Newest WSO2 Open Banking Release Streamlines Consumer Data Right Compliance

WSO2 Open Banking adds features that enable banks to fully comply with Australia’s Consumer Data Standards and publish custom APIs to lay the foundation for digital business innovation

Mountain View, CA, USA and Sydney, NSW, Australia - April 29, 2020 - Too often, banks seeking to comply with open banking standards are forced to compromise on technology. They are forced to choose between industry-specific solutions with high price tags or partial solutions based on either API management platforms or identity and access management platforms (IAM), which require extensive customization and add-ons. WSO2 Open Banking bridges this divide by providing the only complete open banking technology solution - including API management, consent management, strong customer authentication, analytics, and reporting - from a single vendor at a pricing level that banks of all sizes can afford. Today, WSO2 brings complete single vendor compliance to Australian banks while significantly extending the capabilities of its open banking platform beyond regulatory compliance. This new release includes capabilities to leverage custom APIs in addition to those mandated by the regulation, which gives banks the ability not only to use WSO2’s product suite to monetize a much broader range of open APIs, but also speed digital transformation—a priority for financial institutions especially in response to the ongoing COVID-19 pandemic.

The newest release of WSO2 Open Banking, available today, features:

  • Compliance with Australia’s Consumer Data Standards (CDS) version 1.2 open banking specification to help banks meet their obligations under the Consumer Data Right (CDR) regime.
  • Two deployment models, including a standard deployment option for banks with a mature digital strategy looking to actively engage with the open banking ecosystem, and a rapid, two-day deployment option for stage 1 product reference data APIs suitable for banks looking to limit investment to compliance first.
  • The ability for banks to publish APIs and related applications beyond those mandated by open banking regulations in order to innovate digital solutions that generate new revenue streams and add value to customers.
  • Updates for existing customers in the European Union and the United Kingdom to ensure they meet new versions of the specifications released under the Second Payment Services Directive (PSD2) regime.

Accelerating Compliance With WSO2 Open Banking

WSO2 Open Banking aligns technology infrastructure and domain expertise with regulatory needs to fully address the technology requirements for open banking compliance. It includes comprehensive API management functionality already used to handle billions of API calls daily, robust identity and access management, extensive API monitoring and analytics, comprehensive data and services integration, and pre-defined API specifications designed to comply with regulatory requirements.

WSO2 Open Banking is built on a single, componentized API-centric framework using open source technology, so banks have the flexibility to either take a single-vendor approach or mix third-party technology components with the WSO2 Open Banking platform, where they have existing locked in suppliers for certain aspects of the open banking technology mix. And, because the hybrid integration solution can run on-premises or in the cloud, financial institutions have maximum deployment flexibility.

WSO2 Open Banking also includes professional services from subject-matter experts who have successfully implemented solutions at some of the world’s largest financial institutions. These experts continuously engage with the Open Banking Implementation Entity (OBIE) in the UK, the Berlin Group, the Australian Competition and Consumer Commission (ACCC), Data61, and other open banking standards and regulatory organizations. Their first-hand knowledge is incorporated into WSO2 Open Banking technology and consulting services to help banks achieve compliance quickly and completely.

“With WSO2 Open Banking, we make it a guiding principle to blend our regulatory expertise with our ability to innovate market-friendly solutions. An example of the fruits of this approach is a very elegant and robust rapid deployment model we have developed for the Australian market for the 2-day deployment of CDR APIs. This guarantees compliance with a minimal commitment of resources enabling banks to prioritize supporting customers affected by the pandemic,” said WSO2 Open Banking Vice President and General Manager Seshika Fernando. “Our latest release of WSO2 Open Banking expands this commitment with new functionality to meet and maintain compliance in Australia as well as the EU and UK, and then go beyond by exploring the full use cases of open banking through support for custom non-regulatory APIs. This enables our customers to secure rapid results from their digital banking transformation initiatives by delivering new revenue streams and customer acquisition channels.”

Fast-Tracking Compliance With Australia’s CDS Version 1.2

By the recently delayed deadline of October 1, 2020, banks outside of the Big Four, building societies, and credit unions in Australia will be required to complete stage-1 of complying with version 1.2 of the Consumer Data Standards, which mandates the deployment of Product Reference Data (PRD) APIs. To help these organizations comply fully with their regulatory obligations while taking an approach matching their broader business and technology goals, WSO2 Open Banking offers two deployment models. Firstly, a standard deployment option for banks that want a more customized solution to fully leverage the potential of open APIs for new business opportunities and digitalization. Secondly, a simplified, rapid deployment model that provides a quick, easy, and cost-effective option for deploying compliant PRD APIs by the deadline for banks looking strictly at compliance alone—completing their deployments in as little as a week. This unique lean approach to PRD APIs is a timely offering for many banks straining against the intense resource requirements of responding to impacts from the COVID-19 pandemic.

