# Introduction nder the age of digital economy, the most precious property is "data", which is called the "new oil" 1 . On 9 th April 2020, Chinese state council issued the policy Opinions of Building a More Complete Market-Oriented Allocation System and Mechanism for Factors, which firstly indicated that, except for land, labor, capital, technology factors, "data" has become 5 th major factor of production. 2 This policy emphasized the status and importance of data in China and stimulated the potential development of data market. Data also plays a significant role in financial market. Many countries and areas such as United Kingdom (UK), United States (US), Australia, Hongkong, Singapore and European Union (UK) have taken measures to encourage Fintech companies to take advantage of data to innovate financial products. They develop the "open banking" model to authorize customers with data portability right to give Fintech companies access to their financial data for obtaining better financial services and products. Open banking U can bring many benefits such as stimulating Fintech industry, strengthening competition in financial market, providing customers with better products etc. However, open banking may bring some risks, which require government legal regulation. Different countries and areas implement distinct supervision and regulation model. EU and UK applied the perspective regulation model which forces banks to share data through legislations, but US takes the voluntary model which authorizes enterprises to decide how to share data and relevant standards of data sharing. Hong Kong and Singapore take the active guidance regulatory model where government only sets standards without forcing banks to share data. Open banking also developed quickly in China, however, legal framework of open banking is not mature, which might be a # Background It is necessary to understand the definition and characteristics of open banking before exploring the proper regulation model in China. Also, it is supposed to consider the differences in culture, economic and financial development from other regions regarding open banking. Therefore, it is reasonable to consider the current open banking practice and relevant rules and policies in China. # a) Definition of Open Banking There is no uniform definition of "open banking" all over the world. EU legislation defines "open banking" as a term which broadly describes a financial system in which personal financial data can be shared with # b) Open banking characteristics Open banking focuses on serving consumers, with API or SDK technology as the core technology and financial ecology as the main form. 8 According to the definition of open banking, there are three main characteristics of open banking including data portability, customer autonomy and recipient accountability. 9 3 DELOITTE. How to flourish in an uncertain future Open banking. Report. 2017. P9-11. https://www2.deloitte.com/uk/en/pages/financialservices/articles/future-banking-open-banking-psd2-flourish-in-uncerta inty.html (Access on 11 May 2023). 4 Advisory Committee on Open Banking. Final Report. 2021. https://www.canada.ca/en/department-finance/programs/consultation s/2021/final-report-advisory-committee-open-banking.html (Access on 11 May 2023). 5 # i. Data portability The International Standards Organization (ISO) defines data portability as the "ability to easily transfer data from one system to another without being required to re-enter data." 10 Based on these definitions, consumers are able to share their relevant bank data with TPPs under open banking, which is consistent with "data portability". Data portability in open banking is supported by interoperable standardized data technology, primarily APIs". 11 ii. Customer autonomy Consumer autonomy is the ability to reflect on what one has good reasons to do in the marketplace, and to act accordingly, which is a foundational principle of liberal democracy whereby marketers are granted license to influence consumers, provided they respect their autonomy. 12 Open banking authorizes consumers to control the sharing of their banking data, and it is supported by the legal rights of customers to share their data through open banking. 13 iii. Recipient accountability Open banking makes the recipients (TPPs) of shared customer banking data accountable to customers. 14 Therefore, Fintech companies which receive banking data should be responsible for protecting these data from leaking or stealing etc., and regulation over TPPs are very important. Generally, these three characters of open banking both reflect the goals of improving competition, encouraging innovation, and enhancing consumer protection. 15 # c) Practice and policies of open banking in China Open banking has been developed quickly in China since 2018, however, there is no mature legal system to supervise open banking. Before exploring proper supervision model, it is necessary to find the 16 The implementation of China's commercial bank open banking is mainly through the establishment of open platforms, but not all banks disclosed their open platforms. Most open platforms of commercial banks are only used and maintained internally and would only be disclosed when it is necessary to connect them with partners. In principle, when banks establish their own open platforms, they have the "passive ability" to acquire customers, that is, users can apply by themselves through documents and service instructions on open platforms and obtain corresponding services by themselves. 17 The following Table 1 shows the open banking practice among several commercial banks in China. 16 Internet Finance Association of China. Open Banking Development Research Report. Preface part. 2019. 17 Under this policy, commercial banks with certain fintech capabilities have begun to build their own open platforms to achieve the goals of cost saving, unifying interface standards, serving more scenarios, and integrating more scenarios. 21 In January 2022, the PBOC issued the Fintech Development Plan (2022-2025), proposing to rationally use fintech to enrich the level of the financial market, optimize the supply of financial products, continuously expand the reach radius and radiation scope of financial services, bridge the digital divide between regions, groups and institutions, and make the development achievements of fintech more extensive, deeper and fairer to benefit the broad masses of the people and help achieve common prosperity. 22 In January 2022, the China Banking and Insurance Regulatory Commission issued the Guiding Opinions on the Digital Transformation of the Banking and Insurance Industry, emphasizing the need to actively develop industrial digital finance, build a digital financial service platform, promote the construction of open banking, and strengthen scenario aggregation and ecological docking. 23 In January 2022, the China State Council issued the Fourteenth Five-Year Plan for the Development of the Digital Economy, which put forward the priority actions of "digital inclusive financial services" and clarified the key directions for comprehensively promoting the construction and development of digital inclusive financial services in the context of promoting common prosperity. 24 c. # Policies of strengthening the protection of data and personal information In February 2020, the PBOC issued the Technical Specifications for the Protection of Personal Financial Information, which clarifies the security protection requirements for the collection, transmission, storage, use, deletion and destruction of personal financial information from two aspects: security technology and security management. Regulatory authorities further strengthen the protection of open banking user information, establish and improve security assessment and technical security index systems, and improve information release and open service risk compensation mechanisms. 