The year was 2013 and the ability to automatically draw banking transactions from your bank into your accounting platform was new age. The ague of putting transactions in by hand or waiting until a .pdf statement was available at the end of the month was over. Canadian companies could have financial data input into their accounting system every day (or at least whenever they refreshed the bank feed). This was the future.
Jump forward to 2021 and these connections are broken, hung up, or require validation at every refresh if the connection is available at all.
Now, it’s not that the Canadian banks were pushing the data into Xero as they were in many parts of the world like UK, Australia and New Zealand – something I’ll call data push. A third party, Yodlee was logging into your bank on your behalf and screen scrapping data and turning it into Xero transaction data, or data pull.
There are some challenges to this. From a security perspective I gave Yodlee full access to my banking information and 3 personal verification questions. If this information falls into the wrong hands this is equivalent to God access. They or hackers can do everything in my bank account that I can do. But I was willing to compromise my security for ease of import and timelines of financial information.
The other challenge is that Yodlee has set protocol – it logs in on this screen for RBC, it gets a statement that looks like this, it pulls data from the last point in Xero to today. Anytime the banks change their front end layout that protocol changes. So it takes Yodlee a few days to catch up with the new layout and to find where the information has been moved to. Back in 2013 bank layouts didn’t change very often. It was treated like a brick and mortar store front and refreshed as often. That’s not as true now.
The data push scenario used in other countries is an agreement with your bank where they push data into accounting systems such as Xero. If Hackers got involved, they’d be able to see your transactional information but nothing more. There’s no God power, they don’t log in on your behalf, and they wouldn’t be able to turn your RRSP into Amazon gift cards.
Through 2021 and 2022 bank have been tightening their security. For some reason they didn’t like me giving out my banking password and security questions. Strange. Two factor authentication is becoming an option or a requirement with some banks like Vancity.
In the fall of 2021 Yodlee was updated to deal with some of these challenges. What that meant is that any connection in Yodlee 1.0 stopped working and everything needed to be setup in Yodlee 2.0. Some people noticed, some didn’t but the consistency and ease of data feeds has suffered. We had much larger gaps where data wasn’t imported for months at a time for some of our clients.
Even with 2.0, the days of set it and forget it are gone for now. The refresh of bank feeds often requires additional confirmation or a manual involvement that Yodlee 1.0 never did.
Xero has been pushing Canadian bank to offer data push to their clients for years but thus far there’s been little headway. It’s in the banks best interests to provide data to clients in a usable way, or so I hope. CIBC offers a service at $15/month but I haven’t tested it.
In the meantime, we’re trying to explain to our customers why the software we recommended for years isn’t working as we’d promised or as it used to. Xero has also hinted at another bank Canadian bank connection but that was a few months ago.
We’re left with the decision of if we should have our clients clean up their bank feeds, if we should clean up the bank feeds and bill for our time, or if we clean up the data gaps for free because we think time will get better.
Who knew I’d long for the days of lax bank security.
