandates customer-permissioned data sharing only with licensed third party providers (regulated by the Financial Conduct Authority, or an equivalent authority in the EU Member State).
However, the framework exhibits some notable differences from its predecessor.The UK regulator recognised early on the necessity of adopting industry-wide technical standards and delegated their creation to an independent body -the Open Banking Implementation Entity (OBIE), which would work closely with industry members.The nine largest banks in the UK (also known as the CMA9) were mandated to finance its activities.To ensure interoperability across the industry, the OBIE went even further to create Operational Guidelines and Customer Experience Guidelines (Littlejohn,  Boskovich, Prior 2022, 184).Regarding the scope of customer data, as is the case in the EU, third party access in the UK is limited to 'demand deposit accounts' (personal current accounts and business current accounts).However, it goes beyond this to allow for retrieval of information on bank products and services (Littlejohn, Boskovich, Prior 2022, 187).Finally, an important difference from the PSD2 solution is that the open banking framework in the UK is mandatory only for the CMA9, recognising that the insufficient level of competition and innovation in the market needs to be balanced against compliance costs for smaller market players.

Australia
Similar to the UK, the open banking regime in Australia was set up by the Australian Competition and Consumer Commission in 2018, with phased implementation starting in July 2019.In Australia, like in the UK, technical standards were mandated by regulations and followed by additional customer experience guidelines.Concerning the scope of data, the Australian regulator embraced an all-encompassing solution where access to data involves credit and debit cards, mortgages, and banking products and services, in addition to deposit and current accounts.However, unlike in the EU and the UK, the regulatory framework does not allow payment initiation.The novelty of the Australian approach is reflected in its area of application.Namely, open banking is merely one segment of a wider open data initiative, where access to customer data is also mandated in other sectors of the economy, such as energy and telecommunications.Nevertheless, in the banking sector, a phased approach was foreseen so that the open banking framework was mandatory only for major banks during the first period, whereas other banks could adapt with a one-year delay.

India
The approach of the Indian regulator (the Reserve Bank of India) differs from the approaches presented above, most notably regarding the voluntary nature of rules.However, to better grasp the uniqueness of the open banking policy in India, it is helpful to distinguish between the 'read' and 'write' access to data, i.e. payment initiation.
The principles of open banking were first introduced in India with regard to payment initiation services, through the adoption of several interrelated policies, known under an overarching term 'Indian Slack' (Carrière-Swallow, Haksar, Patnam 2022, 247-253).The first important policy enabling the introduction of open banking is the Aadhaar identification system.It is a system of digital IDs for all Indian citizens who sign up for it.It enables financial institutions to easily verify customer identity via APIs, thus facilitating digital onboarding and compliance with Know Your Customer (KYC) rules necessary to open an account.The second important policy was the creation of the Unified Payments Interface (UPI) in 2016 -an interoperable payment system also based on standardised API protocols, which enables retail payments and settlements between financial service providers.The UPI is maintained as a public digital infrastructure, and access to it is provided to all licensed intermediaries -banks and non-banks fintechs that hold a 'special payment bank licence' (Carrière-Swallow, Haksar, Patnam 2022, 250).This license was created with the view of enabling the provision of financial services on a smaller scale, thus facilitating fintech entry.
While payment initiation data access is fully operational on a voluntary basis, data sharing among regulated financial service providers is still underway.The proposed data-sharing solution is unique in several respects (Carrière-Swallow, Haksar, Patnam 2022, 251-253).While the participation of banks is voluntary, it is meant to be facilitated through a special type of regulated aggregators.Moreover, data sharing will be established on a reciprocal basis, so that fintech companies will equally be required to share financial data on their customers.Concerning the scope of data, as in Australia, data sharing will gradually evolve from financial services data to insurance and health data.

OPEN BANKING -FALLING SHORT OF EXPECTATIONS BUT HOLDING NEW PROMISES?
The growing enthusiasm of regulators worldwide about open banking policies and their effects on contestability and competition in banking (despite notable differences in approaches) requires a better understanding of the mechanisms potentially leading to the desired effects.The analysis of different models of fintech market entry (Section 2) shows that direct competition between banks and fintechs is not common due to factors that are far more comprehensive than access to customer information.Clearly, open banking policies will bear little or no consequence on fintechs that do not offer substitutes for banking products or intend to expand into these markets.This primarily includes companies that provide technology-based inputs for banking services, and companies that focus on niche banking services, customer segments, and geographies, i.e. markets in which banks do not operate.
