HSBC Admonished For API Fails In The UK

January 20, 2023
Back
HSBC has got into trouble with the Competition and Markets Authority for failures relating to the Retail Banking Order.

HSBC has got into trouble with the Competition and Markets Authority (CMA) for failures relating to the Retail Banking Order.

The UK’s competition watchdog has said that it found breaches of the Retail Banking Market Investigation Order 2017, confirming that the banking giant has now agreed to take action to “put things right for customers”.

The Retail Banking Order, which implements the reforms recommended by the CMA retail banking market investigation, was introduced to improve competition in the UK banking market.

According to the CMA, HSBC breached Part 2 of the Retail Banking Order, set out by the CMA by publishing inaccurate information, or not publishing the required information, through its Open Data APIs on more than 50 occasions.

The bank was made aware of its breaches in June 2022.

When approached by VIXIO, a spokesperson for HSBC said “we are sorry that some of our product information provided through our Read Only APIs did not fully reflect CMA requirements”.

“We notified the CMA as soon as we realised and have since taken steps to improve processes and to ensure up-to-date information is readily available through our Read Only APIs to avoid this happening in the future,” the spokesperson continued.

What happened?

A number of personal current accounts, business current accounts, and small and medium-sized enterprise lending products were affected, according to the CMA.

The incorrect information related to fees, charges and rates, as well as to eligibility criteria, features and benefits of accounts and loans.

These failures varied in the length of time the information was incorrectly published, with the longest lasting from 2017 and only being remedied last year.

“The failure to make accurate, comprehensive and up to date product and reference information continuously available through Read-only Open Banking APIs, or failure to release required information at all, may result in consumers taking decisions that they would not have taken if they had access to the correct information,” the letter says, which has been signed by Dipesh Shah, the CMA’s director for remedies, business and financial analysis.

An example is that third parties can use information from Read-Only Open Banking APIs to compare banks’ accounts and loans.

If the information is not accurate, or is not released at all, customers can have an incorrect or incomplete understanding of the products available to them.

Putting things right

Shah notes that HSBC is taking “proactive steps”.

For example, it will more clearly define responsibility for completion and oversight of the information to be published through open banking. This is intended to reduce the risk of actions falling on individuals who then move on or are absent.

Meanwhile, the bank has committed to improving control processes to check information before it is made available through open banking, and to check published information for errors so that they can be identified quickly.

It will also deliver training and guidance notes on the requirements of Part 2 of the order, including through written reminders and enhanced user guides.

Going forward, the CMA has said that it will be monitoring HSBC’s compliance closely.

Our premium content is available to users of our services.

To view articles, please Log-in to your account, or sign up today for full access:

Opt in to hear about webinars, events, industry and product news

To find out more about Vixio, contact us today
No items found.
No items found.