Open Banking is redefining the landscape of financial services by changing the way that products and services are consumed. It has also opened the door for new entrants like fintech to challenge the power traditionally held by large financial enterprises. Open Banking as a concept confuses many because of the
various regulations that have emerged in different countries.

Few governments and regulatory bodies are issuing broad statements encouraging banks to participate in Open Banking. While in other cases, like PSD2 in the EU, the Open Banking Standard in the UK and the Consumer Data Right in Australia, government mandates have gone into legislation with deadlines for enterprises to create open APIs.

At the heart of Open Banking are open APIs which allow access to customer data. Third parties build applications and services around an existing financial institution, usually a large bank. The idea is to create a more competitive marketplace with innovative financial services that benefit customers, while also allowing customers to take control of their data and how it is shared.

Open Banking in Different Regions


Hong Kong

HKMA launched a four-phase Open API Framework in January 2019. The initial phase is for banks to publish open APIs for third-party providers to access ‘read-only’ information on products and services. The second phase involves processing applications for financial products. The next phases cover individual account information and transactions, respectively. 


MAS has released an api playbook, adoption is voluntary and for now, limited to established banks. The standard is based on OAuth 2.0 and OIDC or OpenID Connect, development is being facilitated by MAS in conjunction with the major banks.


The Japanese Banking Act initiated in May 2017 introduced a framework for Electronic Payments Intermediate Service Providers (similar to PSD2) and forecasts that at least 80 banks open APIs by 2020. However, the number of APIs thus far has been low, as the focus has not been to increase competition, but rather to improve operational efficiencies. Here, Open Banking is a collaboration and not the usual regulatory approach. 


Australia has a regulation Consumer Data Right (CDR) which aims to provide greater choice and control for Australians over how their data is used and disclosed. 
The Australian government has also mandated open consumer data APIs in key industries, and Australia’s Big 4 banks are moving forward with open APIs based on a timeline of February 2020. All other banks in Australia are bracing themselves for their own deadline, July 2020. 

New Zealand

Open Banking efforts have been led by the industry, along with a push from the government.  The key driver is to reduce credit card transaction fees to 0%. Two banks and two fintechs have started the move under the supervision of standards released by Payments NZ. 

European Union

Open Banking was initiated by the European Parliament in 2015, with the drafting of PSD2. PSD2 entered into force on January 12, 2016, with a two-year deadline for EU member states to transpose it into national law. Two key 2019 deadlines (14 March and 14 September) have already passed for implementing the strong customer authentication requirement. Four architecture models have been offered - redirect, OAuth 2.0, decoupled and embedded. 

United Kingdom

The UK has been at the forefront, implementing Open Banking in January 2018. It was a response to a report by the Competition and Markets Authority (CMA) indicating a lack of competition amongst big banks in the UK. PSD2 further pushed banks to provide data to third parties via APIs (as of June 2019, 19 are enrolled). The Standard is based on OAuth 2.0 and OpenID/FAPI.

We at Nth Exception collaborate with Banks and Financial Institutions to analyze, solutionize, and optimize cross border payments processes. To complement our services and product we have partnered with companies in the payments space to deliver best in class payment solutions delivered by our partners.