The payments regulation roadmap: Q2 2025
April 14, 2025
No Comments
Your quarterly overview of the key regulatory changes impacting payments—what’s happening, what’s coming, and what actions to take
March 18 2025
by Payments Intelligence
What is this article about?
The evolution of open banking into open finance, examining regional regulatory approaches and adoption trends.
Why is it important?
Open finance is transforming financial services by enabling broader data-sharing, fostering competition, and driving innovation in payments and financial products.
What’s next?
As more jurisdictions refine regulations and expand open finance frameworks, the focus will shift to interoperability, consumer trust, and cross-industry data integration.
As data becomes the currency of modern finance, payments leaders are facing a profound transformation. What began with open banking is rapidly evolving into open finance and open data—creating an interconnected ecosystem where payments, credit, insurance, and wealth management converge in real time.
This shift is reshaping the competitive landscape. Open finance is no longer a compliance exercise—it is redefining the way financial products are built, distributed, and embedded into daily life. Embedded payments, dynamic credit offers at the point of sale, and hyper-personalised customer experiences are emerging as critical differentiators. But these opportunities are accompanied by mounting risks around data governance, security, and regulatory fragmentation.
Regional approaches are diverging. Europe is driving regulatory-first frameworks, while Asia is spearheading market-led innovation. North and South America are evolving along distinct tracks, combining regulatory and industry-led models. As open finance adoption accelerates globally, institutions that move first—navigating regulatory complexity, forging cross-sector partnerships, and embedding financial services seamlessly into broader ecosystems—will gain decisive advantage.
Open finance and open data are no longer future trends. They are actively reshaping how payments, credit, and broader financial services are delivered—and defining the next era of competition in the payments industry.
Open finance is fundamentally restructuring the financial services landscape—expanding data-sharing from payments into credit, investments, insurance, and pensions. For payments firms, this unlocks new opportunities to embed value-added services directly within transactions, but also intensifies competition as traditional product lines blur and converge.
Unlike open banking’s regulatory-driven origins, open finance is advancing through a mix of policy frameworks and market-led initiatives—driving divergent adoption curves that are reshaping competitive dynamics globally.
For payments leaders, the implications are profound. The extension of data-sharing into adjacent verticals means that payments can no longer be treated as a siloed proposition—embedded finance, dynamic credit offerings, and tailored insurance are increasingly tied to transactional ecosystems. Data flows that were once confined to banking relationships are now central to competitive positioning in payments, lending, and wealth management.
With data-sharing now embedded infrastructure, balancing innovation, trust, and regulatory alignment is a strategic imperative. Open finance represents more than an incremental step beyond open banking—it is a structural shift toward interconnected financial ecosystems, with major implications for product development, partnerships, and customer ownership in the digital payments space.
Open finance, valued at approximately $25 billion in 2023, is accelerating the convergence of payments, credit, and wealth management, creating deeply integrated financial ecosystems that deliver embedded, real-time services. For payments leaders, this means that payments can no longer be separated from credit, insurance, and wealth management propositions—embedded finance is shifting from theory to reality, with data flows underpinning product innovation and customer engagement.
Hyper-personalised financial management is emerging as a competitive differentiator. Fintech platforms are leveraging consumers’ full financial footprints to deliver contextual budgeting, automated savings, and bespoke investment strategies—turning transaction data into actionable insights. As these platforms increasingly embed payment capabilities, they threaten to pull customer relationships away from traditional payments providers—making data-driven personalisation a necessary competitive response. In markets like the UK, apps such as Emma and Plum are already fusing payment and investment data to offer users real-time, predictive financial tools, setting new standards for customer engagement.
Credit and lending models are being redefined, with transaction data and broader financial insights driving dynamic, real-time credit decisions—reshaping how payments and credit intersect in embedded finance offerings. For payments providers, this presents both an opportunity to expand into lending and a threat as new entrants embed credit into the checkout process, disintermediating traditional payment flows. By combining payment flows with broader financial data—such as rental history, savings patterns, and income variability—lenders can offer dynamic, real-time credit assessments. In Brazil, open finance frameworks are unlocking credit access for gig economy workers and SMEs, groups often overlooked by conventional scoring models. For payments firms, the intersection of payments and credit is becoming a competitive battleground, especially as BNPL and embedded lending scale.
