Comment: Aggregation Providers Don't Yet Have It Together

Most people are taught at least three basic rules of safety: Don't talk to strangers, don't run with scissors, and don't give anyone your password. Account aggregation breaks two of these rules.

Because issues of privacy, security, and accountability arise with account aggregation, its adoption rates are low. Also, most consumers are waiting for additional value manifested in new services, such as funds transfer and advice, before taking the plunge. Customers, financial services institutions, and vendors are feeling their way through the aggregation minefield.

The appeal of Internet account aggregation may seem obvious: Instead of going to various providers' Web sites for account information, you have it all at one site, and this presumably saves a lot of time and hassle. But this convenience factor increases or decreases in direct proportion with frequency of use, and the consumer's account information may not even be available online.

Account aggregation is useful because of customization - users' ability to tailor the service to their preferences. For instance, you could choose to consolidate data from your bank and mutual fund accounts as well as your credit card accounts.

This, however, is predicated on the assumption that the provider can deliver clean, accurate, and timely data. One financial services institution offering aggregation is experiencing a 20% error rate in its overnight batch collection, mainly because of slip-ups that occurred in data transportation, lack of familiarity with the aggregation provider, and customers changing their passwords without informing the aggregation provider.

Though no financial services institutions offer funds transfer on a large scale, the ability to move money through an aggregation screen would be a big customer benefit. One Internet-only bank is testing this service, but it has yet to create internal policies and procedures around the technology, and until it does so it will not be able to perform transactions. At least two vendors have announced partnerships with financial services institutions to offer funds transfer service.

Also scarce in aggregation packages are advice services. These would be a big help to people who need guidance from a pro in sizing up their financial position and making money decisions in accordance with their lifestyle, family situations, age, and other criteria. The early advisory services within account aggregation will probably be in the form of automated replies to consumer questions.

But let's get back to the things that are hampering adoption of account aggregation in its current form, namely security and liability. Current bank regulation does not really address aggregation, so it is hard for financial institutions to know what they can and cannot do. Consumers generally do not care who is liable - they just care that someone is.

A big privacy/security concern is that aggregation services will not protect user names and passwords. And the regulatory agencies have yet to decide which party is liable if a transaction fails. A consumer will naturally turn to the bank for compensation, but it may not be the bank's fault. This issue will be more pronounced once transactions are available from aggregation sites.

Banks and aggregation providers will probably get together and agree to share customer information. That way, they will be able to obtain information on someone's accounts at another bank in a secure and controlled way.

As aggregation moves into funds transfer, the legal liabilities become heavier. Under the Federal Reserve's Regulation E, which governs electronic funds transfers, financial institutions are held liable for security breaches even if there is "customer neglect," such as giving a name and password to an aggregator that fails to safeguard it.

Many aggregators are only now encountering the reality of bank regulation and how seriously their bank clients take it. Until recently they had no understanding of the risks. Nonfinancial aggregators thought of the revenue opportunities rather than the protection of data.

One question is whether Regulation E covers the services provided by aggregation service providers the same way it covers the services provided by banks.

The public's interest in aggregation far outweighs the propensity to sign up for it. Consumers like the concept, but balk at enrolling for it because of setup headaches and some of the things this article has mentioned.

There are estimates in the marketplace that forecast user participation of account aggregation services at 3.4 million by yearend and 34 million by 2004. My company's estimates are more conservative.

A recent TowerGroup study found that 25.5% of PC-using U.S. households were aware of a service that allows accounts to be combined online, and only 0.5% said they were using such a service. Clearly, lack of awareness of account aggregation is an issue.

On the bright side, we estimate that 2.5% of Internet banking households were using account aggregation at the end of 2000 and that participation will grow to 15% in 2005, a compound annual growth rate of 57.8%.

Like supporters of a third-party presidential candidate, consumers who use account aggregation are intensely loyal. They are glad to identify problems and suggest improvements, and if listened to will recommend the service to friends, family, and co-workers.

Banks and other financial services institutions that figure out how to leverage this loyalty will begin to gain market share during the next few years. But it will still be four to five years before account aggregation becomes as accepted as online banking is today.

Mr. Graber is a senior analyst in the commercial banking division of Tower Group, a technology consulting firm in Wellesley, Mass.

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER