Accelerating Financial Service Innovation With Identity-Powered Open Banking in the Americas

Open banking is rapidly becoming a critical plank of digital innovation in the financial services industry across both North and South America. Whether driven by regulation, market innovation, or consumer demand, the financial industry across both continents is increasingly embracing a standards-based, application programming interface (API)-first mindset in a bid to accelerate hyper-personalization, trust-based relationships, and value upsell.

While digital challengers continue to capture digitally-savvy customers, incumbent providers are scrambling to meet the increasing demand for seamless and customer-centric experiences in a bid to maintain competitiveness. What might come as a surprise, is this paradigm shift is underpinned by technical standards that govern financial-grade APIs (FAPIs) interacting with enterprise-grade identity and access management (IAM). 

The battle for market share in North and South American banking, and indeed the wider financial services industry, will hinge on the degree to which financial service providers embrace these technologies and industry standards and leverage underlying investments to deliver differentiated customer experiences.

Personal Financial Data Rights Rule Compliance

The United States has long taken a market-led approach to open banking, contrasting with the regulatory framework seen in the United Kingdom, the European Union, and much of Latin America. However, this all changed in October 2024 with the Consumer Financial Protection Bureau (CFPB) publishing its long-anticipated rule under Section 1033 of the Dodd-Frank Act. 

The Personal Financial Data Rights rule (PFDR) mandates that financial institutions provide consumers with access to their financial data in a digital, secure, and interoperable format. Most importantly, the PFDR rule puts in place provisions to enable the consumer to securely share their personal data with what’s referred to as “data recipients” or third-party providers. By doing so, the PDFR rule has set both the technical and policy groundwork for the benefits of open banking extending beyond the membership-based Financial Data Exchange (FDX), a nonprofit standards body officially recognized by the CFPB as a standards authority.

The PFDR rule lays out a phased compliance timeline, starting with “tier 1” institutions by April 2026, and eventually encompassing smaller financial institutions in the following years. However, since its announcement, the future of the CFPB, and by extension the enforcement of the PFDR rule, has come under new scrutiny of the current White House administration. 

PFDR For Customer Empowerment

While the CFPB’s regulatory role, structure, authority, and recent rulings have been called into question, Section 1033 remains binding federal law, and until further notice, financial institutions are still required to move toward compliance.

Amidst this uncertainty, a growing number of banks and credit unions are proceeding with measured intent. Many tier 1 and 2 institutions have already begun investing in API infrastructure, customer consent flows, and risk management systems that align with the Financial Data Exchange (FDX) standard and FAPI 2.0 security profiles. They recognize that the PFDR rule is not merely a compliance obligation, but a catalyst for customer empowerment, competitive differentiation, and long-term strategic value.

This forward momentum is being driven by clear market signals. Over 94 million U.S. consumer accounts are already sharing data via the FDX API standard.¹ Consumers, especially digital-first users, are demanding more control, more choice, and seamless functionality in their digital experiences. They expect their banking services to behave more like a platform: interoperable, responsive, and transparent.

A Move Away from Screen Scraping

In parallel, financial institutions understand that moving from screen scraping, where customers share login credentials with third parties, to tokenized, standards-based APIs will not only improve security and trust, but also open new commercial and partnership opportunities. With the right open banking architecture, banks can empower customers to manage their data-sharing permissions, foster deeper third-party collaboration, and reduce operational and reputational risk.

The FDX forms a key component of the open banking ecosystem in the United States. As of 2021, FDX data exchange volumes have exceeded 2 billion API calls per month​.² This clearly establishes the demand for secure, standards-based data sharing in the US financial ecosystem. 

FDX provides the foundational architecture to move away from legacy data-sharing methods such as screen-scraping, an insecure and outdated practice where consumers share login credentials with third parties. Instead, FDX-compliant APIs enable tokenized, encrypted, and permissioned data flows, dramatically improving both privacy and transparency.

By adopting FDX standards, institutions gain better control over data sharing and offer consumers more visibility and control over third-party access. This not only increases trust but also opens doors for enhanced collaboration with fintech companies, embedded finance platforms, and digital partners.

