KSA Open Banking Framework

Saudi Central Bank (SAMA) • Kingdom of Saudi Arabia

The framework that enables and governs the implementation of Open Banking in the Kingdom of Saudi Arabia.

Customer Outcomes

The Saudi Arabian Open Banking Framework is designed to provide multiple benefits to customers, such as greater control over their financial data, improved transparency, broader access to financial products and services, a better overall user experience, and increased competition that can lead to more attractive products, pricing, and personalized solutions.

Interoperability

The Saudi Arabian Open Banking Framework focuses on interoperability by defining standardized APIs and data formats. This allows banks and authorised third-party providers to integrate and communicate smoothly, ensuring data compatibility and efficient information exchange, ultimately supporting a unified and connected open banking ecosystem.

Cost: Free

Topic: Open Banking

Approach: Hybrid, Market Driven, Regulated

General Info

Owner

Saudi Central Bank (SAMA)

Region

Kingdom of Saudi Arabia

Scope

Banking

Open Banking

Account information
Service Requests

Principles

The core principles of the Saudi Arabian Open Banking Framework include customer consent, security, standardization, competition, innovation, and regulatory supervision. Its focus is on enabling secure data sharing, ensuring consumer protection, enforcing standardized API compliance, and ultimately supporting a broad range of consumer and business use cases.

Products

Wallets or Prepaid | Credit Cards | Current Accounts

Technical Details

Data Format

JSON | YAML | RESTful

Approach

Regulated

Access

The API specifications are provided under an open-source license to any developer who has registered and been approved by SAMA. However, only SAMA-authorized companies are permitted to use Open Banking APIs to access customer financial data on their behalf.

Mandated Premium

Mandated

Key Features

The Open Banking Framework is a regulatory structure that incorporates a complete set of legislative requirements, regulatory guidelines, and technical standards. Its key components include:

Market Participants: Clear definitions of the roles of all participants, along with a registry of banks and fintechs operating within the KSA Open Banking ecosystem.
Use Cases: An overview of the evaluation and prioritization framework for Open Banking, detailing the use cases to be supported with each new release.
Business Rules: Specific directives outlining the requirements that banks and fintechs must meet to deliver Open Banking services, with rules linked to particular use cases clearly defined.
KSA Standards: These cover Customer Experience Guidelines, API Specifications, Implementation Requirements, and Operational Guidelines.
Certification Framework: A comprehensive certification process supported by templates and detailed steps for both banks and fintechs.
Complaint Management Process: A mechanism that allows market participants to file complaints against others in cases of technical, onboarding, or operational issues that could hinder the successful delivery of Open Banking services.

Trust Framework

Registry | Certificates

Security Model

FAPI1 | OAuth | OIDC | CIBA

Consent

Browser Redirect | Decoupled |App to App Redirect

Guidelines

Customer Experience Guidelines | Operational Guidelines | API Specifications

Account Information

Developer Resources

The following resources are available to all registered developers:

Open Banking Framework (including Use Cases, Business Rules and Standards)
Open Banking Lab (including Model Bank and Conformance Tools)

Compliance & Governance

History

Open Banking in Saudi Arabia is still in its early stages. In December 2020, the Saudi Central Bank (SAMA) introduced the Open Banking Policy to encourage greater innovation and competition in the financial sector. The Open Banking Framework was rolled out gradually, supported by rules and guidelines designed to enable secure data sharing and improve customer choice and experience.

In May 2022, the Open Banking Lab was launched, initially aligned with the UK Open Banking Standard, to allow banks and fintechs to begin development and testing. The official launch of the Open Banking Framework took place in November 2022.

In May 2024, SAMA introduced the “View My Bank Accounts” feature as a measure to help prevent fraud. By September 2024, SAMA released a major update to the Framework focusing on Payment Initiation Services (PIS). Other developments in 2024 included the introduction of standardized PIS protocols to support smooth transactions, approval for several fintechs to deliver open banking services through the SAMA Regulatory Sandbox, and the licensing of “Tamawal” to provide financial aggregation services.

Certification

Functional | Customer Experience | Security Profile | Operational

Compliance

The Open Banking Lab supports a comprehensive certification framework required for all banks and fintechs offering open banking services.
The certification covers:

Security Certification (aligned with the OpenID FAPI profile)
Functional Certification
Customer Experience Certification
Operational Certification

Additionally, SAMA provides a formal complaints mechanism to facilitate quick resolution of issues between participants before any escalation.

Governance

The Saudi Central Bank (SAMA) is responsible for governing the Kingdom of Saudi Arabia’s Open Banking Framework. It establishes the regulatory requirements, guidelines, and standards for open banking, oversees adherence to these rules, and ensures robust security, privacy, and customer data protection across the framework.