What is Open Banking?
What is Open Banking?
When you connect a budgeting app to your bank account, or allow a mortgage lender to verify your income directly from your bank statements, or use a fintech to pay a bill directly from your checking account — you are using open banking. It is one of the most significant structural shifts in retail banking in decades, and most people have never heard the term.
What Open Banking Is
Open banking is a framework that allows customers to authorize third-party applications to access their financial data and, in some implementations, initiate payments on their behalf — through secure, standardized programming interfaces called APIs.
This sounds simple, but it represents a fundamental shift in the power dynamic between banks and their customers. Historically, banks held customer data in proprietary silos — making it difficult for customers to switch banks, compare products, or use third-party services. Open banking dismantles those silos, at least in principle.
The Two Pillars of Open Banking
1. Account Information Services (AIS)
AIS covers read-only access to financial data. A third-party application — with the customer's consent — can retrieve account balances, transaction history, and other account data directly from the bank.
Use cases include:
- Personal finance management apps (Mint, YNAB) aggregating accounts across multiple banks
- Lenders verifying income and spending patterns for underwriting
- Accountants accessing client transaction data for bookkeeping
- Credit scoring models using real bank data instead of proxy indicators
2. Payment Initiation Services (PIS)
PIS covers write access — the ability to initiate a payment from a customer's bank account on their behalf, without going through a card network.
Use cases include:
- Paying a merchant directly from your bank account at checkout — bypassing Visa or Mastercard
- Rent payment apps initiating ACH debits on behalf of landlords
- Tax payment services sending funds directly to the IRS from a customer's account
- Business-to-business invoice payments initiated by accounting software
How It Works Technically
Open banking relies on APIs — Application Programming Interfaces — that banks expose to authorized third parties. The flow works like this:
Open banking API flow — the customer authenticates directly with the bank, which issues an access token to the third party.
Screen Scraping vs APIs — Why It Matters
Before open banking APIs existed, fintech apps accessed bank data through screen scraping — the customer gave the app their bank username and password, and the app logged in on their behalf and scraped the data from the bank's website.
Screen scraping works but it is deeply problematic:
- The customer shares their full banking credentials with a third party
- The third party has unrestricted access to the entire account
- Banks have no visibility into or control over the access
- It violates most banks' terms of service
- It creates significant security and liability exposure
Open banking APIs replace screen scraping with a controlled, consent-based, credential-free access mechanism. The customer grants specific permissions, the bank issues a scoped token, and access can be revoked at any time.
Open Banking in the US vs the Rest of the World
The US approach to open banking differs significantly from other markets — and understanding this distinction is important.
UK and Europe — Mandated
The UK's Open Banking Standard (launched 2018) and the EU's PSD2 directive (Payment Services Directive 2) mandated that banks expose standardized APIs to authorized third parties. Banks had no choice. Compliance was required by regulation, timelines were set by regulators, and API standards were defined centrally.
The result: a highly developed open banking ecosystem in the UK and Europe, with thousands of regulated third-party providers and payment initiation services widely used by consumers and businesses.
United States — Market-Driven (until recently)
The US took a different path. There was no federal mandate for open banking until the Consumer Financial Protection Bureau (CFPB) issued Section 1033 of the Dodd-Frank Act rules in 2024 — requiring banks to provide customers with access to their financial data upon request and to share it with authorized third parties.
Before this rule, US open banking was driven by market forces — banks built APIs voluntarily, data aggregators like Plaid and Finicity (acquired by Mastercard) bridged the gap, and screen scraping remained common. The 1033 rule marks the US formally joining the mandated open banking framework, though implementation is phased over several years.
| Market | Approach | Key regulation | Status |
|---|---|---|---|
| United Kingdom | Mandated | Open Banking Standard / CMA | Live since 2018 |
| European Union | Mandated | PSD2 / PSD3 | Live since 2019 |
| United States | Market-driven → mandated | CFPB Section 1033 | Rule finalized 2024 |
| Australia | Mandated | Consumer Data Right (CDR) | Live since 2020 |
| Brazil | Mandated | Open Finance Brazil | Live since 2021 |
The Role of Data Aggregators
In the US, much of the open banking infrastructure is provided not by banks directly but by data aggregators — companies that sit between banks and third-party apps, normalizing data access across thousands of financial institutions.
The major players:
- Plaid — the dominant US aggregator, connecting 8,000+ financial institutions to thousands of fintech apps. Used by Venmo, Robinhood, Coinbase, and hundreds of others.
- Finicity — acquired by Mastercard in 2020, focused on lending and mortgage verification use cases
- MX — focused on financial wellness and data analytics for banks and credit unions
- Akoya — a bank-owned aggregator network, competing with Plaid as a bank-controlled alternative
Aggregators historically relied heavily on screen scraping. As banks build direct APIs, aggregators are transitioning to API-based connections — a shift accelerated by the CFPB's 1033 rule.
Open Banking Use Cases in Practice
| Use Case | Type | Example |
|---|---|---|
| Personal finance management | AIS | Mint aggregating all accounts in one view |
| Mortgage income verification | AIS | Lender verifying 12 months of bank statements instantly |
| Account-to-account payment | PIS | Paying at checkout directly from bank account |
| Credit underwriting | AIS | Lender analyzing spending patterns for loan approval |
| Bank account switching | AIS + PIS | Moving direct deposits and recurring payments to a new bank |
| Business cash flow analysis | AIS | Accounting software pulling transaction data automatically |
What Banks Think About Open Banking
Banks have a complicated relationship with open banking. On one hand, sharing customer data with third parties that may compete with the bank's own products is not obviously in the bank's interest. On the other hand, banks that build good APIs attract fintech partnerships, improve customer retention through better integrated services, and position themselves as platform players rather than legacy institutions.
The Bottom Line
Open banking is the infrastructure framework that gives customers control over their own financial data and enables a new generation of financial services built on top of bank account access. In the US it is evolving from a market-driven patchwork into a regulated framework under the CFPB's 1033 rule. For anyone working in retail banking, payments, or fintech, understanding what open banking enables — and the tension it creates between banks and the companies that want to build on their data — is increasingly foundational knowledge.
Clear explanations of banking and fintech concepts — written for people who work with financial systems.
Member discussion