Third party providers: Open Banking and the Payment Services Directive


Open Banking

Open Banking is the name used by the financial industry to talk about services which let account holders share their financial information and give permission for banks and other authorised organisations to make payments from certain accounts.

Open Banking was introduced by the UK’s Competition and Markets Authority (CMA) to bring more competition and innovation to the financial services industry. It works using a secure system to let you register with other banks or authorised organisations (known as third party providers, or TPPs) and tell your bank to let them see and use your payment account details.

With Open Banking, you can now link specific external accounts in our mobile banking app. By linking your current accounts, savings accounts or credit cards in our app, you'll be able to manage your money more easily in one place. 

It's up to you if you want to share your data. Open Banking gives the opportunity to share your information, but only if you expressly give your permission.

Payment Services Directive

The Payment Service Directive (PSD) is European law, which is translated into UK law as the Payment Services Regulation. This law tells banks and other providers how they have to process payments and other services linked to providing payment services. The PSD was updated, and one of the changes introduced similar services to those contained in the UK’s Open Banking rules.

The PSD changes mean that TPPs can (with your express permission) see information about accounts and make payments on your behalf. This applies to any payment account you can use online (such as current accounts, credit cards and some savings accounts).

Following a number of changes to the law and regulation you can now give certain permitted companies (third party providers or TPPs) access to some of your accounts, so they can provide services such as:

  • Account aggregation: see your accounts with different providers all in one place in a mobile app or online. Banks, building societies and price comparison websites will be some of the companies providing this type of service.
  • Payment initiation: online payments can be made on your behalf, as an alternative to using your debit or credit card. Some online retailers will be providing this service.
  • Confirmation of funds: the ability for a TPP to be able to confirm if you have available funds before you use their card for a purchase.

TPPs can only access your information and provide these type of services if you’re registered for Online Banking and give your consent.

Before you give consent for any third party provider (TPP) to access your accounts, it’s important that you understand the services they’re providing and how they’ll use your information, including if they’ll be sharing it with anyone. You should also take reasonable steps to ensure that the company is legitimate. See the ‘Be Safe’ tab for more information. 

To obtain your consent to access your accounts, TPPs can:

  • Redirect you to Santander, where we’ll take you through a detailed online authorisation process. If you are familiar with the way to log on to our Online Banking, then this process will be very similar. A One Time Passcode (OTP) will be required to complete the consent process. This will be sent to the OTP mobile number registered with us. Remember you should never share an OTP with anyone, not even a Santander employee. Learn more about OTPs

If you’re using a mobile device when redirected and you’re already registered for Mobile Banking, you can use your fingerprint or Security Number to authorise your consent.  If you’re a business customer this option isn’t available.

  • You can withdraw and manage your account information, confirmation of funds and sweeping consents at any time with your TPP or with us in Online Banking. Simply log on, choose ‘Account Services’ then click on ‘Open Banking connections’ from the menu. Retail Customers can also do this on their mobile app. Log on, tap ‘More’, then ‘My details and settings’ and ‘Open Banking connections’ under the ‘Privacy’ section.

You can also call us on 0330 9 123 123. If you’re a business customer, you can call us on 0330 123 9860.

For payment initiation services, how you give your consent depends on the kind of payment you're making:

