[Barclays] Joint Accounts lockout

Description

Joint Accounts Lockout

By default, Barclays do not provide access to accounts that have multiple owners (Joint Accounts).

PSUs who attempt to connect with Open Banking dialogues will have to cancel the process and get both parties to complete a procedure of flagging the account as "available" for Joint accounts (see images)

However, this is completely at odds with all relevant legislation and regulations.

The Payments Service Regulation 2017 Section 70(2)(b) requires that providers of AIS must (emphasis added)

> treat a data request from the account information service provider in the same way as a data request received directly from the payer, unless the account servicing payment service provider has objective reasons for treating the request differently;

This provision came into effect 13th January 2018 and I would seek clarification for how the current offering fits into these constraints. Joint accounts do not require multi-party authorization and either of the two parties is able to have full access to Account Information and Payment Initiation services through traditional interfaces. Yet with the provision of Account Information Services (and presumably PIS too) PSUs are subject to this arbitrary source of friction.

The PSD2 Regulatory Technical Standards Article 32(3) makes clear that (emphasis added)

> Account servicing payment service providers that have put in place a dedicated interface shall ensure that this interface does not create obstacles to the provision of payment initiation and account information services. Such obstacles, may include, among others, preventing the use by payment service providers referred to in Article 30(1) of the credentials issued by account servicing payment service providers to their customers, imposing redirection to the account servicing payment service provider's authentication or other functions, requiring additional authorisations and registrations in addition to those provided for in Articles 11, 14 and 15 of Directive 2015/2366, or requiring additional checks of the consent given by payment service users to providers of payment initiation and account information services.

Therefore, under the current and PSD2 aligned regulatory frameworks, the Barclays offering is in our opinion non-compliant.

Remediation

Barclays should remove this feature as soon as is practical and ensure all PSUs can access Open Banking Services without arbitrarily introduced sources of friction. Failing this, Barclays should provide immediate justification for how these design decisions fit into the current and foreseeable regulatory frameworks (PSD2 etc.).

Technical Impact

None

Workaround

None

Resolution Notes

None

Impact Assessment

None

Status

Assignee

Unassigned

Reporter

Service Desk

Reference

None

Service Desk Reference

OBSD-4851

ASPSP

Query Type

Read/Write
Other

Created (Original)

Sep 07, 2018, 10:49 AM

TPP Impact

Medium

Issue Summary

None

OB Environment

Production

Business Impact Severity

None

Share

Yes
Configure