Gaining secure access to customers' financial data used to be a manually complex and time-consuming task. Open banking has changed that. Through its standardised APIs that connect directly to banks, it's possible to verify users' bank account information, aggregate financial data, and offer advanced insights in real time.
If you're a financial institution or fintech looking to offer AIS (Account Information Services) via open banking, you are probably weighing how to do it: whether to become authorised in your own right, or to reach the market faster through a provider that already holds the permissions you need.
That decision is what this guide is about. Broadly, you have two routes:
Become an FCA-authorised AISP (Account Information Services Provider) and access financial data from banks yourself. This means meeting strict criteria set by the Financial Conduct Authority and undergoing rigorous assessment as part of the application process.
Partner with an open banking platform that already holds an AISP authorisation and may allow you to operate under an appropriate agency or partnership model, depending on your activities and regulatory requirements, so you can access full AIS capabilities without the heavy regulatory burden.
Each route comes with its own requirements, timelines, costs, and trade-offs. This guide is designed to help you choose the one that suits your business goals.
Yapily is an open banking infrastructure platform with an AISP authorisation and extensive experience partnering with fintechs and financial institutions to offer Account Information Services. Book a call with Yapily to find out how we can help.
Option 1: get authorised as an AISP yourself
If you decide to take the full authorisation route, you must apply to the FCA to become a regulated provider that is compliant with the AIS-related obligations under the Payment Services Regulations 2017.
The application process comes with a number of obligations. You must:
Demonstrate that your firm has adequate financial and operational resources to provide AIS safely, without compromising customer data and consent.
Meet the minimum operational requirements for AIS providers, implement strong IT security, and maintain records of account access so that you are prepared for FCA audits and monitoring.
Prepare detailed documentation, including a business plan, financial forecasts, and governance arrangements, as well as policies and procedures around data protection, customer consent, and operational resilience.
Submit an application through the Connect portal and prepare for an administrative process that typically takes several months and can extend to a year.
Seek guidance from external consultants where needed.
Meet continuing requirements after approval, such as monitoring, reporting, and operational resilience, and undergo periodic FCA reviews and supervision.
Note: Because AISPs do not transfer funds on customers' behalf in the way that PISPs (Payment Initiation Service Providers) do, the assessment focuses less on anti-money-laundering monitoring and more on strong security measures to prevent data loss or misuse.
Because of the strict regulatory requirements, lengthy process, and high costs, the decision to become an AISP is a significant commitment. It is more than building a financial data product; it means ongoing governance, security, maintenance, and regulatory obligations.
Read more about the application process on the FCA's website.
Authorisation is also only part of the story. To provide Account Information Services, you still need to build direct integrations to banks' open banking APIs, or partner with a TSP (Technical Service Provider) to build and maintain the infrastructure for you.
The pros and cons of becoming an AISP
In practice, many firms decide against becoming an AISP because of the regulatory burden. Alongside the extensive documentation needed to obtain authorisation, there are ongoing compliance costs: strict data-access controls, consent management, and secure authentication requirements.
You must also ensure that you always present collected data and analytics accurately, to prevent customer harm and avoid penalties for financial data misrepresentation. The FCA can reject or delay incomplete or unclear submissions, which can prolong the process and slow your product launch.
That said, there are clear advantages to holding your own authorisation:
You are fully in control of how financial data is accessed, processed, and presented. You are not limited by another provider's policies or pricing, which lets you tailor the product to your needs: for example, building advanced data-driven services such as financial analytics or credit scoring. You also own the user experience end-to-end.
Because you connect directly to open banking APIs, you can build your own infrastructure without relying on a third-party vendor's limitations.
You can expand into other regulated activities, such as Payment Initiation Services, by applying for an additional PISP authorisation.
Even so, many fintechs and financial institutions choose a different path: one that lets them build the product they want without the heavy regulatory burden.
Option 2: partner with an existing AISP
Because getting authorised is resource-intensive, partnering with an open banking platform that already holds the authorisation is a common alternative. In this setup, the platform extends its regulatory permissions to you. You operate under its supervision and within its compliance framework, and it remains accountable to the FCA.
There are two ways to do this: as a partner, or as an agent. Which one fits depends on the type of product you offer.
When to become a non-regulated AISP partner
If your product needs only basic bank account verification or simple balance checks, you can operate as an AISP partner.
For example, you might be an insurance company that verifies a claimant's bank account before paying out a claim, or a B2B lending platform that checks a business's registered bank account to confirm it is legitimate during onboarding.
In cases like these, you are using AIS in a non-regulated way: you do not display sensitive bank details to end users. You integrate with an open banking provider, but you remain outside its regulatory licence.
The pros and cons of a non-regulated AISP partnership
This route offers the fastest time to market, often taking just a few weeks to integrate and go live. You avoid FCA authorisation, audits, and ongoing compliance monitoring, and your provider handles data access, consent management, and API connections for you.
It is also the least expensive path, because there is no need to consult compliance experts or meet high capital requirements. If you want to test new markets or launch early-stage products, it works well.
The trade-off is limited functionality: this model is generally more suitable for limited, lower-risk use cases such as IBAN verification. If you later decide to show transaction history or data analytics to users, you will need to move to an agency model.
To discuss your options with an expert from our team, book a no-obligation call.
When to become a regulated AISP agent
If you are responsible for how your product presents sensitive banking data to end users, you must maintain compliance and operational standards and adhere to regulatory requirements, because mishandling or misrepresenting financial data can cause consumer harm and breach data protection laws.
For example, if you offer budgeting tools, credit scoring, or ERP dashboards as part of your product, you fall within the scope of open banking regulation.
