Why Open Banking Was Created: Competition, Innovation, and Consumer Rights

Open banking was created through deliberate regulation to fix structural failures in financial services, specifically weak competition, consumer data lock-in, and unsafe workarounds like screen scraping. Regulators in the UK, EU, and now the U.S. concluded that banks’ exclusive control over customer data reduced choice, raised switching costs, and discouraged innovation. By mandating secure, standardized data access with explicit consumer consent, open banking aims to rebalance power toward consumers, lower barriers for new entrants, and modernize financial services without compromising security.

• Competition fix: UK regulators found that data lock-in and high switching costs protected incumbents more than better pricing or service quality.
• Consumer protection: Open APIs replaced risky practices like credential sharing, while PSD2 reduced liability for unauthorized transactions and mandated Strong Customer Authentication.
• Innovation catalyst: Standardized data and payment initiation enabled new use cases such as account aggregation and low-cost bank-to-bank payments.
• Proven adoption: As of December 2024, the UK reached 12.09 million active users and 223.9 million open banking payments, up 72% year over year.
• Global momentum: Australia’s Consumer Data Right and the U.S. CFPB Section 1033 rule reflect a shared regulatory push toward consumer-controlled financial data.

Open banking did not emerge from a sudden technological breakthrough or a grassroots consumer movement. It was a deliberate regulatory intervention aimed at fixing structural problems in financial services, including limited competition, data lock-in by incumbent banks, and barriers to innovation.

Governments stepped in after recognizing that existing market dynamics were not delivering fair access, transparency, or consumer choice. Understanding why regulators mandated open banking helps clarify its core objectives and whose interests it is designed to protect.

The Competition Problem

At the core of open banking’s origins was a structural competition problem. Incumbent banks did not only dominate financial services distribution; they also controlled the customer data required for competitors to build alternative products. This data control created a self-reinforcing advantage, allowing established banks to protect market share without improving pricing, service quality, or innovation.

Before open banking, launching a third-party financial service faced significant practical barriers. A budgeting or personal finance app needed transaction-level bank data to function properly, but banks had no obligation to share it. Manual CSV exports were technically possible, yet so cumbersome that adoption remained minimal. The main workaround, screen scraping, which required users to share online banking credentials, introduced security risks, inconsistent data access, and frequent service disruptions, and was actively discouraged by banks.

In the UK, regulatory intervention followed a formal competition investigation. The Competition and Markets Authority required the nine largest retail banks to implement standardized open APIs after concluding that the market’s concentration limited consumer choice. The findings showed that high switching costs, opaque pricing, and restricted access to customer data reduced competitive pressure. Data lock-in, rather than product quality alone, was identified as one of the primary barriers preventing new entrants from competing effectively.

The Consumer Protection Imperative

Alongside competition concerns, regulators recognized growing consumer protection risks from informal data-sharing practices that emerged in the absence of proper infrastructure. Screen scraping, the practice where third-party services accessed bank accounts using consumers’ actual login credentials, became widespread despite its clear security vulnerabilities.

When consumers shared their username and password with a budgeting app or payment service, they were typically violating their bank’s terms of service. They also had no clear recourse if something went wrong. If a third party misused the data, suffered a breach, or triggered security controls that locked users out of their accounts, responsibility was often unclear.

The Payment Services Directive 2 aimed to improve the security of payment transactions across the European Union, enhance protection for consumers and businesses, and level the playing field for payment service providers. Among its key provisions were requirements for Strong Customer Authentication and secure, standardized access to payment account information.

PSD2 reduced consumer liability for unauthorized payment transactions from €150 to €50 and required more explicit information about payment services and transactions. These protections were designed to give consumers confidence that sharing their data through regulated channels would not expose them to unacceptable financial or security risks.

Innovation and the Digital Economy

By the early 2010s, technology was transforming virtually every sector of the economy, but banking remained remarkably resistant to disruption. While consumers could order transportation, food, or entertainment through their phones with a few taps, basic financial tasks often required multiple logins, manual data entry, and complex processes.

The regulatory framework for financial services, designed for a world of physical branches and paper statements, had not adapted to digital innovation. The Payment Services Directive 2 is a European Union directive adopted in 2015 and implemented across the European Union and the European Economic Area from 2018. It regulates payment services and payment service providers and aims to increase pan-European competition and participation in the payments industry, including by non-bank providers.

Regulators recognized that without intervention, banking would continue to lag behind other sectors in adopting modern technology and serving consumer needs. Open banking sought to standardize access to financial data and payment initiation in order to lower barriers for innovative services while maintaining security and consumer protections.

Consider payment initiation as an example. Before open banking, most online payments flowed through card networks or traditional bank transfers that required manual entry of account details or redirection through online banking interfaces. Open banking allows regulated third parties to initiate payments directly from consumers’ bank accounts with their explicit consent, with the potential for faster settlement, lower fees, and improved user experiences.

