Since the launch of the second Payment Services Directive (PSD2) in Europe, there has been a sharp rise in the number of countries and banks adopting open banking initiatives. This interactive page details the regions, countries and institutions that are moving towards open banking and proposes a framework for categorising them based on four pillars:
Level of Regulation
Stage of Development
Degree of Standardisation
Click on any of the regions or countries below to see what initiatives have been introduced there.
Last Update: 6 September 2021
The European Union
PSD2, which stands for the Second Payment Services Directive, was introduced by the European Union with the aim to create a more innovative payments market, regulate new players and protect customers online.
Key to this is the necessity for banks to open up their APIs and customer data to new Third Party Providers (TPPs) entering the market. First passed in 2015, the EU has struggled to fully adopt the regulation with big setbacks around Strong Customer Authentication pushing out the deadline for implementation to December 2020. In spite of these setbacks, banks in the region have begun to launch Open Banking services.
The United Kingdom
In 2016, The UK Competitions and Market Authority (CMA) introduced their own national Open Banking initiative which builds on its PSD2 obligations and mandates that the nine leading banks in the country (CMA9) need to implement a predefined and standard API.
Unlike PSD2, it is a set of technical specifications and it does not leave the details up to the market to
decide. Leading banks like Barclays, Llyods and HSBC have enabled users to view financial information from their other bank accounts within their respective mobile banking apps.
The Financial Conduct Authority (FCA) are now looking to launch “Open Finance” which would extend to other financial products including mortgages and investments.
The Central Bank of Russia (CBR) approved the first recommendatory standards for Open Banking in October 2020. They include API standards for account information, payment initiation as well as information security standards.
However, it is taking an organic approach to implementation, and financial institutions in the country are still not obligated to provide access to customers’ data via open APIs.
While Switzerland acknowledges the potential of Open Banking, it is choosing to implement a market-led approach rather than a regulatory approach. The Swiss government and the Swiss Bankers Association both believe that the lack of guidelines and standardisation of data interfaces will be beneficial for the financial sector as it allows for the possibility of experimentation along the way.
An organic, market led approach will enable the financial sector to collectively design and establish the foundations on which open banking will thrive, and be beneficial for the industry in the long run.
The Monetary Authority of Singapore (MAS) has been encouraging banks to adopt APIs since 2016 with the development of a financial industry API playbook.
In December 2020, MAS launched the Singapore Financial Data Exchange (SGFinDex). SGFinDex is the world’s first public-private open banking initiative with a digital infrastructure that taps into the national digital identity system, SingPass.
It allows users to access and review personal financial information, such as loans, transactions, investments and even CPF, from across government agencies and private-sector organisations. SGFinDex brings together financial data for customers to give them a clear understanding of their finances and a holistic financial overview.
Five years ago, India’s largest banks built the interoperable UPI rails and enabled over 150 million people in the South Asian market to pay digitally. This UPI infrastructure now reports 3 billion transactions each month.
In September 2021, eight Indian banks announced the launch of a system called Account Aggregator that will enable consumers to consolidate all their financial data centrally.
The new system makes it possible for banks, tax authorities, insurers and other finance firms to aggregate data of customers — who have provided their consent — to get better understanding about their potential customers, make informed decisions and ensure smoother transactions.
The Hong Kong Monetary Authority (HKMA) has been promoting but not enforcing the adoption of Open Banking standards on the island with the aim of improving customers everyday banking lives since 2017.
Named the Open API framework for the Hong Kong Banking sector, these guidelines encourage banks to implement various API functions in a four-phase approach. Following the successful implementation of Phases I and II of the Open API Framework in January and October 2019 respectively, the HKMA announced the implementation plan for Phases III (Account information) and IV (Transactions) of the Open API Framework in May 2021.
The HKMA will oversee and facilitate the process, enabling the Hong Kong Association of Banks (HKAB) to develop a set of standards covering key areas of customer experience and authentication, technical and data standards, information security, and operations.
In May 2017, the central Bank of Japan (BOJ) amended the Japanese Banking Act to include a regulatory framework which mandated that banks must provide open APIs by 2020 to encourage innovation in a predominantly cash-based economy.
Since then a number of leading banks in the country, including MUFG, Mizuho and Fukuoka have developed and launched API platforms. However, progress has stalled as banks and fintechs are struggling to reach agreements because of the high fees fintechs are being asked to pay the banks for access to client data.
China has quickly become a stand-out nation when it comes to digital banking. With lightning fast development of banking technology, most banks in the country are leveraging APIs to provide their products and services to customers.
