The purpose of this paper is to define the overall proposition for item P20 (PSD2 in scope accounts, sterling), so that participants (ASPSPs and TPPs) and stakeholders (FCA, HMT, CMA) are clear about what is and is not in scope for this item, and how this will support regulatory requirements and key use cases.
Other pages in this section
The following table is taken ‘as-is’ from the published roadmap (https://www.openbanking.org.uk/wpcore/wp-content/uploads/2017/11/FAO-CMA_Proposed-Amendments-to-Agreed-Arrangements_v_final-1.pdf):
The following regulatory references are relevant when considering the scope of item P20:
PSR Reg 1(2)(Interpretation)
‘payment account’ means an account held in the name of one or more payment service users which is used for the execution of payment transactions
PSR 2017 Reg69(1) (Access to payment accounts for payment initiation services) states:
This regulation applies only in relation to a payment account which is accessible online.
PSR 2017 Reg 70(1)(Access to payment accounts for account information services) states:
FCA Approach Document and final Handbook changes 17.14 and 17.15
17.14 The meaning of ‘accessible online’ is not defined under the PSRs 2017. In our view, an account is accessible online if the ASPSP offers online banking services in relation to that account. Online banking services may be provided through websites or applications, and may be accessible using a desktop computer, mobile phone, tablet or any other such device. Whether an account is accessible online should not be dependent on whether a particular customer has chosen to activate online banking services with the ASPSP. As a result, an ASPSP should not deny an AISP or PISP access to a customer’s account or refuse to give confirmation of availability of funds to a CBPII on the basis that the customer has not registered for online banking. The customer may, however, need to activate online banking services before they can use AIS or PIS, if they do not already have the security credentials for use in the ASPSP’s authentication procedures.
17.15 The purposes for which the specific account can be accessed online also needs to be considered when determining whether an account is ‘accessible online’. Whether regulations 68, 69 and 70 of the PSRs 2017 apply to a payment account will partly depend on what the account holding customer could do with that account online. In our view, an account which is available online on a ‘view only’ basis, but without any payment functionality, would not be ‘accessible online’ for the purposes of PIS. It would, however, be ‘accessible online’ for the purposes of AIS and confirmation of availability of funds to a CBPII.
HMT response to consultation:
7.25 The government intends to maintain the approach set out in the consultation document, regarding the accounts in scope of the AISP/PISP regime (namely access must be provided to all online payment accounts).
Again, in line with what the government set out in the consultation document, ASPSPs will only be expected to provide equivalent access to that available online to customers. Therefore if consumers cannot initiate a payment from their online credit card account, PISPs cannot initiate a payment either (and therefore have no right of access).
Equally if there is no online account available (as is the case for many gift cards) there is no requirement for access to be provided.
10.1.2 Both read and write access, which allows a third party to access account information or initiate a payment on behalf of the customer (subject to the customer’s explicit consent), for data set out in Article 14 (the ‘Read/Write Data Standard’) and which has the features and elements necessary to enable Providers to comply with the requirements to provide access to accounts subject to this Part 2 of the Order under PSD2 .
10.2 Neither the Read-only Data Standard nor the Read/Write Data Standard shall include provisions that are incompatible with the requirements in PSD2.
For Account Information Services:
The OBIE interpretation is that the key regulatory requirements are:
For Payment Initiation Services:
The above regulatory requirements do not fully define the functionality needed to meet the needs of AISPs and PISPs, especially to enable the development of innovative new products using multiple payment accounts. The following are some of the key/high priority use cases which corroborate the definition and rationale as stated in the roadmap item above.
Read API with extended accounts in scope
Based on the regulatory requirements and customer use cases above, the following items are considered in scope for P20. In all cases this covers GPB accounts/payments (as other currencies are covered by P10 and P21).
Notes on Payment Initiation Service:
The following additional payment types are not currently envisaged for release 2: Balance transfer from one card account to another card account.
The next steps are to clarify and manage under change control in a future release or include in current release subject to approval through the proper governance process.
The following items are NOT in scope for item P20, as they are either outside the scope of PSD2 and the CMA Order, or they are covered by a subsequent roadmap item in release 3 or 4:
All accounts need to be accessible through the ASPSP online channel.
For Read APIs:
For Write APIs:
The following metrics will be required to measure adoption: