Publication
Regulation Around the World: Open Finance
In this issue of Regulation Around the World we look at how regulators are developing their proposals for Open Finance.
Global | Publication | July 2025
In this issue of Regulation Around the World we look at how regulators are developing their proposals for Open Finance.
Open Finance is an area of significant interest to regulators and has the potential to improve the way consumers and small and medium-sized enterprises manage their finances and the way firms interact with each other and with their customers.
Taking its cue from Open Banking, many think about Open Finance in terms of open Application Programme Interfaces (APIs). These APIs allow third party providers to create financial products, services and applications which leverage user data - provided with consent - to share across verified firms. But Open Finance also captures a desire to consider the role of transparency in data usage, storage, and portability which could unlock benefits for users and providers across the suite of financial service products.
From a financial services regulator perspective, there is a desire to understand how Open Finance will develop in a way that can benefit consumers. And regulators are asking a number of questions including how the data should be used and who should have access.
In November 2024 the UK Government issued a ‘National Payments Vision’ noting the vital role that Open Banking will play in providing greater choice to consumers and merchants in how they make and receive payments. The UK Government’s ambition is for the UK to be a world leader in Open Finance. The UK’s financial services regulator, the Financial Conduct Authority, has committed to publishing a roadmap for the rollout of Open Finance within a year, in its new five-year strategy launched in March 2025.
In Europe, the European Commission has published legislative proposals for a framework for financial data access. The framework builds on the existing ‘Open Banking’ access to customer data held by account-servicing payment service providers per the Payment Services Directive 2. A second set of measures is embodied in a legislative proposal for a framework for financial data access. This framework is intended to establish clear rights and obligations to manage customer data sharing in the financial sector beyond payment accounts.
In the UAE there have been significant developments with the Central Bank of the UAE issuing its Open Finance Regulation, establishing a comprehensive framework for the licensing, supervision and operation of Open Finance in Onshore UAE.
Another jurisdiction that is moving forward in the development of Open Finance is Australia. Open Banking in Australia operates under the Consumer Data Right (CDR) framework, enabling consumers to share banking data with accredited third parties. On 26 August 2024, the Treasury Laws Amendment (Consumer Data Right) Act 2024 (Cth) received Royal Assent and represents a significant evolution of the CDR framework by introducing “write access” capabilities.
At present, the status of Open Finance in the United States is very uncertain. The Trump Administration has announced its decision to withdraw its support of the Open Finance Rule.
Elsewhere in the world, Open Banking has not yet been implemented in Canada but the recently passed Consumer-Driven Banking Act lays the foundation for a national framework. In Hong Kong, the term ‘Open API’ is used rather than Open Banking or Open Finance and there are currently two key initiatives that are of note, the Open API Framework and the Fintech 2025 Strategy. And in China, the Peoples Bank of China and six other government agencies have jointly issued the Digital Finance Plan aiming to establish a highly adaptive financial system by 2027.
In this issue of Regulation Around the World we ask jurisdictions six key questions:
Publication
In this issue of Regulation Around the World we look at how regulators are developing their proposals for Open Finance.
Publication
Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security issues.
Publication
Canada and the European Union signed a Security and Defence Partnership (SDP), which formalizes a mutual intent to foster closer ties by establishing a framework for dialogue and cooperation across the full security and defence spectrum.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2025