We use cookies to allow us and selected partners to improve your experience and our advertising. By continuing to browse you consent to our use of cookies. You can understand more and change your cookies preferences here.


When you click on a retailer link on our site, we may earn affiliate commission to help fund our not-for-profit mission.Find out more.

29 Oct 2017

Open banking: 92% of the public in the dark

Which? explains what to expect from new rules on data sharing from Jan '18
Blue and red fibre optical cables on a black backg

New rules on open banking come into force from January 2018,giving you more control over how you share your financial data - but Which? statistics show the vast majority of current account holders haven't heard of it.

Although there are only a few months to go, anincredible 92% of the public say they haven't heard of 'open banking', according to our survey* last month.

We also asked the public if they would consider sharing their financial data if it meant that the products and services offered were more suited to them - but half (51%) said they were fairly or very unlikely to do so.

What is open banking?

Open banking refers to a new set of rules being introduced across the European Union - including the second Payment Services Directive (PSD2) as well as reforms driven by the Competition and Markets Authority (CMA) in the UK.

  • Under PSD2, financial providers of all online payments accounts - including current accounts, flexible savings accounts, e-money accounts and credit cards - must let customers easily and securely share their data, such as transaction history and spending behaviour, with regulated third-party providers (or TPPs).
  • In the UK, the CMA has focused on current accounts, telling the nine largest providers (Allied Irish Bank, Bank of Ireland, Barclays, Danske, HSBC, Lloyds Banking Group, Nationwide, RBS Group, Santander) to develop an 'open banking standard' so that customer data can be shared easily and securely - if customers ask them too.

Find out more:Open banking - everything you need to know about sharing your financial data

What will open banking look like?

HSBC has already announced a partnership with fintech firm Bud ahead of the open banking deadline next year.

Its online brand First Direct will offerBud's financial management tools so that customers can see all of their accounts in one place - including those from other providers - and make use of various tools and features:

  • Safe to spend - see how much you have to spend over the next month once regular payments such as rent, bills etc. are taking into account.
  • Lists - create separate lists of transactions across accounts to keep track of specific spending such as household bills or gift shopping.
  • Goals - set-up financial goals and monitor you progress against them, such as saving for a holiday.
  • Virtual joint accounts - securely share lists and goals with partners, friends, family members, and housemates.
  • Spend analysis- categorise transactions by retailer and by account

The trial will include 2,000 of its customers and up to 4,000 non-customers, running for six months from December.

Some of these features will already be familiar to anyone using apps by mobile-only banks Monzo and Starling.

Is open banking safe?

The CMA has set up Open Banking Ltd to deliver these changes, so Which? spoke to them about what protections are in place:

  • No one has to share their data if they don't want to. Any third-party provider must have your explicit permission first.
  • You decide what information you want to share, for how long and for what purpose. And you should be able to easily revoke consent if you change your mind.
  • All banks and third-party providers communicating via the 'Open Banking Directory' (the IT platform which makes it possible for banks and third-party providers to exchange information) must be appropriately regulated.
  • You can access the Financial Ombudsman Service or theFinancial Services Compensation Scheme if you have a dispute with the provider.
  • The regulated third-party provider is responsible for ensuring any personal data they process, store or transfer is appropriately and securely protected.

But, with such highly sensitive personal data at stake, and a potentially complicated chain of providers with access to it,Which? is concerned that it may not always be clear who is liable for loss of data.

We've also noticed that some current account providers are telling customers that they must check whether a third-party provider is regulated, not the bank - which may not inspire much confidence.

Another problem is that consumers may not know exactly what they are agreeing to when they give consent - it's already incredibly difficult for most people to understand how companies like Google and Facebook process and use our data.

Have your say:will open banking open new possibilities?- join the conversation

Open banking - an opportunity for fraudsters?

Open banking could make us more vulnerable.In particular, Which? is concerned that there will be an increase in bank-transfer scams, where customers are tricked into sending money to a criminal (often posing as the bank or the police).

In these cases, the customer is liable for losses because they authorised the payment. But last year, Which? raised a super-complaint to thePayment Systems Regulator (PSR) calling for banks to do more to protect customers.

Read more about the potential benefits and risks to open banking.

*Which? surveyed 3,895 members of the general public in August - September 2017.