| Status: | Operational bLink Platform with initial set of banks, scope being widened by additional use cases, and more banks joining |
| Framework: | bLink |
| Driver: | Swiss Fintech Innovation (SFTI) for standardization, SIX Group for operationalization on central bLink platform |
| Type: | Market-driven, with centrally operated platform, but no formal or compulsory Open Banking regime |
| Banks: | Banks implementing OpenBanking |
| API Specs: | bLink API Specs, compliance required for participating in the bLink Platform |
| Use cases: |
- AIS: Account Information Services
- PSS: Payment Submission Services (upload of payment information without immediate execution as provided by PIS)
- Supplementary APIs for Consent Management
- Ongoing work on additional use cases
|
| Scope: |
- Focus on cash accounts and payments
- Focus exclusively on commercial bank customers (SMEs), retail bank customers are not in scope
|
| Timeline: |
- 2020-05: Live with AIS and PSS use cases, including implementations by two major banks
- 2021-08: Ongoing work on additional use cases (Open Finance, Wealth Management), and more banks bringing their APIs live
- 2021-2022: Update to new consent model
|
| Documents: |
|
| Status: | Operational |
| Framework: | "Law on Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions", and "Regulation on Information Systems of Banks and Electronic Banking Services" |
| Driver: | Banking Regulation and Supervision Agency (BRSA) |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| Use cases: |
- AIS: Account Information Services
- PIS: Payment Initiation Services
- CAF: Confirmation of Availability of Funds
- Supplementary APIs for Consent Management
|
| Timeline: |
- 2020-01: Payment Law covering PSD2 use case in effect
- 2020-03: Banking Regulation update published concerning generic OpenBanking
|
| Information: |
There are two laws for openbanking in Turkey (1) one under the Payment Law for the conventional 'open banking' through AIS and PIS third party providers (Law No. 6493 on "Payment and Securities Settlement Systems, Payment Services and Electronic Money Institutions"), and (2) and another more generic one under Banking Regulation ("Regulation on Information Systems of Banks and Electronic Banking Services") that regulates the relationship between the open banking providers.
|
| Status: | Started as market-driven approach, e.g. around FDX, shifting to a regulatory approach |
| Framework: | Personal Financial Data Rights Rule |
| Driver: | Consumer Financial Protection Bureau (CFPB), Dodd Frank Act 1033 |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| API Specs: |
|
| Timeline: |
- 2010-07: Dodd-Frank Act in effect. Relevant is section 1033, which covers data portability, the rights of clients switch banks and move their data with them.
- 2018-Q4: Financial Data Exchange (FDX), a non-profit consortium standardizing APIs for banking and finance, started growing its member base of banks and fintechs.
- 2020-10: Consumer Financial Protection Bureau (CFPB) submitted a proposal for rule-making related to section 1033 of the Dodd-Frank Act, to create government support for Open Banking.
- 2021-07: Consumer Financial Protection Bureau (CFPB) encouraged to act on OpenBanking by Biden’s "Executive Order on Promoting Competition in the American Economy"
- 2023-06: Laying the foundation for open banking in the United States
By Rohit Chopra of the Consumer Financial Protection Bureau (CFPB)
- 2023-10: CFPB Proposes Rule to Jumpstart Competition and Accelerate Shift to Open Banking
- 2023-12: Deadline for feedback on CFPB proposal for Open Banking in US
- 2024-10: Personal Financial Data Rights Rule (full text) is published by the CFPB. See press release as a summary, as full text has ca. 590 pages.
- 2024-10: CFPB as Open Banking Standard Setter for Financial Data Exchange (FDX - USA) and Digital Governance Standards Institute (Canada)
- 2026-04: Implementation Deadline 1, for largest institutions
- for depository institutions with total assets > $250bn
- for non-depository institution with total receipts > $10bn in either calendar year 2023 or 2024
- 2027-04: Implementation Deadline 2
- for depository institutions with total assets in range $10bn – $250bn
- for non-depository institution with total receipts < $10bn in either calendar year 2023 or 2024
- 2028-04: Implementation Deadline 3
- for depository institutions with total assets in range $3bn – $10bn
- 2029-04: Implementation Deadline 4
- for depository institutions with total assets in range $1.5bn – $3bn
- 2030-04: Implementation Deadline 5, for smallest institutions
- for depository institutions with total assets in range $850m – $1.5bn
- Exempt from compliance: for depository institutions with total assets < $850m
|
| Information: |
- The Financial Data Exchange (FDX) is a non-profit organization dedicated to promoting and enhancing a common interoperable standard and operating framework for sharing consumer financial data. FDX builds on the Durable Data Definition (DDD). FDX is open to all financial institutions and FinTechs, with 186 members as of April 2021. FDX grows rapidly: 8 million consumer records by Spring 2020, 12 million consumer records by Fall 2020, 16 million consumer records by Spring 2021.