Secondly, a wide array of fintechs that could potentially act as competitors to banks concerning specific products are dependent on cooperation with a bank to enter the market.For instance, a lack of reputation and customer base has often led to the integration of fintech products into banks' offerings.Fintechs whose business model entails operating under the regulatory umbrella of a licensed bank could potentially benefit from access to customer data under open banking, but in most jurisdictions they would need to get a special license (e.g.AISP, PISP).Moreover, the incumbent bank in the background (which enables the fintech to offer banking services, such as deposit taking and lending) can always withdraw its license, while retaining the deposit accounts opened by the fintech company. 22e fintech business model that would arguably benefit the most from open banking policies is information aggregators and marketplaces for financial services.These platforms could offer a unique interface through 22 Contracts between fintechs and banks, under the regulatory umbrella model, often include clauses that stipulate that the fintech holds ownership over the customer base.However, it is questionable whether such clauses are enforceable and how customers' deposit accounts would be taken over by a different partner bank (or the fintech if it subsequently obtains its own banking license).which customers could integrate and manage all their accounts held at various institutions, especially with the payment initiation function that some jurisdictions have enabled through open banking.Bank for International Settlements (2018) described a potential scenario in which aggregators would lead banks to become 'commoditised service providers and cede the direct customer relationship' to the aggregator (the platform) (Bank for International Settlements 2018, 19).While aggregators will likely continue to be just another distribution channel for banking products, one can conjecture that they will intensify the competition among incumbent banks, primarily by increasing the transparency of various banking offerings and facilitating their comparison.For platforms acting as aggregators of financial services to become established market players, thus fostering competition among incumbents, they would have to build a customer base.For this reason, it has been argued that technology platforms from non-financial sectors also known as BigTechs (Amazon, Apple, Google, Facebook, Alibaba, Tencent), acting as aggregators and marketplaces for financial services, will leverage their existing reputation, the customer base, and complementary data to become an indispensable distribution channel for banking products (Carletti et al. 2020, 12).With strong network effects, under this scenario, there would be a highly competitive market for banking products, with a few technology platforms dominating the interface with customers.
Even though an open banking regime has limited potential to intensify competition between fintechs and banks, there is nevertheless one more channel through which it can intensify competition among incumbents (including licensed neo (challenger) banks).Namely, with banks being able to get access to each other's customer information, the competitive advantage of relationship banking will be reduced, allowing smaller banks to compete along other price and non-price dimensions.
As mentioned above, proponents of open banking have mainly focused on competition and innovation as the regulatory goals.An often-neglected aspect of open banking policies is their potential effect on bank-fintech collaboration.As explained in Section 2, banks may be reluctant to engage in partnerships with fintechs due to the costs of creating APIs and regulatory and reputational risks, among others.One may conjecture that open banking will lead to a greater number of collaborations between banks and fintechs, primarily because banks will need to upgrade their core infrastructure for open APIs, making it more modular and flexible for further integration of fintech products and services.In addition, banks will bear a smaller risk when partnering with third party providers when there are clear regulatory standards regarding data transfer and technical integration of their products and services.In the same vein, the risk of collaborations will be lower with Аnali PFB 1/2023 Аnali PFB 1/2023 a clear regulatory stance on how liability is split in case of a data breach or misuse of consumer rights.Open banking regulations are more likely to drive collaborations when third party providers are required to hold their license (e.g.AISP, PISP) and are thus subject to direct supervision of the regulatory authority.Nevertheless, the danger of reputational spillovers may undermine collaboration incentives (Klus et al. 2019, 16).
Interestingly, open banking regulations may create a loop between competition and cooperation in banking.Let us assume that open banking regulations will intensify the competition among incumbents.In that case, they may indirectly lead to greater cooperation with fintechs, whose innovations can help banks keep their competitive edge, for instance, by making better use of customer data and offering more personalised services.
The institutional variations described in Section 4 are usually difficult to capture in large-scale cross-country empirical studies, but they are also likely to make an important difference in the effects of open banking.It is straightforward to argue that mandatory open banking policies will lead to greater competition than voluntary ones.Nevertheless, an ill-fitting topdown approach may be more difficult to implement and thus less effective than voluntary rules created by and widely accepted among industry members.It has been mentioned before that mandatory regimes are usually royalty-free, while voluntary regimes give banks more freedom to decide on fees.If banks decide to charge fees for their customer data, competitive constraints are likely to be lessened.Still, voluntary partnerships are likely to increase, as banks can potentially create new revenue streams.
One regulatory feature that is likely to have a decisive effect on the effectiveness of open banking is common API standards.When considering the foundations of open banking (Section 3), it has been discussed how important interoperable API standards are for the ability of third party providers to achieve economies of scale in regard to data collection, aggregation, and analysis.Therefore, one can argue that the EU approach of favouring technology neutrality over common standards will weaken the potential effects of open banking.
The regulatory perimeter of open banking creates trade-offs.If all market participants in the banking sector are subject to the same rules (such as in the EU, as opposed to the UK solution), a level-playing field will naturally intensify competition.Nevertheless, smaller banks may find the implementation of open API architecture disproportionately burdensome, forcing them to increase margins or cut expenses in other areas important for their ability to innovate and compete (e.g.R&D, advertising, etc.).In other words, competitive pressure from smaller incumbents may be reduced.
