Welcome to the Open Banking Standard
The Standard is designed to assist any European account providers in meeting their PSD2 and RTS requirements as well as supporting their application for an exemption from the contingency mechanism. This market-enabling Standard is built in an optional modular format to most effectively meet consumer and market needs.
BETA: This new website format has been designed to make it easier for users to read and implement the Standard. Over the coming months, additional components will be added to this new format. If you have any feedback please let us know via the Service Desk.
The Standard goes beyond the API Specifications to include Customer Experience Guidelines and Operational Guidelines. The Standard is open to all account providers (ASPSPs) and has been implemented across 90% of the UK payments account market. It is designed to enable a well-functioning, successful ecosystem, where there are no barriers to the provision of products and services by TPPs.
The Standard covers all online payment accounts and includes the following core components:
API Specifications
These specifications consist of technical documentation, usage examples and swagger files for:
- Read/Write API Specifications
- Open Banking API Specifications
- Directory Specifications
- Dynamic Client Registration (DCR) Specifications
- MI Reporting Specifications
Security Profiles
These profiles have been developed together with the Open ID Foundation and cover third party on-boarding, re-direct and decoupled flows:
- Open Banking Security Profile
- Financial-Grade API (FAPI) Profile
- Client Initiated Backchannel Authentication (CIBA) Profile
Customer Experience Guidelines
These guidelines bring together regulatory requirements and extensive customer research to help third party providers and account providers deliver a great customer experience and avoid any unnecessary delay or friction as required under PSD2.
Previous versions in pdf format:
Operational Guidelines
These guidelines support account providers implementing effective and high-performing dedicated interfaces while assisting them in fulfilling their regulatory obligations relating to performance and availability, design and testing, problem resolution, and management information.
Previous versions in pdf format:
Guidance when implementing the Standard
This guidance explains the categorisation of requirements for account providers and third party providers implementing any part of the Standard. This covers the API Specifications, Security Profiles, Customer Experience Guidelines and Checklist, and Operational Guidelines and Checklist. This guidance should be read before referencing the Standards documents.
Conformance and Certification
The conformance tools help account providers and third party providers test they have implemented each of the above elements of the Standard correctly.
The certification service can be used by account providers as evidence of conformance to the Standard when they request an exemption from the contingency mechanism with their competent authority.