The term open banking refers to enabling third-party software providers and banks to build new, customer-centric financial applications and services with APIs as the enabling technology. But there’s much more to it than that. At its heart, open banking is about giving customers control of their financial data.
Customers allow other third-party organizations to access their data (with their permission) and stimulate innovation in the fintech industry. They exist outside of your banking relationship, although they may be engaged in your online transactions, and there are two types of third-party providers:
- PISP , Payment Initiation Service Provider
- AISP , Account Information Service Provider
You may use a PISP to make online payments without having to enter your credit or debit card information.
An AISP is an internet service provider who has permission to examine specified information from your account. This can include balances and transactions for a set time period.
Now that we understand the role that third-party providers (TPPs) play when it comes to open banking, let’s take a closer look at what open banking is and how it can benefit your business.
What is open banking?
Open banking is a regulated practice that lets bank customers share their financial data (account balances, transaction history, recurring payments) with licensed third-party providers through secure, standardized APIs. Instead of screen-scraping or sharing login credentials, the customer grants consent through a strong authentication flow, the bank exposes the data through a regulated API, and the third party builds a product on top: budgeting apps, accounting integrations, account-to-account payments, lending decisions. Open banking turns the bank account into a programmable building block of the wider financial ecosystem.
In traditional banking, banks have the highest impact on their existing business models.
However, open banking enables more opportunities to work with fintech companies. It allows you to focus on innovation and create new products that benefit everyone in the ecosystem.
Open banking proponents claim it increases the availability of financial services, like making it easier to exchange financial data with your mortgage lender or accountant.
Open banking provides a broad dashboard-style view of your money. It also allows you to do things like link a bank account to a loyalty program. You may also be able to permit a third party to make payments on your behalf from your bank account.
Consumers have come to expect the types of services made possible by open banking; one Federal Reserve survey found that nearly seven out of 10 Americans use mobile payment devices to send or receive payments, and more than 60% want a real-time view of their account balance and immediate posting of payments they initiate.
Meanwhile, 83% of those surveyed are using a fintech payment app or digital wallet at least occasionally to complete transactions.
But despite all of the advantages that open banking can offer consumers, it does come with questions of standardization and regulations which banks may find burdensome.
Are there any regulations tied to open banking?
European open banking regulation
The term Open Banking , with a capital O and B , refers to two different pieces of financial regulation:
- The U.K. Competition and Markets Authority’s (CMA’s) “Open Banking Remedy.”
- European Payment Services Directive 2 (PSD2) and now PSD3, PSR, and FIDA
The first one results from an investigation in retail banking by the CMA. This non-governmental British authority has found different holes within the system and has laid out a set of remedies to improve the industry. These include open banking standards.
The second is a European Directive that aims to regulate payment services and payment service providers within the EU. Its main objective is to increase competition and participation in the payments industry and from non-banks.
PSD2 launched a first wave of API adoption in European banks, but the European Commission is now discussing a next iteration of the legislation, PSD3, to address PSD2’s shortcomings.
Open banking regulations around the world
Other countries such as Brazil, Tunisia, Nigeria, or Japan have adopted or are exploring various levels of regulation around open banking as well. Australia took a more holistic view of the issue and introduced the Consumer Data Right (CDR), which applies to banking and finance but extends beyond to other industries.
Open banking regulation in the U.S. and Canada
In North America, Canada has already begun the process of standardizing , notably in order to eliminate screen-scraping , and the U.S. Consumer Financial Protection Bureau (CFPB) published its final rule in October 2024, enforcing Section 1033 of the Dodd-Frank Act. It requires U.S. financial firms such as banks and credit unions to give consumers access to their personal financial data at no charge.
Latest updates: Section 1033 of the Dodd-Frank Act became law in January 2025, but White House actions against the CFPB have led to uncertainty over the agency’s future. Get the facts here.
What are the benefits of open banking?
Open banking benefits three groups at once. Consumers get a unified view of their financial life across multiple banks, smarter budgeting tools, faster loan decisions, and account-to-account payments that bypass card fees. Banks get new revenue streams from premium APIs, faster product launches with fintech partners, and stronger customer retention through embedded experiences. Fintechs and software vendors get a regulated, standardized way to access bank data, lowering the cost of integrating financial services into payroll, accounting, e-commerce, and other industry apps.
Open banking is enabled by regulation that forces banks to expose customer-permissioned APIs. The UK led with the Competition and Markets Authority order and the Open Banking Standard in 2018. The EU followed with PSD2, requiring strong customer authentication and bank API access for licensed third parties. Brazil rolled out open banking in phases starting 2021. Australia uses the Consumer Data Right. The United States is rolling out Section 1033 of Dodd-Frank, with phased compliance starting in 2026. The common pattern: regulator mandates the API, banks expose it, third parties (regulated and licensed) consume it.
