Hello Nigeria! – Rolling out Open Banking Capabilities (A KPMG Article)

By KPMG Nigeria

Our partner, KPMG, succintly lay out every thing you need to know about open banking in Nigeria in this article; Hello Nigeria! – Rolling out Open Banking Capabilities. This article describes open banking, identifies its key components for Nigeria and also highlights how the KPMG team intends to grease the wheels and assist the ushering in of this new dawn for Nigeria.

Imagine a world where your bank is not just a repository for your funds but a portal to a seamless financial utopia. Open banking, an ongoing revolution, securely shares financial data through secure APIs1, connecting banks as API providers and fintechs as API consumers. This initiative strives to transform financial ecosystems, prioritizing customer needs and welcoming new market players. Open banking is meant to be a precursor to the concept of Open Finance, a broader concept that extends beyond banking to the wider financial sector – including products, such as insurance, investments, and more.

Open Banking combines financial innovation with an unwavering dedication to safeguarding customer data. Transparency and consent guide data sharing, protected by advanced encryption. Rigorous risk assessments and continuous monitoring fortify against threats, while multi-layered authentication and vigilant analytics guard against fraud, ensuring secure customer data transmissions.

According to Statista, global Open Banking transactions reached $57 billion in 2023, with a projected increase in the coming years. The number of open banking API calls is expected to surge to 580 billion by 2027, reflecting the rapid expansion of services and their integration into diverse financial ecosystems, fostering innovation in products and services for customers.

Open Banking in Nigeria

In Nigeria, Open Banking aims to facilitate the sharing of customer data between banks and third-party firms, fostering the creation of efficient, transparent, and diverse financial solutions. The Central Bank of Nigeria, in February 2021, introduced a regulatory framework setting standards for API design, security, functionality, and data handling, enhancing integrated banking services while ensuring risk management and security specifications.

Building on this, in March 2023, the CBN released the guidelines for how open banking will operate in Nigeria. It also provides responsibilities and expectations for the various participants (the banks, third-party financial institutions, and customers) and ensures consistency and security across the open banking system. An outline of minimum requirements for participants is also provided, which stipulates safeguards for financial system stability under an open banking regime. For Nigerian consumers and businesses, moving forward with open banking means keeping the financial ecosystem safe and sound while empowering consumers with more choices. The following are early emerging use cases that can help inform a Nigerian-made template.

Payment Initiation Services: Open banking allows third-party providers to initiate payments directly from a customer’s bank account. This could be utilized for various purposes, such as e-commerce transactions, bill payments, and fund transfers.

Account Information Services: Third-party applications can access and aggregate a user’s financial data from multiple banks, providing a comprehensive view of their financial status. This can aid in budgeting, financial planning, and personalized financial advice for the customer.

Credit Scoring and Loan Services: With explicit user consent, third-party providers can access a customer’s transaction data to assess creditworthiness in a more ethical manner. This can facilitate faster and more accurate loan approvals, especially for individuals or businesses with limited credit history.

Business Treasury Management: For businesses, open banking can streamline treasury management by providing real-time access to account information and facilitating automated cash flow management.

A Nigerian-made Template for Open Banking

Despite a variety of use cases, implementations, and frameworks around the world, shared success factors have emerged. Some essentials for Nigerian stakeholders to consider include:

  • Standardization: create common rules for open banking participants, accreditation, and processes to allow third parties to adopt the technical specifications; ensure consistent adherence to central standards so there is no discrepancy in customer experiences in the market
  • Data Quality: for customers to want to adopt open banking, the data platforms need to be resilient and work reliably.
  • Data Security and Risk Management: The need to assess and enhance data security measures to protect customer information, and mitigate the risks associated with data sharing and API usage.
  • Technology Integration: Facilitation of the seamless integration of third-party solutions into existing systems.

Key Concerns for the adoption of opening banking in Nigeria  

Data Privacy Risk: The adoption of open banking in Nigeria introduces a transformative wave of innovation in the financial sector but also brings forth significant security challenges. One prominent concern is the potential mismanagement or misuse of customer data by third parties, raising serious questions about data privacy. The increased sharing of sensitive financial information between banks and third-party providers (TPPs) heightens the risk of identity theft and fraud, thus necessitating robust measures to safeguard consumer data and mitigate these risks.

Fraud Risk: Amidst the push for innovation, effective fraud management emerges as a critical pillar in maintaining the integrity of the open banking ecosystem. With the expansion of the network to include various players, such as TPPs, comes an increased susceptibility to fraudulent activities. From account takeovers to sophisticated phishing schemes, the risk landscape widens. Therefore, proactive measures such as real-time monitoring and stringent authentication protocols are essential for detecting and thwarting fraudulent attempts, thereby safeguarding consumers’ financial assets and trust in the system.

Third Party Risk: A KPMG Survey2 reveals that 100% of a group of CISOs and other information security stakeholders across 11 banks in Nigeria agree that the current third-party risk management practices within their organization will require improvement to effectively mitigate risks in Open Banking implementation. Third-party risk compounds the challenges of open banking adoption in Nigeria. Collaborating with TPPs to offer innovative financial services introduces vulnerabilities that must be carefully managed. Inadequate assessment of third-party security posture can expose banks and their customers to heightened cyber threats and operational disruptions. Proactive risk management strategies, such as rigorous due diligence processes and continuous monitoring, are indispensable for mitigating these risks and ensuring the security and stability of Nigeria’s open banking landscape. Striking a balance between risk management and innovation is crucial to harnessing the benefits of open banking while safeguarding against potential risks and vulnerabilities.

Open Banking Implementation – How KPMG Can Help

KPMG can assist organisations to unearth and deliver the power of open banking capabilities through different dimensions. A few of the collaborative opportunities as follows:

  • Maturity Readiness and Needs Assessment: Review of the organization’s Open Banking goals and potential challenges, ensuring a tailored approach to Open Banking that aligns seamlessly with the organisation’s vision.
  • Open Banking Strategy and Operating Model Design: Develop and optimise the organisation’s operating model covering governance, people, technology and processes to ensure and smooth operationalisation of the open banking regime
  • Customer Journeys and Product Design: Leverage tested practices to design effective and efficient customer journeys and provide input into the design of open banking products and services
  • Regulatory Compliance: Navigate the regulatory maze with purpose, ensure compliance with regulatory standards, guidelines and data protection laws, and by extension safeguard the organisation’s reputation and ensure customer trust.
  • Data Security: Prioritise data security risk with state-of-the-art measures to protect data and mitigate cybersecurity risks.
  • Solution Quality Assurance: As technology solutions power the open banking delivery, there is a critical need to ensure the quality of the Open Banking solutions (products, services and APIs) meet the critical functional requirements as well as relevant regulatory standards.
  • Continuous Improvement: Our commitment doesn’t end at deployment. We monitor performance, gather feedback, and optimize relentlessly, ensuring your open banking ecosystem evolves with agility and resilience.

In navigating the emergence of Open Banking in Nigeria, organizations must align with the Regulatory framework and guidelines, and adapt to meet business goals. Collaboration and innovation are crucial for success in a rapidly growing open banking market. KPMG understands the requirements and critical success factors required for delivery of open banking capabilities. The time to embark on this transformation journey is now.

Notes & References

  1.  APIs – Application Programming Interfaces are sets if rules and protocols that allow different software applications to communicate and interact with each other. APIs enable different software systems to interact and share data or services.
  2.  KPMG Survey – Navigating the Opportunities and Cyber Risks in Open Banking (2023) 
Close Bitnami banner