Open Banking — Credicorp

Open Banking — processor and your consent

When you choose to connect a bank account by Open Banking we route the connection through an FCA-authorised Account Information Service Provider (AISP) and Payment Initiation Service Provider (PISP). Credicorp never sees your online banking credentials — you authenticate directly with your bank.

All connections follow the standards published by the Open Banking Implementation Entity (OBIE) under the FCA's Payment Services Regulations 2017. The AISP/PISP provider is regulated by the FCA in its own right and is subject to the same data-protection regime as Credicorp.

What we read. Read-only access to the transaction history on the account you connect, for up to 12 months back. We do not initiate payments from your account without your separate, per-payment authorisation (the PISP "Pay by bank" flow at settlement).

Consent expiry. Under FCA rules, an Open Banking access consent expires automatically every 90 days. You will be asked to re-authorise before the 90 days elapse if we still need access. If you do not re-authorise, the connection lapses and we stop receiving data.

Your right to revoke. You can revoke an Open Banking connection at any time, with immediate effect, from the "Connections" panel in your customer portal or from your bank's own app. Revocation does not affect any existing loan agreement — the loan continues on the terms you have signed.