Ben Isaacson is the SVP Product Strategy at The Clearing House (TCH), responsible for its Connected Banking initiatives, which are focused on creating standardized protocols and efficient, secure solutions to improve the information sharing processes between financial institutions and FinTechs. Ben has more than 20 years of experience in banking and payments, including companies such as Cross River Bank, J.P. Morgan Chase, and MasterCard.
In recent news, The Clearing House announced that they helped launch the Streamlined Data Sharing Risk Assessment, provided by TruSight and KY3P® by IHS Markit to “facilitate the migration path from the current way data is being shared, through screen scraping, to an API-based way of sharing data.”
Ben Isaacson joined FISPAN’s Clayton Weir on the If I Ran the Bank podcast to dive deeper into the announcement that will change the way due diligence is conducted across the financial industry.
Don’t miss this episode with Ben Isaacson, listen below.
Connected Banking vs. Open Banking
Ben Isaacson leads connected banking at TCH, a consortium owned by 24 of the largest banks in the country, providing market infrastructure and other services. With a focus on payments, they “move about $2 trillion a day through wire services, ACH services, and increasingly real-time payments.”
TCH is where banks come together to solve and address industry issues that affect all financial institutions.
Open banking and connected banking are very similar. Just like open banking, connected banking focuses on data sharing between banks and financial apps. “We call it connected banking because it is our belief that in order to be effective and ultimately scale to its potential, it requires technical, legal and risk collaboration between the parties,” said Isaacson.
Connected banking looks at how to take the best-enabled services, like the thousands of apps that users use every day, and make that into a model that is ultimately safe, sound, and scalable for everybody.
Open Banking in the United States
In most markets around the world, government regulations have been at the forefront of open banking, “but in the United States, there's competitive pressures and reasons that banks, FinTechs, and others involved in this ecosystem have forced the market towards more openness or aspects of connectedness without the guiding hand of the government,” said Weir.
In many areas, the US has been more private-sector driven, but Isaacson argues that the US may have had open banking 20 years ago when companies like Yodlee began successfully screen scraping and acquiring data from bank accounts without actually having to go to the bank. Meaning, the same innovation that has been driven by those government regulations in other markets has been happening in the US private sector for the last 20 years.
Businesses like Venmo, Plaid, Wealthfront, and Sellfy wouldn’t be possible without screen scraping. They were all driven on screen scraping which is evidence that when you get access through open banking, you can build very compelling and creative applications for people.
On the other hand, you have companies like Plaid who have stated 25% of people in the United States with bank accounts have connected to them through one of their applications, which means they have access to login credentials and data for over 25% of the countries bank accounts. This is an unregulated institution with more bank data than the two largest banks in the country combined. From a safety perspective, there’s an opportunity for a better model.
What is screen scraping?
When you log in with your credentials for online banking, the vendor stores your credentials in their database. Later, they log into your online baking portal on your behalf and they gather information, store it, and then charge money for every developer that needs that data for their app.
The usage of screen scraping became more popular in the post-financial crash, like the FinTech revolution. As the number of logins increased, it became a hassle for banks on the server-side, where at 2:00 am in the morning, there were now millions of bots logging into bank portals to check balances.
Banks addressed this by blocking IP addresses, but then they would receive service calls complaining that some applications (like Mint.com or Zelle) aren’t working because the connection's been broken on the authentication side. Banks had to start working with aggregators to give them more structured, reliable access to data. Now, the larger banks tend to have non-screen scraping data-sharing connections with these aggregators.
“While there have been API-based data sharing agreements, typically between the largest banks and the largest data aggregators, it's still really uneven”, said Isaacson. While you may have seen an announcement of a data-sharing agreement, that doesn't mean that it’s all-encompassing or that it has been implemented yet. These agreements might not cover every use case or every piece of data, and there are very few banks that have done this at scale. “I would argue that the industry is making progress on those agreements”, said Isaacson, adding “we would like to see it accelerated.”
How does The Clearing House improve data sharing processes in the industry?
The Clearing House, under their connected banking program, is looking at how to unlock all the barriers to adoption at scale of API-based data sharing. TCH is a founding member of the financial data exchange, “which is an API-based standard body for data sharing that includes many of the largest banks, data aggregators, and users of the financial data working together to create a standard,” said Isaacson.
“With 10,000 banks and thousands of FinTechs, if you don't have a common API standard, then every new implementation becomes a new build,” said Isaacson, adding “we just don't think that's ever going to scale.”
TCH is also looking at how to accelerate the growth of technology in this space. Through investing and facilitating in companies like Akoya, TCH contributes to data-sharing network technology. “We believe that the best way for the industry to scale is, rather than having thousands of banks trying to individually connect with thousands of FinTechs, you have a common place where with one connection, you can have access to everyone,” said Isaacson.
If a bank connects to a company like Akoya, then a FinTech or data aggregator that’s also connected to them can get access to the bank’s data. In this way, instead of making thousands of connections, FinTechs and aggregators only have to make one. “We were an early investor and facilitator in Akoya along with 11 of our owner banks, and Fidelity Investments,'' said Isaacson, “and we spun out Akoya to be that data sharing network.”
Lastly, TCH looks at how to get through the bank risk requirements. It's important for a data-sharing agreement and a regulatory requirement that banks do due diligence on any party they partner with. Through this process, “banks are sharing their customer data, a lot of which is personally identifiable (PII), with potentially thousands of different parties. These would be considered high-risk partners,” Isaacson said. But how do they do that in a scalable way? There are hundreds of banks all trying to do their own risk reviews on FinTechs and data aggregators and it’s not feasible for either the FinTech, data aggregator, or the bank.
“What we have been working with, and what we announced in collaboration with TruSight and KY3P®, is a service where FinTechs can go through a common risk review,” said Isaacson.
Once FinTechs have gone through the Streamlined Data Sharing Risk Assessment, it can be shared with any bank they’re trying to do business with. Banks will have all the information they need to make their risk decision. “All of a sudden, something that has historically taken six months at a time can be done in a week, and it doesn't require significant work from the party being evaluated to complete it,” said Isaacson.