
Consumer behaviour 2026 report
New research uncovers the payment habits, preferences and priorities shaping the future of payments in the UK.
17 September 2025
by Payments Intelligence
What is this article about?
The varied progress of open banking regulation across regions, from leaders like Brazil and India to laggards such as the US and Canada.
Why is it important?
Regulation directly shapes adoption, trust, and how banks and fintechs can monetise new services.
What’s next?
The move towards open finance, integration with digital identity, and eventually broader open data ecosystems.
Globally, open banking implementation is fragmented. While some markets have pursued regulator-driven frameworks and central-bank innovation, others remain disjointed or cautious.
Notable progress has been made in Brazil and India, but the limited card use in these markets before the introduction of open banking means only so much can be drawn from these case studies and applied to more developed markets. In Europe, both within the European Union and the UK, competition authorities have led legislation, producing steady but slow adoption. Asia, North America, and Africa all contribute to this patchwork.
From these varied approaches, some consistencies emerge: technical standards matter as much as legislation, a commercial value must be demonstrated, and trust from the public is essential.
The pace and shape of open banking adoption vary significantly between regions. Europe, Latin America, and Asia have been the most active in building frameworks that enhance user adoption.
Europe was an early mover. The Second Payment Services Directive (PSD2), introduced in 2015, mandated banks to provide third-party access to customer account data through secure APIs. This regulatory push created a foundation for account-to-account (A2A) payments, personal finance tools, and new data-driven services. However, PSD2 was often criticised for its technical standards, which were inconsistent between jurisdictions, the reliability of API access, the quality of data they provided, and banks frequently complied with the letter rather than the spirit of the law.
Recognising these challenges, European regulators are preparing PSD3, which aims to harmonise rules, strengthen consumer protection, and create a more level playing field between banks and fintechs. Alongside this, the UK’s Open Banking Limited (OBL) continues to evolve the model born from the Competition and Markets Authority’s intervention. OBL envisions the UK moving beyond open banking and into “open finance”, where pensions, investments, and insurance data can also be shared.
Brazil is the stand-out case in Latin America. The country’s central bank took a decisive role in building Pix, its instant payments system. Pix has rapidly transformed Brazilian payments: in under three years, it reached more than 160 million users and now processes more monthly transactions than credit and debit cards. Pix’s success illustrates how a central-bank-led model, underpinned by mandatory participation for large financial institutions and technical standardisation, can reshape a state’s payment infrastructure.
India’s Unified Payments Interface (UPI) is another transformational model. Launched in 2016 by the National Payments Corporation of India (NPCI), UPI enables instant account-to-account transfers via mobile. It has seen rapid uptake: its ~350 million users processed 131.1 billion transactions in the 2024 financial year. UPI has become integral to
India’s digital economy, powering everything from retail payments to government disbursements. Like Pix, UPI’s success highlights how emerging markets can bypass card-based models.
It’s important to note that Pix and UPI are special cases. Both captured market share where card penetration was relatively low. Consequently, their application to markets with entrenched card use is limited. That being said, they are a reminder that speed and interoperability are essential to the success of open banking, and central bank leadership can significantly aid adoption.
Together, these examples show the diversity of global leadership: Europe with its regulatory-first approach, Brazil with a central bank-driven push, and India with a public-private digital infrastructure play.
In North America, the contrast between the US, Canada, and Mexico is telling.
The US approach is market-led, with aggregators like Plaid and Yodlee providing access through bilateral deals rather than regulation. Hopes for a federal framework under the Consumer Financial Protection Bureau (CFPB) have been delayed: the agency vacated its 2024 Personal Financial Data Rights rule and, in August 2025, reopened rulemaking under Section 1033. The new consultation revisits core questions: who can access data, whether banks may charge fees, and what security standards should apply.
The fragility of the US model was underscored a few days after the CFPB reviewed Section 1033 when Visa announced it was discontinuing its US open banking services, citing ongoing disputes between banks and fintechs over access to customer data. Some large banks, including JP Morgan and PNC, have signalled plans to impose fees for data access, further highlighting the absence of a stable, regulator-backed framework.
Canada announced plans for open banking as far back as 2019, but progress has been slow. Only in 2023 did the federal government appoint an open banking lead, with a target framework pencilled for 2025. Canada, therefore, sits ahead of the US in terms of intent, but behind leaders like the UK or Brazil in execution.
Mexico was an early mover with its 2018 Fintech Law, the first in Latin America to mandate open APIs. Yet progress has been patchy due to a lack of technical standards and weak enforcement.
Across Africa, the picture is similarly uneven. The continent leads the world in mobile money penetration — M-Pesa in Kenya being the archetypal success — but few countries have developed comprehensive open banking regimes. South Africa has issued draft positions, Nigeria has published an open banking framework, but progress elsewhere is limited. The opportunity is huge, given there is low card use in many African countries, but so too is the risk of fragmentation.
Common pain points link these lagging regions: lack of API standardisation, inconsistent enforcement, and resistance from incumbents who fear disintermediation.