Insurance providers are using open finance data to enable real-time, usage-based pricing—creating opportunities for tailored insurance as part of embedded finance at the point of payment, but also raising questions around data access and liability. For payments firms, integrating tailored insurance at checkout or as part of transaction flows presents a new value proposition and customer engagement lever, but also demands new risk management capabilities. Insurers now assess policyholders’ financial behaviour—alongside payment patterns—to adjust coverage dynamically. This creates opportunities for embedded insurance models at the point of payment—but also raises challenges around data access, customer consent, and liability.
Beyond financial services, cross-sector partnerships are accelerating. As open finance adoption grows, retailers, telcos, and digital platforms are embedding payments and lending into customer journeys, creating ecosystems where data, payments, and credit intersect seamlessly. For traditional payments providers, this raises the stakes: unless they actively partner and innovate, they risk being pushed into back-end utility roles as others control the customer interface.
The transition from open finance to open data is rapidly expanding both opportunity and complexity—introducing new forms of data, deeper customer insights, and heightened regulatory risk. Open data extends beyond regulated financial data-sharing to non-banking datasets, such as telecom, utility, e-commerce, and social data, creating new layers of insight but also new risks. For payments firms, this opens doors to alternative credit scoring, smarter risk assessment, and deeper customer engagement—but also significant challenges around governance and trust.
Consider alternative credit scoring: in underbanked markets, open data allows lenders to assess creditworthiness using mobile payments, utility bills, and telecom data. In India, telecom data is being leveraged to assess first-time borrowers, while in Kenya, mobile money transaction data is already driving credit underwriting for underserved populations. For payments providers, this blurs the line between transaction services and credit enablement, with implications for product strategy and partnerships.
Fraud detection and risk management are also evolving. Payments providers are integrating e-commerce transaction data, geolocation, and digital identity signals to enhance fraud prevention. In the EU, for example, real-time merchant data is being explored to identify unauthorised transactions and prevent account takeovers—linking payments security directly to open data frameworks.
Open data enables hyper-personalised financial services, using behavioural, transactional, and contextual data to deliver tailored offers across payments, credit, and insurance. For payments firms, participating in these new data flows is essential to remain relevant in customer acquisition and underwriting journeys—especially as alternative lenders use open data to assess consumers at the point of transaction By analysing spending patterns, lifestyle preferences, and permitted social signals, firms can deliver tailored investment products, dynamic insurance offerings, and contextual savings recommendations—raising the bar for customer experience in the payments space.
But open data also amplifies risks around privacy, consent, and data security—issues that payments firms must address as customer trust becomes a core competitive asset. The ability to integrate diverse data sources for real-time fraud detection and transaction monitoring will become a key differentiator in an open data economy—directly impacting cost structures and risk models for payments providers. Unlike open finance, which typically operates within regulated frameworks, open data relies heavily on voluntary data sharing and commercial agreements. This raises profound questions around privacy, consent, data security, and liability. Payments leaders will need to navigate these risks carefully, particularly as customer trust becomes a competitive differentiator in an open data economy.
Ultimately, the convergence of open finance and open data is reshaping how payments, credit, insurance, and wealth management are delivered—requiring payments firms to rethink their role within increasingly interconnected financial ecosystems.
Europe has taken a regulatory-first approach to open banking and open finance, positioning itself as a leader in structured financial data-sharing frameworks. The introduction of PSD2 in 2018 created a foundation for open banking across the European Economic Area (EEA), requiring financial institutions to provide secure, API-based access to payment account data for third-party providers (TPPs). The UK, which implemented its open banking framework in 2017, has since moved towards a market-driven evolution, with the Joint Regulatory Oversight Committee (JROC) overseeing the transition to a more self-regulated open finance ecosystem.
With the forthcoming PSD3 regulations, the EU is looking to expand the scope of financial data-sharing, moving towards open finance by including mortgages, pensions, insurance, and investment products. This shift is expected to enhance competition, foster innovation in financial services, and drive more seamless digital experiences for consumers and businesses.