25 In February 2021, the PBOC issued the Guidelines for Data Capacity Building in the Financial Industry, which points out the direction and basis for financial institutions to carry out data work, guides financial institutions to strengthen data strategic planning, focus on data governance, strengthen data security protection, promote data fusion applications, fully release the value of data, consolidate the data foundation for open banking to accelerate digital transformation and development, and build core financial competitiveness that adapts to the development of the digital economy era. 26 In April 2021, the PBOC issued the Financial Data Security Data Life Cycle Security Specification, which puts forward standards for promoting the implementation of data security management and data security protection in the financial industry. It is aimed to provide scientific basis and guidance for the financial # Global Journal of Human Social Science # III. Benefits and Flaws of Open Banking Open banking can bring many benefits for the society. Open banking can stimulate competitions in financial industry, providing customers with better financial products and services. Also, open banking can reduce the data risks brought by the traditional "screen scrapping" measure taken by Fintech companies before. Nevertheless, open banking also causes some concerns among the public, such as the risks of data security, invasion of privacy and the data abuse. Furthermore, open banking may challenge the current regulatory system. # a) Benefits Data is the "new oil" in the financial world28 , through making usage of data, open banking can bring benefits to the Fintech companies, customers, banks and the whole society. i. Stimulate competition Open banking was legally established in the UK in 201729 and in Australia in 2019. 30 In both jurisdictions, the primary objectives for doing so were similar: improve competition, to encourage innovation, and to enhance consumer protection. 31 Policymakers from different regions share a common goal of increasing competition in attempting to promote open banking. Open banking is aimed to strengthen competition in the financial sector by allowing a huge number of Fintech companies to access personal financial data. 32 In the past, there existed the problem of lack competition and innovation in the financial industry. While small banks struggle to find resources to innovate, large banks have limited incentives to do so due to their oligopoly rents and government guarantees as systemically important financial institutions. This caused the competitionresistant financial market. Open banking creates a great opportunity for Fintech companies since small banks lack the ability to innovate, and large banks lack the incentives to do so, but Fintech companies have both. 33 In recent years, many Fintech companies have sprung up to attempt to disrupt the financial sector through using new technologies and tapping into new markets. These companies have tended to focus on addressing two of the most severe financial frictions: asymmetric information and switching costs. Data portability in open banking can ameliorate these two issues since customers can transfer their banking data to TPPs as they like more conveniently. By using technology to automate and improve decision-making, it is possible to promise to lower frictions in the financial sector and bring more competition into the financial market. 34 ii. # Better financial products for customers As open banking strengthens competition in the financial market, more Fintech companies and other TPPs would have easier access to financial industry. This in turn allows consumers to have more opportunities to enjoy financial services and products from a wider variety of Fintech companies and other financial services providers, which help consumers better control their financial lives. 35 For example, consumers are allowed to aggregate their income, bill payment, and spending data to better understand whether they can afford a new home or a major purchase. Open banking can also help consumers obtain better rates through sharing their complete financial and non-financial data with lenders. By this way, consumers can provide a more holistic picture of their financial situation and potentially obtain more favorable terms.36 Also, it is possible for consumers with adverse credit histories to qualify for more loans, as lenders could review payroll data. 37 Except for this, open banking can stimulate inclusive finance development in China since it can help small and medium-sized enterprises to obtain short-term loans and financing by giving lending institutions a better understanding of their cash flows. 38 This is a win-win measure. Lenders can judge the bad debt risk through analyzing the financial information of small and medium-sized enterprises. On Global Journal of Human Social Science - Year 2023 ( ) H The Legal Regulation Model of Open Banking in China the other hand, with the help of a wider range of financial data, these enterprises with sound cash flows data can obtain better loan rates, while reducing the loss risk of lenders Simultaneously. iii # . From "screen scrapping" to APIs in open banking Open banking can encourage Fintech companies and other financial service providers from "screen-scrapping" to APIs. 39 Traditionally, many financial service institutions utilize screen-scraping to collect information which is the process of scanning a website and extracting data, to access consumer information. For example, when Fintech companies cannot access customer data directly, they utilize screen-scraping to manually collect banking data using the online banking login credentials of their consumers. While screen-scraping allows for these companies to quickly gather information, it poses risks. Screenscraping has significant flaws as a method of data collection. Initially, by collecting the login credentials of consumers, screen-scraping increases the fraud and identity theft risks faced by users. Secondly, screenscraping may prevent banks from knowing when third parties access their customers' data, which reduces the effectiveness of their anti-fraud and cybersecurity systems. Thirdly, when consumers authorize Fintech companies to access their data through screenscraping, they do not always understand that they are revealing their login credentials to the Fintech. 40 Screen-scrapping risks could be alleviated by APIs in open banking, improving the safety, scope of access, and consent of the consumer. 41 Regarding risks posed by screen-scraping, the U.S. Treasury has recommended consumer data changes that "would effectively move firms away from screen-scraping to more secure and efficient methods of data access." Therefore, it is significant to develop open banking to provide Fintech companies and other financial service providers with direct access to the data. 42 # b) Risks Even open banking can bring many social and economic benefits, it still causes wide concern regarding data security and customer privacy protection, abuse of data risks as well as suspicion to the validity of financial supervision. It is necessary to find relevant risks for designing a proper regulatory model for China. # i. Data security and customer privacy Open banking triggers the privacy protection problem. Financial privacy laws of many countries predate the emergence of the Fintech sector and offer consumers relatively limited control over how companies use their financial data. 43 There are concerns over data security and customer privacy regarding their financial lives since personal information is being transferred to third parties. 