Regulators face the challenge of designing frameworks that provide stability without stifling innovation. One area where regulation intersects directly with open banking is data protection:
In Europe, the General Data Protection Regulation (GDPR) sets high standards for consent, portability, and security.
Brazil’s General Data Protection Law (LGPD) mirrors these principles.
India’s Digital Personal Data Protection Act (DPDP) introduces new obligations for firms operating within UPI and related services.
These schemes help build trust, but also introduce compliance complexity for smaller fintechs.
Equally important is who drives regulation:
Central banks tend to prioritise stability and security. In Brazil and India, their leadership ensured rapid rollout and integration with instant payments.
Competition authorities focus on consumer choice and market fairness. In the UK, the Competition and Markets Authority required nine of the largest banks to create open source open banking APIs, forming the basis of the current ecosystem.
Finance ministries and treasuries frame open banking as part of a digital-economy strategy, as seen in Canada and Singapore.
Each model has strengths and weaknesses:
Central banks move quickly but may underweight competition.
Competition authorities promote innovation but often lack technical oversight.
Treasuries provide broad policy backing but are exposed to political cycles.
Increasingly, the trend is towards joint governance, blending stability, competition, and policy aims.
Recent global evidence shows how these approaches compare in practice, with differences in regulators, speed of implementation, standardisation, enforceability, and coordination. The table below sets out these contrasts.
Open banking regulation has developed at the national or regional level but there are growing signs of international coordination. The Bank for International Settlements (BIS) and the Financial Stability Board (FSB) have both set out principles on interoperability, data portability, and liability. The G20 has linked open banking to its cross-border payments roadmap, which targets cheaper and faster transactions by 2027. Meanwhile, the International Organization for Standardization (ISO) continues to push global technical standards such as ISO 20022, providing a foundation for data exchange and instant payments. These initiatives remain advisory rather than binding, but they are creating a common vocabulary and baseline expectations, for example around data security and API standardisation.
There are numerous routes to monetising open banking. Banks and fintechs are experimenting with several models:
Premium APIs and data services
Beyond mandatory access, many banks are offering enriched data feeds: detailed transaction categorisation, credit scoring signals, or identity verification. These are packaged as premium APIs for fintechs or corporates, creating new revenue streams.
Embedded finance
Open banking infrastructure allows financial services to be integrated seamlessly into non-financial platforms. A retailer can offer credit at checkout; a ride-hailing app can provide instant driver payouts. Banks monetise through service fees, while fintechs monetise through stickier customer engagement.
Payments innovation
Account-to-account (A2A) payments are perhaps the most visible monetisation route. In Europe, providers such as TrueLayer, Volt, and Trustly are building rails for merchants that bypass cards, lowering fees and reducing chargeback risk. Banks capture value through fraud services, settlement, and treasury integration layered on top.
Credit and risk analytics
By accessing customer account data, lenders can offer more accurate risk profiling, particularly for SMEs or thin-file customers. This reduces defaults, opens new market segments, and supports financial inclusion.
In practice, monetisation strategies differ. For incumbents, open banking is often a defensive play to retain customers. For fintechs, it can be a growth lever to capture new segments and create value-added services.
Monetisation is not without friction. Banks may seek to recover costs through premium APIs or data-access fees; the latter was seen with JP Morgan Chase notifying data aggregators of new faces to access customer financial data. The move was met with criticism from fintechs who view that data access as a means to compete with bigger banks to provide financial services. Merchants, meanwhile, may welcome lower-cost payment rails but resist paying for ancillary services such as fraud tools or enriched data.
Open banking is only the first stage of a broader transformation. The trajectory is towards open finance and eventually open data, where consumers can share information across not just banking, but insurance, pensions, utilities, and telecoms.
Integration with digital identity frameworks will be critical, enabling secure, seamless customer journeys. Governments from the EU to India are piloting schemes that link ID with payments data, raising both opportunities and privacy concerns.
The rise of central bank digital currencies (CBDCs) also intersects with open finance. CBDCs could act as programmable money rails that integrate with open banking APIs, reshaping settlement and liquidity models. The European Central Bank, for example, has referenced open banking in its work on a digital euro, noting that both initiatives require common standards, liability frameworks, and strong consumer trust.
However, risks will mount alongside opportunities. Cybersecurity threats will increase as more data is created and shared among an increasing number of players. Liability frameworks remain unclear in many jurisdictions: who is responsible if a third-party provider misuses data? And customer trust is not guaranteed: consumers may resist sharing financial data if value propositions are not transparent.

New research uncovers the payment habits, preferences and priorities shaping the future of payments in the UK.

New research shows vulnerable customers are strong adopters of AI and digital banking, but are far more likely to experience failed payment journeys and poorer outcomes.

UK merchants expect agentic commerce to grow rapidly, but uncertainty around liability, fraud, and standards is slowing readiness.
You need to be logged in to do this!
