Open banking guide:
Key element to
Consider before
Choosing a provider
Table of contents
- What Is Open Banking?
- What Are the Benefits of Open Banking?
- What Are Open Banking APIs?
- What are AIS and PIS?
- The Open Banking Ecosystem
- What Is PSD3 and Its Main Impacts for B2B and Open Banking?
- Current Status of Open Banking in the EU
- Is Open Banking Safe?
- How Can Software Companies Enter the Open Banking Segment?
- What Is the Difference Between Open Banking and Open Finance?
- Share
What Is Open Banking?
Open banking is the regulated practice of sharing financial data between different financial institutions, third-party service providers, and customers. This provides transparency around an individual’s or entity’s financial situation, and enables seamless financial interactions. Open banking releases the control banks previously had over their customers’ financial information. In doing so, it allows consumers and businesses alike to benefit from a much broader range of services.
Open banking is facilitated via (application programming interfaces), which enable secure sharing of financial data between all the different parties. This opens up a myriad of opportunities for TPPs (third-party providers) to develop and offer innovative new products, without compromising customer data security.
What Are the Benefits of Open Banking?
Open banking benefits both consumers and businesses by joining up their financial landscapes. This facilitates easier financial management and A2A (account-to-account) transactions. With customers no longer restricted to their own banks’ digital services, they can utilize the full range of financial applications available.
These bring benefits such as
- faster, cheaper transactions with less room for error
- easier opening of new accounts
- greater efficiency
together with a host of other conveniences made possible through having a comprehensive view across all banking-related matters.
At the same time, open banking adds the reassurance of enhanced security and control. This is because open banking is built on robust security protocols and encryption standards that ensure consumers have control over the data they share. These protocols and standards are also more secure than sharing based on login credentials.
Market for fintech innovation
For software companies that want to get in on the action, open banking presents an extensive international market for innovative new applications. By embedding open banking APIs in their own solutions, accounting software editors can enable a variety of services, such as automatic accounting or streamlined invoice reconciliation. With authorized access to financial data from banks and other financial institutions, accounting software editors can develop new products that provide end users with valuable insights, personalized experiences, and improved financial management capabilities. And thanks to around open banking APIs that protect users’ financial data, developers can capitalize on a high level of trust.
What are open banking APIs?
Open banking APIs (application programming interfaces) are sets of rules and protocols that allow authorized third-party software developers to securely access and interact with financial data and services provided by banks and other financial institutions. These open banking APIs, which are developed by banks, allow third parties access to account information and payment initiation.
By enabling the exchange of information and functionality between different systems, open banking APIs open the door to collaborative development of new applications and services within the open banking ecosystem. Effectively giving a green light for accounting software editors and others to innovate distinctive new products.
Different API formats within the EU
Open banking APIs must adhere to an industry standard protocol. However, there is no single mandatory or data format throughout Europe for how APIs are executed. So, while software developers can leverage open banking APIs to realize a wealth of opportunities, they ideally also need to team up with a pan-European open banking aggregator to harmonize the differences between the various banks’ APIs. This frees software companies from the costly and time-consuming process of developing multiple bespoke open banking APIs themselves, as well as the need to attain a PSD2 license.
What are AIS and PIS?
AIS (Account Information Service) and PIS (Payment Initiation Service) are open banking functionalities defined within PSD2 (the Second Payment Services Directive). Performed by APIs, these are the gateways to obtaining financial information and initiating payments, and also the basis on which additional services can be developed.
Those who interact directly with AIS and PIS to provide services are respectively known as AISPs (Account Information Service Providers) and PISPs (Payment Initiation Service Providers).
