Skip to main content
Entire section Custom print Text Only Rich Text Print

Article (19) Secure Communication

  1.  All participants in Open Finance must use common and secure open standards of communication for the purpose of identification, authentication, notification and information, as well as for the implementation of security measures, between Licensees who are Data Holders and/or Service Owners in addition to Data Sharing Providers, Service Initiation Providers, Users, Payers, Payees and other relevant parties.
  2. All communications must be conducted in accordance with the Regulations, as prescribed from time to time by the Central Bank, pursuant to the Open Finance Framework.

  3.  Licensees offering Accounts or Products that are accessible online must have in place at least one interface which meets each of the following requirements:

    3.1Data Sharing Providers and Service Initiation Providers can identify themselves to the Licensees;
    3.2Data Sharing Providers can communicate securely to request and receive information on one or more Products and/or Accounts; and
    3.3Service Initiation Providers can communicate securely to provide Service Initiation and receive information on Service Initiation and the associated Transaction.
  4. Licensees must establish the interface referred to in Article 19(3) of this Regulation by means of a dedicated interface or by allowing use by the Open Finance Providers, of the interface used for authentication and communication with the Licensee’s User.
  5. Licensees must also ensure that any dedicated interface referred to in Article 19(3) of this Regulation uses ISO 20022 elements, components or approved message definitions, for financial messaging, as amended/updated from time to time.
  6. Information held by the Data Holder or Service Owner must only be accessed for the purposes of providing Open Finance Services and any relevant ancillary activities in compliance with the requirements of this Regulation.