Rather than becoming an AISP themselves, many firms with advanced data-driven tools choose to operate as agents under the authorisation of an existing AISP. As an agent, you are listed on the FCA Register under your principal's licence. You can lawfully provide AIS to your customers, but your activities are monitored, audited, and governed by the principal, subject to the agreed agency arrangements.
Note: Many firms begin with simple use cases and evolve toward more advanced features, which triggers the need for agency licensing. Moving from a partnership model to an agency model is not immediate, so it can extend product launch timelines. This is why a clear roadmap from the outset matters: it helps you set realistic timelines.
The pros and cons of a regulated agency model
For fintechs and financial institutions working in credit risk assessment, legal services, ERP and accounting tools, and retail credit scoring, an agency model is a practical way to offer advanced AIS capabilities without obtaining full authorisation.
You still need to maintain operational resilience, data protection, and compliance, and your operations are tied to the principal's licence conditions and policies. The principal will also audit you to ensure standards are met.
In return, you get the compliance and data-security support you need. Your principal does more than oversee your operations; it acts as an expert partner that can guide you from the start, monitor regulatory changes, advise on best practice, and help you stay audit-ready. That frees you to focus on your product rather than regulatory complexity.
Other advantages of the agency model include:
Agency applications are typically much faster than full AISP authorisation, often a matter of weeks rather than months.
Becoming an agent is significantly cheaper than getting authorised.
If your principal also holds a PISP licence, you can expand into Pay by Bank when you are ready.
If your principal also operates as a TSP, you can access its established infrastructure and bank connections, saving the time and resources of building from scratch.
The principal usually handles regulatory reporting and ongoing liaison with the FCA, saving you considerable operational effort.
An agency model is an effective way to test and validate your open banking product before deciding whether to commit to full authorisation.
Why choose Yapily as your AISP partner or principal
Yapily is an open banking platform licensed as both an AISP and a PISP. With extensive experience as a principal for agents, we have helped companies access full AIS and PIS capabilities to build tailored financial products.
Yapily also operates as a TSP, providing secure infrastructure and API connectivity to banks across major European markets. If you choose to become an AISP yourself, we can handle the technical integrations while you focus on regulatory and compliance responsibilities.
And if you decide that becoming an agent or partner of an existing AISP is the better path, we can support either: we can onboard you under Yapily's regulatory permissions as principal, or integrate you as a non-regulated partner for lighter use cases, and manage the bank integrations and API maintenance in both cases.
Here is what working with Yapily looks like.
Expert guidance from integration to ongoing scaling
Launching open banking services alone can take a year or more. Hiring compliance staff, managing FCA authorisation, and consulting external experts can pull focus away from building your product, and delays and compliance overhead can slow growth.
With deep experience in principal-agency models and authorisation procedures, we can act as your regulatory backbone: managing onboarding with the FCA, overseeing ongoing compliance obligations, and handling regular reporting. We will help you map your product journey against regulatory requirements, align your goals with realistic timelines, and manage risk, so you can offer AIS under a fully FCA-authorised framework without the regulatory overhead. We also prioritise transparent communication, so you stay up to date on regulatory changes, system updates, and new features.
Connections to over 2,000 banks across major European markets
Coverage determines how many of your customers can actually connect their accounts. Yapily offers connections across 2,000+ banks in 19 European countries, including the UK, Germany, France, and the Nordics, with strong business account connectivity alongside consumer, corporate, and wealth accounts, all through a single integration.
This means a single AISP authorisation can support a wide range of use cases, from B2B lending to B2C credit risk assessment, budgeting tools, KYC compliance, and wealth management.
Yapily Data Plus also adds transaction enrichment on top of raw bank data. It will:
Standardise transaction data aggregated from a user's bank accounts
Normalise merchant names
Flag recurring transactions
Categorise spending across business and consumer use cases
Access to both account information and payment initiation
If you were to get fully authorised as an AISP and later decided to offer Payment Initiation Services, you would need to apply for an additional PISP authorisation, which could add delays, costs, and operational friction.
As Yapily's agent, you can start with AIS and add Pay by Bank later, because we already hold both authorisations. If you add PIS under Yapily's regulatory permissions as principal and infrastructure, we will:
Make the API calls to initiate consented payments from customers' bank accounts on your behalf
Manage compliance obligations and updates
Provide Hosted Pages that are quick to set up and customise for consistent branding
You will also be able to access a range of payment options, including single payments, bulk payments, and variable recurring payments (commercial VRP is currently available in the UK only).
How Yapily helped Emma aggregate accounts and grow transaction value
Emma is a personal finance management app that helps over a million UK users track their spending and budget more effectively. Because most people hold more than one account, Emma needs to aggregate information from all of them into a single dashboard.
Using Yapily's AISP authorisation, Emma aggregates account and transaction data across its users' banks and enriches it to suggest budgets broken down by category. Emma also uses Yapily's PISP authorisation to let users move funds between accounts, pay contacts, and top up their Emma Invest account directly from their bank to trade in real time.
Since partnering with Yapily, Emma has been named one of the Apple App Store's top financial apps, and after launching instant top-ups for Emma Invest it recorded a 267% month-on-month increase in monthly transaction value. Read the full Emma case study.
Offer Account Information Services with Yapily's expert support
Whether you want to become an AISP and need a TSP to maintain your bank integrations, or you have decided to access AIS through an open banking platform's authorisation, Yapily can help.
Instead of building everything from scratch, hiring consultants for compliance guidance, and risking launch delays, you can rely on Yapily's team to walk you through the process and support your product as it grows.