FCA to scrap 90-day open banking rule

30th November 2021

The Financial Conduct Authority (FCA) is looking to scrap a key open banking rule requiring users to reauthenticate access to customer accounts every 90 days.

The move will mean that consumers will no longer need to reauthenticate permissions with Account Servicing Payment Service Providers every 90 days if accessing account information through a third-party provider.

The ’90-day’ rule came into force in 2018. Aggregator apps were instantly forced to send their customers to re-authenticate with each bank every 90-days. Drop off rates (where customers decided to stop using open banking) were above 50 per cent, affecting even the highly engaged consumers.

The new rules change follows an ongoing consultation by the FCA with the open banking industry. From 26th March 2022, banks will only have to authenticate for the first access request of an account information service provider.

Commenting on the proposed changes to Jason O’Shaughnessy, Head of International Business at Envestnet Yodlee, said “The change to the 90-day reauthorisation rule is an important step for the industry. It means apps that provide personal finance management and financial advice solutions will no longer require the end user to reconnect every 90 days. This is now managed and controlled by the third-party provider. This takes the burden away from the end user, while limiting the risk of the end user potentially missing out on financial savings or keeping up to date with their finances.”