📊 Full opportunity report: The mandate. Why the US conversational- finance surface does not translate to Europe. on ThorstenMeyerAI.com — validation score, market gap, and execution plan.
TL;DR
The US rolled out a permissionless, API-based personal-finance surface in May 2026, while Europe’s regulatory framework treats such access as a licensed, consent-based activity. This fundamental difference alters market structure and entry costs.
On May 15, 2026, OpenAI launched its personal-finance surface in the United States, offering permissionless access to bank accounts via API, without requiring licenses or regulatory approval. In contrast, Europe’s regulatory environment treats such access as a licensed, consent-driven activity, making a similar product launch impossible without extensive compliance measures. This fundamental difference in architecture impacts market entry, product design, and competitive advantage.
The US approach allows companies to connect bank accounts through API keys, with minimal regulatory oversight, enabling rapid deployment of financial surfaces. OpenAI’s US launch exemplifies this permissionless model, where the aggregation layer exists outside formal regulation.
In Europe, the PSD2 regulation, effective since 2018, mandates that third-party providers (TPPs) must obtain licenses and operate under strict API standards. The upcoming FIDA regulation extends these rules to encompass investments, pensions, and loans, creating a licensing regime for accessing a broader set of financial data. These regulations are still being finalized, with operational dates expected around 2029-2030.
Furthermore, the EU AI Act classifies AI systems used for credit scoring as high-risk, requiring compliance, supervision, and classification, adding another layer of regulation. As a result, European firms building a similar conversational-finance surface must navigate a complex web of licensing, consent management, and AI classification, unlike their US counterparts.
The mandate.
Why the US conversational-
finance surface does not
translate to Europe.
data, AI — vs zero in the US build
maximum penalty
mandate — is likely operational
bank data · it is a licensed activity
- Access built by private aggregators — Plaid, Yodlee, MX, Finicity
- No banking license required to read bank data
- Read-only design sidesteps money-transmission rules
- No single federal open-banking statute · the surface ships as a product
- Access is a licensed activity — AISP / PISP under PSD2
- Regulator authorization required; no permissionless route
- Explicit, revocable, SCA-governed consent regime
- A directly-applicable rulebook (PSR) · the surface must be licensed
The architecture diverges at the foundation: the American surface treats account access as a product you buy and consent as a button you tap, while Europe treats both as mandates you are licensed and supervised to fulfill. In the US, you ship a finance surface. In Europe, you license one.Thorsten Meyer · The Mandate · Agentic Commerce 03
Implications of Regulatory Architecture on Market Access
The divergence in regulatory approaches creates a structural barrier for US-style permissionless finance surfaces in Europe. The EU’s mandate-driven system raises the cost of entry, favors licensed incumbents, and shifts the product focus from permissionless aggregation to compliance and consent management. This results in a more regulated, potentially slower, but more controlled market environment. The architecture difference means that US firms cannot simply export their products to Europe; they must re-engineer them around licensing and consent frameworks, which may influence innovation, competition, and consumer outcomes.
API-based personal finance management tools
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
European Regulatory Framework for Open Banking and Open Finance
Europe’s open banking regime was established by PSD2 in 2018, requiring third-party providers to obtain licenses and adhere to API standards. The regulation was designed to enhance consumer control and security, transforming account access into a regulated activity. The upcoming FIDA regulation aims to extend these principles to broader financial data, including investments and loans, creating a new category of licensed providers. Meanwhile, the EU AI Act, enacted in 2026, classifies AI systems used in credit and financial assessments as high-risk, imposing strict supervision and compliance obligations. These layered regulations collectively enforce a mandate-based architecture that contrasts sharply with the US’s permissionless model.
“In Europe, a service that reads your bank data is a licensed third-party provider operating under a directly-applicable rulebook — not a company that bought an API key.”
— Thorsten Meyer
European PSD2 compliant banking APIs
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Unclear Impact on Consumer Experience and Market Competition
It remains uncertain whether Europe’s mandated, licensing-based approach will result in better consumer protection, innovation, or market competitiveness compared to the US permissionless model. The long-term effects of increased compliance costs and concentration among incumbents are still being evaluated. For more on this, see the unbundling of the budget app.

Machine Learning for Credit Risk with Python: A Practical Guide to Default Prediction, Credit Scoring, Model Explainability, and Portfolio Risk Analysis
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Future Regulatory Developments and Market Adaptations
Regulators in Europe are expected to finalize FIDA and related regulations by 2027, establishing the licensing framework. US firms will need to adapt their products to comply with European licensing, consent, and AI classification regimes, which may lead to the emergence of new local players and partnerships. Monitoring the impact of these regulatory differences on market dynamics and consumer outcomes will be key in the coming years.
financial data licensing platforms Europe
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
Why can’t US permissionless finance surfaces operate freely in Europe?
Because European regulations treat bank account access as a licensed, consent-based activity governed by strict rules, unlike the permissionless, API-driven approach in the US.
What is the role of the FIDA regulation in Europe?
FIDA extends open-banking principles to broader financial data, creating a licensing regime for access to investments, pensions, and loans, and imposing compliance obligations on providers.
How does the EU AI Act impact financial AI systems?
The AI Act classifies certain financial AI systems as high-risk, requiring supervision, classification, and compliance measures, adding another layer of regulation for firms deploying conversational or credit AI models.
Will European consumers benefit more from this regulatory approach?
It is still uncertain. The regulation aims to enhance security and control, but may also slow innovation and favor incumbents, affecting competition and consumer choice.
What should US firms do to enter the European market?
They must develop licensed, consent-managed products compliant with European regulations, which may involve significant re-engineering and partnership with local licensed providers.
Source: ThorstenMeyerAI.com