Despite strong regulatory backing, adoption levels vary across Europe. The EEA currently has 367 registered TPPs, compared to 206 in the UK as of Q1 2024. Account-to-account (A2A) payments, a key use case of open banking, reached approximately €215 trillion (around $230 trillion) in total transaction value across the euro area and around £100 trillion (approximately $127 trillion) in the UK in 2023, covering both consumer and business payments. While these numbers highlight Europe’s leadership in open banking, broader consumer adoption and business awareness remain challenges.
The implementation models across Europe differ as well. The EU follows a centralised regulatory-driven model, ensuring compliance across its member states, whereas the UK is moving towards a hybrid framework, allowing market players greater influence over standards and governance. This divergence is likely to shape how open finance and, eventually, open data evolve in the region.
The Americas present a diverse landscape for open banking and open finance, with significant differences in regulatory approaches between North and South America. While Brazil has implemented a structured open finance framework, the United States and Canada remain largely market-driven, with regulation still evolving.
In the United States, open banking has developed through private-sector initiatives, with banks, fintechs, and data aggregators forming bilateral agreements to enable financial data-sharing. Unlike Europe, there is no centralised regulatory framework governing open banking, though the Consumer Financial Protection Bureau (CFPB) has proposed a new rule that could establish a more standardised approach. As of 2023, account-to-account (A2A) transactions in the U.S. reached $1.1 quadrillion, highlighting the scale of digital payments and embedded finance solutions.
In contrast, Brazil has emerged as a global leader in open finance, with a regulatory framework introduced in 2021 that extends beyond banking to include credit, insurance, investments, and pensions. The country’s instant payments system, Pix, has been integrated into the open finance ecosystem, significantly driving adoption. As of Q1 2024, Brazil had 195 registered third-party providers (TPPs), processing $19 trillion in A2A transactions in 2023, demonstrating the strong uptake of open finance services.
Mexico has adopted a regulated approach under its Fintech Law, introduced in 2018, laying the groundwork for open banking. However, implementation has been slow, with delays in technical standardisation and regulatory enforcement. Adoption remains focused on account aggregation and payment initiation services, with further expansion into open finance still in progress.
Canada has followed a market-driven model, with major banks and fintechs leading financial data-sharing initiatives. However, the government has committed to introducing a regulatory open banking framework, expected to be phased in by 2025. The lack of a mandated API standard has slowed broader adoption, but regulatory oversight is expected to accelerate implementation.
Despite differences in approach, open finance adoption across the Americas is gaining momentum, with Brazil providing a model for structured regulatory implementation, while the U.S. and Canada balance market-driven innovation with emerging regulation.
Asia’s approach to open banking and open finance is highly diverse, with a mix of regulatory-driven and market-led models. Some countries, like Singapore and India, have implemented structured frameworks, while others, such as China and Japan, rely on industry-led initiatives with limited regulatory oversight.
Singapore has established one of the most advanced regulatory models, with its Financial Data Exchange (SGFinDex) enabling cross-sector financial data-sharing between banks, government agencies, and insurers. This initiative is expanding into open finance, incorporating investment and pension data.
India’s Account Aggregator (AA) framework takes a different approach, allowing individuals and businesses to securely share financial data across banks, insurers, and non-bank lenders. Open banking principles are also embedded in the Unified Payments Interface (UPI), which processed $2.2 trillion in transactions in 2023, making it a key driver of real-time digital payments.
China follows a market-led model, where financial data-sharing is largely driven by private-sector platforms like Alipay and WeChat Pay rather than regulatory mandates. This has resulted in closed-loop ecosystems, where financial services are integrated within large technology firms rather than through open APIs.
Japan introduced open banking regulations in 2018, but adoption has been slow due to bank hesitancy and security concerns. Unlike Singapore or India, Japanese banks have been reluctant to open API access widely, limiting the growth of third-party financial services.
Elsewhere, South Korea and Australia are expanding beyond open finance towards open data initiatives, linking financial data with other sectors such as energy and telecoms. Australia’s Consumer Data Right (CDR) framework is seen as a model for future cross-industry data-sharing.
