Danske Bank and FinanceKey collaborate on real-time treasury Read more

‹ Return to Insights

Open banking vs premium APIs: what treasurers need to know

A hand hovers over a keyboard with a key labelled API


By
Veikko Koski, CEO and Founder, FinanceKey
 

Over the past few years, open banking has reshaped how companies access and use bank data – moving from file-based exchanges to API-powered connectivity. 

One key enabler of this shift has been the European Commission’s second Payment Services Directive (PSD2), which required banks to provide APIs for account information. This opened the door to faster integrations, better visibility, and new ways of leveraging account data – often in near real-time. 

But for treasurers, the picture is still evolving. Some banks offer only regulatory APIs, which were originally designed with retail customers in mind. Others are now rolling out premium APIs tailored to enterprise needs – with better data, broader account access, and more reliable integrations. And with PSD3 on the horizon, open banking is set to become more embedded, standardised, and useful for corporate users. 

This article is a practical guide to what matters right now: 

  • What’s the difference between PSD2 and premium APIs? 
  • How do they behave in real-world treasury environments? 
  • Which approach is best for your setup? 

At FinanceKey, we work with both – and see first-hand how treasurers are using them today. This article focuses on account reporting APIs (balances and transaction data), not payment initiation. We’ll cover that in a follow-up. 

How do businesses get access to banking data today? 

For most corporates the default way to communicate with banks is still file-based. Typically, businesses receive the end-of-the day bank statement during the night, when batch processing takes place. The channels in use vary from EBICS to Web Services, other host-to-host methods and Swift as the global standard for exchanging banking data.  

Getting an accurate liquidity picture requires logging into multiple e-banking portals, often multiple times per day. Larger organisations, especially those for whom monitoring intraday liquidity is critical, rely on MT942 bank statement files, which are delivered at agreed intervals – for example, five times per day.  

This means many businesses operate based on old data, limiting their ability to act on cash movements in real time. 

Where PSD2 APIs help treasury teams

PSD2 brought an alternative to legacy, file-based banking connectivity channels, when connecting to the banks in the European Economic Area. 

The regulatory initiative introduced a legal framework that allows licensed third-party providers (TPPs) like FinanceKey to access payment account data – with customer consent – through secure APIs. 

PSD2 hasn’t been a revolution, more of an evolution – one that’s helping banks and their corporate customers move to more modern connectivity. 

While designed for retail customers, most banks offered access to businesses as well. From a treasury perspective, this has enabled more automation based on banking data available on demand, without the need to log in to e-banking portals.  

Aggregators leveraging PSD2 APIs have helped to centralise access to banking data across multiple institutions. 

Examples of PSD2 APIs in practice 

Many of our customers use PSD2 APIs as the backbone of their treasury setup or as a complement to existing connectivity – with great success. 

It’s how they monitor dozens (sometimes hundreds) of accounts in near real-time, giving them the confidence to manage liquidity actively: nudging local teams to centralise idle cash, knowing exactly how much to sweep funds before cut-offs, and making informed decisions throughout the day. 

We make this possible by taking the core PSD2 rails and layering on what treasury teams need to make them enterprise-grade, including integrations with ERP and TMS platforms. 

Here’s what this looks like: 

  • Self-service onboarding: New bank connections can be activated in minutes by e-banking admin users and bank accounts will get uploaded automatically to the system – a huge benefit, especially for companies growing through acquisitions. 
  • Consent orchestration: We track when PSD2 consent was given (and by whom) and send automatic reminders when renewal deadlines are coming up. 
  • Data integrity checks: We ensure the quality and accuracy of real-time data across banks and accounts, making sure there’s no missing or duplicate transactions. 
  • Converting API data into a bank statement: For example, generating a CAMT file from API data to push bank statements in the required format to your ERP. 
  • Near real-time refreshes: Customers can choose how often they want to schedule data to be pulled via APIs – typically every 15 minutes. 
  • Support for cash pool structures: Customers set up their pool hierarchy within our system, and we automatically calculate their top account balances.  

In short, PSD2 APIs can work well in an enterprise context if you have the right infrastructure to manage the complexity behind the scenes. 

At FinanceKey, our engineering team has worked closely with our customers to build a reliable and flexible foundation for real-time treasury. That collaboration continues to evolve – as customer needs grow, so does the platform.

The limitations of PSD2 APIs 

As a consumer-focused regulation, PSD2 introduced important access rights – but when applied to complex enterprise environments, even with an orchestration layer on top, some real-world limitations remain. 

