Operational Guidelines

Operational Guidelines Overview

This version is:

Published 1 year ago 31 Mar 2021

The Operational Guidelines (“the OG”) and Operational Guidelines Checklist (“the OG Checklist”) have been designed to support ASPSPs with their request for an exemption from providing a contingency mechanism.

Other Journeys in ‘v3.1.8’.

Building on the RTS-SCA, the final EBA Guidelines and the FCA’s Approach documents1 which set out criteria, guidance and information requirements for ASPSPs seeking an exemption, the OG and OG Checklist provide recommendations to help ASPSPs demonstrate compliance with these regulatory requirements.

These recommendations are designed to help deliver an effective Open Banking ecosystem, meeting the needs of TPPs in providing services to PSUs. We expect that ASPSPs who adopt the OG and OG Checklist will be in a better position to successfully demonstrate they have delivered a dedicated interface with the necessary attributes and functionality to drive competition and innovation2.

The OG and OG Checklist will be revised in the event of changes to regulatory guidance and to support future releases of the OBIE Standard.

While this document is focused on PSD2 in-scope accounts and functionality, all of the recommendations can still be applied by ASPSPs implementing account types and functionality which are outside the scope of PSD2.

1The full titles of the main documents referenced throughout are:

2The decision to grant an exemption from the contingency mechanism is entirely at the discretion of the relevant Competent Authority.

OG Objectives

To provide clarity to ASPSPs to enable them to design effective and high-performing dedicated interfaces while fulfilling their regulatory obligations.

To ensure that TPPs have access to consistently well-designed, well-functioning and high performing dedicated interfaces.

To ensure that consumers and SMEs using TPP services have positive experiences that encourage them to continue to consume open banking-enabled services.

OG Benefits

Exemption support: Support ASPSPs with their application to their NCA for an exemption from providing a contingency mechanism.

Lower Costs: Minimise the potential costs to a business when systems or supporting networks are down (including instances where they have not been tested appropriately).

Reduced Reputational Risk: Protect the reputation of individual participants and the Open Banking ecosystem as a whole.

The Operational Guidelines Checklist

The OG Checklist consolidates the requirements of the FCA Checklist1 and recommendations of the OG, and helps ASPSPs identify where they are conforming to the OG. Each element of the OBIE Standard includes aspects which are either one, or a combination, of:

CMA Order: These are required by the Order and only apply to the CMA9 banks as identified in the CMA Order.

PSD2: These are either Mandatory or Optional under PSD2 (Level 1) or RTS (Level 2) texts, according to the interpretation of OBIE. Any item considered to be Mandatory under PSD is considered a requirement in the Open Banking Standard. ASPSPs, based on their interpretation of the legislation, should explain their rationale for deviating from the OBIE Standard to their NCA when applying for an exemption. (See e.g. Column B of the FCA’s Form B2).

OBIE: These are items that OBIE believes would be particularly beneficial for PSUs and TPPs if implemented by ASPSPs based on consultation with a large number of stakeholders.

1In particular the FCA’s own questions which we refer to as the FCA Checklist from https://standards.openbanking.org.uk/wp-content/uploads/2022/04/contingency-exemption-request-form-2018.pdf which should be read alongside Chapter 17 of the PSRs Approach

2https://standards.openbanking.org.uk/wp-content/uploads/2022/04/contingency-exemption-request-form-2018.pdf

Disclaimer: The contents of the Operational Guidelines (“OG”) and Operational Guidelines Checklist (“OG Checklist”) do not constitute legal advice. While the OG and OG Checklist have been drafted with regard to relevant regulatory provisions and best practice, they are not a complete list of the regulatory or legal obligations that apply to Participants. Although intended to be consistent with regulations and laws, in the event of any conflict with such regulations and laws, those regulations and laws will take priority. Participants are responsible for their own compliance with all regulations and laws that apply to them, including without limitation, PSRs, PSD2, GDPR, consumer protection laws and anti-money laundering regulations.