What is open banking, how does it work, and why does it matter?

If you’ve ever used a budgeting app to track your spending, applied for finance online, or used accounting software to manage your bookkeeping, chances are you’ve used open banking. In this article, we’ll discuss what open banking is, how it works, and how it’s shaping the financial landscape in the UK and Europe. 

The second Payment Services Directive (PSD2)  

In 2016, the EU passed regulation requiring Europe’s banks and other payment service providers to share financial data with authorised third parties through Application Programming Interfaces (APIs) when requested to do so by their customers. This opened the door for what we now know as open banking. 

The legislation, called the second Payment Services Directive (PSD2), made it easier for financial service providers that are independent from banks to offer quick and secure online solutions to their customers using the data held by their banks. It also gave fintechs the green light to develop new products which reimagined how businesses and individuals could manage their money. 

What are APIs, PISPs and AISPs?

You can’t understand open banking without first grasping what an API, a PISP and an AISP are. 

API stands for Application Programming Interface. APIs allow computer programs to quickly and securely share information with one another. With fast access to your financial information, companies can speed up processes that used to take days or weeks, such as approving you for credit. APIs also allow companies to speed up money transfers and make online payments more secure.   

AISP stands for Account Information Service Provider. AISPs are authorised to access users’ financial data through APIs. An example of an AISP is accounting software providers like Xero and FreeAgent, which use APIs to access users’ banking data in order to automate bookkeeping. Another example of an AISP is Credit Kudos, which allows users to share their financial data with lenders when applying for loans.  

PISP stands for Payment Initiation Service Provider. PISPs can initiate payments directly from a user's bank account (with the user’s consent) without the need for credit or debit card details. They do this using the user’s bank's APIs. PISPs can make online payments faster and can protect customers against credit and debit card fraud. Examples of PISPs include Vipps, MobilPay and Swish. AISPs and PISPs are often referred to as Third Party Providers (“TPPs”).

How does open banking work in practice?

Before they offer you their services, financial companies often need information from your bank. Depending on the service they provide, this information can include your transaction data and how much money you have in your account.

In the past, unless the service provider was also a bank, this information was generally obtained through time-consuming manual requests. With open banking, authorised companies can request this information directly from your bank, who are obliged to share it via an API with your consent. 

Over the past five years, tech companies have used open banking to develop innovative solutions for both the personal and business finance markets. These include apps that allow you to pay with your phone, software that automates your accounts, and platforms that help you budget and forecast. 

Is open banking secure?

Open banking is just as secure, if not more secure, than sharing data manually. PSD2 set very strict rules and security standards for communication between payment services providers and TPPs via APIs.  

All TPPs must be registered with and are regulated by the Financial Conduct Authority (FCA) in the UK, or an equivalent body in Europe, and your personal information is protected under data protection laws. 

The API connection points are monitored by the banks themselves, and are therefore put through rigorous testing, both by the banks and by external regulators. Most importantly, your bank will never share your data with a third party without your permission. 

Which banks support open banking?

The short answer is: most of them. 

Europe’s biggest banks and building societies are legally required to support open banking, but many smaller banks and challenger banks choose to. The full list of European banks and building societies which support open banking can be found on the official open banking website.

Airwallex’s open banking solution

The Airwallex open banking solution gives our clients the opportunity to securely share their account information with third-party providers. This is useful for clients who want to connect their Airwallex account with other fintech solutions, such as Xero and Finvertex. Our open banking solution also allows Airwallex to accept requests from TPPs automatically via an API.

The future of open banking

A recent report from trade association UK Finance called for open banking standards to be further developed, and a standardised framework to be established to prevent market fragmentation. 

In layman's terms, they see a future in which all banks use the same standards for approving payments. This consistency would improve competition in the market, by enhancing what PISPs can offer consumers in terms of transparency when making payments.  

What’s next?

For many European businesses, open banking has become an essential part of financial management. 

Whilst many regions and countries are working on open banking infrastructure, Europe is leading the way. According to Nordigen, 40-50% of open banking users worldwide are based in Europe, with the UK, Germany and Sweden being the top three countries when it comes to open banking implementation. 

With cooperation from leading institutions, open banking will make the future of financial management faster, cheaper and more efficient for businesses and individuals alike.