Why Choose GPS Open Banking TPP Access Compliance?
In January 2018 the European Union Payment Services Directive (PSD2) came into force across Europe, delivering a consistent vision for open banking across all member states.
Payment Service Users will have a legal right to share their personal transactional account data from their financial institution with regulated third parties to enable better financial outcomes.
What financial institutions need to do to respond
Financial institutions must provide regulated third parties (TPPs) access to end user transactional account data, with external testing to be in place by the deadline of March 2019.
To enable the Payment Service User (PSU) ‘consented access’, the ﬁnancial institution is required to provide access permissions to TPPs.
All transactional accounts such as prepaid cards and wallets are affected.
Benefits of using our Open Banking TPP Access Compliance
• Risk Management – Konsentus reference all regulatory databases to ensure third parties have retained their approved status when accessing data.
• Reduces Costs – No integrations to regulatory databases, no requirement to build a consent and preference management platform
• Quick to implement – an API based cloud SaaS solution that can be quickly and easily deployed by you
• Reliability – built by an experienced FS management team who understand the requirement for 100% resilience, built with full live / live DR
• Additional Income – whilst access to transactional accounts cannot be charged for, access to other accounts and data can. Konsentus can not only provide access permissions for this but also manage the complete billing cycle and funds collection on your behalf
Konsentus provides 3 core services:
• TPP Regulatory Checking – Konsentus references 70+ databases (EBA register, National Competent Authorities, Qualified Trust Service Providers and Scheme regulatory where applicable) to ensure a TPP is approved/registered to provide PSD2 open banking services.
• Consent and Preference Management – Konsentus holds PSU consent and preferences; issuing access tokens for TPPs to access PSU accounts.
• FI Premium APIs: Tracking, Invoicing and Funds Collection – Enabling FIs to charge TPPs for access to non Payment accounts.
Third Party Provider approval
There exist many challenges to verify that a TPP can be approved due to:
• Scheme Regulatory Databases (i.e. UK Open Banking) are not compulsory to register with
• National Competent Authority Databases are not Machine Readable
• National Competent Authorities have no legal obligation to notify Scheme Regulatory Databases other than a general published bulletin when they revoke a TPP
• National Competent Authorities have no SLA in place about notifying passported NCAs when a TPP is revoked
• eIDAS Seal Certificates must be validated with the correct Qualified Trust Service Provider to ensure integrity of the data received from the TPP
Facilitating TPP checking and management
The solution ensures that FIs only ever provide data to approved/registered TPPs.
We are able to achieve this by referencing all relevant authorities and regulatory bodies across Europe:
• 1 EBA Central Register
• 8 scheme regulatory databases e.g. UK Open Banking, STET Group
• 31 EEA National Competent Authorities
• 30+ Qualified Trust Service Providers across the EEA