44 ii. Abuse of data Open banking would increase both the number of entities that collect personal financial data and the amount of information that private companies know about individuals' financial lives. As industry experts observe, with the development of open banking, the risk monetizing or misusing consumers' data is likely to increase as a wider range of companies obtain access to it. 45 These companies might abuse consumers' personal data by using the data beyond the purpose and scope authorized by consumers, and it is hard for consumers to know of it. 46 Even if consumers found that their data was abused or leaked illegally, it is hard for them to be compensated from this since there might be several companies or institutions have access to their data, it is hard for consumers to prove exactly which party abused or leak their data. iii. Regulatory challenges Open banking is very different from traditional banking business, and the existing regulatory system of commercial banks is based on current financial practices, and the digitalization of traditional financial products and businesses would bring great difficulties to legal regulation. When dealing with the risk of data sharing in open banking, it might be difficult for the existing legal regulatory system to monitor financial risks effectively. to introduce open banking frameworks. However, these regions adopted different regulation models of open banking due to the difference in their culture, economy, financial markets, etc. Generally, there are three types of regulation models as follows. i. EU and UK: Compelling Model EU and UK adopted the statutory model for open banking development, which forces banks to authorize consumers with data portability and access to data. EU extensively highlighted the importance of data portability and data transfer issue. Cecilio Madero Villarego, senior competition official in the EU, said in late 2019: "Among other things, we will continue to make sure that digital incumbents don't make it too difficult for consumers to switch to competitors or use them in parallel." 51 E.U. Council passed the Revised Directive on Payment Services (PSD2) in 2015, which aimed to go further than the initial Payment Services Directive in opening up banks to data sharing arrangements and competition from fintech firms. 52 PSD2 forces banks and other payment providers to grant access to consumer accounts to third-party providers for account information aggregation services. Also, it requires payment providers to ensure that any time consumers access their account or initiate transactions, payment processors confirm that they consented to the transaction. 53 Also, the Article 20 of the EU General Data Protection Regulation ("GDPR") mandates that individuals have a right to data portability. 54 This reserves the term "portability" to a required transfer when one person wishes to transfer the data. These legislations establish the legal foundation of open banking development. The application of the legal obligation to share data under UK open banking is complicated, including PSD2 and GDPR, and compliance is required by Account Servicing Payment Service Providers. 55 However, not all commercial banks are required to share data and comply with specific UK data sharing standard. The UK established open banking to address a competition problem in the retail banking market, identified by the UK Competition and Markets Authority ("CMA"). Open banking in UK also allowed the EU to implement its PSD2. The CMA Order established an Open Banking Implementation Entity ("OBIE") to create UK data standards for data sharing. The UK Standards were required to cover not only APIs, data formats, and security, but also governance arrangements and customer redress mechanisms. Further, these standards were mandated to have the features necessary for banks to comply with the open banking requirements of PSD2. 56 However, only the nine banks and building societies specified under the CMA Order, known as the "CMA9," are required to comply with the data sharing obligations. 57 ii through guidelines and nonbinding documents. This guidance serves as the basis of its open finance strategy, which suggests that the regulator-led approach is another possible data governance style. 65 Hong Kong has begun regulating open banking since 2018. 66 Hong Kong's regulations do not require banks to share account and transaction data. The regulations issued by Hong Kong Monetary Authority require the largest banks to develop open APIs, but they permit banks to choose which TPPs can access customer data. 67 Different from other jurisdictions, Hong Kong requires banks to conduct ongoing supervision and due diligence of the TPPs they partner with and establish contractual terms that mitigate the risk that customer data will be misused. 68 The HKMA believes that this model would strike a balance between innovation and consumer protection since it requires banks to play a custodian-like role with respect to customer data. companies. This is based on the belief that U.S. market would be best served by a solution developed by the private sector. 58 Although section 1033 of the Dodd-Frank Act requires providers of financial products and services to make available to a consumer, upon request, any information in their possession or control "relating to any transaction, series of transactions, or to the account including costs, charges and usage data." 59 However, it only creates an express data access right in favor of customers themselves, but it says absolutely nothing about whether financial institutions must also share this data with third parties. 60 In US, there is not a welldeveloped legal framework for open banking, and the burden of developing common data sharing standards has largely fallen to the financial services industry itself. 61 US adopted this model due to the characteristic of its financial market: fragmentation. The United States is home to the world's largest, most fragmented, and most diverse financial services industry. 62 The fragmentation makes it very hard to rapidly respond to new market developments, and therefore it is reasonable to sustain coordination between regulators and industry. This can explain why the US has taken what has been described as a "market-driven" approach to open finance. 63 because of the policies ensuring its implementation efficiency. However, it fails to take into account the size and strength of banks and tends to pursue "absolute fairness" and therefore leading to unfair opening consequences, accelerating the loss of competitiveness of small and medium-sized banks. Also, administrative orders may stifle commercial and technological creativity. 70 More importantly, the "regulation-driven" model requires a complete and mature legal regulation system. The compelling model derived from EU and UK, which was adopted by Australia, Brazil, Mexica and other countries. 71 Compelling regulatory model forces banks and other payment provider institutions provide data to Fintech companies or other TPPs following the instructions of consumers. This model is effective in promoting open banking since some banks would be reluctant to share consumers' data to other companies to protect competitive advantages. Actually, there is a tension between data sharing and the economic interests of many banks that collect personal financial data. These banks may depend on collecting large amounts of personal financial data to maintain a competitive edge and therefore those economic interests can disincentivize banks from giving consumers control of their data. 72 Therefore, under compelling model, banks must authorize customers with data access which can effectively stimulate open banking development. However, in compelling model, regulators play a significant leading role in data sharing and open banking development and therefore it is required to provide regulators with a clear legal implementation framework. This legal framework must contain unambiguous legislations regarding data rights and data sharing obligations, the clear allocation and cooperation of regulatory powers, regulatory-led thirdparty access certification and unified technical standards. 