Konsentus Powering Trust in Open Ecosystems

Global National Competent (NCA) Authority Codes List

Global National Competent Authority Codes List
This publication focuses on the regulatory-driven markets, all of which have approved competent authorities that authorise and supervise market players.​

Share This Post

Open Banking is a worldwide phenomenon.

Throughout the globe, multiple initiatives have emerged, some led by regulation and others by the market. This publication focuses on the regulatory-driven markets, all of which have approved competent authorities that authorise and supervise market players. Nonetheless, OBE also tracks market-driven initiatives and will represent them whenever possible. 

Despite its name, Open Banking does not make financial information widely accessible to anyone. Accessing banking information is only possible in controlled and secure environments due to value, confidentiality, and risk issues. For a party to retrieve financial data, it has to be authorised, identify itself to the data holders, and have the permissions of the data owners. This piece focuses on the identification of the parties to the data holders. 

After being issued with their license, API Users (Fintechs) must prove their identity to the Financial Institutions that provide APIs. To do this, Fintechs can rely on public-key certificates for electronic signatures and website authentication. To enable interoperability, the players should follow standards. The European Telecommunications Standards Institute (ETSI) developed the TS 119 495, the reference in Europe. Recognising the need for a global standard, ETSI updated their technical standard to make it global. OBE advocates using ETSI’s Technical Standard 119 495 for Open Banking trust certificates, as it is proven and widely used. Our work focuses on the TS 119 495. 

Section 5.2.1 of TS 199 495 defines the requirements of the Authorisation Number issued by the “National Competent Authority” (NCA). The standard defines three components that should be included, as follows: 

  • 2 character ISO 3166-1 [8] country code representing the NCA country 
  • 2-8 character NCA identifier without country code (A-Z uppercase only, no separator) 
  • PSP identifier (authorisation number as specified by the NCA. There are no restrictions on the characters used). 

The first component is defined by ISO 3166-1, the scope of which is global. The PSP identifier is determined locally by each NCA according to their local regulations. However, the NCA Identifier is not as clear. In Europe, the European Banging Authority manages and publishes the NCA codes for the European Economic Area (EEA). Nonetheless, there is nothing that specifies the codes for other areas. 

This document defines the NCA codes to be used by Trust Service Providers when issuing Open Banking identity certificates. The paper is divided by regions: Europe, Asia and Oceania, Americas, Middle East and Africa.  The European section incorporates proposals for countries outside the EEA. OBE has put forward a recommendation for the remaining geographies. 

OBE will actively update and maintain this document and welcomes input from National Competent Authorities, API Providers, API Users and Trust Service Providers. To mitigate legacy issues, OBE will follow strict versioning rules and has in place a rigorous change process. 

NCA Codes 

The NCA codes section is divided by regions: Europe, Asia and Oceania, Americas, Middle East and Africa.  The European section incorporates proposals for countries outside the EEA. The remaining geographies contain OBE’s proposals. 

1.1 Europe 

The National identification codes to be used in the European Economic Area are defined by the European Banking Authority (EBA). The EBA maintains and updates the list, and should be used as reference. The list is available here: NCA abbreviations for inclusion in eIDAS certificates.pdf | European Banking Authority (europa.eu). 

Country 

Country Code 

(ISO 3166-1) 

NCA NCA Code Link 
Ukraine UA National Bank of Ukraine NBU Link 
United Kingdom  GB Financial Conduct Authority FCA Link 

1.2 Asia and Oceania 

Country 

Country Code 

(ISO 3166-1) 

NCA NCA Code Link 
South Korea KR Financial Services Commission FSC Link 
India IN Reserve Bank of India RBI Link 
Australia AU Consumer Data Right CDR Link 
Hong Kong HK Hong Kong Monetary Authority HKMA Link 
Japan JP Financial Services Agency FSA Link 
Singapore SG The Monetary Authority of Singapore MAS Link 
New Zealand NZ Financial Markets Authority FMA Link 
Indonesia ID Bank Indonesia BI Link 
Thailand TH Bank of Thailand BOT Link 
Philippines PH Bangko Sentral ng Pilipinas BSG Link 
Georgia GE National Bank of Georgia NBG Link 
Azerbeijan AZ Central Bank of the Republic of Azerbaijan CBA Link 
Russia RU Bank of Russia CBR Link 

1.3 Americas 

Country 

Country Code 

(ISO 3166-1) 

NCA NCA Code Link 
Canada CA Office of the Superintendent of Financial Institutions OSFI Link 
United States US The U.S. National Automated Clearing House Association NACHA Link 
Brazil BR Brazilian Central Bank BCB Link 
Mexico MX Comisión Nacional Bancaria y de Valores CNBV Link 
Colombia CO Open Banking Exchange and Superintendencia Financiera de ColombiaOBECO & SFC  
Chile CL Financial Market Commission FMC Link 

1.4 Middle East and Africa 

Country 

Country Code 

(ISO 3166-1) 

NCA NCA Code Link 
Nigeria NG Central Bank of Nigeria CBN Link 
Saudi Arabia SA Saudi Central Bank SAMA Link 
Turkey TR Central Bank of Turkey TCMB Link 
Kenya KE Central Bank of Kenya CBK Link 
Rwanda RW National Bank of Rwanda BNR Link 
United Arab Emirates AE Dubai Financial Services Authority DFSA Link 
Bahrain BH Central Bank of Bahrain CBB Link 

Subscribe To Our Newsletter

Keep up to date with all our news and publications.

More To Explore

Singapore Fintech Festival 2024

Konsentus’ Brendan Jones joined a global gathering of policymakers, fintechs, financial services organisations, and technology providers at Singapore Fintech Festival

Read More

Talk with Our Team Today

Join us on the Journey

Protect your customers transacting in open ecosystems.

Konsentus Rebrand Button - Konsentus Dot-23-23

Find out how our technology can protect your customers within open ecosystems.

Name(Required)

Opt-in

On completion of this form you will be sharing your personal data with Konsentus Ltd (company number 1115059) (“Konsentus”/”we”/”us”). We will process such information for the purposes of sending you the requested information. We may also send you marketing communications and information which we consider may be of interest to you from time to time. This may include sending information by email, or us contacting you by telephone, where relevant details are provided. We rely on our legitimate interests as the lawful basis for processing your data in this way. Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to receive a copy of the data we hold about you. You also have the right to opt out of marketing communications at any time using the details in an email sent to you or by contacting us at insights@konsentus.com.

This field is for validation purposes and should be left unchanged.

Login to your account