For consumers, the benefits of open banking are quickly apparent: You may have already used third-party financial management tools that open banking would improve on, apart from the banks, regulators, and startups. Consumers will have more options in managing money, borrowing, and making payments. As Gavin Littlejohn, Chairman of FData Global puts it,
“It’s critically important in the modern world for the customer to be empowered with their financial data to enable them to access products and services which work for them. Not necessarily for the incumbent supplier of their financial services.”
As a consumer, you can connect your bank account with a website or an app that tracks your spending behavior and provide a new product recommendation like a savings account, investment options, or credit cards.
For financial institutions, compliance costs should not obscure the very real benefits and opportunities of open banking, such as:
- Better data security
- Enhanced customer experience through integration with financial management apps.
- Opportunities to develop new data-driven financial products and services.
- Increased competition leading to innovation in the banking sector
Open banking APIs are assets for all financial services firms, as they enable them to improve their existing customer engagement, as well as appeal to new prospective customers by meeting their changing demands on accessing their financial information.
Open banking also builds new digital revenue channels focusing on banking APIs. FIs are taking note: Axway’s 2024 State of Enterprise API Maturity report found that financial services enterprises are one of the industries that most use direct API monetization to build their external ecosystem.
Learn how open banking use cases open up actionable intelligence for banks here.
How safe is your data?
Companies involved in open banking should not automatically share consumer data with third parties. Open banking entirely relies on sharing the data, but as a consumer, you retain control and can revoke access to your data at any time.
Here’s an example of how that consent flow works in open banking:
Watch a full demo of Amplify Open Banking here.
In Europe, all the products using open banking are required to register with The Competition and Markets Authority’s (CMA’s) “Open Banking Remedy and Financial Conduct Authority (FCA),” either in the UK or via the EU regulators. Since its introduction, Open Banking saw significant growth in the U.K., with seven million people using open-banking enabled products in 2022.
You can also validate the third-party company you use for your financial management tools. They should also tell you on their website or mobile app if they are authorized, along with their registration number.
As long as they are authorized, providers will only have access to the data needed for the service you have signed up for. Make sure to find out how well the third party can secure your information and how they will use your information before sharing your data with them.
Examples of open banking
U.S.-based Regions Bank is replacing screen scraping with an API‑centric open banking model to give customers greater control over how their data is shared. With the customer’s consent, financial information can be securely accessed by external apps , such as budgeting, financial management, or wealth platforms , on a transaction‑by‑transaction basis. Customers can review, monitor, and revoke data access at any time, while banks maintain visibility and governance over third‑party interactions.
“Instead of the third-party platform saving the banking credentials to use every time a transaction is made, Regions will authorize consent to share account information only after individual transactions are approved by the client. This new process will remove the need for third-party platforms to save their banking credentials on their own systems.”
This approach, built on the Axway Amplify Open Banking solution, improves security, enhances the customer experience, and enables new digital services without exposing sensitive login credentials.
In countries with open banking rules, such as PSD2 in the E.U., meeting regulatory requirements is particularly challenging for small and medium-sized players in the financial services sector. These organizations typically have lean IT teams with limited development resources at their disposal. It’s why groups such as LUXHUB, founded in 2018 by four major Luxembourg banks, created an open banking platform to deliver compliant open banking APIs at speed and scale.
LUXHUB offers more than 35 open APIs and processes over seven million API calls a month on its open banking platform. These types of open banking APIs include:
- Account Information APIs (AIS): APIs that make it possible to securely share customer account data with authorized third parties, with the customer’s explicit consent. This typically includes information such as account balances, transaction history, and account details. AIS APIs are commonly used for services like account aggregation, budgeting apps, and financial analytics, helping customers see and manage their finances in one place.
- Payment Initiation APIs (PIS): these APIs enable authorized third‑party providers to initiate payments directly from a customer’s bank account (again, only with the customer’s approval). Instead of using cards or intermediaries, payments are triggered via APIs, supporting use cases such as account‑to‑account payments, e‑commerce checkout, and bill payments.
Open banking defined
When you break it down, open banking isn’t hard to define. If you’re using it, you’re allowing a third party to help facilitate your financial transactions.
It’s delivering new benefits to customers and new possibilities for the financial services sector because of governmental action, changing consumer behavior, and the innovation and collaboration spurred by financial technology firms. The concept of open banking isn’t too familiar to the general public, although it is gaining some recognition.
But in one recent survey, 84% of Americans agreed with open banking’s central tenet: that they should have control of their financial data, and banks should not prevent the movement of money between other financial services.
Discover 6 ways to accelerate your open banking strategy.
Open banking FAQs
What is open banking explained simply, and what is open banking in simple terms? Open banking explained simply: open banking lets you share your bank data, with your consent, with apps you trust through secure APIs, so those apps can budget for you, lend to you, or move money for you without ever handling your password. What is open banking in simple terms: it is the law and the technology that turn your bank account into a permissioned data source for the rest of the financial software you use.