To date this has all happened in the absence of regulation, however, China’s financial authority announced in early 2020 their plans to release regulation in order to securely support the growth of the API ecosystem in the country.
Malaysia’s central bank, Bank Negara Malaysia (BNM), established the Financial Technology Enabler Group in June 2016 to promote innovations in the fintech sector.
In 2017 the BNM established an Open API Implementation Group to develop standards and to review regulations. In 2019, the BNM released a Policy document which provides guidance on the development and publication of open APIs. This document encourages financial institutions to adopt the Open Banking API specifications but does not mandate it.
The Financial Services Commission (FSC), South Korea’s financial regulator announced plans to overhaul the country’s current financial regulatory framework and introduce new initiatives that are focused on embracing flexibility and scalability in financial services.
To promote the development and use of contactless financial services, the FSC began allowing savings banks and credit card companies to provide Open Banking services in the first half of 2021, which will be followed by financial investment businesses.
The government also said it will allow more account types to be eligible to sign up for Open Banking and to connect Open Banking with other digital finance infrastructures such as government-led MyData and MyPayment. The end goal here is to allow for the development of a ‘one-stop platform offering analysis, advise and account transfer services all from the same place.’
In 2018, the Australian Federal Government announced their plans to introduce Consumer Data Right (CDR) legislation which would give consumers the right to safely access and manage their data.
Four of the leading banks in the region, namely Commonwealth, NAB, Westpac and ANZ, went live with Open Banking in July 2020 and all non-major banks were mandated to follow on the one-year anniversary that we recently celebrated. Unfortunately, the majority of banks failed to come to the party by July 2021.
To date, there is only one way to go to market with Open Banking, which is to become an Accredited Data Recipient (ADR) which allows full access to CDR data across banking and other sectors.
The New Zealand government concluded in July 2021 that it will establish a Consumer Data Right (CDR) framework in the country, with legislation to be introduced as soon as 2022. It will allow individuals (and potentially businesses) to request that data holders share information held about them with trusted third parties.
In addition to information sharing, the CDR will also support action initiation (which could include, for example, the making of a payment). If this is enacted as well as part of the proposed multi-sector regime, it could make New Zealand’s CDR the widest ranging regime globally.
Currently, Payments NZ, a bank-owned by the governing body of New Zealand’s core payment systems provide a standardised API framework and direction for banks and third-party vendors interested in Open Banking opportunities.
The Bangko Sentral ng Pilipinas (BSP), launched the BSP Digital Payments Transformation Roadmap in 2020. It outlines an Open Banking framework as part of the regulator’s 3-year digital payments transformation program in the country.
In May 2021, Komo, a digital banking service created by EastWest Bank, partnered with Open Banking provider Brankas and launched the first Open Banking service in the Philippines. Through Brankas’ secure fund transfer APIs and extensive bank integration suite, customers can receive money from their choice of Philippine banks; instantly and without leaving the Komo app.
While regulators in the US have chosen not to implement Open Banking standards at a national level, President Biden issued an Executive Order in July 2021 that hints at initiating the process of regulating Open Finance in the US.
Currently, The Financial Services Information Sharing and Analysis Centre (FS-ISAC) Data Aggregation Work Group which comprises of banks, fintechs and financial aggregators, who are building and sharing API technical recommendations called the “Durable Data API”. Banks such as Wells Fargo, Citi and Bank of America have adopted these standards.
Since 2018, the Ministry of Finance’s Open Banking Advisory Committee has been conducting research into Open Banking standards. In April 2021, a report was published with the findings that the current method of screen scraping used for Open Banking style of services is deemed to be “unsecure, inefficient, unregulated, and an unreliable method of data sharing” and therefore states an objective to have operational systems with common rules, an accreditation framework and technical specifications for Open Banking in Canada by January 2023.
In July 2021, FinConect, a US based technology company signed an agreement with FICANEX, Canada’s largest surcharge free ATM network to deliver an Open Banking platform to Canadian credit unions and banking clients.
In June 2020, the Comisión Nacional Bancaria y de Valores (CNBV) published the first Open Banking guidelines, which establishes the expectation to exchange public, aggregated and transactional data across all financial entities. Financial institutions have 12 months to comply, and should be exchanging data and information by June 2021.
According to the latest update in June 2021, over 2,200 financial entities in Mexico have already implemented APIs to exchange account data with third parties. Following this, the expectation will expand to include aggregated and transactional data.
The CNBV is expected to publish new guidelines related to the sharing of transactional information from customers’ accounts and credit. However, it remains to be seen when the deadlines for this data sharing will be compulsory.