Key new capabilities to support CDS compliance in WSO2 Open Banking include:

  • CDS-compliant APIs expose the data required to be shared by banks under the CDR, enabling consumers to make the data that banks have on them available to themselves and approved third parties via secure APIs published by the banks.
  • Dynamic Client Registration support allows an “accredited data recipient” (e.g. a third-party app that aggregates a consumer’s bank accounts in one convenient place) to be registered with a “data holder” (e.g., a bank) to access data via CDS open banking APIs.
  • Consent flow for CDS 1.2 gives banks the ability to verify whether consumers have given consent to data recipients to access their data.
  • Metadata-cache management allows the bank to maintain a record via a cache to verify the authorization status of data recipients and the individual software products offered by those data recipients.
  • A metrics API lets the ACCC obtain operational statistics from data holders to understand how the open banking system is being utilized.
  • Consent management apps for customers and bank officers give consumers and banking officers access to systems to view the types of data-sharing consent consumers have given.
  • Endpoint versioning means that specific API endpoints within the CDS APIs themselves can be versioned in a more agile manner instead of having to rely on the entire CDS version to be upgraded.

“In supporting compliance with the Australian open banking Consumer Data Standards version 1.2 specification, we put a priority on helping smaller banks who lack resources and in-house technical expertise to set off on their open banking journey,” Seshika explained.

Laying the Groundwork for Digital Business Innovations

Increasingly, WSO2 Open Banking customers seek to go beyond compliance and explore the full potential of a platform for publishing APIs to share data internally and with third parties. In a climate where the industry is seeing a steep rise in demand for digital channels within a matter of weeks, adaptable and agile solutions that enable digital banking and more meaningful collaboration with the fintech ecosystem have become an immediate priority for many banks. Earlier releases of the solution only allowed APIs mandated under the applicable regulatory specifications to be published.

Now WSO2 provides the ability to publish non-regulatory APIs and applications as well, effectively unleashing the full potential of the mature WSO2 API Manager functionality integrated into the WSO2 Open Banking solution. As a result, banks can use the latest release of WSO2 Open Banking to create new digital services to drive revenues and deliver additional value to corporate and individual consumers, internal teams, employees, and ecosystem partners. This offers an immediate benefit to quickly respond to changes in consumer behavior arising from the pandemic and longer-term opportunities to innovate more effectively within a booming digital financial services space.

Expanding PSD2 Compliance and Leveraging Global Opportunities

The latest release of WSO2 Open Banking also offers several updates to ensure that banks can maintain compliance with the two technology standards most widely used across the European Union and the United Kingdom to meet PSD2 requirements. These updates enable banks to deliver a higher degree of trust, better user experiences for consumers and third-party providers and enhanced control over data. This should lead to higher utilization and increased opportunities to benefit from data sharing within the context of open banking—via new revenue streams, customer acquisition channels, and product and service innovation.

The Berlin Group NextGenPSD2 XS2A Framework - WSO2 Open Banking supports version 1.3.4 of the NextGenPSD2 XS2A Framework for interoperability from the Berlin Group standards initiative. These include functional changes, such as the ability to identify individual payments made within bulk payments, and non-functional changes, for example, showing a specific error so a third-party provider can understand the error situation better and respond accordingly. WSO2 Open Banking also adds frequency-per-day throttling, which allows banks to limit third-party provider requests to selected API resources in order to avoid unnecessarily high demands on their systems.

The Open Banking Standard UK - WSO2 Open Banking now features several updates to the Open Banking Standard including support for the Event Notification API v3.1.2 enabling banks to deliver notifications on specific events to third-party providers resulting in better user experiences for third-party providers and end consumers.

Global Open Banking Strategy - An open banking strategy built around WSO2 technology would be positioned better to respond to emerging opportunities. This benefit primarily comes from the cross-pollination of technology and developments in core aspects of open banking like strong customer authentication, third party onboarding, and lifecycle management and consent management brought over from experiences in parallel global open banking regimes. With the Treasury recently announcing a new consultation led by Scott Farrel on the future direction of the Consumer Data Right including on how international developments in open banking may be leveraged to enhance opportunities for Australian consumers and businesses, a platform meeting global regulatory standards becomes a strategic priority for banks reaping long term benefits.

Availability and Support

WSO2 Open Banking 1.5 is available today. It includes professionals services and is backed by WSO2 Subscription, which features access to WSO2 Update for continuous delivery of bug fixes, security updates, and performance enhancements, along with WSO2 Support for 24x7 support. To learn more, visit

About WSO2

Founded in 2005, WSO2 enables the composable enterprise. Our open source, API-first, and decentralized approach helps developers and architects to be more productive and rapidly build digital products to meet demand. Customers choose us for our broad, integrated platform, approach to open source, and digital transformation methodology. The company’s hybrid platform for developing, reusing, running, and managing integrations prevents lock-in through open source software that runs on-premises or in the cloud. With offices in Australia, Brazil, Germany, Sri Lanka, the UK, and the US, WSO2 employs over 600 engineers, consultants, and professionals worldwide. Today, hundreds of leading brands and thousands of global projects execute over 6 trillion transactions annually using WSO2 integration technologies. Visit to learn more. Follow WSO2 on LinkedIn and Twitter.