[Openid-specs-fapi] UK Open Banking Development Group & the CMA Implementation Entity

Nat Sakimura n-sakimura at nri.co.jp
Mon Aug 15 01:31:21 UTC 2016

Hi Dave, 


Sorry for a tardy reply. It was the “Obon” (coming of ancestral spirits) holiday in Japan and I was in a mountain that I had very little network access. 


Thank you very much for the detailed explanation. It is very helpful. 


I gather that we need to establish a communication path with the Implementation Entity quite quickly before they decide on their own. At least, we should be able to supply some expertise on the OAuth side, just like we are going to feed it back to US FS-ISAC’s group. 


What is the concrete step that we need to do this? 



PLEASE READ :This e-mail is confidential and intended for the

named recipient only. If you are not an intended recipient,

please notify the sender  and delete this e-mail.


From: Openid-specs-fapi [mailto:openid-specs-fapi-bounces at lists.openid.net] On Behalf Of Dave Tonge via Openid-specs-fapi
Sent: Wednesday, August 10, 2016 5:48 PM
To: Openid-specs Fapi <openid-specs-fapi at lists.openid.net>
Subject: [Openid-specs-fapi] UK Open Banking Development Group & the CMA Implementation Entity


Hi all

Apologies that I wasn't able to join the last meeting. Unfortunately the meeting schedules are not ideal for European time zones.

I saw that there was discussion about the Open Banking Development Group and I thought it worth giving some background to this group. 

The UK Competitions and Markets Authority (CMA) yesterday released their final report into the UK Retail Banking Sector.

One of their key remedies is Open Banking APIs. They have embraced the Open Banking Working Group report and are: 


"requiring that RBSG, LBG, Barclays, HSBCG, Nationwide, Santander, Danske, BoI and AIBG (the largest banks in GB and NI) adopt and maintain common API standards through which they will share data with other providers and with third party service providers including PCWs, account information service providers (AISPs) and payment initiation service providers (PISPs)."

These APIs will be used both for product and service data, as well as transactional data. The section relating to transactional data is: 


"requiring the largest banks in GB and NI (listed above) to agree with the IT open standards for APIs with full read and write functionality and make available through them PCA and BCA transaction data sets, to be released no later than the transposition deadline of the second Payment Services Directive (PSD2) ie by 13 January 2018."

While some of us in the industry were pushing for more aggressive timelines, we are still happy that this is a CMA 


 that the banks will have to comply with.

The CMA have instructed the banks to set up an Implementation Entity with an independent chair. The entity will be funded by the banks but the CMA have recommended that there is involvement from non-banking industry participants on the implementation entity. Payments UK have already set up this Implementation Entity: 

Currently this implementation entity has already started meeting and discussing the technical standards for the API. Its current membership has only representatives from the Top 9 UK banks and Payments UK. 

The ODi are proposing that they administer and co-ordinate an "Open Banking Development Group" to "drive forward open innovation around an open banking standard on a UK and international basis".

​My understanding is that a

t the moment this is an initiative of the ODi 

​ and that ​

there is no wider mandate for OBDG. 

The "hope" is that the OBDG will work with the above mentioned implementation entity:


"We hope that the OBDG will be able to work with the CMA IE to ensure the standards and APIs used by the CMA IE to meet the CMA’s defined objectives are consistent with the work done by the OBDG."




I think it is good that the FAPI WG engage with the OBDG, but with the understanding that this is early days for the OBDG.


More importantly I suggest that the FAPI WG establish communication with the Implementation Entity directly. This is the organisation with the mandate to establish open banking APIs in the UK, it has no further need for funding and is already meeting and discussing APIs. 


Please let me know if I can be of any assistance in this area.





Dave Tonge



10 Temple Back | Bristol | BS1 6FL

t: +44 (0)117 280 5120

m: +44 (0)7577 815570


Momentum Financial Technology Ltd is authorised and regulated by the Financial Conduct Authority (Register number 561538). Registered in England & Wales, company registration number 06909772. DISCLAIMER: This email (including any attachments) is subject to copyright, and the information in it is confidential. Use of this email or of any information in it other than by the addressee is unauthorised and unlawful. Whilst reasonable efforts are made to ensure that any attachments are virus-free, it is the recipient's sole responsibility to scan all attachments for viruses. All calls and emails to and from this company may be monitored and recorded for legitimate purposes relating to this company's business. Any opinions expressed in this email (or in any attachments) are those of the author and do not necessarily represent the opinions of Momentum Financial Technology Ltd or of any other group company.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20160815/30215322/attachment.html>

More information about the Openid-specs-fapi mailing list