Here are a few to watch out for: 

  • Account type coverage is restricted: Only “payment accounts” are in scope under PSD2. Depending on how banks have defined this, it could mean cash pool top accounts or guarantee accounts aren’t accessible.
  • Consent management snags: Consent must be renewed every 180 days (this used to be 90 days). If the person who gave consent leaves the company, a new consent needs to be granted by someone with valid e-banking admin rights.
  • Multi-entity setups are harder to manage: Depending on the bank, separate consents might be needed per legal entity, which adds overhead at scale. 
  • Access frequency can be throttled: Some banks still limit how often data can be pulled, even when the user is actively logged in. This isn’t the norm, but it does happen – and it’s a reminder that regulation isn’t always fully followed in practice. 

PSD3 is expected to bring improvements in these areas, but for now, workarounds are still often required. 

Where premium APIs add value 

PSD2 created the legal foundation for third-party access to bank account data and made real-time visibility possible across European banks. With a platform like FinanceKey layered on top, many of PSD2’s operational limitations – like short consent cycles or fragmented bank interfaces – can be managed. 

Premium (or corporate) banking APIs take things further. They’re purpose-built for enterprise use cases and go beyond PSD2’s regulatory requirements to offer broader access, better data quality, and more robust connectivity.  They also allow companies to build direct connections to their banks without licensed third parties.  

Here’s how they add value: 

  • Global applicability: PSD2 only covers EU-regulated banks. For multinationals with global banking partners, premium APIs are typically the only way to access account data via API outside Europe. 
  • Full account type coverage: Premium APIs typically include cash pool tops, investment accounts, and guarantee accounts – reducing blind spots in your reporting. (FinanceKey can calculate top account balances from the pool structure using PSD2 data, but direct access to the top account itself requires a premium connection.) 
  • Simpler, centralised consent: Premium APIs often use certificate-based authentication valid for up to 1,000 days and can apply across multiple legal entities. 
  • Richer, more actionable data: Some premium APIs offer features like end-to-end transaction IDs or the ability to query the underlying payments in a bulk debit. This granularity helps with reconciliation and audit trails – and removes the need for fallback file-based statements. 
  • Improved consistency and reliability: Because they’re purpose-built for enterprise needs, premium APIs are often better structured, more stable, and easier to integrate into treasury systems without custom fixes. 

Not every bank offers premium APIs today, and coverage varies. But adoption is accelerating, especially among core cash management banks and regional champions looking to offer better service to enterprise clients. 

A case in point: we are collaborating with Danske Bank and our shared customers to co-design and pilot a premium API – ensuring that the new capabilities were shaped directly by real treasury needs from day one. It’s a great example of how banks, corporates, and technology providers can work together to accelerate innovation and deliver practical outcomes. 

Matching your API strategy to your business needs 

If you’re wondering: “Which API do I need?” There’s no one-size-fits-all answer. The right strategy depends on what you’re trying to achieve, your existing setup, and where you operate. 

Pricing is another consideration. Banks may charge for premium API access based on the number of accounts, legal entities, or volume of API calls – so it’s important to balance value and cost. 

At FinanceKey, we support multiple connectivity methods – including regulatory APIs, premium APIs, and file-based channels like Web Services and EBICS – so we can help customers choose the right approach based on their goals and bank relationships.  

For large organisations with a global footprint, heavy usage of banking data, and more users and processes, premium APIs are often the preferred option. Mid-size companies with leaner finance setups and European-focused operations can often operate solely using PSD2 connections. 

Final thought: keep calm and choose FinanceKey 

PSD2 APIs for account reporting have come a long way. With the right infrastructure, they now support much of what modern treasury teams need when it comes to real-time visibility. At the same time, premium APIs are unlocking new capabilities: richer data, broader coverage, and more resilient connectivity designed for enterprise scale. 

While connectivity lays the groundwork for innovation, it’s what happens next that really matters.  

It’s how data is unified across banks, how quickly your team can act on it, and how seamlessly it flows into your existing processes and systems. That’s where FinanceKey comes in – turning raw connectivity into something your team can rely on, use, and build upon. 

Whether you’re pulling CAMT files into your ERP, monitoring cash positions across regions, or exporting real-time updates directly into Excel  – we make the data work for you. 

So if you’re navigating the world of banking APIs and considering next steps, the real question is: 

What outcome are you aiming for – and what setup will get you there? 

We are happy to consult and guide you on your API journey!