📊 Full opportunity report: The mandate. Why the US conversational- finance surface does not translate to Europe. on ThorstenMeyerAI.com — validation score, market gap, and execution plan.
TL;DR
The US rolled out its conversational-finance surface without regulatory constraints, while Europe’s approach is built on a complex mandate system. This fundamental difference impacts market access, compliance, and who can build these services.
OpenAI launched its personal-finance surface in the US on May 15, 2026, using a permissionless model that allows access to bank data without licensing or regulation hurdles. In contrast, Europe’s approach remains deeply regulated, requiring licenses, consent, and conformity assessments due to its open-banking and open-finance regimes.
In the United States, the launch was permissionless: companies could connect accounts via Plaid without needing licenses or regulatory approval, enabling rapid deployment of conversational finance tools. This model relies on a private, permissionless API layer that treats data access as a product feature.
Europe’s landscape is fundamentally different. Since 2018, the PSD2 regulation mandated that third-party providers operate under licenses and adhere to strict API standards. The upcoming PSD3 and Payment Services Regulation (PSR) are set to further embed these requirements, making data access a regulated activity. The open-finance framework extends these rules to include investments, pensions, and loans, creating a new licensing category, the Financial Information Service Provider, with operational dates projected around 2029–2030.
Additionally, the EU AI Act classifies AI systems used in credit scoring and financial assessments as high-risk, with strict obligations coming into force in August 2026. These regulations are enforced by financial regulators like Germany’s BaFin, not tech regulators, adding a layer of supervision that is absent in the US model.
The mandate.
Why the US conversational-
finance surface does not
translate to Europe.
data, AI — vs zero in the US build
maximum penalty
mandate — is likely operational
bank data · it is a licensed activity
- Access built by private aggregators — Plaid, Yodlee, MX, Finicity
- No banking license required to read bank data
- Read-only design sidesteps money-transmission rules
- No single federal open-banking statute · the surface ships as a product
- Access is a licensed activity — AISP / PISP under PSD2
- Regulator authorization required; no permissionless route
- Explicit, revocable, SCA-governed consent regime
- A directly-applicable rulebook (PSR) · the surface must be licensed
The architecture diverges at the foundation: the American surface treats account access as a product you buy and consent as a button you tap, while Europe treats both as mandates you are licensed and supervised to fulfill. In the US, you ship a finance surface. In Europe, you license one.Thorsten Meyer · The Mandate · Agentic Commerce 03
European Regulatory Architecture Reshapes Market Access
The core difference between US and European approaches is architectural: the US treats the finance surface as a product built permissionlessly, with compliance as an afterthought. Europe’s system is built around licenses, consent dashboards, and AI classification, making compliance the foundation of the entire ecosystem. This shift favors incumbents with licenses and regulatory expertise, potentially slowing innovation but increasing control and consumer protection.
For consumers, this means European services will be more regulated, possibly more secure, but less agile. For firms, the barrier to entry is higher, and the competitive landscape favors those with existing licenses and regulatory relationships.
open banking API developer tools
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
European Open-Banking and Open-Finance Legal Foundations
Europe’s open-banking regime was established by PSD2 in 2018, requiring licensed third-party providers to access bank data via regulated APIs. The upcoming PSD3 and PSR will strengthen these requirements, making account access a licensed activity. The open-finance framework, through FIDA, extends these principles beyond payments to include investments, pensions, and loans, creating a new licensing category, the Financial Information Service Provider, expected to become operational around 2029–2030.
Simultaneously, the EU AI Act, effective August 2026, classifies AI systems used in high-risk financial decision-making as high-risk, requiring strict compliance and supervision by financial authorities like BaFin. This layered regulatory environment fundamentally differs from the US permissionless model, where such regulation is minimal or absent.
“The US surface is built on permissionless access, while Europe’s is a license-driven architecture. This fundamental difference redefines who can build and how these services operate.”
— Thorsten Meyer

Connect 1-Semester Access Card for Financial Accounting
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Unclear Impact on Innovation and Consumer Outcomes
It remains uncertain whether Europe’s mandate-based architecture will lead to better consumer protection or result in slower, more concentrated innovation. The long-term effects of these regulatory differences are still being observed and debated. Learn more about the implications of regulatory architectures.

Machine Learning for Credit Risk with Python: A Practical Guide to Default Prediction, Credit Scoring, Model Explainability, and Portfolio Risk Analysis
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Upcoming Regulatory Milestones and Market Shifts
Europe’s PSD3, PSR, and FIDA regulations are expected to become fully operational by 2029–2030, shaping the landscape for open-finance services. Meanwhile, AI obligations under the EU AI Act will be enforced starting August 2026, influencing how AI-driven financial tools are developed and deployed. Observers will watch how these regulations influence market entry, innovation, and consumer protection.

The Financial Crime Compliance Handbook: From Fundamentals to Advanced Techniques for Modern FinCrime Teams
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
How does the US permissionless model differ from Europe’s regulated approach?
The US model allows companies to connect bank accounts without licenses or regulation, relying on private APIs like Plaid. Europe’s approach mandates licenses, consent dashboards, and conformity assessments, making data access a regulated activity.
Will Europe’s regulatory framework slow down innovation?
It is possible. The higher barriers to entry and compliance requirements may favor established firms and slow the pace of new entrants, but could also lead to more secure and consumer-protective services.
What role will AI regulation play in European financial services?
The EU AI Act classifies high-risk AI systems used in finance as high-risk, imposing strict obligations starting August 2026. This will influence the development and deployment of AI tools in European financial markets.
Are there any companies currently building the European version of the US surface?
Yes, firms with existing licenses and regulatory compliance infrastructure are positioned to develop these services, but the landscape is still evolving as regulations finalize and become operational.
Could the European approach lead to better consumer protection?
It is a possibility, given the emphasis on licensing, consent, and AI oversight, but definitive outcomes will depend on implementation and market response over time.
Source: ThorstenMeyerAI.com