Open Banking FAQs
Open Banking is a relatively new technology that allows you to securely share certain financial information with other financial providers or services of your choosing, such as payments, statements and transactions. This makes it easier for these financial services providers (such as Recognise) to suggest to you products or services that are personalised and suitable for your needs.
Open Banking in the UK is regulated through the Payment Services Regulations 2017 and the EU Payment Services Directive (PSD2).
Open Banking aims to benefit both customers and financial services providers in a number of ways.
In order for Recognise to provide you with more efficient services, such as credit underwriting, it is quicker and simpler for us to access your banking and financial information via Open Banking directly from your bank. This avoids you needing to send this information to us manually which is time consuming and puts the administrative onus on you. We then use this data to assist with underwriting loans and considering your profile in line with our lending policy parameters. This means that you are able to make smarter and quicker financial decisions for your business, and you can take control of your finances.
To grant us permission, you will need to follow the following steps:
- Opt in for Open Banking by ticking the box on the Application Form for your Recognise Business Loan;
- Receive an email from Recognise Bank with a link to grant consent;
- Click the link in the email and provide consent to Recognise;
- Recognise will then have access to the data via an Application Programming Interface (API) from your bank for a period of 90 days.
- If you are an existing customer, please contact your Business Development Manager or Loan Manager who will send the email with the link to grant consent.
Recognise will use Open Banking data to assist us with the underwriting of your business loan and for the ongoing monitoring and management of your business loan, which also enables lenders such as Recognise to protect our customers that may be experiencing financial difficulties.
Yes, you may withdraw your consent at any time, after which Recognise will not be able to access your financial data.
There are two ways to withdraw consent to your data;
- By contacting Recognise through the Contact Us page (under Lending).
- By contacting your bank or building society to let them know you no longer want Recognise to have access to your data.
Consent is given for a period of 90 days from the date of the Application Form being signed, following which Recognise is permitted to access your data up to, the earlier of the end of this 90 day period or until consent is withdrawn.
You will need to give consent every 90 days to enable Recognise to continue to access your data. We will send you an email asking you to provide us with this consent.
We will have access to:
- your account details, including the name on your account and your balance; and
- transaction details, including payees, direct debits, standing orders and incoming payments.
The data is stored in a secure and encrypted cloud storage, in the same way we store all of your other personal and financial information. We have security measures in place that prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to only those users who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. Although we take appropriate steps to protect your personal data, we cannot guarantee that your personal data will not become accessible to unauthorised persons and we cannot be responsible for any actions resulting from a breach of security when information is supplied over the internet or any public computer network.
Your data is important to us and we take all reasonable steps to maintain it safely and securely and fully in accordance with the General Data Protection Regulation.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator as soon as possible of a breach where we are legally required to do so.
We keep personal data for seven years from the end of the last financial year of our business relationship with you. This includes credit agreements, applications forms (paper and electronic), ID provided, credit scores, payments default records and complaints.
We keep data relating to prospective and indicative customer enquiries for 6 months following the expiry of the enquiry.
There will be some limited circumstances in which we will need to transfer your personal data outside of the UK and/or the European Economic Area (which means all the European Union (EU) countries plus Norway, Iceland and Liechtenstein, together “EEA“). However, when we need to transfer your personal data abroad, we take steps to ensure that your personal data is adequately protected and in compliance with data protection laws such as entering into the UK’s International Data Transfer Agreement (for transfers of personal data from the UK) – this is a set of contractual wording which has been issued by the ICO. You can find more details in our Privacy Notice.
Your data is protected throughout its journey by a set of safeguards we have put in place. For example, as your data is on the move, it is encrypted via industry best practices using Transport Layer Security (TLS 1.2), and when it is stored, it is encrypted by Advanced Encryption Standards (AES-256).