FCA sets out vision for open finance regulatory framework as UK charts path beyond open banking by end of 2027
The Financial Conduct Authority (FCA) has published its vision for the future of open finance in the UK, setting a target to develop options for a full regulatory framework for open finance by the end of 2027. Open finance extends the principles of open banking — which requires banks to share customer payment account data with third parties via APIs (application programming interfaces, standardised data-sharing connections) — to a broader range of financial products, including savings, investments, pensions, mortgages, and insurance. The FCA's announcement signals a shift from the existing open banking regime, which was implemented under the Payment Services Regulations 2017 (PSRs) and the Competition and Markets Authority's Open Banking Implementation Entity framework, toward a more comprehensive data-sharing architecture for the whole retail financial services sector. The 2027 target date for framework options — rather than final rules — indicates a multi-year legislative and regulatory pipeline. The FCA's roadmap will require primary legislation or significant secondary legislation amending the Financial Services and Markets Act 2000 (FSMA) framework to create data access rights across non-payment financial products. The initiative aligns with the broader Data (Use and Access) Act trajectory and positions the UK as seeking to lead on open finance design post-Brexit.
Why this matters
The FCA's open finance roadmap creates a sustained pipeline of regulatory advisory work for financial services law firms through at least 2027–2029. Firms will be instructed by financial data aggregators, incumbent banks, pension providers, insurers, and fintech challengers all seeking to understand the obligations and opportunities a new data-sharing regime will create. The 'why now' trigger is the maturation of open banking — having demonstrated the technology works, the FCA is now expanding scope. Practice areas activated include financial regulation (authorisation, licence condition analysis), data protection (GDPR and UK GDPR data-sharing compliance), commercial contracts (API access agreements), and competition law (data access and interoperability obligations). The framework will also require coordination with the Information Commissioner's Office (ICO) on data rights, adding cross-regulatory complexity.
On the Ground
A trainee on an open finance regulatory matter would draft FCA application forms for firms seeking new permissions under any data access regime, prepare compliance gap analysis memos comparing a client's current data-sharing architecture against proposed framework requirements, and assist in updating licence condition summaries as the FCA publishes consultation papers on the 2027 framework.
Interview prep
Soundbite
Open finance regulation will force every retail financial services firm to renegotiate data access rights — creating a decade of regulatory advisory mandates.
Question you might get
“What are the key legal differences between the existing open banking regime under the Payment Services Regulations and a hypothetical broader open finance framework, and what new authorisation requirements might it create?”
Full answer
The FCA has announced it will develop options for a full open finance regulatory framework by end 2027, extending data-sharing obligations from payment accounts to savings, pensions, investments, and insurance. For law firms, this is a multi-year regulatory advisory pipeline: every category of retail financial services firm will need advice on compliance architecture, data-sharing agreements, and authorisation implications. The structural driver is the proven success of open banking under the PSRs framework, combined with the UK's post-Brexit desire to lead on financial innovation regulation. The 2027 timeline for options — not final rules — means firms must start planning now for a regime that could take effect in the early 2030s. This will sustain financial regulation, data protection, and fintech practices at full capacity well beyond the current regulatory cycle.
My notes
saved