Design & Testing
The OBIE StandardThe OBIE Standard has been developed over a period of 18 months in collaboration with nine of Europe’s largest financial institutions as well as 500+ representatives from other ASPSPs, TPP communities, PSD2 and consumer stakeholder groups, and prominent fintech leaders. The collaborative and transparent development process has involved over 50 workshops and an online feedback process, giving stakeholders the opportunity to contribute to ensure that their regulatory requirements have been considered for the widest possible coverage of business models. As such, when ASPSPs adopt the OBIE Standard without deviation, they can refer to the fact that there was extensive consultation during the development of the OBIE Standard as an additional tool to support the design and testing requirement. In the UK, the FCA will base its assessment of whether the exemption criteria are met on a completed contingency exemption form. FCA-regulated ASPSPs are required to complete this (in particular the second half Form B1) by providing the details of functional and technical specifications that they have implemented for each relevant regulatory requirement and a corresponding summary describing how their implementation satisfies the requirement, as well as any deviations, where applicable. We note that it is ultimately in the discretion of each NCA to determine whether or not exemption criteria are met when assessing applications for an exemption.
Proving ConformanceOBIE provides a suite of testing tools which are designed to help ASPSPs test whether or not their API interface meets the OBIE Standard. ASPSPs who use these tools will be in a good position to able to demonstrate to NCAs that they have correctly followed and implemented the OBIE Standard2.
OBIE will also provide a certification service for each of the four areas above. This service will include OBIE’s validation that the conformance tools/checklists have been run/completed satisfactorily to indicate conformance to the OBIE Standard. While the tools can be run in a test/pre-production environment, certification will be against production environments unless otherwise agreed by OBIE.
ASPSPs who run these tools and obtain a certification against their production environment will mitigate against scenarios where the dedicated interface returns 2xx HTTP status codes, but the responses contain missing, badly formed or incorrect data.
2While running the tools successfully will produce useful evidence, an NCA may still require further evidence to ascertain whether or not an ASPSP has correctly implemented the OBIE Standard