The one-sentence definition
Open banking is a set of rules and technical standards that force banks to share your account data, with your explicit consent, with licensed third-party providers - usually apps you have chosen to give access to. Crucially, the bank cannot charge for that data and cannot make the experience artificially worse than its own app. That sounds dry on paper but it is the reason a generation of consumer money apps could exist at all.
In the United Kingdom the rules come from the Open Banking Implementation Entity (OBIE), a body the Competition and Markets Authority created in 2018. In the European Union they come from the second Payment Services Directive (PSD2), in force since 2018, with a 2026 update under PSD3 / PSR1 currently moving through the legislative pipeline.
Two licences, two different jobs
Within open banking there are two regulated activities and they often get confused. Both require an FCA (UK) or national-regulator (EU) licence and both involve consent, but the surface is different.
- Account Information Service Provider (AISP): can read your accounts and balances, with consent. This is what most net-worth and budgeting apps use, including Bank AI.
- Payment Initiation Service Provider (PISP): can initiate a payment from your account, with consent, on your instruction. This is what some pay-by-bank checkout flows use, where you click 'pay with my bank' instead of using a card.
What you actually see as a user
When you connect a bank to an open-banking-powered app, the experience usually goes like this. The app sends you to your bank's website or mobile app for strong customer authentication (face, fingerprint, or password and 2FA). The bank shows you exactly what data the app is asking for and for how long. You confirm. You go back to the app. The connection lasts up to 90 days under PSD2, after which you are asked to renew it.
The bank never sees the third-party app's questions. The third-party app never sees your bank password. That is the whole point of the architecture - it removes the screen-scraping pattern that pre-PSD2 apps had to use, where you would hand over your bank password and hope.
What it means for savers and investors
For day-to-day money the practical consequence of open banking is that the friction of using more than one bank, broker or wallet has dropped close to zero. You can have current accounts at Monzo and HSBC, an ISA at Hargreaves Lansdown, a SIPP at AJ Bell, a Trade Republic Depot, an assurance-vie at Linxea and crypto on Binance, and a single licensed AISP can show you all of it on one screen.
For investors specifically, this changes how you should think about platform choice. Pre-2018, the cost of being on multiple brokers was your time - reconciling statements, building spreadsheets, copying tax wrappers across. Post-2018 that cost has effectively fallen to the cost of a single app subscription. The 'consolidate everything in one platform' argument has weakened proportionally.
The trade-offs
Open banking is not magic. There are three honest caveats worth knowing.
- Coverage is uneven. Major retail banks and brokers are well-covered. A long tail of private banks, pension trustees and tax wrappers either is not in scope (PSD2 only covers payment accounts strictly) or has thin connectors. Always check the app's coverage list.
- Refresh is not real-time. Most APIs are designed for periodic balance updates rather than tick-by-tick price feeds. Daily refresh is the norm; intraday is rare.
- Consent is time-limited. PSD2 forces a re-authentication every 90 days. Apps will surface this when it happens but it is one extra step you do not have with a single bank's own app.
Where this is going next
Two things to watch in 2026 and 2027. First, PSD3 / PSR1 in the EU is expected to extend the scope from payment accounts to investment accounts, pensions and savings products. If passed in the form drafted, that closes most of the coverage gap above. Second, in the UK, the Smart Data legislation (Data Protection and Digital Information Bill) is set to do the same thing across non-banking sectors - energy, telecoms, transport.
What this all adds up to is a long arc where 'I have one app for all of my money' stops being a fintech promise and becomes the default. Bank AI is one of the apps trying to make sure that future is built on AI-native interfaces, not on dashboards that look like Microsoft Money in 2003. But the foundation - open banking - is now bedrock, regardless of which app sits on top.
Frequently asked questions
Is open banking safe?
Yes, when used through a licensed Account Information Service Provider. The architecture is designed so that you never share your bank password with the third-party app - the bank's own strong customer authentication flow handles that - and the third-party app's read-only access expires automatically every 90 days under PSD2. There has been no published breach of an open-banking AISP in the UK or EU since the regime began in 2018.
Does open banking work with my pension or ISA?
It depends on the provider. PSD2 strictly covers payment accounts, but most major UK platforms (Hargreaves Lansdown, AJ Bell, Interactive Investor, Vanguard) and EU brokers (Trade Republic, Saxo, Boursorama) have extended their open-banking surface to cover ISAs, SIPPs, PEAs and Depots. Coverage of private pensions, trustee-held DC schemes and small private-bank wrappers is thinner.
Can apps move my money under open banking?
Only with separate explicit consent for each payment, and only if the app is licensed as a PISP (Payment Initiation Service Provider). Most net-worth apps are AISP-only and read-only by design - including Bank AI. They cannot move money even if asked.