At the heart of every open banking system, customer consent isn’t just a technicality. It’s the cornerstone of the entire system. Open banking depends on customers authorizing their banks to share their financial data with third-party providers like fintechs and other banks. APIs facilitate this data sharing, which must happen programmatically and, most importantly, with the customer’s informed consent.
In Nigeria, the Open Banking Consent Management System (OBCMS) is the technological platform from which this consent is given. The Nigeria Inter-Bank Settlement System (NIBSS) operates the system for the Central Bank of Nigeria (CBN) and participating banks. Uniquely, the OBCMS uses the Bank Verification Number (BVN) to verify end-user identities when they grant consent.
While many countries implement consent management at the individual bank level, Nigeria has taken a different route. Supported by the CBN, Nigeria’s approach centralizes consent through the BVN, a robust identity system designed to unify customer data across the financial ecosystem. By extending its use to open banking consent, Nigeria leverages a system proven effective in managing customer identities.
Spotlight read: Open Banking explained in 60 seconds
The BVN is one of the most successful technological implementations within Nigeria’s financial sector. Since its introduction in 2014, it has been pivotal in reducing fraud, simplifying customer verification processes, and improving financial inclusion. Its application in open banking consent management is a natural extension of its capabilities, providing a single, unified method of identity verification that can streamline consent processes across all banks and financial institutions.
Additionally, NIBSS operates the Industry Customer Account Database (ICAD), a centralized system that gathers and maintains account information from all banks across the country. It plays an essential role in ensuring that banks have accurate and up-to-date customer data, which is important for everything from verifying customer identities (KYC) to detecting fraud. This system will also be implemented for the Open Banking Consent Management System.
But is using BVN as a centralized approach a good thing? Let’s consider the pros and cons below.
Spotlight read: Why Open Banking and what’s in it for Banks in Nigeria?
Pros of using BVN for Open Banking Consent Management System (OBCMS)
The adoption of the Bank Verification Number (BVN) for the Open Banking Consent Management System (OBCMS) offers several advantages. Some of these include:
Comprehensive customer identification
The BVN system already captures extensive customer data, including biometrics, photographs, phone numbers, addresses, and gender. This rich dataset ensures that customers are accurately identified, reducing the chances of errors or fraud in the consent management process. The thoroughness of the BVN infrastructure provides a solid foundation for verifying customer identity across all banks and fintechs involved in open banking.
Centralized consent management for uniformity
Imagine if each bank had its way of asking for your permission to share data. It could get confusing and frustrating. With a centralized system linked to your BVN, the process is the same every time you need to give consent, no matter where you bank. This consistent approach simplifies your experience and builds trust, as you know exactly what to expect each time. After all, a decentralized system goes against the tenets of open banking, where uniformity and standardization are the watchwords.
Efficient issue resolution
Think of it like this: if a glitch pops up in the consent system, it’s much easier to fix when there’s just one system to manage. Instead of each bank fixing issues individually, one update can resolve them for everyone. This spares you, the customer, from headaches and ensures quick and consistent problem resolution across the board.
Simplified customer onboarding and verification
Since the BVN is already a requirement for bank customers in Nigeria, integrating it into the OBCMS simplifies the onboarding process for new fintech services. Customers won’t need to repeatedly verify their identity for each new app or service. This reduces hassle for customers, builds their confidence in consistent data handling, and makes embracing open banking easier.
Regulatory trust
Using BVN in OBCMS aligns with Nigerian regulations and ensures customer peace of mind. Knowing that trusted authorities like the Central Bank of Nigeria (CBN) oversee the consent management system makes the process feel safer and more transparent. Customers can trust their data is handled responsibly and see who has access, making them more comfortable with open banking.
Spotlight read: How Open Banking in Nigeria will work in 2024
Cons of using BVN for Open Banking Consent Management System (OBCMS)
While the use of the Bank Verification Number (BVN) for the Open Banking Consent Management System (OBCMS) in Nigeria has its advantages, it also presents several challenges. Some of these include:
Single point of failure
Imagine putting all your valuables in one bag—if you lose the bag, you lose everything. That could happen with open banking in Nigeria, as the reliance on a centralized system like NIBSS can introduce significant risk. If NIBSS experiences downtime or technical issues, the entire open banking ecosystem could be paralyzed. Open banking would have no Plan B, unlike money transfers with multiple routes (e.g., NIBSS, Interswitch, eTranzact). Any disruption at NIBSS could halt all open banking activities without alternative pathways for managing customer consent.
Potential stifling of innovation
A centralized consent management system may inadvertently limit innovation within the open banking ecosystem. If NIBSS controls the entire process, it could discourage other entities from developing alternative methods for “running open banking”, particularly those that could offer enhanced user experiences or more efficient processes. This monopoly on consent management might stifle creativity and reduce the competitive pressure to improve services.
Vulnerability to cyberattacks
A centralized system also presents a more attractive target for cybercriminals. If NIBSS, which manages both the BVN and OBCMS, were to be compromised, the entire banking sector’s security could be at risk. The concentration of sensitive data in one location makes it a high-value target, potentially exposing millions of users to identity theft, fraud, and other malicious activities.
Privacy concerns
Centralizing consent management under NIBSS, with reliance on BVN, could raise concerns about data privacy. The BVN already holds extensive personal information, so adding consent data raises the risk of misuse or unauthorized access. If not managed with strict data protection measures, this central repository could become a source of privacy violations. People want assurance that their personal information is safe; mishandling could erode their trust in the system.
Overdependence on BVN
While the BVN system has been robust, overreliance on it for open banking could create bottlenecks. Originally for identity verification, the BVN may show limits in scalability, speed, and accuracy when used for open banking consent management. Flaws or inefficiencies in the BVN system could cause delays or errors in processing consent across the entire open banking ecosystem.
Spotlight read: The role of Fintechs in Nigeria’s Open Banking ecosystem
BVN in the spotlight
The Open Banking Consent Management System activates only at key moments, not with every transaction. It steps in quietly when needed, carefully handling your data.
Given the BVN’s track record in safeguarding customer identities, using it for this purpose feels like a natural choice. So, yes, leveraging the BVN for OBCMS seems like a smart and reassuring step forward for everyone involved. For updates on the latest in open banking in Nigeria, details on membership opportunities, or participation inquiries, you can contact the dedicated OBN team at [email protected].