Operational Guidelines

Change Log

This version is:

Published 4 years ago 25 Jun 2020

A summary list of changes from V3.1.5 to V3.1.6

Other pages in this section

A summary list of changes from V3.1.5 to V3.1.6 

Changes are indicated as follows. Copy which has been removed is struck out and copy which has been added is in blue.

ID/SectionLocationChangeReason for Change
TPP Guidelines
1Business Continuity and Disaster Recovery
 Useful links
FCA Consultation Paper, Building Operational Resilience : https://www.fca.org.uk/publication/consultation/cp19-32.pdf
OBIE Internal Review
2Information Security
Introduction
There are many sources of advice about information security and how to implement effective controls that are proportionate to the size and scale of your business and the products or services you provide.
To protect the confidentiality, integrity and availability of information and data in the open banking Ecosystem, all Participants should ensure that security is given sufficient profile and influence in their organisation and operations in order to meet both obligations under PSD2 and data protection laws.
Implementation of Information Security controls must be in line with the Open Banking Read/Write API specifications, particularly the Open Banking Security Profile Open Banking Security Profile. These specifications detail the underlying information exchanges between Participants and how these are secured, but not the way each Participant can operate securely. This document should be read in conjunction with other Open Banking ‘How To’ guides and the Open Banking security profile.
Errata fix to Open Banking Security Profile link.
OBIE Internal Review