By clicking a retailer link you consent to third-party cookies that track your onward journey. This enables W? to receive an affiliate commission if you make a purchase, which supports our mission to be the UK's consumer champion.

Open banking: 92% of the public in the dark

Which? explains what to expect from new rules on data sharing from Jan '18
Chiara CavaglieriSenior researcher & writer
Blue and red fibre optical cables on a black backg

New rules on open banking come into force from January 2018,giving you more control over how you share your financial data - but Which? statistics show the vast majority of current account holders haven't heard of it.

Although there are only a few months to go, anincredible 92% of the public say they haven't heard of 'open banking', according to our survey* last month.

We also asked the public if they would consider sharing their financial data if it meant that the products and services offered were more suited to them - but half (51%) said they were fairly or very unlikely to do so.

What is open banking?

Open banking refers to a new set of rules being introduced across the European Union - including the second Payment Services Directive (PSD2) as well as reforms driven by the Competition and Markets Authority (CMA) in the UK.

  • Under PSD2, financial providers of all online payments accounts - including current accounts, flexible savings accounts, e-money accounts and credit cards - must let customers easily and securely share their data, such as transaction history and spending behaviour, with regulated third-party providers (or TPPs).
  • In the UK, the CMA has focused on current accounts, telling the nine largest providers (Allied Irish Bank, Bank of Ireland, Barclays, Danske, HSBC, Lloyds Banking Group, Nationwide, RBS Group, Santander) to develop an 'open banking standard' so that customer data can be shared easily and securely - if customers ask them too.

Find out more:Open banking - everything you need to know about sharing your financial data

What will open banking look like?

HSBC has already announced a partnership with fintech firm Bud ahead of the open banking deadline next year.

Its online brand First Direct will offerBud's financial management tools so that customers can see all of their accounts in one place - including those from other providers - and make use of various tools and features:

  • Safe to spend - see how much you have to spend over the next month once regular payments such as rent, bills etc. are taking into account.
  • Lists - create separate lists of transactions across accounts to keep track of specific spending such as household bills or gift shopping.
  • Goals - set-up financial goals and monitor you progress against them, such as saving for a holiday.
  • Virtual joint accounts - securely share lists and goals with partners, friends, family members, and housemates.
  • Spend analysis- categorise transactions by retailer and by account

The trial will include 2,000 of its customers and up to 4,000 non-customers, running for six months from December.

Some of these features will already be familiar to anyone using apps by mobile-only banks Monzo and Starling.

Is open banking safe?

The CMA has set up Open Banking Ltd to deliver these changes, so Which? spoke to them about what protections are in place:

  • No one has to share their data if they don't want to. Any third-party provider must have your explicit permission first.
  • You decide what information you want to share, for how long and for what purpose. And you should be able to easily revoke consent if you change your mind.
  • All banks and third-party providers communicating via the 'Open Banking Directory' (the IT platform which makes it possible for banks and third-party providers to exchange information) must be appropriately regulated.
  • You can access the Financial Ombudsman Service or theFinancial Services Compensation Scheme if you have a dispute with the provider.
  • The regulated third-party provider is responsible for ensuring any personal data they process, store or transfer is appropriately and securely protected.

But, with such highly sensitive personal data at stake, and a potentially complicated chain of providers with access to it,Which? is concerned that it may not always be clear who is liable for loss of data.

We've also noticed that some current account providers are telling customers that they must check whether a third-party provider is regulated, not the bank - which may not inspire much confidence.

Another problem is that consumers may not know exactly what they are agreeing to when they give consent - it's already incredibly difficult for most people to understand how companies like Google and Facebook process and use our data.

Have your say:will open banking open new possibilities?- join the conversation

Open banking - an opportunity for fraudsters?

Open banking could make us more vulnerable.In particular, Which? is concerned that there will be an increase in bank-transfer scams, where customers are tricked into sending money to a criminal (often posing as the bank or the police).

In these cases, the customer is liable for losses because they authorised the payment. But last year, Which? raised a super-complaint to thePayment Systems Regulator (PSR) calling for banks to do more to protect customers.

Read more about the potential benefits and risks to open banking.

*Which? surveyed 3,895 members of the general public in August - September 2017.

More on this

Related articles

About Us

Which? Limited is registered in England and Wales to 2 Marylebone Road, London NW1 4DF, company number 00677665  and is an Introducer Appointed Representative (FRN 610689) of the following:


1. Inspop.com Ltd for the introduction of non-investment motor, home, travel and pet insurance, who are authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635). Inspop.com Ltd is authorised and regulated by the Financial Conduct Authority (FCA) to provide advice and arrange non-investment motor, home, travel and pet insurance products (FRN310635) and is registered in England and Wales to Greyfriars House, Greyfriars Road, Cardiff, South Wales, CF10 3AL, company number 03857130. Confused.com is a trading name of Inspop.com Ltd. 


2. LifeSearch Partners Limited (FRN656479), for the introduction of Pure Protection Contracts and Private Health Insurance, who are authorised and regulated by the FCA to provide advice and arrange Pure Protection Contracts and Private Health Insurance Contracts.  LifeSearch Partners Ltd is registered in England and Wales to 3000a Parkway, Whiteley, Hampshire, PO15 7FX, company number 03412386.


3. HUB Financial Solutions, for the introduction of equity release advice and an annuity comparison service, who are authorised and regulated by the Financial Conduct Authority (‘FCA’) to provide advice and guidance on financial products for those who have retired or are approaching retirement (FCA Firm Reference Number: 455713). HUB Financial Solutions is registered in England and Wales to Enterprise House, Bancroft Road, Reigate, Surrey RH12 7RP, company number 05125701.


4. Alan Boswell Insurance Brokers Ltd (FRN 301), for the introduction of non-investment landlord insurances, who are authorised and regulated by the Financial Conduct Authority to provide advice and arrange insurance contracts. Alan Boswell insurance brokers Ltd is registered in England at Prospect House, Rouen Rd, Norwich NR1 1RE, company number 02591252.


Other financial services:

Mortgage service provided by London & Country Mortgages (L&C), Unit 26 (2.06), Newark Works, 2 Foundry Lane, Bath BA2 3GZ. London & Country are authorised and regulated by the Financial Conduct Authority (registered number: 143002). The FCA does not regulate most Buy to Let mortgages. Your home or property may be repossessed if you do not keep up repayments on your mortgage.


We do not make, nor do we seek to make, any recommendations or personalised advice on financial products or services that are regulated by the FCA, as we’re not regulated or authorised by the FCA to advise you in this way. In some cases, however, we have included links to regulated brands or providers with whom we have a commercial relationship and, if you choose to, you can buy a product from our commercial partners. 


If you go ahead and buy a product using our link, we will receive a commission to help fund our not-for-profit mission and our campaigns work as a champion for the UK consumer. Please note that a link alone does not constitute an endorsement by Which?.