Project Overview
A UK FCA-registered AISP (Account Information Service Provider) building a consumer personal finance managemen...
Technology Stack
Compliance & Standards
The Challenge
A UK FCA-registered AISP (Account Information Service Provider) building a consumer personal finance management (PFM) app needed to achieve Open Banking connectivity across all major UK banks — replacing a legacy Yolt-style API that was shutting down. FCA AISP registration, PSD2/PSRs UK retained, FCA Consumer Duty PS22/9, ICO AADC (some users were under-18 with parental consent), UK GDPR, AML (transaction monitoring for suspicious patterns), and WCAG 2.1 AA (mobile app) were mandatory. Budget: £90,000.
Our Approach
FCA AISP
- registered to access customer bank account information with consent.
- TrueLayer (Open Banking middleware): aggregates Open Banking connections to all major UK banks (HSBC, Barclays, Lloyds, NatWest, Santander, Halifax, Monzo, Starling, Revolut, First Direct — 95%+ of UK current accounts).
TrueLayer Auth API
OAuth 2.0 PKCE (customer consents → TrueLayer → bank → TrueLayer token → AISP API).
Data received
account details, balances, transactions (90-day history at consent, 90-day rolling thereafter).
Consent management
- 1consent duration display (90 days — bank-enforced),
- 2renewal reminder (84 days — customer re-consents before data gap),
- 3revocation workflow (customer revokes consent → data deleted within 30 days — UK GDPR Article 17).
FCA consent record
every consent created, renewed, and revoked logged immutably.
Transaction categorisation
ML model (fine-tuned on UK transaction descriptions — Tesco, ASDA, Costa Coffee, council tax, TV Licence) → 32 categories (groceries, transport, entertainment, utilities, savings, income).
Merchant enrichment
Monzo-style merchant logos and clean names (remove bank transaction codes).
Net Worth calculation
- 1current account balance,
- 2savings accounts,
- 3credit cards (liability),
- 4mortgages (TrueLayer mortgage data where available).
Budget feature
user sets monthly budget per category → spending tracked against budget → alert at 80% → notification at 100%.
Spending prediction
30-day forward spending forecast (linear regression on last 6 months spending patterns — Conservative/Expected/Optimistic).
FCA Consumer Duty PS22/9 for PFM
FCA Consumer Duty applies to FCA-registered AISPs providing consumer-facing financial tools.
Consumer Duty design obligations
- 1product design (PFM features must genuinely help consumers — not nudge them into products that generate commission),
- 2price and value (if PFM app earns referral fees from financial products — explicit Consumer Duty value assessment),
- 3consumer understanding (spending insights must be clear, accurate, and not misleading — no dark patterns inflating apparent savings),
- 4consumer support (customers can delete their account and all data within 30 days — right to erasure).
No referral nudging
ClickMasters explicitly designed the PFM to not nudge users towards partner financial products — pure PFM, no commission.
FCA Consumer Duty simplifies to
- help customers, do not exploit them.
- ICO AADC PFM Under-18
Compliance
Some PFM users are under-18 (16–17 year olds with bank accounts — Monzo, Starling, HSBC under-18 accounts).
AADC compliance
- 1age verification at registration (DOB required — under-18 triggers AADC mode),
- 2AADC controls (behavioural analytics off by default, no spending pattern advertising, parental consent for under-16),
- 3data minimisation (under-18 profiles do not have investment or credit product recommendations — not age-appropriate),
- 4screen time limitation (under-18 app usage monitoring — ICO recommends but not mandated),
- 5parental consent workflow (under-16: parent account linked, parent must approve data access). Open Banking under-18: bank accounts for under-18s (Monzo Under-16 accounts) — Open Banking consent by parent on behalf of minor.
The Results
FCA AISP registration confirmed.
Platform live at 16 weeks, £84,000 — under budget. 142,000 registered users at month 6. 95%+ UK bank coverage via TrueLayer.
Consent renewal rate: 84.2% (target: > 80%).
Transaction categorisation accuracy: 92.4% (UK transaction descriptions).
Consumer Duty review: confirmed compliant.
AADC compliance: 2,840 under-18 users with age-appropriate controls.
Right to erasure: 100% within 30 days.
WCAG 2.1 AA (mobile): zero non-compliances.
App Store rating: 4.4/5 (App Store) 4.3/5 (Google Play).
“142,000 users in 6 months. 95% UK bank coverage. Consent renewal 84.2%. Transaction categorisation 92.4%. Consumer Duty confirmed. AADC 2,840 under-18 users compliant. Right to erasure 100% within 30 days. App Store 4.4. The pure PFM positioning — no referral commissions, no product nudging, just genuine financial insight — was the Consumer Duty design that got FCA approval fast. FCA approved our Consumer Duty assessment in 3 weeks. Products designed to help, not exploit, do not need lengthy regulatory negotiation." — Founder, UK Open Banking PFM App (name withheld)”
Project Details
Related Case Studies
View AllOpen Banking AISP Platform for UK FinTech Startup
Open Banking AISP Platform for UK FinTech Startup. A UK FinTech startup needed to build an FCA-authorised Account Information Service Provider (AISP) platform that could a...
AI-Powered Customer Service Platform — UK FinTech
A UK FinTech company with 180,000 customers was spending £840,000/year on a 45-person customer service team, p...
Digital Banking Platform MVP — UK Challenger Bank
A UK challenger bank startup had received FCA authorisation with restriction (they could accept deposits but n...
Ready to Transform Your Business?
Let's discuss how our technical expertise can help you achieve remarkable results.