The Introduction to this Regulation specifies that the Open Finance Framework consists of the Trust Framework, the API Hub, the Common Infrastructural Services and such other matters as might be determined from time to time by the Central Bank.

The Trust Framework, the API Hub and the Common Infrastructural Services shall at a minimum include the following:

Trust Framework

The Trust Framework shall include:

1. The Participant Directory

   1.1.	to facilitate the validation of participants in the Open Finance Framework and the secure exchange of information.
   1.2.	to provide identity and access management services to enrolled market participants providing secure access to use Open Finance Services, contact and enrolment management, digital certificate validation and Application registration and validation services.

2. Digital Certificates: to facilitate secure communication between participants with respect to the provision of Open Finance Services. The operator of the Trust Framework will mint, revoke and validate digital certificates used to access Open Finance Services.
3. API Portal: to hold all documentation on standards, technical specification, requirements and business rules for all participants.
4. Sandbox: to facilitate participants’ ongoing testing and official conformance certifications.

API Hub

The API Hub shall include an API Manager. The API Manager will provide an API Aggregator to aggregate participant API’s and provide a single point of implementation. The API aggregator will provide a harmonised and standardised API for participants in the Open Finance Framework for all of the underlying APIs included in this Regulation with which it integrates.

A Participant Integration Layer used to receive and manage information related to Accounts, Transaction Initiation Services and all other data exposed to the Open Finance Framework.

Common Infrastructural Services

The Common Infrastructural Services shall include:

1. A Consent and Authorization Manager: a standalone App for Users or a set of APIs for participants that supports the creation, management, enforcement and revocation of consumer, organisational and jurisdictional privacy directives.
2. Service Assurance: a platform for managing all service level enquiries relating to onboarding and registration requests as well as technical enquiries relating to all key components covering data and Transaction flow enablement.
3. Reporting and Analytics: a platform used to analyse and report operational data and KPIs across participants including service performance, service availability and service adoption.
4. Administration Tools: a platform used to facilitate the management, tracking, adjudication and resolution of cases and disputes among participant (whether between participants or in relation to end Users).
5. Value added enablers as appropriate.