FDX Background
ForgeRock is a longstanding member of the Financial Data Exchange. FDX started life four years ago, cleaved from FS-ISAC as an open financial API organization for the US – think open banking and, more broadly, open finance. It has since grown to cover Canada and Brazil, and has global ambitions. 42M global consumer accounts involve FDX to date. Adoption of its API is entirely market-driven in the US so far, and international banking associations have not yet taken much notice of it. But it would be an interesting standardization target for new US regulations anticipated in mid-2023.
The fall FDX Global Summit, its first held in person post-pandemic, had the theme Adoption Is Now! Enhancing Revenue, Relevance, and Reputation.
FDX Summit Key Takeaways
While I can’t share any confidential details from the Summit, here were some of my takeaways:
- FDX Is Doing Things Right: At least from the perspective of industry intention and professionalism, these folks are pumping out APIs like there’s no tomorrow, and big players are using them. Their governance structure grinds slowly but is well designed and they are becoming highly respected.
- US Regulations: Keep an eye out for a new CFPB rule expected in 2023 related to open banking. This would be big, since to date the US activity around open banking has been market driven, vs. the more mandated worlds of the UK, the EU, and Australia.
- OAuth!: OAuth (and, by extension, FAPI) is hugely valuable and very popular.
- APIs!: Ditto.
- Open APIs!: Ditto, particularly their implications as a new business channel vs. just a technology.
- Finance vis a vis Healthcare: Maturity of open API usage and business innovation in the US finance world is starting to meet and even exceed healthcare’s open API world of HL7 and FHIR.
- Consent Infrastructure: While the finance APIs are sector-specific, the consent structures suggest universal solutions. Permissions need to be a first-class, automatically auditable object.
- Privacy Regulations Are Moving Up and Out: This trend nicely confirms ForgeRock’s belief in “no data about you without you”. Privacy regs are more than ever about control, choice, autonomy, and consumer protection.
This is particularly exciting as financial enterprises the world over begin to take increasing interest in how FAPI-grade custom APIs can help them drive new revenue streams through secure, streamlined, and scalable experiences beyond simple retail banking use cases. Being able to build, test, and deploy such APIs at pace is becoming more important than ever, and will continue to rise up digital agendas as FDX engagement continues to grow.
If you’d like to learn more or share your thoughts, reach out in the CTO Lounge! And don’t miss the posts in Secure API Gateway for Open Banking (SAPI-G).