Open banking

What is Open Banking?

Open Banking gives you the choice to let regulated third party providers, known as TPPs, access your bank account data.

Third party providers can introduce you to new banking products and services. They could also give you a more detailed understanding of your accounts, and help you find new ways to make the most of your money.

Open Banking is designed to bring more competition and encourage innovation in financial services.

Giving third party providers access to your account is completely optional.

How Open Banking works

The features of Open Banking, which are offered by third party providers, can include:

the ability for you to manage your company finances across multiple providers
making payments directly from your bank, through a third party provider's app or platform
product comparisons and recommendations to help you save money.

For third party providers to be able to offer any of these features, the provider will either:

use specific software that can work in the background online or through a mobile app. This software talks to the software provided by the bank, allowing them to share information between each other
use login details to access your bank account on your behalf and find the information they need to.

You must give your explicit permission to the provider before they can do either of these things. Third party providers must give you enough information to understand the nature of the service, how it will use your data and whether it will share your data with anyone else.

If you use online banking with your current account and the third party provider has registered with us you can grant access to your account information.

Safety and security

Any third party that offers an open banking service must be regulated by the FCA or European equivalent. They also must comply with data protection laws. In the UK, that's the Data Protection Act. You can check the FCA register for a list of all authorised TPPs.

You will be asked to provide explicit permission to the third party provider accessing your data. You can choose which services you use, and which providers you allow to access your information.

If you choose to use Open Banking, please be aware that personal and financial information you share with third party providers is valuable to fraudsters. Remember to:

be cautious when you receive seemingly random contact by telephone, email or social media. Fraudsters will pretend to be legitimate companies, so please be careful when anyone requests your personal or financial information
double check that the third party provider you are providing your banking details to is legitimate and authorised
avoid disclosing any personal or financial information if you don't know who you are talking to or suspect the provider isn't who they claim to be
make sure you understand and agree with the level of access you are providing, what account data you will share, and how your information will be used.

To stop sharing your data

Get in touch with the third party provider directly to remove their access to your data.

Make a complaint

If you have a complaint about the service provided to you by the third party provider, contact them directly. If you have a complaint regarding the security of your accounts or behaviour of a third party provider that you think is in breach of the Data Protection Act, please contact us.

Common questions

Is Open Banking secure?

The Payment Services Directive (PSD2) includes standards on how accessing and sharing data should be undertaken securely, in order to ensure customers are protected from potential fraud and data misuse. Under data protection law, third party providers must protect customers’ data and PSD2 regulation requires these businesses to put further measures in place to keep customers’ security details safe and secure.

Only businesses and organisations regulated by the FCA or another relevant financial services regulator in the EU are allowed to provide Open Banking services. Third party providers are not permitted to take any action on any account without the explicit consent of the account holder.

The Bank has the right to deny a third party providers access if we have good reason to believe they are trying to access customer accounts in an unauthorised or fraudulent way.

Can I use my account(s) normally if I don’t consent to third party providers?

Yes, you can use your account as you normally would.

I want to use a third party provider that won’t let me use my Co-operative Bank account?

There are various reasons why we may not work with a certain third party provider, but you can ask them to approach us to use our services. We work with all third party providers that approach us, as long as they provide the required information, we can verify their identity and they are fully authorised to act as a third party provider.

How do I give third party providers access to my account?

log in to your online banking
once you're logged in click on 'Menu' in the navigation bar and select 'Requests and activity log'
next select 'Order and requests'
followed by 'Make an order or request'
the service request menu will be displayed, select 'Trusted third party provider user creation'
in the 'Make a new request' screen from the drop down select the third party you want to provide access to
tick if you want to provide 'Account information services' or 'Payment instruction services' or select both and select the account you want to provide access to
click continue and the service request will be completed.

I have submitted my third party provider service request what happens next?

once we have received your service request we will contact you by email, to provide further information and instructions that you will need to complete the third party provider set up
please also refer to this user guide for support once we have contacted you.

Information for third party providers

If you're a third party provider a want to work with us, please read our information for third party providers.