Project Overview
Open Banking AISP platform for UK SME lender. FCA COBS, PSD2, UK GDPR. £42M lending decisions improved. Case study.
Technology Stack
Compliance & Standards
The Challenge
A UK FCA-authorised SME lender originating £42M in SME loans per year was making credit decisions based on 3-month bank statements supplied by applicants as PDF uploads — subject to document fraud (Statement Doctor-type PDF manipulation), delays (waiting for bank statements), and limited visibility of actual cash flow patterns. FCA COBS required fair treatment of SME applicants; the PDF-based process was systematically disadvantaging SMEs with strong actual cash flows but irregular statement presentation. Budget: £90,000.
Our Approach
Open Banking AISP Integration
- TrueLayer Account Information Service Provider (AISP) integration.
- Applicant grants consent to share 12 months of transaction data directly from their business bank (automated, no PDF upload).
Supported banks
all major UK business banking providers (Barclays, HSBC, Lloyds, NatWest, Santander, Starling, Monzo Business, Tide).
Consent
90-day PSD2 re-authorisation window, revocable at any time.
Cash Flow Analysis Engine
Python ML model trained on 18 months of historical application data (approved loans, default outcomes).
Features
- average monthly revenue, revenue volatility, seasonality index, debtor payment patterns, large one-off transactions (flagged for underwriter review), and payroll regularity (indicator of employment headcount stability).
- Confidence scores per feature.
FCA COBS Fair Treatment Architecture
COBS 2.1 (fair, clear, not misleading): cash flow analysis explanation provided to applicants in plain English.
COBS 4
information about the credit product clear before application.
Consumer Duty
- decision audit trail — every lending decision logged with ML features used and underwriter override (if any).
- Declined applicants receive specific reasons, not generic rejections.
JMLSG AML Integration
SME lending is subject to MLRs 2017 AML obligations.
CDD
automated Companies House verification, director identity check (Onfido), and sanctions screening (Dow Jones).
EDD triggers
- loans above £25,000, high-risk sectors (cash-intensive businesses), and transaction patterns inconsistent with stated business activity.
- MLRO escalation workflow.
The Results
Platform live at 12 weeks, £84,000 — under budget.
PDF fraud elimination: zero forged bank statements accepted (all data from bank APIs directly).
Application completion time: 4.2 days average (from 11.4 days — waiting for PDF statements).
SME approval rate: 34% → 47% (Open Banking data revealed stronger cash flows than PDFs showed).
Default rate (6-month cohort): 18% reduction versus PDF-based cohort.
FCA Consumer Duty audit: decision audit trail praised as example of good practice.
“The Open Banking integration eliminated statement fraud entirely — you cannot manipulate a TrueLayer API response. The approval rate increase of 13 percentage points is real SMEs getting credit they were being denied unfairly. The FCA Consumer Duty audit found our decision audit trail was the strongest they had seen." — Chief Credit Officer, UK SME Lender (name withheld)”
Project Details
Related Case Studies
View AllOpen Banking AISP Platform for UK FinTech Startup
Open Banking AISP Platform for UK FinTech Startup. A UK FinTech startup needed to build an FCA-authorised Account Information Service Provider (AISP) platform that could a...
AI-Powered Customer Service Platform — UK FinTech
A UK FinTech company with 180,000 customers was spending £840,000/year on a 45-person customer service team, p...
Digital Banking Platform MVP — UK Challenger Bank
A UK challenger bank startup had received FCA authorisation with restriction (they could accept deposits but n...
Ready to Transform Your Business?
Let's discuss how our technical expertise can help you achieve remarkable results.