# MI Data Reporting Requirements
# 1. Purpose
The purpose of this document is to provide a consolidated view of the MI provision requirements for ASPSPs participating in the Open Banking Ecosystem focusing on errata fixes based on tickets raised by participants and Trustee actions.
This MI is required under the CMA Order. Therefore, this MI is to be submitted to Open Banking Implementation Entity (OBIE) by the CMA 9, to meet the provisions of Schedule 1, Article (2) (j) of the CMA Order, so as to enable the OBIE Trustee to "monitor compliance by the Providers with the Order".
Under the CMA Order, the MI will be used to help the Trustee and the CMA to: (1) understand the success and take-up of the Open Banking service, (2) confirm ASPSPs are meeting their MI obligations with the requirements in the CMA order and (3) understand usage patterns for potential future product development.
With the development of the Open Banking standards in line with the Open Banking Roadmap, there is an introduction of additional API functionality to deliver the new capabilities. Thus, the v3.1.8 MI requirements for the CMA9 must be extended to cover the new functionality supported by each ASPSP and the additional metrics required for monitoring the adoption of these propositions.
# 2. Not in scope of this paper
The paper does not cover the following:
- Data quality
- Monitoring of fraud
These items will be addressed either at a later date and/or via a separate activity.
# 3. Adoption Management
In order for OBIE to be able to monitor the adoption of the Open Banking services in the ecosystem and take necessary actions as appropriate, it is vital to measure the usage of the Open Banking APIs. Monitoring the adoption has multiple aspects:
Monitoring the availability of the APIs to ensure compliance with the CMA Order (section 14.1 "continuously available").
Monitoring the volumes of the various API calls. This allows OBIE to measure the total volumes of each of the OBIE services offered by each ASPSP (including mandatory and optional) and the growth rate of these volumes so that OBIE can identify which services are being adopted by PSUs for the whole of the ecosystem and for each ASPSP individually. All the endpoints supported by the OBIE specifications need to be included so that all propositions are monitored. Please note that where ASPSPs have implemented both optional and mandatory endpoints, provision of MI for optional endpoints is important to understand the utilisation and performance of these endpoints.
Monitoring the efficacy of redirection and decoupled models. Understanding the success rates of the redirection and decoupled models introduced by OBIE standards is critical to the successful adoption of the Open Banking services in the ecosystem. These figures will highlight if further enhancements may be required to the customer journeys.
Monitoring the number of TPPs onboarded for Open Banking with each ASPSP and the number of TPPs de-registered (churn). This is currently covered by the MI requirements for v1 and provides OBIE with a TPP adoption growth rate both for the whole of the ecosystem and by each ASPSP individually.
Monitoring the PSU Adoption of Open Banking services and the intensity of their usage.
Based on the above, OBIE can apply product management methodologies and make informed decisions on the life cycle of the APIs.
# 4. High-Level requirements
The high-level requirements for MI include:
- Modifications to existing v3.1.8 MI to include:
- Additional clarification or errata updates reported by internal review and/or external stakeholders.
# 5. Regulatory and Legal Considerations
The CMA Order contains the following points in relation to MI reporting:
Schedule 1, Article 2(j), states that it is the responsibility of the OBIE Trustee to "monitor compliance by the Providers with the Order".
Article 14.1 states that Providers must make up to date PCA and BCA transaction data sets continuously available without charge, for read and write access in accordance with the relevant provisions of the Read/Write Data Standard.
The Trustee letter of 10th July 2018 to the CMA, section 2.1.6 states the requirement for ongoing monitoring of the implementations with particular metrics including API availability and customer experience.
One of the ways by which OBIE is enabling the Trustee to monitor compliance is through the provision, by the API providers, of MI on the utilisation of their Open Banking APIs.
Moreover, the provision of MI has been contractually agreed by ASPSPs enrolling into Open Banking.
# 6. Considerations
# 6.1 Constraints
- N/A
# 6.2 Reference documents
- N/A
# 6.3 Assumptions
- The implementation dates of the v3.1.9 MI Requirements for ASPSPs will be in alignment with the implementation dates for v3.1.9 of the OBIE Standards.
# 6.4 Dependencies
- N/A
# 7. Appendix
# 7.1 Detailed Product Requirements
These are stated as requirements of the OBIE solution to enable support for key customer use cases. Requirements marked as 'M'(Must) are in the scope of the OBIE solution. All other requirements are listed for future consideration. The final column indicates whether each requirement is 'mandatory', 'conditional' or 'optional' for implementation by ASPSPs and/or TPPs. These terms are defined here: Categorisation of requirements for standards and implementation.
# 7.1.1 Errata fixes based on Jira Tickets
| ID | Jira Ticket |
|---|---|
| 1 | Jira ticket OBSD-23371: MI Specification Query Reported by HSBC Clarification on inclusion of ‘AcceptedCreditSettlementCompleted’ under Tab5, Payment Adoption #5, Successful single Domestic Payments. |
| 2 | Jira ticket OBSD-23882: MI Specification Query Reported by HSBC Tab5, Payment Adoption #5- Successful single Domestic Payments #8- Single Domestic Payments Rejected |
| 3 | Jira ticket OBSD-23405: MI Specification Query - Tab 7 Reported by HSBC Additional clarification on Daily Volumes #9 - API Calls Rejected Status and #11 - API Calls Not Authorised by PSU. |
| 4 | Jira ticket OBSD-23390: MI Specification Query Reported by HSBC Tab 4A - Enhanced PSU Adoption, #5 - Active PSUs Additional clarification on definition of active PSU with examples. |
| 5 | Jira ticket OBSD-23818: MI Specification Query Reported by HSBC Tab 4B - PSU Consent Adoption, #6 - Long-lived consents - Outstanding consents BoP |
| 6 | Jira ticket OBSD-24107: MI Specification Query - Tab 4b Reported by HSBC Tab 4B - PSU Consent Adoption, #7 - Long-lived consents - Revoked consents Additional clarification on revoking consent. |
| 7 | Jira ticket OBSD-23817: MI Specification Query Reported by HSBC Tab 4B - PSU Consent Adoption, #6 to #13 Errata fix to include CBPII consents or provide claritication. |
| 8 | Jira ticket OBSD-24798: v3.1.8 VRP MI Auth Efficacy Reported by Natwest Not able to identify between VRP and SIP in PIS calls and hence removed Updates to Tab 3- Auth Efficacy MI Removed API-Type = PIS- VRP |
| 9 | Updates to Tab 7- Daily Volumes Updated example flow diagram |
| 10 | Update Updates to Example template to reflect all above changes |
# 8. Version control
| Version | Date | Authors | Comments |
|---|---|---|---|
| V0.1 | 13 Aug 2021 | API Delivery Team | Initial draft for Industry consultation |
| V0.2 | 20 Oct 2021 | API Delivery Team | Updated to remove Auth efficacy changes prior to TDA approval- TDA Decision 240 |
| V0.2 (Final) | 16 Nov 2021 | API Delivery Team | Draft2 to Final, after IESG approval |