The term open banking refers to enabling third-party software providers and banks to build new, customer-centric financial applications and services with APIs as the enabling technology. But there’s much more to it than that. At its heart, open banking is about giving customers control of their financial data.
Customers allow other third-party organizations to access their data (with their permission) and stimulate innovation in the fintech industry. They exist outside of your banking relationship, although they may be engaged in your online transactions, and there are two types of third-party providers:
- PISP – Payment Initiation Service Provider
- AISP – Account Information Service Provider
You may use a PISP to make online payments without having to enter your credit or debit card information.
An AISP is an internet service provider who has permission to examine specified information from your account. This can include balances and transactions for a set time period.
Now that we understand the role that third-party providers (TPPs) play when it comes to open banking, let’s take a closer look at what open banking is and how it can benefit your business.
What is open banking?
In traditional banking, banks have the highest impact on their existing business models.
However, open banking enables more opportunities to work with fintech companies. It allows you to focus on innovation and create new products that benefit everyone in the ecosystem.
Open banking proponents claim it increases the availability of financial services, like making it easier to exchange financial data with your mortgage lender or accountant.
Open banking provides a broad dashboard-style view of your money. It also allows you to do things like link a bank account to a loyalty program. You may also be able to permit a third party to make payments on your behalf from your bank account.
Consumers have come to expect the types of services made possible by open banking; one Federal Reserve survey found that nearly seven out of 10 Americans use mobile payment devices to send or receive payments, and more than 60% want a real-time view of their account balance and immediate posting of payments they initiate.
Meanwhile, 83% of those surveyed are using a fintech payment app or digital wallet at least occasionally to complete transactions.
But despite all of the advantages that open banking can offer consumers, it does come with questions of standardization and regulations which banks may find burdensome.
Are there any regulations tied to open banking?
European open banking regulation
The term Open Banking — with a capital O and B — refers to two different pieces of financial regulation:
- The U.K. Competition and Markets Authority’s (CMA’s) “Open Banking Remedy.”
- European Payment Services Directive 2 (PSD2) and now PSD3, PSR, and FIDA
The first one results from an investigation in retail banking by the CMA. This non-governmental British authority has found different holes within the system and has laid out a set of remedies to improve the industry. These include open banking standards.
The second is a European Directive that aims to regulate payment services and payment service providers within the EU. Its main objective is to increase competition and participation in the payments industry and from non-banks.
PSD2 launched a first wave of API adoption in European banks, but the European Commission is now discussing a next iteration of the legislation, PSD3, to address PSD2’s shortcomings.
Open banking regulations around the world
Other countries such as Brazil, Tunisia, Nigeria, or Japan have adopted or are exploring various levels of regulation around open banking as well. Australia took a more holistic view of the issue and introduced the Consumer Data Right (CDR), which applies to banking and finance but extends beyond to other industries.
Open banking regulation in the U.S. and Canada
In North America, Canada has already begun the process of standardizing — notably in order to eliminate screen-scraping — and the U.S. Consumer Financial Protection Bureau (CFPB) published its final rule in October 2024, enforcing Section 1033 of the Dodd-Frank Act. It requires U.S. financial firms such as banks and credit unions to give consumers access to their personal financial data at no charge.
Latest updates: Section 1033 of the Dodd-Frank Act became law in January 2025, but White House actions against the CFPB have led to uncertainty over the agency’s future. Get the facts here.
What are the benefits of open banking?
For consumers, the benefits of open banking are quickly apparent: You may have already used third-party financial management tools that open banking would improve on, apart from the banks, regulators, and startups. Consumers will have more options in managing money, borrowing, and making payments. As Gavin Littlejohn, Chairman of FData Global puts it,
“It’s critically important in the modern world for the customer to be empowered with their financial data to enable them to access products and services which work for them. Not necessarily for the incumbent supplier of their financial services.”
As a consumer, you can connect your bank account with a website or an app that tracks your spending behavior and provide a new product recommendation like a savings account, investment options, or credit cards.
For financial institutions, compliance costs should not obscure the very real benefits and opportunities of open banking, such as:
- Better data security
- Enhanced customer experience through integration with financial management apps.
- Opportunities to develop new data-driven financial products and services.
- Increased competition leading to innovation in the banking sector
Open banking APIs are assets for all financial services firms, as they enable them to improve their existing customer engagement, as well as appeal to new prospective customers by meeting their changing demands on accessing their financial information.