AISPs aggregate and provide access to customers’ financial information, including account details, transaction history, balances and more, from all their different accounts. This data may then be used as input for all kinds of applications, services or tools to do with
- automated accounting
- invoice management
- payment reconciliation
- personal finance management
- budgeting
- financial analytics
- account aggregation
PISPs initiate payment transactions directly from users’ bank accounts, without the need for a credit or debit card. This results in much faster and more convenient transactions, and can be added to with applications or services for
-
- invoicing
- obtaining secure online payments
- direct transfers and other payment options
Both AIS and PIS therefore present an abundance of opportunities for accounting software editors to develop and offer innovative complementary products. However, AISPs and PISPs are subject to regulatory oversight and must be licensed in accordance with PSD2’s strict security and data protection requirements. The easy way to overcome this challenge, alongside that of the lack of common standards between different banks’ APIs, is to team up with an authorized pan-European AISP and PISP, such as Ponto. This way, accounting software editors can focus on what they do best, while relying on a suitably licensed partner to take care of regulatory compliance and harmonization of different standards.
The Open Banking Ecosystem
In the area immediately surrounding customers or PSUs (Payment Service Users), software companies facilitate the wide array of financial services that make open banking so exciting for B2B. They directly provide business users with accounting, invoicing, cash management and other services, together with the interfaces for using them.
Meanwhile, the APIs which connect these services with the banks are typically developed and maintained by other TPPs (third-party providers) who must hold a PSD2 license.
The transactional part of the open banking ecosystem is occupied by AISPs (Account Information Service Providers) and PISPs (Payment Initiation Service Providers). The APIs through which information flows back and forth are developed and maintained by the various individual banks.
What Is PSD3 and Its Main Impacts for B2B and Open Banking?
Open banking in the EU is currently governed under PSD2. PSD3 is a proposed evolution of PSD2 put forward by the EC (European Commission), as part of a package of payment-related proposals, on 28 June 2023.
This revision of the Directive will
- allow PSPs to share fraud-related data between them
- allow e-money providers/wallets and payment institutions to directly access the clearing and settlement payment system
- recognize the role of API aggregators
- recognize the advent of premium APIs and the need for all parties to have a sustainable business model. While explicitly stating that existing PSD2 APIs must remain free, it allows for contracts to include charged models.
A new Payment Services Regulation
The PSD3 proposal is complemented by a new PSR (Payment Services Regulation). This PSR will apply throughout the EU, and therefore eliminate the need to transpose certain rules into national law. Because this is the point at which country-to-country discrepancies tend to arise, introduction of the PSR will have the effect of harmonizing many rules which currently differ across Europe.
The PSR will place several new obligations on PSPs, including the requirement to perform IBAN Name validation for all regular credit transfers and to provide PSUs with a dashboard where they can see who has access to their bank account via their banking apps.
IBAN Name validation for Instant Payments will become part of the Instant Payment RegulationThe PSR also lifts the limitation of 4 unattended AIS calls per day. At the same time, the obligation to provide an API for Confirmation of Available Funds has been removed completely due to very little use.
Removal of obstacles
Together, the PSD3 and PSR explicitly address obstacles to the open banking experience. Examples include
- ASPSPs (Account Servicing Payment Service Providers) will be obliged to availability and performance statistics
- ASPSPS will be obliged to announce changes to their APIs at least 3 months in advance
- A requirement for data parity between online interfaces and APIs
- Banks will no longer be allowed to make consumers manually input their bank account number, require additional checks and registrations, or limit payments to within the domestic market.
- (Strong Customer Authentication) more than once when authorizing a payment, or to add additional steps in general
- Unattended access to AIS will no longer restricted to four times a day
Through these proposals, the EC aims to “increase consumer safety and competition in electronic payments, as well as enable customers to securely share their data in order to access a broader choice of financial goods and services”.
Learn more: From PSD2 to PSD3: Expert Interview on Three Key Benefits for Entrepreneurs
Current Status of Open Banking in the EU
According to Konsentus, the European open banking market is showing signs of maturity and consolidation. Findings for Q2 2023 from their Third Party Provider Open Banking Tracker include a decrease in the number of TPPs since Q1. This appears to be driven by smaller entities exiting the business or shifting their strategic focus.