The Argentinian government has yet to introduce any regulation around Open Banking, however industry players in the market have taken steps to build standards for the country.
Open Banking Argentina, a nongovernment body, has developed open banking standards with the aim of creating an interactive and innovative financial ecosystem in the country.
In 2019, The Central Bank of Brazil (BACEN) published an Open Banking directive which outlined the objectives, scope and strategy for implementation of Open Banking in the country. The regulation was initially launched in early 2020 and will be rolled out over four phases.
In August 2021, the second (data sharing) phase was successfully launched, and consumers in Brazil can now request their registration and transactional data to be shared with other financial institutions in the country.
Additionally, Open Banking Excellence (OBE), the global centre of community and knowledge driving change in Open Finance also announced the launch of a local chapter in Brazil to support the development and growth of the country’s Open Finance infrastructure.
The Colombian government have yet to release any regulation around Open Banking.
However, in response to the need for digital banking innovation, Colombia Fintech, the association representing fintechs, and Open Vector, a UK-based company that has worked with many government bodies establishing Open Banking strategies, are working together to develop API standards for financial institutions and fintechs in the country.
In response to its growing fintech market, the National Bank of Rwanda (NBR) has released regulation around Open Banking and plans to release detailed standards in the near future.
The Open Banking regulation in Rwanda addresses data sharing and data portability with a view to encouraging innovation, efficiency, new products development and new players.
The Central Bank of Nigeria (CNB) issued a regulatory framework for Open Banking in Nigeria in February 2021 to establish a regulatory environment for the development of a more innovative and customer-centric financial services.
Prior to the inception of the framework, banks operated in a closed ecosystem, with exclusivity of access to their own data, and no data sharing. The framework will enable financial institutions and services in Nigeria to drive much needed innovation in the sector.
In contrast to other countries in the region, South Africa is a highly regulated market.
While no regulation has been introduced around Open Banking to date, it is expected that when regulation is introduced it will be comprehensive and mandatory. For now, until regulation is released, the market has found its own way to introduce standards with leading banks in the region such as Nedbank launching APIs that are aligned to the UK’s Open Banking technical standards.
The Central Bank of Bahrain (CBB) issued draft regulations on Open Banking in 2018 thus taking the lead in introducing regulations in the region.
The initiative was a major step towards transforming the financial services industry by enabling greater transparency and inclusivity through open data.
In response to the CBB’s mandates, The National Bank of Bahrain (NBB), partnered with Tarabut Gateway, an Open
Banking system provider, to develop and launch a common platform that banks in Bahrain could access in order to comply with Open Banking regulation and make use of standardised APIs.
In November 2020, further strengthening the ecosystem, the CBB released a second phase of regulations called the Bahrain Open Banking Framework (BOBF), setting a precedent for how Open Banking is deployed across the Middle East and North Africa.
In 2019, the Bank of Israel published its Open Banking draft guidelines and invited interested relevant stakeholders to comment or make suggestions.
The regulation which will be rolled out in a phased approach, requires that banks initially allow for the secure sharing of bank account and transaction data. Following that, over a period of two years, access to additional customer information including customer’s credit, loans, deposits, savings and securities portfolios will need to be shared with third parties.
In line with the strategic priorities set for the Saudi Vision 2030, the Saudi Central Bank (SAMA) announced its Open Banking Initiative in January 2021 to accelerate and diversify financial services in the Kingdom.
Financial inclusion, innovation and economic development are cornerstones of the Saudi Vision 2030, which is driving the change to financial ecosystems in the Kingdom.
There are three phases to the proposed Open Banking Initiative, beginning with a design phase in the first half of 2021, market implementation in second half of the year and going live by early or mid 2022.
In 2019, the Central Bank of the Republic of Turkey (CBRT) announced it would be fully complying with the European Union’s PSD2 regulation.
Although not a member of the European Union, and therefore not required to comply with the regulation, the CBRT has chosen to adopt it after it did the same with its predecessor PSD1, five years ago.
Turkish financial institutions adopted and implemented PSD2 standards on the 1st of January 2020, granting access to customer data to third-party providers.
In July 2021, the Central Bank of the United Arab Emirates (CBUAE) announced the Retail Payment Services and Card Schemes Regulation, the fourth of its kind to lay the groundwork in the UAE for a new era of digital payments.
The regulation initiates a licensing infrastructure for payment service providers operating – or wishing to provide – one or more of nine payment services or payment card schemes in the UAE, which includes Open Banking enabling services such as payment initiation, and payment account information services.
A one-year transitional period has been given to existing payment service providers and card schemes to obtain the relevant license from CBUAE.