Open banking also builds new digital revenue channels focusing on banking APIs. FIs are taking note: Axway’s 2024 State of Enterprise API Maturity report found that financial services enterprises are one of the industries that most leverage direct API monetization to build their external ecosystem.
Learn how open banking use cases open up actionable intelligence for banks here.
How safe is your data?
Companies involved in open banking should not automatically share consumer data with third parties. Open banking entirely relies on sharing the data, but as a consumer, you retain control and can revoke access to your data at any time.
Here’s an example of how that consent flow works in open banking:
Watch a full demo of Amplify Open Banking here.
In Europe, all the products using open banking are required to register with The Competition and Markets Authority’s (CMA’s) “Open Banking Remedy and Financial Conduct Authority (FCA),” either in the UK or via the EU regulators. Since its introduction, Open Banking saw significant growth in the U.K., with seven million people using open-banking enabled products in 2022.
You can also validate the third-party company you use for your financial management tools. They should also tell you on their website or mobile app if they are authorized, along with their registration number.
As long as they are authorized, providers will only have access to the data needed for the service you have signed up for. Make sure to find out how well the third party can secure your information and how they will use your information before sharing your data with them.
Examples of open banking
U.S.-based Regions Bank is replacing screen scraping with an API‑centric open banking model to give customers greater control over how their data is shared. With the customer’s consent, financial information can be securely accessed by external apps — such as budgeting, financial management, or wealth platforms — on a transaction‑by‑transaction basis. Customers can review, monitor, and revoke data access at any time, while banks maintain visibility and governance over third‑party interactions.
“Instead of the third-party platform saving the banking credentials to use every time a transaction is made, Regions will authorize consent to share account information only after individual transactions are approved by the client. This new process will remove the need for third-party platforms to save their banking credentials on their own systems.”
This approach, built on the Axway Amplify Open Banking solution, improves security, enhances the customer experience, and enables new digital services without exposing sensitive login credentials.
In countries with open banking rules, such as PSD2 in the E.U., meeting regulatory requirements is particularly challenging for small and medium-sized players in the financial services sector. These organizations typically have lean IT teams with limited development resources at their disposal. It’s why groups such as LUXHUB, founded in 2018 by four major Luxembourg banks, created an open banking platform to deliver compliant open banking APIs at speed and scale.
LUXHUB offers more than 35 open APIs and processes over seven million API calls a month on its open banking platform. These types of open banking APIs include:
- Account Information APIs (AIS): APIs that make it possible to securely share customer account data with authorized third parties, with the customer’s explicit consent. This typically includes information such as account balances, transaction history, and account details. AIS APIs are commonly used for services like account aggregation, budgeting apps, and financial analytics, helping customers see and manage their finances in one place.
- Payment Initiation APIs (PIS): these APIs enable authorized third‑party providers to initiate payments directly from a customer’s bank account (again, only with the customer’s approval). Instead of using cards or intermediaries, payments are triggered via APIs, supporting use cases such as account‑to‑account payments, e‑commerce checkout, and bill payments.
Open banking defined
When you break it down, open banking isn’t hard to define. If you’re using it, you’re allowing a third party to help facilitate your financial transactions.
It’s delivering new benefits to customers and new possibilities for the financial services sector because of governmental action, changing consumer behavior, and the innovation and collaboration spurred by financial technology firms. The concept of open banking isn’t too familiar to the general public, although it is gaining some recognition.
But in one recent survey, 84% of Americans agreed with open banking’s central tenet: that they should have control of their financial data, and banks should not prevent the movement of money between other financial services.
Discover 6 ways to accelerate your open banking strategy.
Take your open banking initiative from compliance to business acceleration with Axway
Axway’s Amplify Open Banking solution addresses the complexities of open banking regulations for financial institutions and effectively integrates their services into digital ecosystems. It ensures compliance with laws like Dodd-Frank 1033, manages consents meticulously, and supports collaborations with fintech, reducing overheads and accelerating innovation.
- Ensure seamless compliance with regulations
- Secure data access with granular consents
- Unlock new revenue streams through robust API productization
Axway enables financial institutions to enhance customer satisfaction, trust, and operational efficiency with advanced analytics and streamlined open banking strategies.
Join us for a webinar on North American open banking regulations: Check the box or competitive advantage?