Google banking - it's not all about the benjamins


The rumours are strong, and almost certainly true, that Google will be offering checking accounts to people through their Google Pay service.

A source has been quoted as claiming that Citibank will be handling the majority of financial and compliance requirements. What could be left for Google?

Not just a branding exercise

It has been often quoted that if you are not paying for the product then you are the product. The costs have not been mentioned but even if the service is free, Google will be extracting value from your data.

Google will almost certainly be filling the role of what Payment Services Directive (PSD2) defines as an "account information service provider" (AISP), providing insights into your spending habits, offering suggestions on spending habits, and, financial wellness. They may also expand their offering to include loyalty rewards, and tie-ins with insurance, online merchants, travel agents, etc.

Payment Initiation Service - PISP

The "checking accounts" offered by Google will need to allow money transfers, but I don't see Google wanting to expand into the role of a payment initiation service. The partnership with Citibank makes it clear that Google are only interested in the data.

Account Information Service Provider - AISP

I don't see any other way Google can offer their rumoured service in Europe without complying with the PSD2 requirements for Account Information Service Providers. Citibank will be handling most of the compliance, but as a partner, Google will also need to comply with regulations concerning security, tracking of data, what happens if there is a privacy breach etc. These security requirements are well within the capability of Google.

PSD2 also limits how AISPs use the data gathered from users of the service. AISPs cannot use customer data for any purpose other than those provided by the service. Google, or Citibank, will also be obliged to provide financial restitution in case their service leads to data or financial loss of the customers. So far so good.

Ethical road-bumps ahead?

AISPs are required to seek permission from their customers to use their data. We don't explicitly trust Google with much data, but our implicit trust - allowing them full access to our emails, real-time location, phone camera, etc. - ultimately makes it easier for Google to incrementally request more access to our information. Most of us will be using these services on our phones while our attention is divided - surreptitiously in meetings, or while travelling, perhaps while crossing the road - meaning we will not have the time, energy or attention to think about the consequences of what it means to click 'yes' on the modal asking for access to your financial data.

We just want to know if we can afford to buy dinner for our families - Google wants to know far more.

Once your data is released to a third-party you can never be sure how it will be used. It may not endanger you directly but it will surely be combined with other data, and used to generate algorithms that will be applied to your future data which will effect your credit score, insurance costs, or even where your children go to school.

A fascinating book on the topic is Weapons of Math Destruction from Cathy O'Neil.

Good for Google and good for Citibank, and others

Citibank is benefitting from this not just from a financial and marketing perspective. I forsee Citibank customers being offered spending insights and financial wellness advice generated by Google. Why stop there? PSD2 and open banking give Google the freedom to offer their account information service to anyone with a google account. After all, it is all about your data.

Tech companies love fintech

Open banking, and PSD2, have facilitated the rise of so-called neobanks and account information services. We've already seen huge successes like Starling Bank and most everyone knows Monzo, and Emma.

Recently incumbent banks have been trying to get a slice of the pie by forging partnerships with these neobanks and services - after all, compliance is a huge hurdle, why not outsource it? Just this last year we have seen a partnership between Apple and Goldman Sachs to provide the Apple credit card. Apple is known for their hardware and apps, but also gathers mountains of data on their customers.

Facebook's "Libra" cryptocurrency project was criticised by the U.S. Congress who claimed the company's record of privacy abuses, and bias, should disqualify it from moving into financial services.

There are interesting times ahead for us all. Keep your friends close, but your data closer.