73 However, unlike EU or UK, there is no clear and feasible legal framework in China supporting regulators to compel banks to share data. Although article 45 of the Chinese Personal Information Protection Act regulates that if individuals request the transfer of personal information to their designated personal information processor, satisfying the requirements provided by the state internet information department, the personal information processor shall provide a channel for the transfer, 74 legal basis for data portability, there are no other rules or legislations supporting the implementation of data portability. And there are no other relevant legislations or rules regarding open banking in China. Therefore, due to the absence of feasible and mature legal framework, it is not reasonable for Chinese government adopt the compelling model. In addition, the compelling model is not proper due to the special financial market and regulation environment in China. The data opening of large commercial banks that occupy a dominant position in data can further expand their business, obtain cooperation opportunities, and win the dividends brought by data sharing, while small financial institutions with scarce customer information and poor data information face the dilemma of losing business resources and further expanding competitive disadvantages. If adopting the compelling regulationdriven model and forcing data sharing among all banks, it will strengthen the data integration of monopoly financial institutions and aggravate the centralization of financial data. 75 Also, e-commerce platforms and thirdparty payment businesses are well-developed in China. Internet financial enterprises optimizes financial business and provides financial services, which has gradually occupied more and more shares in the Chinese financial field, and even be able to compete with certain banks. According to the business model of open banking, one-way data openness is tantamount to creating an unequal competition where e-commerce platforms can rely on the richer data resources of financial institutions to develop more quickly, while traditional financial institutions such as banks are very easy to lose the advantages of basic data. Accordingly, the mandatory "regulatory-driven" model may affect the financial stability and exacerbate unfair competition in the financial market of China. 76 ii. Voluntary Model is not Appropriate for China Voluntary model is adopted by US which neither does not require regulators to force banks to share data, nor issue specific technical or data sharing standards. It is driven by the market where institutions make agreements about data sharing and relevant security, APIs standards. The voluntary "market-driven" model can achieve a balance of interests of all parties in the market. However, under this model, there is no effective financial data sharing standard and the enthusiasm of banks to carry out financial data sharing is not high since there is no government promotion, which is difficult to make breakthroughs. 77 # ( ) H The Legal Regulation Model of Open Banking in China intends to allow private enterprises to develop open banking rather than limiting their innovation ability by regulatory uncertainties, so it adopts this model. 78 However, due to the different cultures and financial market development, it is not proper for China to adopt the US model. Firstly, without regulation, public confidence in open banking might be impaired and this voluntary model may cause disorder in China's financial market due to the lack of uniform standards of data sharing. Secondly, without proper regulatory limitations, there might a risk of monopoly since large banks are free to make agreements regarding data sharing and impose barriers preventing Fintech companies from entering into the financial market, which might impair competition in the financial sector. Also, the absence of uniform standards would decrease the interoperability of open banking system, which may cause high negotiation fee due to the financial fragmentation in the market. 79 Furthermore, as discussed before, US adopted the market-driven model since US financial market is too fragmented and it is hard for regulators to design and respond quickly. 80 However, unlike US, Chinese financial market is not so fragmented and the Chinese PBOC has already issued several policies clarifying the data sharing standard. Therefore, the US market-driven model is not suitable for China due to difference in financial markets of two countries. iii # V. How to Establish the Legal Regulation Structure of Open Banking in China under the "Active Guidance" Model Generally, under the active guidance model, Fintech companies should reform data and technologies in order to have the ability to connect with traditional financial institutions. For large commercial banks, they should change attitude and accept open banking mode, while for small and medium banks, due to the lack of sufficient technique powers, they should cooperate to construct their open banking platform. For better coordination between these parties in open banking practice, regulators should give the development direction and issue instructive rules, encouraging cooperation between banks and Fintechs while protecting privacy and data security of customers. 82 It is required to issue some government instruction in standards setting and provide a feasible legal framework giving instructions to banks and TPPs, Global Journal of Human Social Science -Year 2023 # ( ) H The Legal Regulation Model of Open Banking in China 44 however, banks should not be forced to share data through legislation now. Currently, there is not a feasible legal framework for open banking regulation in China. For regulating and stimulating development of open banking and reducing social risks, it is necessary to improve current legal system to establish a feasible framework to facilitate data portability implementation and construct a multi-level regulatory system of open banking. Also, traditional regulatory method for privacy protection is insufficient in open banking, it is necessary to transfer to "data autonomy" approach for protecting privacy. # a) Issue Feasible Rules for Data Portability Implementation Article 45 of Chinese Personal Information Protection Act (valid from November 2021) sets the basis of data sharing for consumers, which indicates that where individuals request access to or copy their personal information, the personal information handlers shall promptly provide it. If individuals request the transfer of personal information to their designated personal information processor, satisfying the requirements provided by the state internet information department, the personal information processor shall provide a channel for the transfer. 83 This clause seems to regulate the foundation of data portability, however, there are no other rules or legislations clarifying specific details and procedures for the implementation of data portability. Also, there are no regulations indicating the definition of data portability. These would be barriers to open banking development in China. A data-oriented financial regulatory system needs focus on creating interoperable standards for data sharing. Not only is it important to create clear ownership rights over data, and clear access rights, but also it is necessary to ensure that this data is stored and managed in standardized ways. Interoperability is integral to the proper functioning of a market in data, and without it, transaction costs and market leverage may threaten to impede competition within the sector. 