By Michael Magrath, Director of Global Standards and Regulations, OneSpan
In recent years, the UK has established itself as one of the world’s leading financial centers, with a strong heritage in financial services and technology. This heritage has helped it become a prominent player and top innovator within the fintech space, particularly when it comes to fostering pioneering startups.
Its technological prowess and ever-evolving regulatory landscape have played key roles in driving the UK forward. For example, technology has enabled business and personal financial transactions to be completed entirely remotely and in a secure manner, while regulations are encouraging strict compliance to better protect customers’ sensitive information.
The country’s leading position in the world of financial services doesn’t look like it’ll disappear anytime soon. In fact, several factors are helping the UK to propel it’s fintech industry even further, with a number of technology initiatives and regulations laying the foundations for a modern, secure, and competitive financial services ecosystem.
Regulations level the playing field
Better data privacy and protection practices have long been on the minds of regulators and the introduction of the second Payment Service Directive (PSD2) and General Data Protection Regulation (GDPR) set out greater focus on security and privacy than ever before. Since their inceptions, they’ve been replicated around the world. Combined with the pioneering initiative of Open Banking, the UK’s regulatory landscape has been breaking new ground for global markets to follow suit.
As a result, the UK has created a strong financial services ecosystem. For example, traditional banks are digitizing their services for more streamlined digital user experiences that can compete with many emerging challenger banks and other financial services through Open Banking. New regulations have largely contributed and ultimately reaffirmed the UK at the center of financial services globally.
The provisions of GDPR post Brexit shall remain since the UK government enacted the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 – which amends the Data Protection Act (DPA 2018) and merges it with the requirements of the EU GDPR. This is under the name,‘UK GDPR’. GDPR and the UK GDPR, are very similar so organisations that process personal data on UK citizens should continue to comply with the requirements of the EU GDPR.
Brexit impact on open banking
In July, the European Banking Authority (EBA) announced that eIDAS certificates of UK TPPs, required to access customer account information from account providers, or initiate payments, would be revoked when the transition period ends on 31 December 2020.
On November 3, 2020, The Financial Conduct Authority announced that it “will permit UK-based third-party providers (TPPs) to use an alternative to eIDAS certificates to access customer account information from account providers, or initiate payments, after Brexit. Firms must act to ensure they can continue to provide open banking services.”
Technology is driving competition
The emergence of digital only challenger banks over the past few years in the UK has triggered a number of major changes from their traditional banking counterparts and financial regulators. Now, due to the current climate amidst the ongoing pandemic, consumers are using less cash and digital channels have become the norm. The implementation of digital technologies and legislation has been accelerated, creating an increasingly competitive financial services market.
As a result, the main differentiators that banks and financial institutions (FIs) now depend on are the technological capabilities that their user experiences offer. But, baring the threat landscape in mind, digitization can’t be chased to the detriment of security. Banks need to source technologies that enable them to offer frictionless digital customer experiences while maintaining a strong security posture.
It’s clear that consumers today are more familiar with digital channels, which is why they now demand fully seamless experiences. Friction in the user experience can cause frustration and, in the digital environment we find ourselves in, it’s all too easy to switch to a competitor. The best approach for banks and FIs is therefore to create exceptional digital experiences. By focusing on security and implementing the latest technologies, banks can create platforms that are entirely seamless.
Technologies such as biometrics and risk-based authentication solutions are also growing in usage, helping banks to remove friction points and provide better customer journeys and onboarding processes. The increased level of competition today means technologies like these are vital for traditional banks and FIs in order to continue to compete and grow their customer base into the future.
Developing a secure digital identity
As the ongoing pandemic has continued to shift the focus towards digital financial platforms, secure identity verification has become a major talking point which is now receiving more attention than ever. The pandemic has emphasised the need for a secure central database that banks and other FIs could use to efficiently and securely verify that a customer, new or current, is who they say they are. Today, more digital identity initiatives are developing rapidly, with the UK government saying it will continue to consult on issues related to privacy and technical standards for secure digital IDs by driving legislation forwards.
The UK government is looking to these new initiatives to support the private sector by undertaking preliminary discussions related to the development of a standard identity verification system alongside the Her Majesty’s Passport Office . This would allow banks and FIs to be able to securely verify customers’ identification documents through a central database, significantly reducing the amount of time it takes to complete certain financial activities such as opening a new account. This is in a one-year pilot scheduled to conclude in July 2021.
Furthermore, the Cabinet Office has issued new guidance with next steps to be taken in the area of digital identity, “with plans to update existing laws and a new set of guiding principles for policy development”. As these discussions and developments mature into written laws, we’ll see an industry more capable of offering digital identities that allow individuals and organisations to do business in a more secure and seamless way, fit for the modern digital era. While the UK Cabinet Office is still involved, the government’s digital identity endevours have migrated to the Department of Culture, Media and Sport (DCMS) with “all hands” focused on the development of a UK-wide Trust Framework for Digital Identity that can be used across both public and private sectors.
The nature of upcoming and newly introduced regulations, highlighted in the latest Global Financial Regulations Report, demonstrate the UK remains at the pinnacle of financial services around the world due to its involvement with modern regulatory standards as part of the EU, and thanks to the pioneering products and services offered by the UK’s challenger banks and FIs. Today, we again see the UK innovating with modern technologies to offer better services and customer experiences, supplemented by regulations that are driving the industry beyond the norm for the rest of the world. As we have seen with legislation such as GDPR, UK GDPR and PSD2, new regulations that work towards improving the security of customer data and the processes with which financial activity is undertaken, other countries and regions will continue to look to the UK to set an example.