The Financial Conduct Authority’s (FCA’s) decision to change the 90-day re-authentication rule has been hailed a “huge win” for the Open Banking industry.
Following a consultation, the UK regulator published its policy statement, PS21/19, on 29 November in which it set out changes to Strong Customer Authentication (SCA), in response to feedback from the industry which agreed that the existing 90-day reauthentication requirement is “onerous, resulting in wasted time, poor customer experiences and high customer drop-out rates”.
Jack Wilson, head of public policy at TrueLayer, said: “We welcome the news that the FCA is replacing the need for 90-day re-authentication by ensuring banks should only authenticate for the first access request of an account information service provider.
“While the ‘90-day’ rule was introduced with good intentions, it was causing some significant issues for Open Banking-based services.”
He added: “Now there will be no need for customers to jump through the credential-sharing hoops with each of their connected banks every 90-days. Instead, it will be for the AISP, such as TrueLayer, to manage the customer’s data sharing, by asking the customer at 90-day intervals whether they wish for data sharing to continue.”
One trade association reported to the FCA that TPPs were experiencing customer attrition rates of around 20% to 40% at the 90-day mark when SCA is required.
Yolt CEO Nicolas Weng Kan said that the FCA’s decision is a “tremendous move forward towards the mass adoption of Open Banking”.
“Breaking down the barriers to entry and improving the front-end customer experience is going to significantly help Open Banking providers, such as Yolt, to innovate and help businesses and their customers unlock the full potential of Open Banking,” he added.
Yapily head of public policy Maria Palmieri called it a “huge win” for the Open Banking industry and agreed it would encourage “even greater adoption” of Open Banking by consumers and businesses.
“This is a clear sign the FCA wants to ensure the future success of Open Banking,” she said.
“What’s more, it’s extremely encouraging to see how the FCA has taken on board feedback from industry players when making this decision.”
Palmieri said that the importance of consumer protection cannot be overstated when it comes to sharing financial data, but that Open Banking provides a more secure way for consumers and businesses to both access and share data.
“This change will still give customers complete control as they will be able to withdraw their consent at any time, safeguarding consumer protection and all the while removing unnecessary friction when accessing financial products and services.”
Jason O’Shaughnessy, head of international business at Envestnet | Yodlee, said that the change to the reauthorisation rule means apps that provide personal finance management and financial advice solutions will no longer require the end user to reconnect every 90 days.
“This takes the burden away from the end user, while limiting the risk of the end user potentially missing out on financial savings or keeping up to date with their finances,” he added.