Start Free Trial

Open Banking in Poland: How PSD2 Changes Your Financial Life

Guide to open banking in Poland. How PSD2 works, which banks support it, what TPP services are available, and the impact on personal finance management.

7 min czytania

Open Banking in Poland: How PSD2 Changes Your Financial Life

Open banking, mandated by the EU's PSD2 directive (Payment Services Directive 2), requires banks to share customer account data with licensed third-party providers (TPPs) when the customer consents. In practice, this means you can authorise a fintech app to read your bank transactions, check your balance, or even initiate payments, without giving away your login credentials.

Poland implemented PSD2 in 2019, and the ecosystem has matured significantly since then. Polish banks now offer standardised APIs (PolishAPI is the domestic standard), and a growing number of TPP services leverage these connections to provide budgeting, lending, and account aggregation tools.

How open banking works technically

The three roles

  1. ASPSP (Account Servicing Payment Service Provider): Your bank. It holds your money and data.
  2. TPP (Third Party Provider): The fintech app that wants to access your data. Must be licensed by KNF or another EU financial regulator.
  3. You (PSU - Payment Service User): You explicitly consent to the data sharing.

Two types of access

AIS (Account Information Service): Read-only access to your account data. Transaction history, balances, account details. Used by budgeting apps, credit scoring tools, and financial aggregators.

PIS (Payment Initiation Service): Ability to initiate payments from your bank account. The TPP does not touch the money; it instructs your bank to make a transfer. Used by payment platforms and e-commerce checkout solutions.

  1. You open a TPP app and click "Connect your bank account"
  2. The app redirects you to your bank's authentication page
  3. You log in to your bank using your normal credentials (on the bank's own page, not the TPP's)
  4. You explicitly consent to sharing specific data (e.g., "Allow reading transaction history for the next 90 days")
  5. The bank shares the data with the TPP via API
  6. Consent must be renewed every 90 days (PSD2 requirement)

Security guarantees

  • The TPP never sees your bank login credentials
  • You can revoke consent at any time through your bank
  • The TPP must be KNF-licensed (or passported from another EU regulator)
  • All communication is encrypted and authenticated with qualified certificates (eIDAS)

Polish banks and open banking readiness

All major Polish banks are PSD2-compliant. However, the quality and reliability of their APIs varies:

Bank API standard AIS quality PIS support Reliability
mBank PolishAPI Good Yes High
ING Bank Slaski PolishAPI Good Yes High
PKO BP PolishAPI Good Yes Medium-High
Santander PL PolishAPI Good Yes Medium-High
Millennium PolishAPI Adequate Yes Medium
Pekao PolishAPI Adequate Yes Medium
Alior Bank PolishAPI Adequate Yes Medium
BNP Paribas PolishAPI Good Yes Medium-High

PolishAPI is the standardised API specification developed by the Polish Bank Association (ZBP). It defines endpoints for account information, payment initiation, and confirmation of funds availability. While it provides a common structure, individual bank implementations differ in data richness and edge case handling.

Open banking use cases in Poland

Account aggregation

See all your bank accounts in one place. If you have accounts at mBank, ING, and Revolut, an aggregation service connects to each bank's API and presents a unified dashboard. This eliminates the need to log into multiple banking apps to get a complete financial picture.

Automated budgeting

TPP apps can read your transactions in real-time and automatically categorise spending. Instead of manually exporting CSVs from each bank, the data flows continuously. This enables features like spending alerts, category budgets, and trend analysis.

Credit scoring and lending

Open banking allows lenders to verify your income and spending patterns directly from your bank data (with your consent). This can speed up loan applications and potentially improve approval rates for applicants with thin credit files. Polish fintech lenders like Aion Bank and Creamfinance use open banking data in their underwriting.

Payment initiation

Instead of card payments or traditional bank transfers, PIS allows e-commerce sites to initiate a direct bank transfer at checkout. The customer authenticates the payment through their bank, and the funds move directly. This is cheaper for merchants (no card network fees) and potentially faster.

Limitations and challenges

PSD2 requires re-authentication every 90 days. This means every 3 months, you must log into your bank again to renew consent. For ongoing budgeting services, this creates friction and interruptions in data flow.

Data inconsistency

Different banks provide different levels of transaction detail. Some include merchant names, MCC codes, and transaction categories. Others provide only raw descriptions like "KARTOWY ZAKUP" without merchant identification. This inconsistency makes cross-bank analysis harder.

Screen scraping vs API

Before PSD2, many fintech services used screen scraping (logging into your bank's website and reading the HTML). PSD2 officially replaced this with APIs, but some TPPs still fall back to scraping when APIs are unreliable. Screen scraping is less secure and more fragile.

Slow innovation

Despite the regulatory framework being in place since 2019, Polish open banking adoption remains lower than in the UK or Nordic countries. Consumer awareness is limited, and many Poles are understandably cautious about sharing bank data with third parties.

Open banking and Freenance

Freenance supports importing transactions from major Polish banks via CSV and file-based imports. As open banking APIs mature, direct connections will provide real-time transaction data without manual exports. In the meantime, CSV import from mBank, ING, PKO BP, Santander, and others takes under two minutes and gives you the same comprehensive financial picture.

The future: PSD3 and the Financial Data Access Regulation

The EU is already working on PSD3 and the Financial Data Access (FIDA) regulation, expected to take effect by 2027-2028. Key changes:

  • Broader data scope: Beyond bank accounts to insurance, pensions, investments, and crypto holdings
  • Better API quality standards: Mandatory performance benchmarks for bank APIs
  • Premium APIs: Banks may charge TPPs for enhanced data access (higher frequency, richer data)
  • Improved consent management: More granular control over what data is shared and for how long

For Polish consumers, this means an increasingly connected financial ecosystem where a single app can provide a complete view of bank accounts, investments, insurance policies, and retirement savings.

Want full control over your finances?

Try Freenance for free

Related Articles

Fintech

Best Bank in France for Expats 2026: FR Bank Comparison

Hybrid 2026 guide to the best bank in France for expats — BNP Paribas, Société Générale, Boursorama, Revolut and N26 — KYC, fees, mortgage prep, IBAN.

Read more →Fintech

Best Bank in Germany for Expats 2026: DE Bank Comparison

Hybrid 2026 guide to the best bank in Germany for expats — Deutsche Bank, Commerzbank, Sparkasse, Postbank, Revolut and N26 — KYC, fees, mortgage prep.

Read more →Fintech

Best Bank in Italy for Expats 2026: IT Bank Comparison

Hybrid 2026 guide to the best bank in Italy for expats — Intesa Sanpaolo, UniCredit, Fineco, Illimity plus Revolut and N26 — codice fiscale, KYC, mortgage prep.

Read more →Fintech

Best Bank in the Netherlands for Expats 2026: NL Comparison

Hybrid 2026 guide to the best bank in the Netherlands for expats — ING, ABN AMRO, Rabobank, SNS, bunq, Revolut and N26 — BSN, KYC, fees, mortgage prep.

Read more →
Start today

Your path to financial freedomstarts here

Join thousands of investors who use Freenance to manage their personal finances.

Start for free
14 days free
No credit card
256-bit encryption