Regulations and Standards

Regulations and specifications are enforced by the authorities to standardise the open banking requirements and evaluate the open banking compliance in their region/country.

Open banking regulations

Open banking regulations provide a policy and legislative framework to help banks and API consumers deliver the benefits of open banking.

  • The first known open banking regulation is the Payment Service Directive in Europe. Administered by the European Commission (Directorate General Internal Market) regulates payment services and payment service providers throughout the European Union and European Economic Area (EEA). PSD1 came into force in 2007 followed by the PSD2 in 2015.

  • The Competition and Market Authority formed the Open Banking Implementation Entity in the UK. The Open Banking Implementation Entity adopted the PSD2 and issued its first version of the open banking standard in 2017. It specified how banks should allow an API consumer to access customer’s information and request payments with the customer’s consent.

  • The Berlin Group consists of almost 40 banks, associations and Payment Service Providers across the European Union. They have defined a common API standard called NextGenPSD2 for the use cases specified in PSD2. Based on the PSD2 and European Banking Authority - Regulatory Technical Standards (RTS) requirements, the Berlin Group has worked on detailed Access to Account (XS2A) Framework including implementation details for open banking named as NextGenPSD2XS2A.

  • Consumer Data Right in Australia is a right provided by law under the Treasury Laws Amendment (Consumer Data Right) Act in 2019 to give Australians greater control over their data. It empowers consumers to choose to share their data with API consumers only for the purposes that they have authorized.

  • Fintech law in Mexico promotes data sharing as well as transparency among banks and subholding companies (example: broker-dealers, money exchangers, credit unions, popular, and community financial entities). The Fintech law defines guidelines for the regulated entities on the types of information and how to share them. Comisión Nacional Bancaria y de Valores, The Embassy of the United Kingdom, the FinTech Hub, C Minds, ODI and the Government of the Republic are involved in the regulation.

  • The Hong Kong Monetary Authority (HKMA) published the Open API Framework in 2018 to provide a secure, controlled, and convenient operating environment to financial institutions and third parties. It expects the banks and third parties to work together and build innovative banking services offering a better customer experience. The framework has a phased approach.

  • The Monetary Authority of Singapore (MAS) provided a legal framework for open banking in 2018. MAS introduced APIX for the banks to open up their data and services encouraging openness among both the financial institutions and the API consumers.

  • Following the footsteps of the UK and Australia, New Zealand issued a government backed pilot plan in 2018 to design and develop open banking into their infrastructure. In 2019, as a result of the pilot plan, a new API service was developed to enable payment initiation and account information.

Likewise, Nigeria, India, Turkey, Brazil, Canada, the United States, Israel, Japan, South Korea, and Columbia have already started drafting open banking regulations for their countries.

Open banking standards

Alongside regulations introduced in different regions, there are specifications to describe the implementation guidelines for the open banking requirements. Following are a list of open banking specifications that have already emerged:

  • The Open Banking Standard issued by the Open Banking Implementation Entity in the UK
  • The Berlin Group NextGenPSD2 XS2A implementation framework in the Europe
  • The Consumer Data Standards in Australia
  • Open Data ATM API specification in Mexico
  • API Playbook in Singapore
  • Open API Standards in Nigeria
  • Unified Payments Interface in India
  • The Joint Resolution in Brazil
  • The Open Banking Framework in Bahrain
  • The Open Banking Standard in Georgia
  • The Open Banking Policy in Saudi Arabia