In my last piece, I explored the forthcoming relaxation to the 90-day bank authorisation rule, set to be introduced from March 2022.
While the announcement is a positive step, it is unclear when banks will make the necessary adjustments as the timeline of changes is likely to differ across banking providers.
Despite this, accountants should still welcome these changes, as having the authority to consent to data flowing will remove bottlenecks from account filings and overcome security issues from sharing logins.
Patchy roll out
If we go back to the beginning in January 2018, when Open Banking was first mandated for the CMA 9 banks, many readers will recall that several providers delayed their APIs being ready in time. Barclays, Bank of Ireland, RBS and HSBC, among others, were given an extra six weeks to prepare. Additionally, Cater Allen (owned by Santander) missed the deadline by a year, due to needing to rebuild their IT systems.
We will likely see the relaxation of the 90-day reauthentication rule being similarly patchy, so accountants should manage their expectations about when to expect these changes. The FCA guidance asks banks to make changes ‘as soon as practical’ from March 2022 but at present, there does not appear to be a hard deadline for when this must be enacted.
There are currently around 100 banks with some level of Open Banking connectivity in the UK, and we may see a more enthusiastic rollout from the non-CMA 9 challenger banks, which have incorporated Open Banking voluntarily. As many clients won’t take an interest in these changes, it may be worthwhile for accountants to monitor the different implementations by different providers. We will provide updates on this for you in the future.
In the short term, this may lead to a frustrating hybrid experience for accountants, with a mix of banks that have and have not adopted the new rules. This may make assignments confusing for accountants and their clients as it will be hard to standardise workflows related to accessing bank feeds, but while this means the changes may get off to a bumpy start the disruption will be worth it for the long-term efficiency gains.
Smoother experience
There has been no clear guidance on how changes will take place. It is possible that the Third Party Providers (TPPs), such as Armalytix, Xero and QuickBooks that connect to banks will be responsible for managing the process of delegation. If so, this will create a smoother experience for accountants allowing them to streamline their processes by not having to go back and forth between banks and their accounting software and re-entering multiple login details.
Tasnim Mustafa, founder of Barnes & Scott, a firm specialising in tech startups, thinks this is a vast improvement on the current authentication rules.
He says: “If we’re in control and the authentication can be delegated to other team members in a secure manner this would be positive. I’d just be mindful that data wasn’t lost during the authentication taking place. If this removes the existing pain points we’d be happy.”
Changes can keep the data flowing
Under the current authentication rules, many firms experience frustrations from delays and difficulties in client bank feeds needing to be authenticated every 90 days. These can take several days to fix, even with the help of customer support from leading accounting platforms.
This can be a barrier to completing day-to-day bookkeeping and is particularly stressful when data is needed for time-sensitive statutory requirements such as quarterly VAT returns.
With MTD for ITSA on the horizon, accountants’ lives will be made a lot easier if banks make the changes in time.
Bobby Lane, CEO of Factotum, a practice providing businesses with a range of outsourced back-office services including accounting, says: “The planned changes will mean that we can do what Open Banking was meant to do and increase the efficient flow of information between systems without added frustrations. This will also reduce the risk of missed transactions and outdated information.”
Overcoming security concerns
The authentication change fulfils one of the core remits of Open Banking - to provide more secure data sharing by removing the thorny issue of clients putting their accountants in a problematic situation by sharing their bank login credentials with them.
Not all banks provide read-only access to advisers, so some smaller firms may get around this by login details being passed across to them by their clients. The relaxation should remove this issue and enhance security for all parties.
So what does this all mean?
The end goal of the relaxation of authentication is a positive one, and the importance of data being able to flow freely will become heightened as the MTD roadmap accelerates.
The Open Banking Implementation Entity (OBIE) are soon due to open a consultation on how the planned changes will take place, and accountants should get in touch with them to provide their input.
Next time, we’ll look at what’s actually happening with the proposed authentication changes.