Go to Q2 2023 Third Party Provider Open Banking Tracker | Konsentus to get the full picture.
Is Open Banking Safe?
With its strong emphasis on security and data protection, implemented through strict regulatory guidelines, open banking is considered very safe for all parties involved.
Stringent security requirements placed on financial institutions and TPPs (third-party providers) mandate the use of SCA (Strong Customer Authentication, secure APIs and protocols, and robust data protection measures. And by putting users in control of permissions for accessing their data and initiating transactions, open banking also creates an environment that users and businesses can trust.
Open banking licensing
Financial institutions that hold user data, as well as TPPs that facilitate its sharing for open banking purposes, must maintain relevant licenses. This involves frequent audits, assessments, and security reviews to ensure compliance with regulatory requirements and industry best practices.
Across the EU, open banking standards are defined by PSD2 (the revised Payment Services Directive), which is complemented by compliance with GDPR (the General Data Protection Regulation).
Software developers, such as accounting software editors, can create secure products that capitalize on this safe ecosystem without having to attain their own licenses, by partnering with an authorized open banking provider.
How Can Software Companies Enter the Open Banking Segment?
To develop viable open banking products, software companies need to start by gaining a clear understanding of open banking principles and become familiarized with region-specific regulations. In Europe, open banking allows retrieval of account and transaction information, as well as payment initiation, regulated under PSD2.
The next step is to identify relevant opportunities and use cases, and explore how open banking APIs can be leveraged to innovate solutions that enhance customer experiences, enable financial management, or streamline financial institutions’ processes.
Relationships with financial institutions, such as banks, credit unions and fintech companies, then need to be established to gain the necessary insights and support for onboarding into their APIs.
With these foundations in place, software development and editing can get underway. Products must be capable of securely handling sensitive customer data and follow relevant security and privacy guidelines.
Ongoing attention to detail
Open banking is continually evolving. Staying up-to-date with, and adapting to, developments and changes in regulations, industry standards, security practices and individual banks’ APIs is essential.
The same goes for providing comprehensive support to all who utilize your open banking solutions. Clear communication channels must be maintained, and issues or queries promptly addressed at all times.
Managing complexity
Open banking offers software companies, and in particular accounting software editors, a wealth of opportunity. However, the robust security which underpins its success necessitates a huge amount of additional work. At the same time, the fact that there are so many different bank APIs and accounting automation formats in operation, even within the European Union, presents an enormous challenge.
For software companies that prefer to focus on their core competence, the solution is to partner with a PSD2-licensed open banking aggregator, such as Ponto, that takes care of regulatory compliance, harmonization of different APIs, and integration of different accounting automation formats. As a pan-European B2B open banking supplier with extensive accounting industry experience, Ponto smooths the path through this complex landscape and paves the way for software developer success.
What Is the Difference Between Open Banking and Open Finance?
Open banking is essentially a subset of open finance. While open banking covers the sharing of customer banking data with authorized TPPs to facilitate a wider choice of services and smoother transactions, open finance is the broader concept of sharing and integrating a wide variety of financial data from multiple sources.
Open finance encompasses data from areas such as investments, insurance, lending, payments, and other financial products and services. Through enabling the sharing of financial information across different sectors and service providers, it gives customers a holistic view of their financial lives. In the quest to achieve this, open finance promotes interoperability and integration among various financial institutions and services to enhance consumer control, convenience, and personalized experiences.
By comparison, open banking aims to foster competition, innovation, and consumer choice specifically within the banking sector. This is achieved by enabling authorized third parties to develop innovative services and applications using the data provided.
A broad spectrum of opportunities for software developers
Open banking and open finance share the same ideals of promoting increased data access, collaboration, and innovation within the financial industry. This means open finance is another hugely attractive area for accounting software developers to get involved with, as automation of accounting activities will require integrations with an increasing number of data sources such as
- payment service provider (PSP) information
- credit card statements
- payroll slips
- expenses
- sales and purchase invoices
- information about savings and investment accounts