Open Banking Concept
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Creating an <strong>Open</strong> <strong>Banking</strong> Framework for Canada<br />
<strong>Open</strong> <strong>Banking</strong>’s accreditation process is likely to involve many of<br />
these same players, so it is important that the RPOF and <strong>Open</strong><br />
<strong>Banking</strong> regime are co-developed. This would help prevent<br />
the creation of conflicting and overlapping legislation and<br />
optimize the allocation of resources and responsibilities across<br />
regulatory bodies.<br />
What data and level of<br />
access are data<br />
recipients provided?<br />
What access rights do data recipients have<br />
(e.g., read vs. write)?<br />
There are two types of access that data recipients could<br />
be granted:<br />
Write access: Allows data recipients to make modifications<br />
to customers’ financial data held by other institutions;<br />
this would enable additional use cases such as payment<br />
initiation, account opening/closing, and changes to<br />
information (e.g., change of address) performed by the<br />
recipient on behalf of the customer<br />
..<br />
Read access: Allows data recipients to obtain copies<br />
of customers’ financial data; this supports use cases<br />
such as data aggregation.<br />
..<br />
Write access: Allows data recipients to make<br />
modifications to customers’ financial data held by<br />
other institutions; this would enable additional use<br />
cases such as payment initiation, account opening/<br />
closing, and changes to information (e.g., change of<br />
address) performed by the recipient on behalf of<br />
the customer.<br />
Write access enables many additional use<br />
cases, but it would also present several new<br />
complexities:<br />
on their behalf. This may threaten the safety and<br />
soundness of the financial services system and the<br />
risk posed by a breach, and would require a longer<br />
timeline to implementation to allow data generators<br />
sufficient time to build the more complex systems<br />
required to allow for third-party write access<br />
..<br />
Other concurrent efforts (e.g., Retail Payments<br />
Oversight Framework, Payments Modernization) have<br />
some overlap with certain write access functions (e.g.,<br />
payments initiation); the inclusion of such elements<br />
in the scope of an <strong>Open</strong> <strong>Banking</strong> system would<br />
require extra coordination to minimize duplicate and<br />
contradictory guidance.<br />
Precondition: Canadian Payments<br />
Modernization<br />
<strong>Open</strong> <strong>Banking</strong> is being contemplated at the same time<br />
that Payments Canada is leading modernization efforts<br />
for Canada’s two primary payments systems, the Large-<br />
Value Transfer System (LVTS) and the Automated Clearing<br />
Settlement System (ACSS). LVTS will be replaced by Lynx,<br />
a high-value payments system that will process payments<br />
in real-time with settlement finality. ACSS will be replaced<br />
by the Real-Time Rail (RTR) system and the Settlement<br />
Optimization Engine (SOE) system.<br />
..<br />
Write access introduces a number of security<br />
concerns, as data recipients would be able to make<br />
changes to customers’ accounts and move money<br />
9.