84 Therefore, it is necessary to improve legislations to increase the feasibility of data portability and interoperability of open banking systems. As discussed before, Chinese PBOC has issued a series of policies clarifying the standards which increase interoperability from the perspective of technology. It is not difficult to technically promote data sharing, but it is more difficult to achieve comprehensive protection of data from a legal point of view. It is necessary to combine the powers of technology and legislation. Not only should we bring technology into the orbit of the rule of law and constrain its risks, but also utilize more technical methods to improve the protection 83 Article 45 of Chinese Personal Information Protection Act. 84 level of data sharing security. 85 Currently, it is crucial to increase interoperability from legislative perspective to clarify the definition and condition of portability, the scope of shard information and accountability in open banking. i. Implementation details of data portability Article 45 of the Chinese Personal Information Protection Act is only a principal provision without sufficient operability. Chinese government and relevant institutions should issue detailed implementation rules as soon as possible, including the conditions, types, methods, costs, and risk prevention of data portability. Also, it is necessary to clarify the definition of data portability. Since open banking and data portability were introduced from UK and EU, it is reasonable to apply the definition of data portability in GDPR which indicates that "the data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided". 86 ii. Scope of shared information Also, it is required to clarify the scope of shared information. The shared information scope is distinct between different countries. In UK, it is required to provide information regarding the following accounts: transaction information for personal current account products, including personal current accounts; basic bank accounts, packaged accounts, reward accounts, student or graduate accounts, and youth accounts; and business current account products, including business current accounts. Under UK open banking, the CMA Order requires that the Read/Write Data Standard provides access to transaction information for covered accounts and initiates payments on behalf of customers on those accounts. The detail of the data to be shared, including the data fields for each of the accounts, is provided by the UK Standards. 87 However, the shared information in Australia is much broarder. Australia's open banking rules apply to a wide array of consumer data, including product data, customer data, account data, and transaction data. 88 The Legal Regulation Model of Open Banking in China the financial industry would be the first industry to be regulated, but that other industries would also come under its rules. 89 For China, currently, it is better to limit the shared information in financial industry due to the limitation of technologies and legal basis. Also, it is necessary to divide information according to its sensitivity and significance and gradually expand the scope of shared data based on the sensitivity level. According to Chinese national standard "Information Security Technology Personal Information Security Specification, "personal sensitive information" refers to "personal information that may endanger personal and property safety once leaked, illegally provided, or abused, and can easily lead to damage to personal reputation, physical and mental health, or discriminatory treatment." 90 It is necessary to limit the sharing scope of sensitive information and require desensitization treatment under some circumstances to protect privacy of consumers. iii. Accountability Accountability regarding open banking should be clarified, which can encourage institutions more attention to data protection and increase public confidence in open banking market. In Hong Kong, banks should burden to duty to conduct ongoing monitoring and due diligence of the TPPs they partner with and establish contractual terms that mitigate the risk that customer data will be misused. 91 Hong Kong believes that this approach will "strike a balance between innovation and consumer protection" because it requires banks to play a custodian-like role with respect to customer data. 92 China can also adopt this approach and impose responsibilities on banks to monitor Fintech and TPPs. However, the banks should not be the only accountable party, TPPs should also have the duty to protect consumers' data. Banks and their partners TPPs be jointly liable for data abuse, leakage or loss. Furthermore, regulators should issue a more unambiguous and detailed standard for data security protection and impose sanctions on data theft, leakage, abuse as well as the illegal usage of data without customers' consent. 93 b) Construct a multi-level regulatory system for data sharing i. # Current Legislation and Rules Regarding Data Sharing in China The main goal of China's implementation of open banking is promoting the digital transformation of financial institutions and fully tapping the value of data. Currently Chinese legislations and rules regarding data protection and data dealing. Firstly, Article 42 of the Chinese Cybersecurity Law expresses that network operators must not disclose, tamper with, or destroy the personal information they collect; and personal information shall not be provided to others without the consent of the person being collected. However, this is not the case where the specific individual cannot be identified after processing and cannot be restored. Network operators shall employ technical measures and other necessary measures to ensure the security of the personal information they collect and prevent information leakage, damage, or loss. When leakage, damage, or loss of personal information occurs or may occur, remedial measures shall be immediately employed, and users shall be promptly informed and reported to the relevant competent departments in accordance with provisions. 94 Secondly, Article 1038 of the Chinese Civil Code indicates that information processors must not disclose or tamper with the personal information they collect or store; without the consent of individuals, their personal information shall not be illegally provided to others, except where the specific individual cannot be identified after processing and cannot be restored. Information processors shall employ technical measures and other necessary measures to ensure the security of the personal information they collect and store, and prevent information leakage, alteration, and loss. When leakage, alteration, or loss of personal information occurs or might occur, remedial measures shall be promptly employed, and individuals shall be notified in accordance with provisions and reported to the relevant competent departments. 