Open Banking

Open Banking gives you the choice to let regulated third party providers, known as TPPs, to access your bank account data. Open Banking can be used with any payment account that is accessible online. This includes current accounts, credit cards and some savings accounts.

Open Banking is designed to bring more competition and encourage innovation in financial services.

Giving TPPs access to your account is completely optional.

How Open Banking works
Safety and security
Stop sharing your data
Make a complaint
Common questions
Frequently asked questions

How Open Banking Works


The features of Open Banking, which are offered by TPPs, can include:

  • personal finance management
  • a single view of all your accounts in one place
  • debt management tools
  • make payments directly from your bank, through a third party provider's app or platform
  • product comparisons and recommendations to help you save money.


For third party providers to be able to offer any of these features, the provider will either:

  • use specific software that can work in the background online or through a mobile app. This software talks to the software provided by the bank, allowing them to share information between each other
  • use login details to access your bank account on your behalf and find the information they need to.

You must give your explicit permission to the provider before they can do either of these things. TPPs must give you enough information to understand the nature of the service, how it will use your data and whether it will share your data with anyone else.
If you use online or mobile banking with your current account you can give TPPs access to your account information today.
The Co-operative Bank does not currently offer its own Third Party Provider (TPP) services.

Safety and security

Any third party that offers an open banking service must be regulated by the FCA or European equivalent. They also must comply with data protection laws. In the UK, that's the Data Protection Act. You can check the FCA register for a list of all authorised TPPs

You will be asked to provide explicit permission to the TPP accessing your data. You can choose which services you use, and which providers you allow to access your information.

If you choose to use Open Banking, please be aware that personal and financial information you share with third party providers is valuable to fraudsters. Remember to:

  • be cautious when you receive seemingly random contact by telephone, email or social media. Fraudsters will pretend to be legitimate companies, so please be careful when anyone requests your personal or financial information

  • double check that the third party provider you are providing your banking details to is legitimate and authorised

  • avoid disclosing any personal or financial information if you don't know who you are talking to or suspect the provider isn't who they claim to be

  • make sure you understand and agree with the level of access you are providing, what account data you will share, and how your information will be used.

Stop sharing your data

If you'd like to stop sharing your data with the third party provider, get in touch directly with them to remove their access.

Make a complaint

If you have a complaint about the service provided to you by the third party provider, contact them directly. If you have a complaint regarding the security of your accounts or behaviour of a TPP that you think is in breach of the Data Protection Act, please contact us.

How can I use Open Banking?

All you need to do is sign up to regulated third party providers (companies who offer Open Banking services) who work with us. Third party providers themselves will be able to tell you more about the services they offer.

You do not need to opt-out of Open Banking, unless you provide explicit instructions to a TPP your account(s) cannot be accessed.

I want to use a TPP that won't let me use my Co-operative bank account

There are various reasons why we may not work with a certain third party provider, but you can ask them to approach us to use our services. We work with all third party providers that approach us, as long as they provide the required information, we can verify their identity and they are fully authorised to act as a third party provider.

What happens with my Everyday Rewards payment?

If the TPP is logged in and accessing your account on your behalf, you will still qualify for Everyday Rewards, so long as you meet all qualifying criteria.

To get Everyday Rewards, each month you must:

  • pay in a minimum of £800 to the nominated account

  • stay in credit, or within your agreed arranged overdraft limit on the nominated account

  • log in to Online Banking or the Mobile Banking app at least once during the month

  • remain opted in for Paperless Statements on your nominated account

  • pay out at least four Direct Debits from your nominated account.

What happens to my Third Party Provider (TPP) services if I switch my account to you?

We allow you to give TPPs (such as financial comparison websites, money management apps and payment services) the ability to make payments on your behalf, and to access your financial data.

If you could do this with your old account, there are a couple of things you’ll need to do once you switch to us:

  • before you close your old account, check whether you have any TPP permissions set up and if so, who with. Your old bank may be able to provide you with a list of the TPPs you had permitted to access your old account
  • permissions to TPPs to access services  on your account won’t be transferred as part of the Current Account Switch Service. Once your new account is open you can give your permission to the TPPs to access your new account by providing them with your new account details. You will need to contact the TPPs directly yourself to set this up
  • if you had set up any Standing Orders on your old account via a TPP then we will ensure that any of these payments due to be made after the switch is complete will still be made. In cases where we cannot match the payment frequency of your existing Standing Order mandate, we will contact you to agree alternative arrangements.

Please note: we only allow access to TPPs that are authorised by law to provide their services, so there’s a chance that your current TPP may not be supported to access Co-operative Bank accounts. Our terms and conditions provide more information about TPPs.

What happens if I've noticed a transaction I don't recognise?

If you notice a payment out of your account that you did not authorise, you should contact us as soon as possible on 03457 212 212 (call charges) lines are open 24/7.

If you did not authorise the transaction you can claim a refund. You should contact us to claim a refund even if you think a Third Party Provider (TPP) was used to make the payment.

I'm being asked by a Third Party Provider (TPP) for my online banking security logon credentials, is this OK?

Third Party Providers (TPPs) that provide Account Information Services (AIS) or Payment Initiation Services (PIS) often ask you to share your bank security details with them, such as your username and passwords. The banking terms and conditions that you agreed to with us from 13 January 2018 allow you to do this with regulated AIS or PIS providers, and we cannot hold you responsible for unauthorised transactions if you have shared your credentials with authorised AIS and PIS providers.

Under existing data protection regulations, TPPs must protect your data and the regulators will require these businesses to put further measures in place to keep your credentials safe and secure.

You should be vigilant to fraud when using online Account Information Services (AIS) or Payment Initiation Services (PIS). To find out if a TPP is legitimate and regulated, you can check the FCA register for a list of all authorised TPPs. If you don’t know who you are talking to, or there is reason to suspect that the provider is not who they claim to be, don’t disclose your banking security credentials, or other personal or financial information.

How do I give consent for a Third Party Provider (TPP) to access my account data?

When you sign up with a (TPP) for account information services, the TPP should give you enough information to understand the nature of the service being provided and how it will use your data, including whether it will share your data with anyone else. It will need to get your consent to access your data for the purpose of providing services to you.

TPPs that can initiate payments on your behalf also access your account to do so, but in a more limited way than for account information services. If you are making a payment using a Payment Initiation Service Provider they will ask you before they initiate the payment where you give your consent for them to do so.

TPPs that issue cards or e-wallets, which you can use to make payments from any account you have linked to that card, will also have to ask for your consent before they can ask us to confirm if you have enough money in your account to make a payment. You will also need to provide your consent to us before the TPP can begin this service for you.

Companies that access your data need to comply with data protection law. Banks, building societies and other payment services providers, including Account Information Services (AIS) and Payment Initiation Services (PIS) providers, will be subject to the General Data Protection Regulation as well as the requirements of PSD2.

I don't know if I've agreed to have Third Party Provider (TPP) services on my account?

You should contact the Third Party Provider (TPP) directly, to check the agreement they have with you.

To find out if the TPP is regulated you can check the FCA register of all authorised TPPs.

What types of services do Third Party Providers (TPPs) provide?

With your consent, FCA Authorised Third Party Providers can allow you to see all of your bank account information in one place, for example in a mobile app or online. These services can also be used to pay for things online, as an alternative to using your debit or credit card.

You might see these services being provided by companies you recognise, such as high street banks, or by other companies who are not banks. There are a number of companies who have provided these services for some time in the UK, but they are only regulated from 13 January 2018 onwards.

You may see these services referred to as Account Information Services (AIS) or Payment Initiation Services (PS).

Not found what you're looking for?

Contact our support team