Europe Open Finance Spotlight

Spotlight: FCA Abolishes 90-Day Re-Authentication Rule Hindering Open Banking Adoption

Open Banking adoption has been steadily on the rise in the last few years but has been hindered by the fintechs having to re-authenticate customers every three months. In November, the FCA announced that the 90-day reauthentication rule that was introduced in 2018, was going to be removed on 26 March 2022. Read on to see why VibePay’s Luke Massie believes, “This is a huge step forward for Open Banking, and a critical step forward for the future of fintech innovation in the UK.”

According to Finextra, the FCA has found Third-Party Providers (TPPs) working with fintechs have experienced a lot of attrition from customers, with the FCA stating that one trade association reported: TPPs are experiencing attrition rates of around 20-40 per cent at the 90-day mark when strong customer authentication (SCA) is required. In lieu of this, fintechs would need to gain customer consent every three months, meaning fewer resources need to be spent on, what some may call needless, re-authentication.

The announcement of this change was made in the FCA’s Changes to the SCA-RTS and to the guidance in Payment Services and Electronic Money – Our Approach’ and the Perimeter Guidance Manual. The FCA stated the reasoning for this change was to “remove barriers to continued growth, innovation and competition in the payments and eMoney sector, in particular for open banking. In addition, amendments to guidance in our AD and PERG aim to make the sector more resilient and protect consumers if firms fail.”

AltFi has stated that the Open Banking drop off rate was as high as 50 per cent, even with highly engaged customers, due to the SCA repetition. Open Banking adoption could reach a record-breaking high in the UK as a large hurdle is removed – customers will now have the benefit of the savings Open Banking can bring, without the hassle of re-authentication – rather a simple consent agreement that banking data can be shared.

Research from Finnovating found that in 2021, the most popular activity causing fintech partnerships and collaborations to be established was Open Banking, with the UK and US leading the way with the most partnerships made, with Tink and Plaid being the most active firms. With the FCA abolishing the 90-day re-authentication rule, even more fintechs will be inclined to form partnerships in the new year, as customer ease of access is improved.

Finnovating Finds Open Banking Partnerships Were the Most Popular in 2021


How will this impact the industry?

Luke Massie, CEO, VibePay

Luke Massie, CEO of VibePay, told The Fintech Times, “This is a huge step forward for open banking, and a critical step forward for the future of fintech innovation in the UK.

“It will significantly improve the experience for customers without the need to re-link accounts – a barrier which left many fintechs fighting an uphill battle to keep users onboard and engaged. Firms will also be able to access ongoing transactional data to provide solutions and services which better fit the requirements of consumers.

“Owning the relationship with customers is the industry’s opportunity for value creation and future revenue generation. This news will help the sector develop its offering and give the UK a well-needed boost in its journey to becoming a global leader in fintech innovation.”

Steffen Vollert, Co-Founder and CTO, Volt
Steffen Vollert, Co-Founder and CTO, Volt

Steffen Vollert, Chief Operating Officer, at Volt echoed this sentiment saying, “This very welcome development will dramatically boost open banking adoption from both businesses and customers. For the latter, it means being able to extend their access to third parties minus any friction, which is hugely significant from a customer experience standpoint.

“With great power, though, comes great responsibility. From a data perspective, this is something that third parties will have to keep in mind.”


Damien Cahill, co-founder and COO at Vyne
Damien Cahill, co-founder and COO at Vyne

Damien Cahill further praised the FCA’s action, as the Co-founder and COO of Vyne said, “Removing the 90-day rule opens up a significant opportunity for an improved open banking user experience. By making it easier for consumers and businesses to remain connected with their chosen third-party providers for longer, the FCA is removing a key barrier to long-term use of open banking services. This is a step forward in the downfall of card payments, which are slow, cumbersome, and vulnerable to fraud.

The risks are limited, due to the well-established and highly effective bank controls for fraud, both online and in app. Management of users’ consent will remain crucial, so open banking providers must ensure their customers understand exactly whom they are giving consent to, and for what purpose, as well as how to withdraw their consent at any point.”

Maria Palmieri, Head of Public Policy at Yapily
Maria Palmieri, Head of Public Policy at Yapily

Maria Palmieri, Head of Public Policy at Yapily continued the positive reception stating, “This is a huge win for the open banking industry. Moving away from the 90-day re-authentication requirement and towards a consent based mode means customers will no longer be disconnected from their open banking connections. Instead, they will be able to seamlessly extend their access directly via their AISP, making for a much better user experience. Ultimately, this move will see even greater adoption of open banking by consumers and businesses over the coming months. This is a clear sign the FCA wants to ensure the future success of open banking. What’s more, it’s extremely encouraging to see how the FCA has taken on board feedback from industry players when making this decision.

“The importance of consumer protection cannot be overstated when it comes to sharing financial data and we must appreciate the FCA’s original intention behind the 90-day re-authentication rule. In reality, however, open banking provides a much more secure way for consumers and businesses to both access and share data. This change will still give customers complete control as they will be able to withdraw their consent at any time, safeguarding consumer protection and all the while removing unnecessary friction when accessing financial products and services.”


  • Francis is a journalist and our lead LatAm correspondent, with a BA in Classical Civilization, he has a specialist interest in North and South America.

Related posts

Minutes not hours: Funding Options uses Open Banking to reduce business loan decision times

Manisha Patel

Digital Investment Platform Scalable Capital Spreads Itself Across the Markets of France and Spain

Tyler Pathe

Zumo Sets ‘the Standard’ for Cryptoasset Firms Ahead of new FCA Financial Promotions Regime

Tom Bleach