📊 Full opportunity report: The mandate. Why the US conversational- finance surface does not translate to Europe. on ThorstenMeyerAI.com — validation score, market gap, and execution plan.
TL;DR
The US rolled out a permissionless conversational-finance surface in 2026, but Europe’s regulatory environment, built on mandates and licensing, prevents a direct translation. This results in fundamentally different market architectures and implications for firms and consumers.
OpenAI launched its personal-finance surface in the United States on May 15, 2026, using a permissionless, API-driven model that requires no licensing or regulation. In contrast, Europe’s regulatory environment treats similar account access as a mandated, licensed activity, fundamentally altering the architecture and deployment of such services.
In the US, the launch was straightforward: firms could connect accounts via Plaid across thousands of institutions without prior approval, making the service permissionless. This model relies on private agreements and API access, with compliance considered secondary.
Europe’s approach, however, is built on a regulatory framework established by PSD2 in 2018, with subsequent regulations like PSD3, FIDA, and the AI Act, which impose licensing, consent, and AI classification requirements. These regulations create a layered, mandate-driven architecture that requires firms to obtain licenses, adhere to consent dashboards, and pass conformity assessments before offering similar services.
The mandate.
Why the US conversational-
finance surface does not
translate to Europe.
data, AI — vs zero in the US build
maximum penalty
mandate — is likely operational
bank data · it is a licensed activity
- Access built by private aggregators — Plaid, Yodlee, MX, Finicity
- No banking license required to read bank data
- Read-only design sidesteps money-transmission rules
- No single federal open-banking statute · the surface ships as a product
- Access is a licensed activity — AISP / PISP under PSD2
- Regulator authorization required; no permissionless route
- Explicit, revocable, SCA-governed consent regime
- A directly-applicable rulebook (PSR) · the surface must be licensed
The architecture diverges at the foundation: the American surface treats account access as a product you buy and consent as a button you tap, while Europe treats both as mandates you are licensed and supervised to fulfill. In the US, you ship a finance surface. In Europe, you license one.Thorsten Meyer · The Mandate · Agentic Commerce 03
Impact of Regulatory Architecture on Market Entry and Innovation
This architectural divergence means European firms face higher entry costs and more complex compliance processes, favoring incumbents and licensed players over permissionless aggregators. It also shifts the product focus from simple API connections to consent management, licensing, and AI regulation, potentially slowing innovation but increasing compliance oversight. For consumers, this could mean more secure but less rapid access to financial data and services, raising questions about the balance between innovation and consumer protection.
Business Finance (Quick Study Business)
- Condition: Used Book in Good Condition
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Legal and Regulatory Foundations for European Open Finance
The European open-banking regime, established by PSD2 in 2018, made account access a regulated activity, requiring third-party providers to be licensed. The subsequent PSD3 and FIDA regulations expand this logic to broader financial data, including investments, pensions, and loans, creating a comprehensive, license-based framework. The AI Act, effective August 2026, classifies AI systems used in finance as high-risk, imposing strict obligations supervised by financial regulators like BaFin in Germany. These layered regulations mean that, unlike the US, where private companies can build permissionless surfaces, European firms must navigate a complex web of licensing, consent, and AI compliance to offer similar services.
“In Europe, a service that reads your bank data is a licensed third-party provider operating under a directly-applicable rulebook — not a company that bought an API key.”
— Thorsten Meyer
Uncertainties Around Implementation and Market Impact
It remains unclear how quickly European firms will adapt to the new licensing and AI classification requirements, and whether the increased compliance burden will slow innovation or improve consumer outcomes. The actual market effects of this architectural shift are still emerging, and the extent to which licensed incumbents will dominate remains uncertain.
Next Steps in European Regulatory and Market Development
Regulatory authorities are expected to finalize and enforce the core obligations of PSD3, FIDA, and the AI Act in 2026-2027. Firms are preparing for licensing and compliance processes, and the industry will observe whether new entrants can overcome the high barriers or if incumbent firms consolidate further. Monitoring the impact on consumer access, innovation, and market competition will be key in the coming years.
Key Questions
How does Europe’s regulation differ from the US permissionless model?
Europe treats account access and data sharing as mandated, licensed activities governed by regulations like PSD2, FIDA, and the AI Act, requiring firms to obtain licenses, comply with consent frameworks, and pass conformity assessments. The US model allows permissionless, API-based access without prior regulation or licensing.
Will European services be slower or less innovative due to these regulations?
The increased compliance requirements may slow the pace of innovation and market entry, favoring established, licensed firms. However, they could also lead to more secure, consumer-protective services in the long term.
Who are the firms best positioned to build the European conversational-finance surface?
Licensed financial institutions and specialized compliance firms that can navigate the licensing, consent, and AI regulation landscape are better positioned, unlike permissionless aggregators that thrived in the US environment.
What are the main regulatory hurdles for firms wanting to operate in Europe?
Obtaining licenses under PSD3 and FIDA, implementing consent dashboards, passing conformity assessments, and complying with AI high-risk obligations under the AI Act are key hurdles for market entry and service deployment.
Does this mean the US and Europe will have completely different financial ecosystems?
The regulatory architectures suggest that the US will continue to favor permissionless innovation, while Europe will develop a more regulated, license-based ecosystem, leading to different market dynamics and consumer experiences.
Source: ThorstenMeyerAI.com