An operational guidelines for open banking in Nigeria has been released by the Central Bank.
The guidelines were conveyed in a circular signed by Musa Jimoh, Director of Payments System Management Department at the apex bank.
The CBN also stated that while it would provide and maintain an Open Banking Registry (OBR) for the industry, it will be a public repository for details of registered participants.
The OBR would be maintained for the purpose of providing regulatory oversight on participants, enhancing transparency in the operations of open banking and ensuring that only registered institutions operate in the ecosystem.
It read;
“The adoption of Open Banking in Nigeria will foster customer permissioned data between banks and third-party firms to enable the building of customer-focused products and services.
“It also aims to enhance efficiency, competition and access to financial services in Nigeria.
“All stakeholders are required to ensure strict compliance with the guidelines and all other regulations, as the CBN continues to monitor developments and issue guidance as may be appropriate.
“Entities participating in Open banking shall be categorised based on the following roles. Participants shall assume a role depending on the services:
i. API Provider (AP): This refers to a participant that uses API to avail data or service to another participant. An API Provider can be a licensed financial institution/service provider, a Fast-Moving Consumer Goods (FMCG) Company or other retailers, Payroll Service Bureau etc,” the apex bank said.
“ii. API Consumer (AC): This refers to a participant that uses API released by the (API) providers to access data or service. An API Consumer can be a licensed financial institution/service provider, an FMCG or other retailers, Payroll Service Bureau etc.
”iii. Customer: This refers to the data owner that shall be required to provide consent for release of data for the purpose of accessing financial services.
“Each participant shall be identified by its CAC business registration number, which shall be the unique key across the OBR system.
“The OBR shall maintain an API interface, defined within these guidelines, which shall serve as the primary means by which API (Application Programming Interface) providers manage the registration of their API consumers.”
Bank Customers will be required to provide explicit consent for the use of their data and it must be obtained in the same form the agreement was presented. A copy of the consent of the customer shall be made available to the customer and preserved by the participant.
The Open banking which allows sharing of financial information electronically, and securely when the customers approve of it, also enables third-party developers to build applications and services around the financial institution, particularly the banks that hold customer data.