95 Thirdly, Article 23 of the Chinese Personal Information Protection Law more specifically regulates the data dealing and transferring issue. It indicates that where personal information processors provide information to other personal information operators, they shall inform the individuals of the name or surname and contact information of the recipients, purpose and methods of processing and types of personal information. Also, it is required to obtain the separate consent from them. The recipient shall process personal information within the scope of purposes, following processing methods and types of personal information. Where the receiving party changes The Legal Regulation Model of Open Banking in China the original purpose or method of processing, it shall reobtain the individual's consent in accordance with the provisions of this Law. 96 Furthermore, Article 29 of the Implementing Measures for the Protection of the Rights and Interests of People's Bank of China Financial Consumers shows that banks and payment institutions handling consumer financial information shall follow the principles of legality, propriety, and necessity, and obtain the express consent of financial consumers or their guardians, except as otherwise provided by laws and administrative regulations. Banks and payment institutions must not collect consumer financial information unrelated to business, must not use improper methods to collect consumer financial information, and must not covertly force the collection of consumer financial information. Banks and payment institutions shall not refuse to provide financial products or services on the grounds that financial consumers do not consent to the processing of their financial information, except where the processing of their financial information is necessary for the provision of financial products or services. Where financial consumers are unable or refuse to provide necessary information, making it impossible for banks or payment institutions to perform their anti-money laundering obligations, banks and payment institutions may take restrictive measures against their financial activities in accordance with the relevant provisions of the Anti-Money Laundering Law of the People's Republic of China. When it is truly necessary, banks and payment institutions may refuse to provide financial products or services in accordance with law. 97 ii. Establish a Multi-level Regulatory System of Data Sharing Although Chinese Cybersecurity Law, Chinese Civil Code, Chinese Personal Information Protection Law and the Implementing Measures for the Protection of the Rights and Interests of People's Bank of China Financial Consumers establish relevant legal basis for personal information sharing, but the above legal provisions obviously only focus on the protection of personal information rather than sharing information, and there lacks the encouragement and mandatory provisions for data sharing. 98 Therefore, there is no mature legal regime for data sharing in China. Except for government regulatory system, making use of the market and social power is also important. It is necessary to establish a multi-level regulatory system for data sharing which should contains supervising parties such as banks, TPPs, customers, social associations and judges. 96 Article 23 of the Chinese Personal Information Protection Law. 97 Firstly, as discussed above, banks and TPPs should be jointly liable for data protection. Learning from the active guidance regulation model in Hong Kong, banks are supposed to supervise the data application actions of their TPPs, which can keep the balance between innovation and financial security. Secondly, Fintech companies and TTPs which receive the data should be mainly responsible for data protection. Therefore, it is necessary to require these companies to design internal supervision systems in their companies to prevent data loss or leakage. Thirdly, Chinese government should build a special compliant system for customers for dealing with matters relevant to data sharing issues in open banking. Social supervision from customers can play a crucial role in data sharing since customers are the party whose interests would be seriously impaired by data abuse. Therefore, it is necessary to authorize customers with compliant rights, which can also educate customers on the significance and value of data. Also, an open banking association should be established to deal with data sharing matter. As discussed before, open banking brings many challenges to the traditional regulatory system due to the information asymmetry and technical issues. 99 Therefore, it is necessary to organize the open banking association composed of technical and financial experts, which can better supervise data sharing matters and provide more information to government officials. The cooperation between associations and government regulators is significant for sound development of open banking. Finally, judicial aid is also necessary which is the last resort for customers. Currently, there is no specific Statutory Financial Interpretation regarding open banking judicial practice. However, data sharing matter is relevant to privacy and personal information protection and therefore, judges can refer to the rules, Statutory Financial Interpretation and legislation relevant to personal data and privacy in Chinese Personal Information Protection Act, Chinese Civil Code and other relevant legislations. In general, it is reasonable to establish a multi-level regulatory system including different monitoring bodies for data sharing in open banking. c) Data Privacy Protection: From "Notice-Consent" to "Data Autonomy" Traditionally, financial privacy laws in many countries follow a "notice and consent" model, which requires enterprises to notify consumers of their data collection practices and give consumers the option to opt-in or out. However, the "Notice-Consent" approach has significant structural flaws that limit its efficacy. # 47 Notice and consent laws place an unmanageable burden on consumers by requiring them to read lengthy and often opaquely-written privacy policies, which consumers do not have time to read and often struggle to understand.101 Moreover, even if consumers had the time to read all of the privacy policies that they are presented with in a given day, they are often unable to assess the risks of sharing their data. 102 Better protecting customer privacy in digital economy era requires us to replace the traditional "data privacy" with a more comprehensive concept "data autonomy." Data autonomy grants customers a set of rights over their data that wrests control over data back from the large financial institutions that, until now, have maintained a vice grip over it. It can satisfy the data protection requirement and secure information be accessible and shareable, which is more consistent with open banking development trajectory. While data autonomy requires important changes in legal rights and responsibilities, it is better matched with "open banking" rules. 103 Authorizing customers greater control of data sharing could potentially mitigate the traditional privacy protection problems brought by "noticeconsent" regulation method. 104 If consumers can affirmatively decide and continuously control which company can have access and use their financial data, they will have a greater ability to preserve their personal expectations of financial privacy when they share their data with a third party. 105 However, there are still certain risks of "data autonomy". 106 Firstly, similar to traditional "noticeconsent" regime, consumers are generally unable to independently manage their data privacy due to the lack of time and knowledge to understand what most companies do with their data. Secondly, as more companies access personal financial data, consumers will find it increasingly difficult to keep track of how their data are used or who has access to it, this might increase the privacy risk and it is hard for customers to find accountable parties. 107 Thirdly, there is tension between consumer privacy and the economic interests of banks and certain companies that collect personal financial data to maintain a competitive edge. 108 Those economic interests can disincentivize these enterprises from giving consumers meaningful control of their data. 109 Under "active guidance" model without compelling data sharing, it might be difficult for banks to support the "data autonomy" approach. Therefore, it is important for legislators and policy makers to strike a balance in this regard. Although the desires of consumers should dictate how their data are used, companies should not be foreclosed from reasonably using data to improve their own services or from fulfilling regulatory compliance obligations.China can learn from UK for balancing the interests between the bank and customer. UK Although U.K. regulations allow consumers to choose how their data are used, they do not prevent Fintech companies from providing innovative services. Rather, they require TPPs to explain their services clearly and allow consumers to select their desires. The third parties are only authorized to use and share personal data which is necessary to provide the requested services or for other reasonable purposes. 