27 Apr, 2020 | 3 min read

WSO2 Open Banking 1.5 Guarantees Global Compliance & Goes Beyond to Deliver New ROI

  • Anisha Yasaratne
  • Associate Director & Head of BFSI Practice - WSO2

WSO2’s new Open Banking release brings complete single vendor compliance to Australian banks, updates compliance with European specifications, and significantly extends the platform’s capabilities beyond regulatory compliance. This new release includes capabilities to leverage custom APIs in addition to those mandated by regulatory standards, which gives banks the ability not only to use WSO2’s product suite to monetize a much broader range of open APIs, but also speed digital transformation—a priority for financial institutions especially in response to the ongoing COVID-19 pandemic.

The newest release features:

  • Compliance with Australia’s Consumer Data Standards (CDS) version 1.2 open banking specification to help banks meet their obligations under the Consumer Data Right (CDR) regime.
  • Updates for existing customers in the European Union and the United Kingdom to ensure they meet new versions of the specifications released under the Second Payment Services Directive (PSD2) regime.
  • The ability for banks to publish APIs and related applications beyond those mandated by open banking regulations in order to innovate digital solutions that generate new revenue streams and add value to customers.

Adaptable Compliance with WSO2 Open Banking

WSO2 Open Banking aligns technology infrastructure and domain expertise with regulatory needs to fully address the technology requirements for open banking compliance. The solution is built on a single, componentized API-centric framework—including API management, consent management, strong customer authentication, analytics, and reporting. This componentized architecture gives banks the flexibility to either take a single-vendor approach or mix third-party technology components with the WSO2 Open Banking platform, for instances where Banks have existing locked-in suppliers for certain aspects of the open banking technology mix. And, because the hybrid integration solution can run on-premises or in the cloud, financial institutions have maximum deployment flexibility. This inherent flexibility built on open source technology allows WSO2 Open Banking to bridge the divide between the need for comprehensive compliance and cost-related compromises on technology, by providing the only complete open banking technology solution from a single vendor at a pricing level that banks of all sizes can afford.

WSO2 Open Banking also includes professional services from subject-matter experts who have successfully implemented solutions at some of the world’s largest financial institutions. These experts continuously engage with the Open Banking Implementation Entity (OBIE) in the UK, the Berlin Group, the Australian Competition and Consumer Commission (ACCC), Data61, and other open banking standards and regulatory organizations. Their first-hand knowledge is incorporated into WSO2 Open Banking technology and consulting services to help banks achieve compliance quickly and completely and to understand how open banking technology may be used in their digital banking transformation programmes.

Fast-Tracking Compliance with Australia’s CDS Version 1.2

By the recently delayed deadline of October 1, 2020, banks outside of the Big Four, building societies, and credit unions in Australia will be required to complete stage-1 of complying with version 1.2 of the Consumer Data Standards, which mandates the deployment of Product Reference Data (PRD) APIs. To help these organizations comply fully with their regulatory obligations while taking an approach matching their broader business and technology goals, WSO2 Open Banking offers two deployment models. Firstly, a standard deployment option for banks that want a more customized solution to fully leverage the potential of open APIs for new business opportunities and digitalization. Secondly, a simplified, rapid deployment model that provides a quick, easy, and cost-effective option for deploying compliant PRD APIs by the deadline for banks looking strictly at compliance alone—completing their deployments in as little as a week. This unique lean approach to PRD APIs is a timely offering for many banks straining against the intense resource requirements of responding to impacts from the COVID-19 pandemic.

Key new capabilities to support CDS compliance include:

  • CDS-compliant APIs expose the data required to be shared by banks under the CDR, enabling consumers to make the data that banks have on them available to themselves and approved third parties via secure APIs published by the banks.
  • Dynamic Client Registration support allows an “accredited data recipient” (e.g., a third-party app that aggregates a consumer’s bank accounts in one convenient place) to be registered with a “data holder” (e.g., a bank) to access data via CDS open banking APIs.
  • Consent flow for CDS 1.2 gives banks the ability to verify whether consumers have given consent to data recipients to access their data.
  • Metadata-cache management allows the bank to maintain a record via a cache to verify the authorization status of data recipients and the individual software products offered by those data recipients.
  • A metrics API lets the ACCC obtain operational statistics from data holders to understand how the open banking system is being utilized.
  • Consent management apps for customers and bank officers give consumers and banking officers access to systems to view the types of data-sharing consent consumers have given.
  • Endpoint versioning means that specific API endpoints within the CDS APIs themselves can be versioned in a more agile manner instead of having to rely on the entire CDS version to be upgraded.

Expanding PSD2 Compliance

The latest release of WSO2 Open Banking also offers several updates to ensure that banks can maintain compliance with the two technology standards most widely used across the European Union and the United Kingdom to meet PSD2 requirements. These updates enable banks to deliver a higher degree of trust, better user experiences for consumers and third-party providers, and enhanced control over data. This should lead to higher utilization and increased opportunities to benefit from data sharing within the context of open banking—via new revenue streams, customer acquisition channels, and product and service innovation.

The Berlin Group NextGenPSD2 XS2AFramework – WSO2 Open Banking supports version 1.3.4 of the NextGenPSD2 XS2A Framework for interoperability from the Berlin Group standards initiative. These include functional changes, such as the ability to identify individual payments made within bulk payments, and non-functional changes, for example, showing a specific error so a third-party provider can understand the error situation better and respond accordingly. WSO2 Open Banking also adds frequency-per-day throttling, which allows banks to limit third-party provider requests to selected API resources in order to avoid unnecessarily high demands on their systems.

The Open Banking Standard UK – WSO2 Open Banking now features several updates to the Open Banking Standard. This includes support for version 3.1.2 of the Account and Transaction, Payment Initiation, Confirmation of Funds and Event Notification APIs. This release also enables banks to be fully certified against latest OBIE test suites on security profile conformance, functional conformance and dynamic client registration conformance.

Laying the Groundwork for Digital Business Innovations

Increasingly, WSO2 Open Banking customers seek to go beyond compliance and explore the full potential of a platform for publishing APIs to share data internally and with third parties. In a climate where the industry is seeing a steep rise in demand for digital channels within a matter of weeks, adaptable and agile solutions that enable digital banking and more meaningful collaboration with the fintech ecosystem have become an immediate priority for many banks.

Now WSO2 provides the ability to publish non-regulatory APIs and applications as well, effectively unleashing the full potential of the mature WSO2 API Manager functionality integrated into the WSO2 Open Banking solution. As a result, banks can use the latest release of WSO2 Open Banking to create new digital services to drive revenues and deliver additional value to corporate and individual consumers, internal teams, employees, and ecosystem partners. This offers an immediate benefit to quickly respond to changes in consumer behavior arising from the pandemic and longer-term opportunities to innovate more effectively within the booming digital financial services space.

Availability and Support

WSO2 Open Banking 1.5 is available today. It includes professionals services and is backed by WSO2 Subscription, which features access to WSO2 Update for continuous delivery of bug fixes, security updates, and performance enhancements, along with WSO2 Support for 24x7 support. To learn more, visit

Find Out More and Get Your Questions Answered Live

Join our release webinars to get a detailed overview of the new possibilities enabled with this release presented by Dassana Wijeseera, Director - Solutions Architecture at WSO2 Open Banking. For a focus on the Australian Consumer Data Standards support register here, and for an overview of our global offering click here.