Skip links

Is there a need to standardise the technical specification for open banking certificates in the UK?

The UK Financial Conduct Authority’s amendment to the UK-RTS (PS20/13) creates regulatory requirements for an alternative form of certificate to be used for TPP identification in open banking.

While there is a short-term need for business continuity – and a transition period to cater for that – it is also clear that there is a strong desire for continued harmonisation with the EU and for internal competition within the UK.

As it stands today, there is currently no technical specification that encapsulates the FCA regulatory requirements.  However, there are two routes that could be pursued to achieve a safe, competitive landscape for certificate issuers, aligned with EU standards:

  1. To adopt the ETSI solution which will be available in January 2021

ETSI has started work to extend the European Technical Standard TS119 495 for PSD2 certificates to include non-EU PSD2 cases and non-EU countries. This specification will be available in January and will meet FCA content requirements.

  1. For tScheme and the UK trust service providers to provide the required standards

The industry has already engaged with tScheme and the UK trust service providers to understand their willingness to provide the trust framework and standards.

Alternatively, a hybrid situation, using formatting elements from TS 119 495 and policy requirements from tScheme, could also be pursued.

The UK Open Banking Implementation Entity (OBIE) provides certificates, however, they are not currently audited within any of the EU or UK trust frameworks, leaving certain elements of the trust system unaudited.

It is important that after the transition period ends in June 2021, the UK market is set up to enable UK banks to accept certificates issued by any of the QTSPs or TSPs operating in the UK today.

An appropriate solution would be for the financial sector to agree to, or create, an open standard that complies with the UK-RTS as published in FCA PS20/13. This would include both the technical formatting and the trust framework, against which certificates would be measured. This would achieve a trusted, secure, and competitive landscape enabling the open banking ecosystem in the UK to continue to thrive.