- 2023-07-21: Recent Webinar on Open Banking in the US
|
| Status: | In development |
| Framework: | Fintech Law |
| Driver: | National Banking and Securities Commission, Central Bank/a> |
| Type: | Regulation under development, currently only covering open data |
| Banks: | Banks implementing OpenBanking |
| Timeline: |
- 2018-03: Fintech Law published
- 2018-03: Covering OpenData use cases (e.g. branches, ATM locations)
- 2020-06: Next Steps published by National Banking and Securities Commission
- 2021: Covering Aggregated data and transactional data
|
| Documents: |
|
| Information: |
In 2018, Mexico released the Fintech Law, which addresses a broad framework for the sector, but the first set of secondary laws meant to establish the next steps for open banking implementation in the country were released by the central bank in March 2018 and by the National Banking and Securities Commission in June 2020.
The law requires all the different actors in the financial ecosystem to offer application programming interfaces (APIs) in order to share information with each other. Financial institutions are obliged to share open financial data, aggregated data and transactional data, provided that the user agrees to give access to them. This affects a total of around 2,200 institutions, from banks to various financial companies.
Since the Fintech Law passed in 2018, deployment of open banking has been somewhat slow. Today, open banking in Mexico has only been focusing on non-confidential financial data, such as information on banks’ products and services, and ATM locations.
Aggregated data by the institutions, including statistical information about both personal and institutional operations, and transactional data of the clients will be addressed in 2021.
|
| Status: | Regulation in implementation, Targeted Go-Live ca 2022 |
| Framework: | Open Banking Brasil |
| Driver: | Banco Central do Brasil (BCB or Bacen) |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| Timeline (as of 2021-06-24): |
- Timeline initially only applicable for banks classified as tier S1 and S2
- 2020-05: New regulation
- 2021-02: Start of phase 1 - Share information about available products and services and provide access to data about channels, products and services related to checking and savings accounts, and payments and credit.
- 2021-07: Start of phase 2 - Share customer personal information and transactional data (accounts and credit).
- 2021-08: Start of phase 3 - Initiate payments via PIX
- 2021-12: Start of phase 4 - Provide information about currency exchange, investments, insurance and retirement funds.
- 2022-02: Initiate payments between accounts of same bank and via TED
- 2022-03: Sharing credit transaction proposals
- 2022-05: Sharing customer data on foreign exchange transactions, investments, pension, insurance
- 2022-06: Initiate payments via bill of exchange
- 2022-09: Sharing debit account services
|
| Documents: |
|
| Status: | In early stage operational |
| Framework: | Framework for Open Banking in Nigeria |
| Driver: | Central Bank of Nigeria (CBN) |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| Use cases covered: |
- Product Information and Service Touchpoints (“PIST”) covers open data, e.g. ATM locations, website addresses, charges, and rates, etc.
- Market Insight Transactions (“MIT”) provides statistical information on products, services, and segments. MIT data is not associated with an individual customer and is shared on an aggregate basis.
- Personal Information and Financial Transaction (“PIFT”) covers individual customer data providing general information on the customer including personal data such as the total number of accounts and transaction data.
- Profile, Analytics, and Scoring Transaction (“PAST”) covers personalized scoring customer data such as income ratings and credit score.
|
| Scope of financial services covered: |
- Payments and remittance services
- Collection and Disbursement services
- Deposit-taking
- Credit
- Personal finance advisory and management
- Treasury Management
- Credit ratings/scoring
- Mortgage
- Leasing/Hire purchase
- Other services as may be determined by the Bank
|
| Timeline: |
- 2018-03: Work on Open Banking in Nigeria started
- 2021-02: Regulatory Framework for Open Banking in Nigeria published by Central Bank of Nigeria (CBN)
|
| Documents: |
|
| Information: |
While the regulation defines the scope of OpenBanking in an abstract way, the Open Banking Group aims to provide compliant standardization, such as API specs and security profiles for the operationalization of the framework for Open Banking in Nigeria.
|
| Status: | Operational, market-driven, government-enabled approach, building on the so-called India Stack |
| Driver: | Both the market and government take active roles in the ecosystem's development |
| Type: | Market-driven, government-enabled |
| Banks: | Banks implementing OpenBanking |
| Timeline: |
- 2010: Launched Aadhaar Digital Identification System
- 2016: Launched Unified Payment Interface (UPI), allowing an individual to access his bank accounts from registered apps (such as Google Pay)
|
| Information: |
India Stack (consisting among others of Digital ID and unified payment system) is often praised as the basis fir the Indian Open Banking System.
|
| Status: | Operational since 2019, but only coveing Open Data |
| Framework: | Policy on publishing Open Data using Open API |
| Driver: | Bank Negara Malaysia (BNM) |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| API Specs: | Open API files by Bank Negara Malaysia (BNM), usage encouraged, but not enforced |
| Use cases: |
These are Open Data use cases, focusing on product data:
- Product Details: This describes the details of the card, including the name, type and whether it is a shariah-compliant product.