In connection to this, the regulatory perimeter regarding third party providers, i.e. beneficiaries of open banking, can have countervailing effects on the prevalence of bank-fintech collaborations.Namely, as explained above, banks' willingness to expand their collaborations beyond regulatory requirements will depend on their ability to minimise regulatory and reputational risks stemming from partnering with fintechs.This means that open banking frameworks that provide access to data only to licensed third party providers will induce greater confidence among banks.However, such rules can also reduce the diversity of fintech innovations, since many innovative fintech business models or products do not neatly fit one of the existing licenses.

CONCLUSIONS
The paper has outlined several theoretical proposals regarding the expected effects of open banking on competition and cooperation in the market, which can be subject to further empirical testing as more data becomes available over time.The baseline finding is that open banking will primarily increase competition between incumbents rather than between incumbents and fintechs.The reason is that fintechs are seldom direct competitors to banks for reasons that are far more paramount than data access.Some fintechs act as technology suppliers to banks, some focus on geographical and product markets in which banks do not operate or target customer segments underserved by banks, while a large portion of them depend on establishing a cooperation with a bank for market entry.However, the activity of fintechs will likely enable mechanisms through which competition between incumbents will materialise.Thanks to open banking, fintechs, in particular those that act as data aggregators, will foster the transparency of banking offerings.Moreover, data-sharing infrastructure created as a result of open banking implementation can facilitate more encompassing collaborations between banks and fintechs, thus increasing the banks' innovation potential.
The paper has also discussed the economic trade-offs of the different regulatory approaches embraced by the jurisdictions that were among the early adopters of open banking policies (the EU, the UK, Australia, and India).The most notable differences concern the following dimensions: the mandatory vs voluntary nature of rules, the ability to charge fees for data access, the (un)existence of common API standards, the scope of data being shared, the functions that third party providers are allowed to perform concerning these data, and the rules on market participants on the supply Аnali PFB 1/2023 Аnali PFB 1/2023 and demand sides of the data exchange.The paper has examined of how such regulatory choices can affect competition and cooperation in banking, which can be of interest to regulators and policymakers in the process of drafting an open banking framework.
All the theoretical prepositions in this paper rely on the assumption that open banking will lead to successful data-sharing practices, which further depend on two interrelated questions that call for further research.The first question is whether the amount of customer data will change with the introduction of open banking policies.As briefly discussed in Section 3, open banking can potentially alter the incentives of both customers and banks to produce data.The second question is whether and to what extent customers will give their consent for data to be accessed by third party providers.Their willingness to share will inevitably be affected not only by their perception of the quality of data protection, but also by a number of cultural and institutional factors, which need to be better understood.
Future research agenda will also need to follow developments in open banking policies, which may take several directions.From a contestability point of view, the most effective direction would be to open up core banking infrastructure via APIs for third party providers to integrate (plug in) their products and services.This would essentially mean mandating banks to establish cooperation with fintechs to alleviate barriers to entry.An obvious obstacle to this is the regulatory treatment of such services.Putting fintechs under banks' regulatory umbrella, as has been the practice in some of the market-driven collaborations, is unacceptable for the obvious reason that banks cannot be held accountable for non-compliance of third party providers which they were unable to choose themselves.Even for services that would not necessarily fall within the regulatory remit, the question is on which economic grounds one could justify such a policy, such as the premise that customers own their data, which provides grounds for existing open banking regulations.Some similarities can be drawn to the essential facilities doctrine, as developed in competition policy and applied both in the case of physical infrastructure and some intangible assets (e.g.Graef 2019).Still, the latter is applicable under a very restrictive set of conditions, which would not hold in banking.
The second, more realistic direction of development of open banking is to continually expand the scope of (banking) data that third party providers can have access to with customer consent, as well as to increase the scope of services that can be provided based on this data.As discussed in Section 3, the approaches of individual jurisdictions already exhibit differences along these dimensions.Increasing the scope of (open) data and associated services will likely depend on the growing trust that banks and their customers put in data security and data sharing standards, as well as consumer protection standards adhered to by third party providers.
Another direction of development already taking place in several jurisdictions is to expand open banking regulations to other financial industries beyond banking, e.g. insurance companies (also known as 'open finance').The theoretical considerations developed in this paper likely bear implications for open finance frameworks as well, as fintechs in other financial markets face similar barriers.
The most controversial direction of change is to impose open data 23 standards on BigTechs who will likely benefit the most from existing open banking policies, while exclusively owning their pools of alternative data (e.g.purchasing patterns, search interests, behaviour on the internet).Their economic power coupled with network effects can help them expand quickly into markets for financial services.It is not a surprise that open data policies are most welcome among incumbents who are currently primarily costbearers of existing open banking regulations.There is no doubt that such developments would considerably contribute to creating an even playing field between BigTech and traditional intermediaries, and potentially significantly improve the allocation of resources with advanced screening available to all market players.In addition to privacy and ethical concerns that such a policy would raise, the public choice theory may come into play when trying to understand why such a regulatory change will be difficult to achieve in the near future.