  • Single immediate payments including credit card balance transfers: you’ll have to give your consent every time a TPP initiates a payment on your behalf. The payments will normally come out of your account straightaway, although they can take longer. Once you’ve authorised a payment, we won’t be able to stop it. The payments initiated by these companies are Faster Payments, these are taken directly from your account using your account details and not your card. Any cashback benefits associated with your cards, including Santander Boosts, won’t apply.
  • Variable Recurring Payments (Sweeping): Your TPP may offer you the ability to make regular transfers between your own accounts (sweeping your money). You will only need to give us your consent during the initial set up, your TPP will then make payments between your accounts as agreed with them (you can set amount, frequency & limits). 
  • Standing orders: you’ll need to give your consent during the set up of the standing order. Once the consent is given, your scheduled payment(s) will work as normal.  
  • Future-dated payments: you’ll need to give your consent every time you wish to set up a future-dated payment.  Once the consent is given, your scheduled payment will work as normal.
  • International payments: you’ll need to give your consent every time a TPP initiates a payment on your behalf. If it’s an immediate payment it will normally come out of your account straightaway and you’ll be able to see the rate used in Online and Mobile Banking or on your statements.
  • Business banking customers can make Chaps and bulk file Faster Payments when using a TPP: you’ll need to give your consent every time you want to make a payment. 
  • For bulk file payment uploads, you can process files up-to 2MB in size. We will process the file even if any of the payee details are incorrect. You can check your statement to identify if any of the individual entries have not been successfully paid. If you would like any further help with processing payments, please contact 0330 123 9860.
  • To cancel a scheduled/future dated bulk payment file initiated via a TPP, contact us on 0330 123 9860 as soon as possible but at the latest a business day before the payment is due to leave your account.

Know your rights

  • Third party providers (TPPs) can only provide these services if you agree and they can only access the accounts you have given your consent for.
  • TPPs have to provide key information about their services. This should include what data they will have access to and how they will use it or share it. They will also have to tell you what to do if you’re not happy with the service.
  • You can withdraw and manage your account information, confirmation of funds and sweeping consents at any time with your TPP or with us in Online Banking. Simply log on, choose ‘Account Services’ then click on ‘Open Banking connections’ from the menu. Retail Customers can also do this on their mobile app. Log on, tap ‘More’, then ‘My details and settings’ and ‘Open Banking connections’ under the ‘Privacy’ section. 
  • We may refuse to give access to a TPP, for example, if we believe there is a risk of fraud.

Take responsibility

  • Take reasonable steps to check a TPP is legitimate. Ask them for more details, for example who they are regulated by. UK based TPPs must be registered with the Financial Conduct Authority (FCA). You can check the FCA register at: register.fca.org.uk/
  • Be alert. You should be vigilant to fraud when using these services. If there is a reason to suspect that the TPP is not who they claim to be, don’t disclose any information. A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Don’t give out personal or financial details unless it is to use a service that you have signed up to, and you’re sure that the request for your information is directly related.
  • Understand what you are agreeing to, by making sure you read the terms and conditions of the TPP carefully.
  • Regularly check your accounts and if you notice any activity you don’t recognise, talk to us. To help you stay up to date with your accounts you can set up alerts. If you’re a business customer you can also use the alerts service
  • If you notice a transaction you didn't authorise, or think you've been a victim of fraud, call us immediately. Personal customers call us on 0330 9 123 123 or 0800 313 4321 (freephone), and business customers on 0330 123 9860 or 0800 011 3414 (freephone). Lines are open 24 hours a day, 7 days a week.
  • For more information about your responsibilities and keeping your account safe take a look at your product terms which you can find on your product page, or find out more on our spotting fraud and scams page.

Understand the consequences

  • Once the TPP has your consent and has obtained your information, they’ll be responsible for the security of that data. We can’t control how it will be used.
  • Once you have authorised a TPP to make a payment, you may not be able to stop it.

Keep safe from fraud

  • Never share a Santander One Time Passcode (OTP) with anyone, not even with a Santander employee.
  • Never download software or let anyone log on to your computer or devices remotely during or after a cold call.
  • Never enter your Online Banking details after clicking on a link in an email or text message.
  • For more information on how to protect yourself see our spotting fraud and scams page.

Your rights when making payments in Europe

For more information you may want to visit:

The Open Banking and the Financial Conduct Authority websites.

To see what these changes to the law and regulation mean for your accounts, go to the ‘Third party providers’ section on these pages:

If you’re a TPP providing account information or payment initiation services and want to read more about how to use/access our APIs, you can find the technical specifications on our developer portal

Was this helpful?

Ask us a question

We'll help you get the
answers you need

Do your banking online

Ways for you to manage your
money without leaving home