- Requirements: The requirements on applicants applying for the product such as applicant’s nationality, minimum annual income, residency and employment status.
- Product Offering: The product offering covers the benefits and features of the product. For example, the product’s benefits may include cashback, shopping and dining privileges. The product may also have certain features such as contactless payment.
- Fees and Charges: The fees and charges involved in maintaining the card, including the annual interest rate, withdrawal fee and replacement fee.
- Required Documents: This describes the documents to be submitted when applying for the card
|
| Timeline: |
- 2018-03: Establish an Open API Implementation Group
- 2018-12: Release of API Specs focusing on Open Data use cases
- 2019-01: Policy on publishing Open Data using Open API in effect
|
| Documents: |
|
| Information: |
Banks are encouraged (not required) to use the API Spec published by the Bank Negara Malaysia
Only Open Data use cases are covered, focusing on product data, whereas use cases involving customer data are not in scope.
|
| Status: | Operational |
| Driver: | Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) |
| Type: | Market-driven |
| Banks: | Banks implementing OpenBanking |
| Use cases: |
The Financial Industry API Register, contains all APIs, and classifies the available APIs as follows:
- Product APIs (e.g. to provide information on financial product details and exchange rates)
- Sales & Marketing APIs (e.g. to handle product sign-ups, sales/cross-sales and leads generation)
- Servicing APIs (e.g. to manage customer profile/account details and customer queries/feedback)
- Transaction APIs (e.g. to support customer instructions for payments, funds transfers, settlements, clearing, trade confirmations and trading)
|
| Timeline: |
- 2016: API Playbook
- 2018-09: ASEAN Financial Innovation Network (AFIN) launched the API Exchange (APIX), an online Global FinTech Marketplace and Sandbox platform for financial institutions (FIs).
- 2020-12: Monetary Authority of Singapore (MAS) launched the Singapore Financial Data Exchange (SGFinDex), which involves the consolidation of financial data from banks and government agencies in a single place, instead of multiple locations.
|
| Documents: |
|
| Status: | In development |
| Framework: | Open Finance Framework |
| Driver: | Open Finance Oversight Committee (OFOC), an industry-led self-governing body overseen by the central bank, Bangko Sentral Ng Pilipinas (BSP). OFOC is responsible for supervising open banking practices and setting procedures and standards, including API architecture, data, security and outsourcing standards. |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| Use cases: |
- Sharing of product and service information that are readily accessible online
- New account applications information
- Account information or personal and financial information provided by a customer
- Transactions data such as payments and other financial transactions data
- More complex financial products
|
| Timeline: |
- 2020-12: BSP circulates open banking framework to stakeholders
- 2021-06: Open Finance Framework approved
- 2021-08: Creation of Open Finance Oversight Committee (OFOC), tasked with standardizing and operationalizing Open Banking
- 2020-12: Multiple phases to open banking implementation based on data sensitivity:
- Phase 1: Focus on Open Data, sharing of product and service information that are readily accessible online
- Phase 2: Subscription, and new account applications information
- Phase 3: Account information or personal and financial information provided by a customer
- Phase 4: Transactions data such as payments and other financial transactions data
- Phase 5: More complex financial products
|
| Documents: |
|
| Status: | Open API Framework in implementation Phases III and IV |
| Framework: | Open API Framework for the Hong Kong Banking Sector |
| Driver: | Hong Kong Monetary Authority (HKMA) |
| Type: | Market-driven, governance framework is provided, but not mandatory for banks |
| Banks: | Banks implementing OpenBanking |
| API Specs: | |
| Timeline: |
- 2017: HKMA announced Open API Framework
- 2018: HKMA conducted industry consultation
- 2018-07: Regulation published: Open API Framework for the Hong Kong Banking Sector"
- 2019-01: Start of Phase I: Product information, Deposit rates, credit card offerings, service charges and other public information
- 2019-10: Start of Phase II: Customer acquisition, New applications for credit cards, loans and other products
- 2021-12: Start of Phase III: Account information, Account balance, credit card outstanding balance, transaction records, credit limit change and others, The initial batch of API functions, covering deposit account information and online merchant payments, are expected to be implemented progressively
