Project Overview
UK FinTech building Personal Finance Management app (iOS + Android, 280,000 users year one) using Open Banking...
Technology Stack
Compliance & Standards
The Challenge
UK FinTech building Personal Finance Management app (iOS + Android, 280,000 users year one) using Open Banking. TrueLayer AISP, 90-day re-consent management, ICO DPIA (financial behaviour profiling), FCA Consumer Duty, PECR, UK GDPR, ICO AADC (some users under-18). Budget GBP110,000.
Our Approach
TrueLayer AISP Integration
- 1Bank connection flow (React Native TrueLayer Link SDK),
- 2bank data retrieval (balance, transactions, direct debits, standing orders),
- 390-day re-consent management (GOV.UK Notify reminder 7 days before expiry -- not dark pattern),
- 4multi-bank aggregation (current, savings, credit card),
- 5real-time balance (TrueLayer webhook). TrueLayer holds FCA AISP -- client operates as registered agent.
Transaction Categorisation ML
- 1Merchant identification from TrueLayer,
- 2XGBoost classifier (UK merchants -- Tesco, Waitrose, Deliveroo, ASOS -- custom UK training data),
- 3category correction (customer correction used as training signal),
- 4budget tracking (category budget vs spending alert).
ICO AI fairness
categorisation accuracy tested for demographic bias.
ICO DPIA for Financial Profiling
DPIA mandatory (Article 35 -- systematic financial behaviour monitoring): (1) lawful basis (legitimate interest for core PFM), (2) no third-party sharing without explicit consent per category, (3) credit risk inference gate (if inferring creditworthiness from spending -- FCA Consumer Credit authorisation required), (4) sensitive spending (gambling, healthcare visible -- extra care), (5) consent-first architecture throughout.
FCA Consumer Duty PFM Design
- 1Product designed to genuinely help customers manage money (not data harvest),
- 2nudges must be in customer interest (not engagement maximisation),
- 3financial promotions (if PFM promotes products -- FCA financial promotion rules apply),
- 4vulnerability signals (financial distress UX -- what to show a customer in difficulty),
- 5data portability (UK GDPR Article 20 -- customer can export all their data).
The Results
FCA AISP confirmed (via TrueLayer).
Consumer Duty confirmed.
Platform live at 18 weeks, GBP102,000. 280,000 iOS + Android users.
Bank connections 84.2%.
Categorisation accuracy 94.2%. 90-day re-consent rate 82.4%.
ICO DPIA filed.
PECR marketing consent 68.4%.
Zero third-party sharing without consent.
The 90-day re-consent reminder sent 7 days before expiry -- not the day before -- was the Consumer Duty feature that maintained trust.
Customers who feel in control of their data use the product more.
Open Banking consent should feel like permission freely given, renewable freely.
Not an emergency renewal forced on the last day. -- CEO, UK PFM FinTech
Project Details
Related Case Studies
View AllOpen Banking AISP Platform for UK FinTech Startup
Open Banking AISP Platform for UK FinTech Startup. A UK FinTech startup needed to build an FCA-authorised Account Information Service Provider (AISP) platform that could a...
AI-Powered Customer Service Platform β UK FinTech
A UK FinTech company with 180,000 customers was spending Β£840,000/year on a 45-person customer service team, p...
Digital Banking Platform MVP β UK Challenger Bank
A UK challenger bank startup had received FCA authorisation with restriction (they could accept deposits but n...
Ready to Transform Your Business?
Let's discuss how our technical expertise can help you achieve remarkable results.