The FAPI 2.0 standard, published by the OpenID Foundation, represents the next evolution in secure API-based data sharing.³ FAPI 2.0 was designed specifically for high-value use cases like financial services and introduces a suite of features that go beyond basic OAuth 2.0 by extending to focus on:

• Formal Security Proofs to verify the integrity of the framework

• Rich Authorization Requests (RAR) for fine-grained user consent and delegated access

• Enhanced interoperability across API ecosystems

• Proof-of-Possession tokens and mTLS for client authentication and token binding

By leveraging FAPI 2.0, banks can significantly enhance customer security while enabling more flexible, user-driven access models. It’s a standard built for the real world of fintech integrations, open data platforms, and embedded finance use cases.

The endgame of open banking isn’t just compliance, it’s customer empowerment and consumer choice. Through enhanced data security, data access, and data privacy, consumers can use budgeting apps, apply for credit cards faster, compare bank accounts, or integrate real-time account info into a super app.

Instead of clunky PDF uploads or insecure credential sharing, modern consumers will expect seamless, instant connectivity between their primary bank and any digital app they choose. With FAPI 2.0 and FDX standards, this vision is becoming a reality. True digital natives won’t tolerate poor UX or limited data portability. Offering intuitive, customizable, and consent-driven services isn’t a differentiator anymore, it’s the minimum bar.

Open banking isn’t a zero-sum game. By giving customers better visibility and control over their data, financial institutions can deepen trust and strengthen brand affinity. API-first banking also unlocks:

• Greater personalization through data insights

• Faster onboarding and underwriting using real-time income and spending data

• Lower servicing costs via automation

• New revenue streams from embedded finance and banking-as-a-service (BaaS) partnerships

• Better fraud detection using behavioral analytics and context-aware access

With competition from fintechs, neobanks, and big tech intensifying, traditional banks must differentiate, not just on rates or rewards, but on user experience, transparency, and customer lifetime value.

While the United States leans into market-led standards, Latin American countries have embraced open banking through a mix of regulation and private-sector innovation. Brazil, Mexico, Colombia, and Chile are leading the way.

Brazil: The Open Finance Powerhouse

Brazil’s Central Bank launched its open banking framework in 2021 and quickly expanded it into open finance, covering insurance, pensions, credit, and more. Brazil now handles over 4.8 billion API calls monthly, and Pix, its real-time payment rail, has reached over 156 million users.⁴

This level of adoption demonstrates that open banking can scale at pace and deliver tangible value, from faster credit decisions to seamless merchant payments. Through open finance, consumers gain better financial product comparisons, while providers use consented data to offer hyper-relevant, bundled services.

Mexico: The First Mover, Still Evolving

Mexico passed its Fintech Law in 2018, making it the first country in the region to legislate open banking regulations. However, progress has been uneven.⁵ Uptake of CoDi (Mexico’s real-time payments scheme) has been slower than expected, and regulatory clarity around PIS (payment initiation services) remains limited. Still, with more than 770 Mexican fintech companies in operation and demand for data-driven services rising, Mexico is poised for acceleration.

Colombia and Chile: Precision in Policy

Colombia’s Circular 004 and Chile’s Fintech Law offer well-structured, phased implementations of open banking and open finance, including standardized APIs, mTLS, and FAPI 2.0 alignment.⁶ These efforts are not only fostering financial inclusion but also catalyzing new B2B and B2C business models.

Ping Identity has been at the forefront of open banking deployments globally. From supporting PSD2 in the UK to the Consumer Data Right (CDR) in Australia, we’ve built the tools, trust models, and APIs needed to enable secure, scalable open finance ecosystems.

In the U.S., Ping Identity is helping financial institutions prepare for FAPI 2.0 compliance and align with FDX requirements. In Latin America, Ping Identity is working with Tier 1 banks to deploy solutions that support FAPI 2.0-compliant authorization flows, mTLS, dynamic client registration, and advanced consent orchestration.

The open banking revolution isn’t just about APIs or compliance. It’s about reimagining the role of banks in an interconnected digital ecosystem. In the Americas, financial institutions that invest in secure, standardized, and user-centric platforms will be well positioned to attract the next generation of customers and unlock the next generation of growth.

1. FDX Hits 94 Million Accounts, CFPB Publishes FDX's Standard-Setting Application

2. FAPI 2.0 is now approved as FINAL specification (2025-02-19)

3. Financial Data Exchange (FDX) Reports 22 million Consumer Accounts on FDX API

4. Open banking in Latin America  

5. LAW TO REGULATE FINANCIAL TECHNOLOGY INSTITUTIONS - MEXICO

6. Unlocking the Fintech Law: Open Finance in Chile