What is the open banking system, open banking ecosystem, open banking technology, and open banking infrastructure? The open banking system is the regulated set of APIs banks expose, the consent dashboards customers use, and the licensed third parties that consume the data. The open banking ecosystem includes banks, third parties (AISPs and PISPs), regulators, standards bodies (FDX, Open Banking UK, Berlin Group), and identity providers. Open banking technology is the OAuth 2.0 / OIDC, FAPI security profile, JSON data models, and webhooks. Open banking infrastructure is the API gateway, consent service, fraud engine, and developer portal that make it run.
How does open banking work? How does open banking work in practice: a customer asks a third-party app to connect to their bank, the bank presents a strong authentication flow, the customer consents to a specific data scope and time window, the bank issues an OAuth access token, the third-party calls the bank API with the token, the bank returns customer-permissioned data, and every step is logged for audit. What is open banking and how does it work together: it is the regulated combination of consent, API, and audit that lets data flow without sharing credentials.
What are open banking services, open banking market, open banking financial services, open banking as a service, and open banking cloud? Open banking services are the API products banks publish (account information, payment initiation, recurring payments, premium APIs). The open banking market is the set of fintechs, vendors, and ecosystem players that build on those APIs. Open banking financial services means embedded financial products powered by open banking data. Open banking as a service is a managed offering where a vendor runs the compliance, gateway, and consent for a bank. Open banking cloud means the same components hosted in AWS, Azure, or GCP. Open banking data is the customer-permissioned data flowing through this stack.
What are open banking examples and the history of open banking? Open banking examples include Monzo and Starling exposing accounts to budgeting apps via OBIE, Plaid powering U.S. consumer fintech, and TrueLayer enabling pay-by-bank checkout in Europe. History of open banking: the UK CMA order in 2017 and PSD2 in 2018 launched the modern regime; Brazil, Australia, Canada, and the U.S. (Section 1033) have followed.
What is the open banking definition and its relation to PSD2? Open banking definition and relation to PSD2: PSD2 is the EU regulation that mandates banks expose customer-permissioned APIs for account information and payment initiation; open banking is the broader global movement that includes PSD2 plus equivalents in other regions (UK Open Banking Standard, US Section 1033, Brazil Open Finance, Australia CDR, Canada CDR).
Take your open banking initiative from compliance to business acceleration with Axway
Open banking API architecture in practice
Behind every open banking experience is a five-component API architecture that banks have to build, secure, and operate.
- Identity and consent. Strong customer authentication and a consent management layer that lets the customer authorize, view, and revoke third-party access.
- Standardized data APIs. Account information, transaction history, and balance APIs that match the regulator-approved data model.
- Payment initiation APIs. Account-to-account payment APIs with the same strong authentication flow.
- Developer portal. Documentation, sandbox, and onboarding for licensed third-party providers.
- Observability and compliance reporting. Logging, monitoring, fraud detection, and the regulator-required reporting on API uptime and performance.
A federated API management platform (such as Amplify Fusion) is purpose-built for this architecture: it gives banks a single control plane across legacy core systems, modern microservices, and cloud-hosted partner APIs, with the audit trail and compliance reporting regulators demand.
Open banking around the world
Open banking is a global movement with different regulatory shapes. The table below maps the major regimes that matter for cross-border product strategy.
| Region | Regulation | Status as of 2026 |
|---|---|---|
| United Kingdom | CMA order, Open Banking Standard | Live since 2018, expanding to variable recurring payments and premium APIs |
| European Union | PSD2 (PSD3 in progress) | Live, PSD3 expected to expand scope and strengthen API quality requirements |
| United States | CFPB Section 1033 of Dodd-Frank | Phased compliance starting 2026, largest banks first |
| Brazil | Open Finance Brazil | Live, phased rollout complete, now expanding to insurance and investments |
| Australia | Consumer Data Right (CDR) | Live for banking, expanding to energy and telecommunications |
| Canada | Consumer-Driven Banking Framework | Framework legislated 2024, implementation ramping in 2026 |
Axway’s Amplify Open Banking solution addresses the complexities of open banking regulations for financial institutions and effectively integrates their services into digital ecosystems. It ensures compliance with laws like Dodd-Frank 1033, manages consents meticulously, and supports collaborations with fintech, reducing overheads and accelerating innovation.
- Ensure unified compliance with regulations
- Secure data access with granular consents
- Unlock new revenue streams through reliable API productization
Axway enables financial institutions to enhance customer satisfaction, trust, and operational efficiency with advanced analytics and streamlined open banking strategies.
Join us for a webinar on North American open banking regulations: Check the box or competitive advantage?