The Self-Reinforcing Lock-In Effect

Banks’ control over customer data created what economists describe as switching costs. Even when customers were dissatisfied with fees or service quality, moving to a competitor often meant losing continuity in their financial history. A new lender could not easily evaluate creditworthiness without access to detailed transaction data, and a financial advisor could not offer fully personalized guidance without visibility into spending patterns. Each additional service tied to a bank-held data history increased the friction involved in switching providers.

This lock-in effect weakened competitive pressure across the banking sector. When customers cannot move easily between providers, incumbent institutions face reduced incentives to lower fees, improve service quality, or innovate. The UK’s implementation of open banking explicitly targeted this problem by enabling customers to share their financial data securely with other providers, making switching and multi-provider use significantly easier.

As of December 2024, the UK had 12.09 million active open banking users. During 2024, 223.9 million payments were made using open banking-enabled services, representing a 72% increase compared to 2023. These adoption figures indicate that when consumers were given standardized, secure tools to access and share their financial data, many chose to do so at scale.

International Regulatory Momentum

While Europe and the UK led the initial wave of open banking mandates, the concept has since expanded globally, with jurisdictions adapting the model to fit their regulatory frameworks and market structures. Australia implements open banking through the Consumer Data Right framework, which allows consumers to authorize accredited third parties to access their financial data and, in later phases, initiate actions such as payments.

In October 2024, the Consumer Financial Protection Bureau finalized rules under Section 1033 of the Dodd-Frank Act, formally establishing Personal Financial Data Rights and creating a regulatory foundation for open banking–style data access in the United States.

The parallel development of open banking across multiple regions reflects a shared regulatory consensus that consumer control over financial data, secure standardized access, and lower barriers to competition serve important public policy goals. While implementation approaches differ, the United States relies on a more principles-based regulatory model, while the UK mandated detailed technical standards, the core objectives remain aligned across jurisdictions.

Beyond Compliance to Ecosystem Development

What began as a regulatory mandate to address competition and consumer protection in the UK banking market has evolved toward a broader ecosystem approach to financial services. As part of the CMA’s remedy, the Open Banking Implementation Entity (now known as Open Banking Limited) was established to develop the UK’s open banking standards and support the rollout of functionality required under the CMA’s Open Banking Roadmap.

In September 2024, the CMA confirmed that all nine mandated UK banking providers completed the final Open Banking Roadmap requirements, including advanced functionality like variable recurring payments. This milestone has been positioned by the CMA and industry stakeholders as moving the market beyond initial compliance toward ongoing innovation, expansion of services, and broader ecosystem development.

Addressing Power Imbalances

Ultimately, open banking represents an attempt to rebalance power in financial services. For decades, banks controlled both the infrastructure for moving money and the information generated by those movements. This dual control gave incumbent institutions significant leverage over consumers and over potential competitors seeking to offer alternative services.

By mandating that banks provide secure, standardized access to customer account data and, in some jurisdictions, payment initiation capabilities, explicitly subject to customer consent, regulators sought to separate control of financial infrastructure from control of financial data. The underlying payment infrastructure remains highly regulated and largely operated by established institutions, but access to the data layer is opened to competition, with consumers determining which third parties may access their information and for what purposes.

This rebalancing is neither complete nor uniform. Banks continue to hold structural advantages in capital, brand trust, customer relationships, and regulatory experience. However, open banking lowers barriers for smaller, specialized providers to compete on discrete use cases, such as payments, budgeting, lending, or account aggregation, without needing to operate as full-service banks themselves.

The Forward-Looking Vision

While open banking initially focused on payment accounts and transaction data, the regulatory vision has always extended further. The broader shift toward “open finance” aims to encompass loans, savings, investments, pensions, and insurance, with regulators in both the UK and the EU developing frameworks to expand data sharing beyond core banking services.

In the European Union, the proposed Financial Data Access framework is intended to enable the sharing of a wider range of financial data beyond payment accounts, including data held by credit institutions, investment firms, and insurance companies, subject to consumer permission and standardized safeguards. In the UK, the Financial Conduct Authority has indicated that the regulatory foundations for the first Open Finance scheme are expected to be in place by the end of 2027, reflecting a phased and deliberate approach.

This expanded vision reflects an understanding that the structural problems open banking was designed to address, entrenched incumbency, consumer lock-in, barriers to innovation, and unsafe informal data-sharing practices, are present across financial services, not solely within payment accounts.

Lessons and Ongoing Challenges

The story of why open banking was created offers lessons about how regulation can address market failures while enabling innovation. It illustrates both the power and the limitations of regulatory mandates. Building the infrastructure and standards for open banking has proven complex and costly, and there are ongoing debates about long-term sustainability and appropriate commercial incentives for ecosystem participants.

Yet the alternative, allowing the pre, open banking status quo to continue, would have left consumers with limited control over their data, innovators facing high barriers to entry, and incumbent banks with entrenched positions that reduced competitive pressure. Open banking represents a deliberate attempt to shape market structure through regulation in support of consumer welfare, competition, and innovation.

Whether it fully achieves these objectives remains a work in progress. However, understanding why open banking was created helps clarify what success should look like: consumers able to use their financial data as they choose, protected by strong security and governance standards, within a competitive market that serves their interests rather than primarily protecting established institutions.