The U.K.’s Competition and Markets Authority (CMA) has found HSBC breached its open banking order.
The breach in question relates to the Retail Banking Market Investigation Order 2017, which paved the way for open banking in the U.K. by mandating the country’s nine largest banks to make account information available to authorized parties through application programming interfaces (APIs).
In a letter to HSBC published on Wednesday (Jan. 19), the CMA said that HSBC failed to publish the required information, or published inaccurate information, on more than 50 occasions between 2017 and 2022.
Personal accounts, business accounts and small- to medium-sized business (SMB) lending products were affected by missing or inaccurate information related to fees, charges and rates, as well as to eligibility criteria and features and benefits of accounts and loans, the CMA said.
The regulator noted that the failure to make accurate, comprehensive and up-to-date account information available through open banking APIs may have resulted in consumers taking decisions that they would not have taken if they had access to the correct information.
While the CMA will not be taking any enforcement action as HSBC has already remedied the failures and committed to staff training to help ensure similar breaches aren’t repeated, the letter sours what should be cause for celebration within the U.K.’s open banking ecosystem.
As PYMNTS reported Friday (Jan. 13), the CMA has announced that the country’s six largest banks, including HSBC, have completed the open banking roadmap that it laid out to implement the requirements of the 2017 order.
With just three banks out of the so-called “CMA 9” yet to fully apply the regulator’s requirements, the conversation is moving on to the question of what is next for open banking in the U.K.
In anticipation of that future, the CMA and other regulators have outlined their vision for the next stage of open banking, including a plan to retire the Open Banking Implementation Entity (OBIE).
However, that hasn’t stopped some FinTechs from criticizing the regulators for a lack of clarity and direction.
In a letter to the Financial Conduct Authority (FCA), a group of British FinTech firms including Monzo, Moneyhub and Wise said that the regulators’ action so far “did little to assuage our concerns that the integrity and potential of open banking is at risk” and called for them to publish “clear directions and timelines for the continued enforcement of Open Banking in 2023 and beyond as a matter of urgency.”
For all PYMNTS EMEA coverage, subscribe to the daily EMEA Newsletter.