With varying levels of regulation and adoption, Asia remains a fragmented market for open finance, with further developments likely to depend on regional regulatory alignment and cross-border data-sharing frameworks.
Oceania is taking a structured yet evolving approach to open finance, with Australia leading the region through its Consumer Data Right (CDR) framework. Unlike other regions where open banking served as the starting point, Australia’s model was designed to support broader cross-industry data-sharing from the outset, moving beyond financial services into energy, telecoms, and insurance.
Australia’s CDR, introduced in 2019, initially focused on open banking but has since expanded into the energy sector, with further industries, including telecoms and superannuation (pensions), set to follow.
The framework operates under a regulatory-driven model, requiring financial institutions to provide consumers with secure, API-based access to their data. As of 2023, 113 accredited third-party providers (TPPs) were participating, with adoption growing across banks and fintechs.
New Zealand, in contrast, has taken a market-led approach, where financial institutions and technology providers voluntarily establish data-sharing agreements. While the government has signaled support for a formal open banking framework, implementation remains gradual, with expectations that it will eventually align with Australia’s CDR principles. However, without a legally mandated structure, adoption has been slower compared to its neighbor.
With a focus on cross-industry data sharing, Australia’s model is seen as a potential blueprint for global open finance and open data initiatives. It offers consumers greater control over both financial and non-financial data. As adoption expands, Oceania’s experience may serve as a model for regions looking to integrate financial data sharing with broader digital ecosystems.
As open banking evolves into open finance, policy objectives and regulatory models vary significantly across jurisdictions. While some governments prioritise competition and innovation, others focus on financial inclusion, consumer protection, or market-driven adoption.
Improving competition will be the dominant policy driver in 2024, as financial regulators seek to reduce dependence on traditional banking institutions and encourage a more dynamic financial ecosystem. However, only a small number of jurisdictions have explicitly prioritised financial inclusion and consumer protection, highlighting an area where further regulatory evolution may be needed.
At the same time, implementation models differ across markets. A majority of jurisdictions have opted for mandated and standardised data-sharing frameworks, ensuring consistency in open finance adoption. Others have taken a more flexible or voluntary approach, allowing financial institutions and fintechs to lead innovation.
These variations reflect how open finance, though increasingly global, remains shaped by local regulatory priorities, market maturity, and industry dynamics.
Open finance and open data are reshaping the financial landscape, expanding data-sharing well beyond traditional banking products and creating more interconnected ecosystems across payments, credit, insurance, and wealth management. These shifts are changing how financial services are delivered, how value is created, and how customer relationships are managed.
For payments providers, the ongoing convergence of open finance and open data is bringing new opportunities to integrate value-added services directly into transactions and broader customer journeys. It also introduces new competitive pressures, as non-traditional players embed financial products and services within their ecosystems.
Open finance and open data are raising new questions for payments firms around data strategy, partnerships, and business model alignment. Four key areas are emerging as central to future market participation:
The development of open finance and open data frameworks is expected to continue influencing the structure of payments and financial services globally. How firms position themselves within these emerging ecosystems—balancing regulatory requirements, innovation, and customer needs—will shape the future dynamics of the industry.
Your quarterly overview of the key regulatory changes impacting payments—what’s happening, what’s coming, and what actions to take
The Federal Reserve’s shift on crypto banking access raises new questions for payments, stablecoins, and the role of digital assets in finance.
Open finance is expanding data-sharing beyond banking, reshaping payments, lending, and financial services worldwide.
The Payments Association
St Clement’s House
27 Clements Lane
London EC4N 7AE
© Copyright 2024 The Payments Association. All Rights Reserved. The Payments Association is the trading name of Emerging Payments Ventures Limited.
Emerging Ventures Limited t/a The Payments Association; Registered in England and Wales, Company Number 06672728; VAT no. 938829859; Registered office address St. Clement’s House, 27 Clements Lane, London, England, EC4N 7AE.
Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.
We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.
Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.
Please click the button below which relates to the issue you’re having.
Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association
Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.
For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.
The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.
Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.
Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.
For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.