110 Generally, U.K. rules play a role in offsetting the tension between banks and customers by allowing consumers to affirmatively choose and continuously control which parties access their data, through centralized licensed platforms. 111 Learning from UK, Chinese regulations should limit the scope of data usage and balance the data application between banks and TPPs. Also, it is necessary to establish centralized platforms and require platforms to obtain licenses before helping customers share data, which can help regulators pre-cautiously reduce data abuse risk and provide timely remedies for data abuse. The Legal Regulation Model of Open Banking in China 48 some risks at the same time. Therefore, it is urgent to establish an effective regulatory system in China. Through learning from regulation forms in other jurisdiction, "active guidance" regulatory model should be more appropriate. Currently, without sufficient legal basis, it is reasonable to adopt the "active guidance" regulatory model, which can reduce the risk of disorder in the financial market and decrease negotiation costs among banks and TPPs. Therefore, the "active guidance" model can help open banking improve during the transition period. Under this model, current Chinese regulatory and legal regime needs to be improved as well. It is suggested to issue more feasible rules for data portability implementation, establish a multi-level regulatory system for data sharing including different supervision parties, as well as transfer the data privacy protection regime from traditional "Notice-Consent" to "Data Autonomy" model. 6Andreas Myers. BANKS ARE OPEN FOR BUSINESSRECOMMENDED REVISIONS TO SECTION 1033 OF THE DODD-FRANK ACT. 2022. N.C. J.L. & Tech. 24. P73. 7 Year 2023)( HGlobal Journal of Human Social Science - 1IndustrialandCommercial Bank ofChina(ICBC)ShanghaiPudongDevelopment Bank(SPD Bank) Bank of China(BOC) Bank of China proposed the concept of open platform as early as 2012, and officially released the BOC Open Platform in 2013, opening more than 1,600 interfaces, involving transnational finance, collection and payment, mobile payment, as well as map services, network inquiry, exchange rate quotation and other services. China Everbright Bank On the one hand, China Everbright Bank actively integrates financial products and services into the production scenarios of cooperative companies. On the other hand, China Everbright Bank would build the mobile banking app into an open mobile financial ecosystem, making mobile banking a hub for extensive connection with external partner companies and Internet users, and a platform for customers operation. The Legal Regulation Model of Open Banking in ChinaIV.What Legal Regulatory Modelshould be Applied for Open Bankingin ChinaYear 202340)( HGlobal Journal of Human Social Science -47 43 THE AUSTRALIAN GOVERNMENT THE TREASURY. REVIEW INTO OPEN BANKING: GIVING CUSTOMERS CHOICE, CONVENIENCE AND CONFIDENCE. 2017. https://nla.gov.au/nla.obj-2817047138/view (Access on 10 May 2023). 44 Cesare Fracassi & William Magnuson. Data Autonomy. 2021. Vand.L. Rev. 74. P75.39 Cesare Fracassi & William Magnuson. Data Autonomy. 2021. Vand.45 THE AUSTRALIAN GOVERNMENT THE TREASURY. REVIEW INTOL. Rev. 74. P96.OPEN BANKING: GIVING CUSTOMERS CHOICE, CONVENIENCEAND CONFIDENCE. 2017. https://nla.gov.au/nla.obj-2817047138/view(Access on 10 May 2023).46 Xuan Di & Fang Yan. Risk Challenges and Legal Regulations ofChina's Open Banking Data Sharing. Credit Reference. 2022.7 (282).P41-42.47 Xuan Di & Fang Yan. Risk Challenges and Legal Regulations ofChina's Open Banking Data Sharing. Credit Reference. 2022.7 (282).282, P42. 40 Year 2023)( H- which seems provided the70 Yang Dong & Cheng Xiangwen. Research on the data sharingmechanism of consumer-centered open banking. Financial RegulationResearch. 2019.10. P104. 71 74 Article 45 of the Chinese Personal Information Protection Act. Year 2023Global Journal of Human Social Science - Suitable for China In general, active guidance regulatory model should be applied in China, which not only can increase interoperability and reduce transaction costs, but also stimulate better development of open banking. As discussed before, under active guidance regulatory model, government regulators only issue relevant standards for open banking such as data sharing, instead of utilizing statutory legal authority to force banks to share data. On the one hand, issuing uniform standards under active guidance model can increase interoperability and reduce negotiation fees of banks and Fintech companies. As mentioned above, Chinese PBOC has issued several policies clarifying technical specifications and standards regarding data sharing and APIs of open banking including Code for Security 78 Steven T. Mnuchin & Craig S. Phillips. A FINANCIAL SYSTEM THAT CREATES ECONOMIC OPPORTUNITIES: NONBANK FINANCIALS, FINTECH, AND INNOVATION. Report to President Donald J. Trump. 2018. https://home.treasury.gov/sites/default/files/2018-07/A-Financial-System-that-Creates-Economic-Opportunities---Nonbank-Financi.... pdf?mod=article_inline (Management of Application Programming Interfaces (APIs) of Commercial Banks(2020), Technical Specifications for the Protection of Personal Financial Information(2020), . "Active Guidance" Regulatory Model is More Year 2023)( HGlobal Journal of Human Social Science - China Ping An Bank and Boston Consulting Group. China Open Banking White Paper. 2021. People's Bank of China. Code for Security Management of Application Programming Interfaces of Commercial Banks. 20 People's Bank of China. Financial Technology Development Plan (2019-2021). 2019. 21 Yealink Bank. Analysis of the latest development status and trend of open banking in http://www.openbanks.com.cn/openbanks_article/100046.html (Access on 9 May 2023).22 People's Bank of China, Financial Technology Development Plan (2022-2025). China Banking and Insurance Regulatory Commission. Guiding Opinions on the Digital Transformation of the Banking and Insurance Industry. 2022. China State Council. The Fourteenth Five-Year Plan for the Development of the Digital Economy. 2022. People's Bank of China. Technical Specifications for the Protection of Personal Financial Information. 2020. People's Bank of China. Guidelines for Data Capacity Building in the Financial Industry. 2021. People's Bank of China. Financial Data Security Data Life Cycle Security Specification. 2021. Charles Arthur. 2013. "Tech giants may be huge, but nothing matches big data". https://www.theguardian.com/technology/2013/ aug/23/tech-giants-data (Access on 9 May 2023). Competition and Markets Authority. Update on Open Banking. 2021. https://www.gov.uk/government/news/update-on-open-banking (Access on 9 May 2023). The Australian Government the Treasury. Inquiry into Future Directions for the Consumer Data Right. 2020. https://treasury.gov.au/publication/inquiry-future-directions-consumerdata-right-final-report (Access on 9th May 2023). 31 Scott Farrell. Designing Data Rights for Canadian Open Banking Lessons from Banking Law in Australia and the United Kingdom. 2022. Sask. L. Rev.85. P176. 32 Charles Marshall Wilson. DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING. 2022. Geo. Wash. Int'l L. Rev. 53. P608. Cesare Fracassi & William Magnuson. Data Autonomy. 2021. Vand. L. Rev. 74. P342. Cesare Fracassi & William Magnuson. Data Autonomy. 2021. Vand. L. Rev. 74.P338. Charles Marshall Wilson. DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING. 2022. Geo. Wash. Int'l L. Rev. 53. P608. Charles Marshall Wilson. DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING. 2022. Geo. Wash. Int'l L. Rev. 53. P608. Cesare Fracassi & William Magnuson. Data Autonomy. 