Banking Agent Readiness: Why Open Banking APIs Exist But Most Banks Still Score Under 30
Open Banking regulations like PSD2 in Europe and FDX in the US mandated that banks expose consumer data APIs. The industry celebrated. But there is a problem: open banking APIs are not agent readiness. Most bank APIs are read-only account data with no payment initiation, no product comparison, and complex partner agreements that lock out AI agents entirely.
The Open Banking Illusion
In 2018, PSD2 went live across Europe. Banks were required to open their systems to third-party providers through standardized APIs. In 2024, the Financial Data Exchange (FDX) became the de facto standard in the United States, with over 77 million consumer accounts connected. Open banking arrived. The narrative was simple: banks are now open.
But “open” does not mean “agent-ready.” Open Banking mandated a narrow slice of functionality: account information services (reading balances and transactions) and payment initiation services (sending a single payment with explicit per-transaction consent). These APIs were designed for fintech apps with human users clicking consent screens, not for autonomous AI agents executing multi-step financial workflows.
The result is a banking industry that believes it has solved the API problem while scoring an average of 22 out of 100 on the AgentHermes Agent Readiness Score. Open banking gave banks a floor. Agent readiness requires a building.
Open Banking vs Agent-Ready Banking: A Side-by-Side Comparison
Open Banking covers two of the six agent journey steps: FIND (discovery through registries) and UNDERSTAND (reading account data). The remaining four steps — SIGN UP, CONNECT, USE, and PAY — are untouched by regulation.
The gap is enormous. Open Banking gives agents the ability to look at an account. Agent readiness gives agents the ability to act on behalf of the account holder. Looking without acting is surveillance. Acting within guardrails is service.
Banking Agent Readiness Scores
We scanned the top retail banks, neobanks, and financial infrastructure providers. The pattern is clear: neobanks lead, infrastructure providers (Plaid) enable partial access, and traditional banks are nearly invisible.
Revolut
Developer API, structured docs, partner program — but gated behind business accounts
Wise
Transfer API is strong, but limited to payments — no product discovery or account opening
Plaid
Infrastructure layer — enables agent access to bank data but is not a bank itself
Chase
Consumer app only, developer API requires partnership agreement and 6-month approval
Bank of America
No public API, Erica chatbot is proprietary, zero external agent access
Wells Fargo
Gateway API exists but limited to existing enterprise partners, no self-serve
Why Neobanks Are Closer to Agent-Ready
Revolut, Wise, Monzo, and N26 share a structural advantage over traditional banks: they were built on modern API architectures from day one. Their mobile apps are thin clients calling the same APIs that third-party developers can access. Adding an endpoint is a product decision, not a compliance project.
Traditional banks face the opposite challenge. Their core systems run on COBOL and mainframe architectures designed in the 1970s and 1980s. Every new API endpoint requires a middleware layer, a security review, a compliance sign-off, and integration testing against legacy systems that were never designed for external access. A single endpoint can take 12 to 18 months from proposal to production.
This is why Revolut scores 41 while Bank of America scores 11. It is not that traditional banks do not want to be agent-ready. Their architecture makes it prohibitively expensive to get there incrementally. The banks that will lead in agent readiness are the ones that rebuild from the ground up — or acquire neobanks that already have the infrastructure.
Neobank Architecture
- API-first from founding
- Modern cloud infrastructure
- Endpoint in weeks
- Developer portal with self-serve keys
Traditional Bank Architecture
- Mainframe core systems
- Middleware translation layers
- Endpoint in 12-18 months
- Partner agreements required
What Agent-Ready Banking Actually Looks Like
Imagine telling your AI assistant: “Find me the best savings account with at least 4.5% APY, no minimum balance, and FDIC insurance. Open it and transfer $5,000 from my checking account.” Today, that requires 45 minutes of research, 3 to 5 tabs, a paper application, and a 3-day wait. In an agent-ready banking world, it takes 90 seconds.
Product Comparison API
Agent queries structured endpoint returning rates, fees, minimums, insurance status, and eligibility requirements for every savings product. No scraping marketing pages.
Pre-Qualification Endpoint
Agent submits anonymized user profile to check eligibility without a hard credit pull. Returns approved, denied, or conditional with specific requirements.
Account Opening API
KYC data submitted through structured endpoint. Identity verification via API (not a selfie flow designed for humans). Account provisioned in real-time.
Payment Initiation
Agent initiates transfer within pre-authorized limits. User gets a notification. Funds move via same-day ACH or instant transfer. No manual consent screen per transaction.
Ongoing Management
Agent monitors rate changes, fee adjustments, and better offers. Alerts user when action is beneficial. Can execute rebalancing within approved guardrails.
The first bank to reach Silver (score 60+) will capture a disproportionate share of agent-driven account openings. When every AI assistant recommends the same bank because it is the only one their agent can actually interact with, that bank wins the distribution war without spending on marketing.
The Regulatory Complexity Problem
Banking is not like restaurant reservations. There are real reasons banks move slowly on API access: KYC/AML compliance, FDIC regulations, PCI-DSS for card data, SOX for financial reporting, and state-by-state licensing requirements. An agent that opens a bank account must comply with the Bank Secrecy Act. An agent that initiates a wire transfer must comply with Regulation E.
But compliance is not a reason to score zero — it is a reason to score differently. Stripe scores 68 while operating in one of the most regulated environments in tech. PCI compliance does not prevent structured APIs — it requires them. The banks scoring under 30 are not held back by regulation. They are held back by architecture and institutional inertia.
The regulatory framework for agent-initiated banking transactions does not fully exist yet. But the banks building the API infrastructure now will be positioned to move immediately when regulations catch up. The banks waiting for regulatory clarity will be another 18 months behind when the rules arrive.
Frequently Asked Questions
Does Open Banking mean my bank is agent-ready?
No. Open Banking (PSD2 in Europe, FDX in the US) mandates that banks share consumer account data through APIs when the consumer consents. This covers balance and transaction reads. Agent readiness requires much more: product comparison APIs, loan application endpoints, payment initiation without per-transaction consent flows, and account opening automation. Open Banking is a foundation, not the finish line.
Why do neobanks score higher than traditional banks?
Neobanks like Revolut and Wise were built API-first. Their entire infrastructure is digital, which means adding new API endpoints is an engineering decision, not a regulatory project. Traditional banks run on mainframe systems from the 1970s and 1980s. Exposing data through APIs requires middleware layers, security reviews, and compliance approvals that can take 12 to 18 months per endpoint.
What would a truly agent-ready bank look like?
An agent-ready bank would expose structured endpoints for every customer-facing operation: product comparison with real-time rates, loan pre-qualification with instant decisioning, account opening with KYC API, payment initiation with pre-authorized agent limits, and a dispute resolution API. The agent would operate within user-defined guardrails — spend limits, approved categories, notification preferences — and handle the entire banking relationship programmatically.
Is Plaid a shortcut to banking agent readiness?
Plaid solves the data access layer by aggregating account information from thousands of banks. But Plaid is read-mostly — it can pull balances and transactions, but it cannot initiate payments, open accounts, or apply for loans at most institutions. Plaid gets you from 0 to about 25 on the Agent Readiness Score. The remaining 75 points require the bank itself to build action endpoints.
Is your financial service agent-ready?
Get your Agent Readiness Score in 60 seconds. See how your bank, fintech, or financial service compares across all 9 dimensions — and what it takes to reach Silver.