On Jan. 3, 2020, the California Consumer Privacy Act (CCPA) went into effect, ushering in the strongest consumer data protections in the U.S. With the General Data Protection Regulation (GDPR) and the revised Payments Services Directive (PSD2) humming along in Europe, open banking is overtaking the financial world just as consumer data law gets muscular.
While the new regulations are creating uniformity and fostering trust, small differences between markets continue to present opportunity. Turkey is a prime example, being a major proving ground for the region’s FinTechs and open banking hopefuls. Part of Turkey’s allure is that while it’s not an EU member state and therefore not compelled to implement all of PSD2, Turkish financial institutions (FIs) did so anyway, adopting the standard on Jan. 1, 2020. It makes sense, considering Turkey adopted PSD1 (the EU’s original open banking scheme) five years ago. Turkish FIs have also been able to learn as their European neighbors worked out PSD2 kinks.
For these and other reasons, Turkey offers unique insights into the new open banking terrain. The latest Merchants’ Guide to Navigating Global Payments Regulations from PYMNTS explores the opportunities and hurdles facing Turkish FIs and FinTechs.
The Kismet of Open Banking
When the Central Bank of the Republic of Turkey (CBRT) adopted PSD1 five years ago of its own accord, some Turkish FIs were perplexed. They aren’t any longer, as the wisdom of that move has become clear. In Turkey today, “You can open your accounts [at Turkish banks] in several minutes, or you can [use] online banking through your phone or computer, and you can have your account opened in one minute like you are dealing with a challenger bank,” said Soner Canko, CEO of Turkish bank consortium Bankalararasi Kart Merkezi (BKM).
Observing the war of attrition between legacy FIs and challenger banks in places like the U.K., Canko believes Turkey pulled ahead early on, avoiding much of the implementation pain being felt elsewhere. By letting the EU hammer out PSD2 first, Turkey can enjoy what Canko terms a “latecomer advantage” with the standard.
Ironically, the CBRT’s early embrace of PSD1 gave legacy FIs an advantage over FinTechs that have to try harder to find niches to exploit in a surprisingly robust and versatile national banking system. And there are other barriers, too.
An interesting feature of the Turkish banking system is that while it implemented PSD1 and PSD2, it was not compelled to enact strong consumer authentication (SCA). At this point, the system still has not, as Turkey’s EU outsider status allows them to sidestep SCA for now.
Turkish FIs and FinTechs seem pretty okay with all of that. Their concerns lie with foreign competitors – especially Chinese players like Alipay and WeChat – entering their lucrative and well-ordered markets with aggressive promotions and newer mobile banking experiences.
A New Cradle of FinTech Civilization
Not content to cede an early lead, Turkish lawmakers have called for the creation of the Union of Payment and Electronic Money Institutions of Turkey, under the CBRT’s direction. Movers and shakers including Burhan Eliaçık, the president of Turkey’s Payment and Electronic Money Association (ÖDED), applaud the action and foresee Turkish FinTechs having billion-dollar valuations within three years.
Merchants are on the front lines of this change, requiring the infrastructure and wherewithal to manage services like instant payments and buy now pay later services. Monitoring compliance across a series of stringent new banking directives also looms, but the uptake of identity engine solutions using advanced data validation is accelerating open banking momentum in Turkey.