2021. Vand. L. Rev. 74. P75. Charles Marshall Wilson. DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING. 2022. Geo. Wash. Int'l L. Rev. 53. P609. Cesare Fracassi & William Magnuson. Data Autonomy. 2021. Vand. L. Rev. 74. P357. China Ping An Bank and Boston Consulting Group. China Open Banking White Paper. 2021.P41-42. Article 42 of the Chinese Cybersecurity Law. Privacy Rights and Data Collection in a Digital Economy. 2019. hearing | Hearings | United States Committee on Banking, Housing, and Urban Affairs (senate.gov) (Access on 11 May 2023). 2 Chinese State Council. Opinions of the CPC Central Committee and the State Council on building a more complete market-oriented allocation system and mechanism for factors. 2020. 49 New Open Banking Regulation in Mexico. https://www.gtlaw.com/en/insights/2020/6/open-banking-en-mexiconueva-regulacion (Access on 10 May 2023). 50 The Slow Introduction of Open Banking and APIs in Japan. https://www.frbsf.org/banking/asia-program/pacific-exchangespodcast/open-banking-apis-japan/ (Access on 10 May 2023). * Treasury Laws Amendment (Consumer Data Right) Bill 2019. May 2023 Cth * China National Information Security Standardization Technical Committee Information Security Technology -Personal Information Security Specification (GB/T 35273-2020 * OPEN API FRAMEWORK FOR THE HONG KONG BANKING SECTOR HKAuth 2018. 20180718e5a2. May 2023 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson 53. P620 Geo. Wash. Int'l L. Rev 2022 * China Ping An Bank and Boston Consulting Group. China Open Banking White Paper P 44 2021 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson Geo. Wash. Int'l L. Rev 53 613 2022 * Data Autonomy. 2021. Vand CesareFracassi WilliamMagnuson L. Rev 74 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson 53. P626 Geo. Wash. Int'l L. Rev 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson 53. P626 Geo. Wash. Int'l L. Rev 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson Geo. Wash. Int'l L. Rev 53 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson Geo. Wash. Int'l L. Rev 53 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson Geo. Wash. Int'l L. Rev 53 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson Geo. Wash. Int'l L. Rev 53 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson 53. P629 Geo. Wash. Int'l L. Rev 2022 * DATA SHARING IS CARING CONSUMER PRIVACY AND INTERNATIONAL APPROACHES TO OPEN BANKING CharlesMarshall Wilson 53. P630 Geo. Wash. Int'l L. Rev 2022 * References Références Referencias Articles * Banks are Open for Business Recommended Revisions to Section 1033 of the Dodd-Frank Act. 2022. N.C AndreasMyers J.L. & Tech 24 * CesareFracassi &DataWilliam Magnuson Autonomy L. Rev 74 2021 * Data Sharing is Caring Consumer Privacy and International Approaches to Open Banking CharlesMarshall Wilson Geo. Wash. Int'l L. Rev 53 2022 * The Promise & Perils of Open Finance DanAwrey JoshuaMacey Yale J. on Reg 40 2023 * Privacy Self-Management and the Consent Dilemma JDaniel Solove HARV. L. REV. 126 2013 * WDouglas Arner GGiuliano Castellano KRiks Selga Financial Data Governance 2023 74 * Data Sharing and Interoperability: Fostering Innovation and Competition through APIs OscarBorgogno GiuseppeColangelo 10.1016/j.clsr.2019.03.008 Computer Law & Security Review 35 2019 * Designing Data Rights for Canadian Open Banking Lessons from Banking Law in Australia and the United Kingdom. 2022. Sask ScottFarrell L. Rev 85 * Open Banking Regulation in UK and the Lessons from Its Experience WenShuying 10.13451/J.cnki.shanxi.univ(phil.soc.) Journal of Shanxi University (Philosophy & Social Science) 46 2 2023 * Risk Challenges and Legal Regulations of China's Open Banking Data Sharing XuanDi & FangYan Credit Reference. 2022.7 (282 * Research on the data sharing mechanism of consumer-centered open banking YangDong &Cheng Xiangwen Financial Regulation Research 10 2019 * Selection of Supervision Model for Open Banking Data Sharing in China ZhangJian Zheng Fa Lun Cong. 2023.1. Reports * Advisory Committee on Open Banking. Final Report 2021. May 2023 * Report on Open Banking and Application Programming Interfaces Basel Committee on Banking Supervision Report on open banking and application programming interfaces (APIs) (bis.org 2019. May 2023 * China Ping An Bank and Boston Consulting Group. China Open Banking White Paper 2021 * How to flourish in an uncertain future Open banking Deloitte 2017. May 2023 Report * A Financial System That Creates Economic Opportunities: Nonbank Financials, Fintech, and Innovation TSteven CraigSMnuchin Phillips Report to President Donald J. Trump 2018. 10 May 2023 * Analysis of the latest development status and trend of open banking in 2021 YealinkBank May 2023 Legislation and Rules * Article 1038 of the Chinese Civil Code * Article 42 of the Chinese Cybersecurity Law * Article 23 and 45 of the Chinese Personal Information Protection Act * Article 1033(a)-(b) of Dodd-Frank Act * Article 20 of General Data Protection Regulation EU * Article 29 of Implementing Measures for the Protection of the Rights and Interests of People's Bank of China Financial Consumers * China Banking and Insurance Regulatory Commission. Guiding Opinions on the Digital Transformation of the Banking and Insurance Industry 2022 * China National Information Security Standardization Technical Committee Information Security Technology -Personal Information Security Specification (GB/T 35273-2020 * The Fourteenth Five-Year Plan for the Development of the Digital Economy 2022 China State Council * Opinions of the CPC Central Committee and the State Council on building a more complete market-oriented allocation system and mechanism for factors 2020 Chinese State Council * Internet Finance Association of China Open Banking Development Research Report. Preface part 2019 * Code for Security Management of Application Programming Interfaces of Commercial Banks 2020 People's Bank of China * Guidelines for Data Capacity Building in the Financial Industry 'People ChinaBank 2021 * People's Bank of China. Financial Data Security Data Life Cycle Security Specification 2021 * People's Bank of China Financial Technology Development Plan 2019-2021. 2019 * People's Bank of China Financial Technology Development Plan 2022-2025). 2022 * Technical Specifications for the Protection of Personal Financial Information 2020 People's Bank of China * Treasury Laws Amendment (Consumer Data Right) Bill 2019. May 2023 Cth * News * Open Finance Banco Central Do Brasil Access on 10 May 2023 * The Legacy of Commissioner Vestager and a Peek into the Future CecilioMadero Villarejo 2019. May 2023 * Competition and Markets Authority 2021. May 2023 Update on Open Banking * Tech giants may be huge, but nothing matches big data CharlesArthur 2013. May 2023 * Open Banking Regimes Across The Globe GilbertTobin 2018. May 2023 * Open API Framework for the Hong Kong Banking Sector HKMonetary Auth 2018. 20180718e5a2. May 2023 * New Open Banking Regulation in Mexico Access on 10 May 2023 * Privacy Rights and Data Collection in a Digital Economy hearing | Hearings | United States Committee on Banking, Housing, and Urban Affairs 2019. May 2023 senate.gov * Australian Government Passes Consumer Data Right Legislation RobynChatwood &Ben Allen 2019. May 2023 * Inquiry into Future Directions for the Consumer Data Right The Australian Government the Treasury 2020. May 2023 * Review into Open Banking: Giving Customers Choice, Convenience And Confidence The Australian Government the Treasury 2017. 10 May 2023 * The Slow Introduction of Open Banking and APIs in Japan 10 May 2023 * Autonomy and Marketing: History, Present and Future ThomasAnker #:~:text=Broadly% 2C%20consumer%20autonomy%20is%20the%20ab ility%20to%20reflect 2022. May 2023 consumers%2C%20provided% 20they%20respect%20their%20autonomy%20%28A nker%2C%202020%29. (Access on 9 * YangBin Speech at the Second China Internet Finance Forum 2018. May 2023