- 2021-12: Start of Phase IV: Transactions, Payment and transfers
|
| Documents: |
|
| Information: |
- The adoption of the framework is voluntary for banks
- TPPs do not have to obtain authorisation from the HKMA to access banks’ APIs
- Banks need to vet and monitor TPPs
|
| Status: | Operational |
| Framework: | Taiwan’s Open Banking Initiative |
| Driver: | Financial Supervisory Commission (FSC) |
| Type: | Market-driven |
| Banks: | Banks implementing OpenBanking |
| Use cases: |
- Public information inquiry (credit card, fund, mortgage interest rates, and other public information)
- Financial account and transaction information of individual customers
|
| Timeline: |
2018-11: FSC assigned the Bankers Association and Financial Information Service Company (FISC) to plan and develop an Open Banking program including regulations and technical standards
- 2019-09: Start of Phase 1: focused on OpenData, public information inquiry (credit card, fund, mortgage interest rates, and other public information)
- 2021-01: Start of Phase 2: focused on exchange of customer data (financial account and transaction information of individual customers)
|
| Status: | Operational |
| Framework: | Open Banking Platform |
| Driver: | Financial Services Commission (FSC) |
| Type: | Market-driven, with centrally operated platform by the government, but no formal or compulsory Open Banking regime |
| Banks: | Banks implementing OpenBanking |
| API Specs: | Open API files, usage required |
| Use cases: |
- Account balance: enabling a customer to check balance at his/her own bank accounts
- Transaction history: enabling a customer to check transaction history with his/her accounts
- Account holder’s real name: enabling open banking service providers to access a customer’s account information to verify the validity of the account and identify the account holder’s real name
- Remitter’s information: enabling a customer to check the remitter’s name and account number
- Debit transfer enabling open banking service providers to collect money from a customer’s account
- Credit transfer: enabling a customer to withdraw money from his/her bank account and credit it into another open banking service provider’s account
|
| Timeline: |
- 2019-02: Open Banking unveiled
- 2019-10: Open Banking pilot launched
- 2019-12: Open Banking fully operational (17 banks and 33 fintech firms)
- Future: Expanding the scope and functions of open banking services
|
| Documents: |
|
| Information: |
Platform model, operated by the government (Korea Financial Telecommunications & Clearings Institute - KFTC)
|
| Status: | Operational for the banking sector, in implementation for other industry sectors |
| Framework: | Consumer Data Right (CDR) |
| Driver: | Australian Competition and Consumer Commission |
| Type: | Regulation |
| Banks: | Banks implementing OpenBanking |
| API Specs: | Open API files, usage encouraged, but not enforced |
| Use cases: |
- Read-only: Account information
- No support for "write" use cases, such as payments
|
| Scope: |
- Banking: providing information for a variety of account types, incl. cash accounts, credit card accounts, mortgage accounts, pension accounts
- Energy
- Telco
- Other industries to follow
|
| Timeline: |
Detailed infographics on the timeline, including types of data shared
- 2019-07: Reference data (fees, interest rates, etc.) available as open data, for 4 major banks
- 2020-07: Data sharing of some account types, for 4 major bankss
- 2021-02: CDR in force in banking, all account types, for 4 major banks
- 2021-07: CDR in force in banking, for all banks
- 2022: CDR in force in energy sector
- 2023: CDR in force in telco sector
|
| Documents: |
|
| Information: |
The Consumer Data Right (CDR) gives consumers greater control over their own data, including the ability to securely share data with a trusted third party. It was introduced in the banking sector from July 2020 and will then roll out across other sectors of the economy, including energy and telecommunications.
|
| Status: | Operational, potentially consumer data right regulation upcoming |
| Framework: | Payments NZ API Centre |
| Driver: | Payments NZ |
| Type: | Market-driven |
| Banks: | Banks implementing OpenBanking |
| API Specs: | Open API files, usage encouraged, but not enforced |
| Use cases: |
- Payment initiation
- Account information
|
| Timeline: |
- 2017-08: Government encouraged Payments NZ (owned by banks) to take up OpenBanking and payment innovation
- 2019-12: Government communicated expectations for banks
- 2020-07: Consumer data right law (regulation, similar to Australia) is publicly discussed
|
| Documents: |
- API sandbox, allowing developers to test that their solutions function as expected against the APIs.
- API Specs and Standards, based on the UK’s Open Banking Implementation Entity (OBIE) standards
|