Open Banking gives you the choice to let regulated third party providers, known as TPPs, access your bank account data.
Third party providers can introduce you to new banking products and services. They could also give you a more detailed understanding of your accounts, and help you find new ways to make the most of your money.
Open Banking is designed to bring more competition and encourage innovation in financial services.
Giving third party providers access to your account is completely optional.
The features of Open Banking, which are offered by third party providers, can include:
For third party providers to be able to offer any of these features, the provider will either:
You must give your explicit permission to the provider before they can do either of these things. Third party providers must give you enough information to understand the nature of the service, how it will use your data and whether it will share your data with anyone else.
If you use online banking with your current account and the third party provider has registered with us you can grant access to your account information.
Any third party that offers an open banking service must be regulated by the FCA or European equivalent. They also must comply with data protection laws. In the UK, that's the Data Protection Act. You can check the FCA register for a list of all authorised TPPs.
You will be asked to provide explicit permission to the third party provider accessing your data. You can choose which services you use, and which providers you allow to access your information.
If you choose to use Open Banking, please be aware that personal and financial information you share with third party providers is valuable to fraudsters. Remember to:
Get in touch with the third party provider directly to remove their access to your data.
If you have a complaint about the service provided to you by the third party provider, contact them directly. If you have a complaint regarding the security of your accounts or behaviour of a third party provider that you think is in breach of the Data Protection Act, please contact us.
To provide Xero with access, you need to request this via your Xero account. You can do this by following these steps:
Follow this Xero guide to adding your account if you need more information.
The Payment Services Directive (PSD2) includes standards on how accessing and sharing data should be undertaken securely, in order to ensure customers are protected from potential fraud and data misuse. Under data protection law, third party providers must protect customers’ data and PSD2 regulation requires these businesses to put further measures in place to keep customers’ security details safe and secure.
Only businesses and organisations regulated by the FCA or another relevant financial services regulator in the EU are allowed to provide Open Banking services. Third party providers are not permitted to take any action on any account without the explicit consent of the account holder.
The Bank has the right to deny a third party providers access if we have good reason to believe they are trying to access customer accounts in an unauthorised or fraudulent way.
Yes, you can use your account as you normally would.
There are various reasons why we may not work with a certain third party provider, but you can ask them to approach us to use our services. We work with all third party providers that approach us, as long as they provide the required information, we can verify their identity and they are fully authorised to act as a third party provider.
Not found what you're looking for?
Contact our support team