About These Guidelines
These guidelines cover the core use cases that support market propositions
Customer insight and regulation-driven principles underpin the core customer journeys described in four sections:
- Authentication Methods: The primary forms of Authentication, in generic form, that may be used through a variety of services and interactions.
- Account Information Services (AIS): Service propositions that are enabled or initiated by customers (PSUs) consenting to share their payment account data with Account Information Service Providers.
- Payment Initiation Services (PIS): Service propositions enabled by customers (PSUs) consenting to Payment Initiation Service Providers (PISPs) initiating payments from their payment accounts.
- Card Based Payment Instrument Issuers (CBPIIs): Service propositions enabled by customers (PSUs) giving their consent to a CBPII to submit Confirmation of Funds (CoF) requests to an ASPSP.
ASPSPs should be familiar with their own role and that of other participants across all these proposition types.
TPPs (AISPs, PISPs and CBPIIs) will naturally focus on the proposition types that are relevant to their business model, but they should still be aware of the roles of all participants in order to ensure they understand the lines of demarcation and differences between each type.
The Customer Experience Checklist
The CEG Checklist takes the form of key questions that have been designated as either “required” or “recommended”.
The CEG Checklist sets out which specific requirements are relevant to the Open Banking Standard Implementation Requirements, PSD2, the RTS and the CMA Order. Where relevant, it provides a regulatory reference (as per the CMA Order, PSD2/PSRs and the RTS on SCA and CSC). These are marked as either mandatory, optional or conditional in line with the definitions used across the Open Banking Standards.
For TPPs, certifying against the CEG Checklist is considered as a signal of best practice to the marketplace.
OBIE will consider the CEG Checklist for quality assurance and compliance purposes alongside other sources of information.
The Customer Experience Guidelines form part of the Open Banking Standards
The Customer Experience Guidelines form part of the Open Banking Standards.
The Customer Experience Guidelines (and associated Checklist) form part of the Standards, and set out the customer experience required to deliver a successful Open Banking ecosystem, alongside technical, performance, non-functional requirements and dispute resolution practices.
The CEG Checklist has been developed for ASPSPs and TPPs to assess conformance with this aspect of the OBIE Standards.
The CEG and CEG Checklist are consistent with:
- The Revised Payment Services Directive (PSD2) (Transposed in the UK by the Payment Services Regulations 2017 (PSRs))
- The Regulatory Technical Standards on Strong Customer Authentication and Common and Secure Communication (SCA-RTS))
- The UK CMA Retail Banking Market Investigation Order which applies to the nine largest UK retail banks only (known as the CMA9)) in the context of open banking.
In developing its Standards, OBIE has undertaken extensive engagement with different market participants, and analysis to ensure that its standards have been designed in line with relevant regulatory and market requirements.
On this basis, where an ASPSP seeking an exemption notifies their relevant National Competent Authority (NCA) (e.g. the FCA in the UK) that its dedicated interface follows the OBIE Standards, we expect this will provide a level of assurance that the ASPSP meets the requirement of RTS Article 30(5). Conversely, when an ASPSP has deviated from the Standards, we expect that the NCA may require additional information to enable it to consider more closely whether the ASPSP’s implementation is compliant with the relevant regulatory requirements. This may include the NCA requesting additional details on how and why there has been a deviation.
OBIE recommends that ASPSPs complete the CEG Checklist which can be provided to the NCA in support of their application for an exemption.
The principles of trust, transparency and security are captured by Consent and Access Dashboards, a fundamental tool to ensure PSUs are adequately informed and in control of the account information, they share with TPPs, particularly AISPs and CBPIIs.
Consent and Access Dashboards were introduced to the Open Banking Standards to ensure customers were able to view, refresh and revoke (i.e. cancel) TPP consents and ASPSP access arrangements they had agreed to.