Open banking and PSD2 in the UK enable consumers to securely share their bank account information with third parties, giving consumers more choices in the marketplace and greater control over their financial information. While the second Payment Services Directive, or PSD2, requires banks to open up their data to third parties, Open Banking requires that they do so in a secure, standardised format using open APIs.
In order for third-party financial service providers to seamlessly connect to the open banking ecosystem and directly access bank account data per Financial Conduct Authority (FCA) regulatory requirements, third-party providers need to be an authorised Account Information Service Provider (AISP), a Payment Initiative Service Provider (PISP), or both.
AISP vs PISP
What is an Account Information Service Provider (AISP)?
A company that is an authorised AISP can ask for permission to connect to an individual’s bank account data and use that account information to provide a service with the consumers’ explicit consent. AISPs have ‘read-only’ access to data, meaning they can look at a customer’s bank account data but not touch, so they can’t actually move a customer’s money.
Some of the services AISPs provide are money management tools that help consumers improve their financial wellbeing, lending tools that offer a real-time picture of a borrower’s financial position, and price comparison apps that analyse spending and transaction information and offer budgeting and product recommendations.
What is a Payment Initiation Service Provider (PISP)?
A company that is an authorised PISP can carry out regulated payment services and initiate payments into or out of a user’s account with the user’s consent. PISPs have ‘read-write’ access, meaning they can view bank account data plus make payments on behalf of the customer. With payment initiation services, consumers can pay directly from their bank accounts rather than using a debit or credit card through a third party such as Visa or MasterCard. A consumer can authorise a PISP to access their payment account with another payment service provider, such as a bank.
Examples of PISP applications include financial management tools that automate savings by regularly moving a customer’s money to a savings account and business solutions that are integrated with business’ back-office systems. Integrated business tools can allow companies to securely make or manage payments, make real-time bank transfers, and have greater payment visibility. PISP tools can provide confirmation of funds’ availability, initiate single payments, and more.
AISP & PISP Licensing
To participate in the open banking ecosystem as a licensed AISP and/or PISP, companies must apply through the FCA in the UK or the local National Competent Authority in another EU member state. It can take around three to six months to get approved. Another option is to operate under Envestnet | Yodlee’s license, which can save time and minimise regulatory hurdles.
What Do I Need to Be an AISP?
Unlike PISP requirements, registering for an AISP license does not require any initial capital if it is obtained on its own, without authorisation for other services. However, like PISPs, AISPs have to hold professional indemnity insurance (PII) or comparable guarantee, which is calculated based on risk profile, the type of activity, and the size of activity. You won’t need your own AISP license if you operate under Envestnet | Yodlee’s AISP authorisation.
What Do I Need to Be a PISP?
In order to get a license that enables your business to provide payment initiation and other payment and e-money services under open banking regulations, your business must have a minimum of €50,000 or more in initial capital. Like AISPs, PISPs have to have professional indemnity insurance and fulfill a number of regulatory requirements in regards to liability, data protection, and security.
How can Envestnet | Yodlee Help Businesses Meet AISP and PISP Requirements?
At Envestnet | Yodlee, we’re continually working to ensure our customers have what they need to succeed in the complicated regulatory open banking environment. One way we’re doing this is through our Agency Model capability, which enables our customers to operate under Envestnet | Yodlee’s AISP license to satisfy FCA regulatory requirements.
By taking care of the AISP licensing burden for our clients and navigating the evolving landscape of other regulations and compliance requirements for them, Envestnet | Yodlee helps FinTechs and financial service providers get to market faster and build open finance solutions that leverage our enriched aggregated data alongside hard-to-access pension and investment data.
Our Client Governance
Before our customers can operate under our license and safely connect to the U.K. Open Banking ecosystem, we assess, validate and vet them through our Enhanced Client Governance Program. As a global leader and pioneer in customer-permissioned financial data sharing, we created this governance program to address asymmetries in developing regulatory frameworks for open finance that disadvantage new market entrants. We also aim to provide an even higher level of assurance of our clients’ conduct, risk posture, and consumer protection capabilities.
Once we’ve determined a customer meets our governance requirements for Register Agents, the rest of our onboarding process is simple and straightforward. In most cases, you can expect to begin accessing relevant data within days, thanks to our developer-friendly environment with quickstart resources and data samples, and our ready-made open banking APIs.
Benefits of the Registered Agency Model
Partnering with Envestnet | Yodlee and using our registered agency model makes it possible to get to market faster and safely leverage global financial data. This registered agency model is especially helpful for financial service providers looking to expand into the U.K. and Europe – especially FinTechs that often lack the scale or resources because they’re just starting out. By using this registered model, you can:
Offer more choices
U.K. consumers, especially younger demographics, increasingly regard their personal data as an asset they can use to their advantage in data exchanges. With Envestnet | Yodlee’s data connections, you can provide consumers with more choice and innovation, and build trust and brand preference in the process, by offering more open banking-powered applications and services.
Handle more use cases
Our customers can easily move beyond payment accounts to create solutions for popular client use cases they’d otherwise be locked out of, including price comparisons, lending decisions and credit assessments, account analysis, account aggregation, and more.
Build open finance solutions
While not operating under our AISP license, our wider Open Finance API enables customers to access the pension and investment data they need to deliver true open finance solutions that help consumers address complex financial matters such as wealth management.
Leverage the Open Banking Opportunity
While other providers offer a similar agency model in the U.K., none offer the resources or the experience to help financial service providers and FinTechs invest, scale, and grow for the long term like Envestnet | Yodlee. We provide a trusted and secure ecosystem that’s enabled for open banking with comprehensive and highly accurate financial data, and adherence to security and privacy best practices. We’re deeply committed to evolving open banking systems around the globe to help our customers deliver the financial wellness solutions that provide better financial guidance for their clients.