Open Banking in the Middle East: Developing a Digital Open Banking Platform

Open banking is easily one of the most impactful technology trends in the fintech domain. Its rapid expansion across regions and evolution into concrete functionalities and products made open banking nearly a must-have for market players. But how is open banking already manifested in actual software products, and what are the development steps for such a solution?

In this post, you’ll explore the trends of open banking in the MENA region, explore the Tarabut open banking platform success story, and review in great detail the development and legal procedures for establishing an open banking platform like Tarabut.

Open Banking in MENA Region: Overview

Let’s get started by reviewing the stats and trends of open banking in the MENA region. They are revealed in the infographic below: 

Sources: Open banking playbook, open banking in the Middle East report, EconomyMiddleEast. 

NEED A TECH PARTNER FOR YOUR OPEN BANKING PROJECT?

Here at DashDevs, we possess exactly the expertise you are looking for

Contact us

Here’s what can be added about open banking in MENA countries:

• Bahrain. Bahrain is a pioneer in GCC open banking, which combines best practices from PSD2 (EU), UK OBIE, and Australian rules.
• Saudi Arabia. Saudi Arabia is also an early adopter of open banking in the GCC, leveraging a use-case-first approach. By 2030, SAMA projects 20% open banking penetration as part of Vision 2030.
• United Arab Emirates (UAE). The UAE is advancing open finance through its Financial Infrastructure Transformation Program (FIT). Although no formal framework exists, API standards are already live, with two licensed third-party providers (TPPs) operating under Dubai and Abu Dhabi regulators.
• Qatar. Qatar is in the early stages of open banking adoption, driven by its Fintech Sector Strategy launched in 2023. In 2024, it released Qatar’s first Open Banking API for corporate clients. 
• Oman. Oman is building a fintech ecosystem through its Open Banking API strategy. This initiative includes sandboxes, cloud frameworks, and eKYC activities, with the aim of fostering innovation in the financial sector and creating a robust open banking environment.
• Kuwait. Kuwait is developing an open banking framework that combines GDPR-style regulations with local requirements. The Central Bank of Kuwait (CBK) has established a Regulatory Sandbox and a working group to define API specifications and promote innovation in the financial sector.

For now, in the MENA region, there’s a mix of traditional banks, neobanks, and Islamic banks. Each type operates under unique conditions, and open banking solutions may cater to some while leaving others outside their scope due to regional restrictions. 

To improve upon the described situation, the listed countries are launching programs to expand access to banking services and digitalized businesses. As such, open banking development is a large part of strategic initiatives like Vision 2030. One of the key goals outlined in such open banking initiatives is to promote cashless transactions and drive the development of fintech.

You may explore fintech regulations in the Kingdom of Saudi Arabia (KSA) from the corresponding blog post by DashDevs. 

As a logical consequence of implementing Vision 2030, the Central Bank of Bahrain has introduced the Bahrain Open Banking Framework (Bahrain OBF), which has become the standard for all banks in the country. This framework includes comprehensive documentation that ensures consistency in how open banking operates across different financial institutions. Here at DashDevs, we utilized this framework when creating our open banking solution for Bahrain — Tarabut. 

Note: The banking industry, and especially the open banking niche, is known for its rapid tempo of evolution. That’s why provisions of strategic initiatives, their scope, and the presence of such initiatives across MENA countries may change. 

What Is Tarabut Open Banking Platform

Tarabut is MENA’s first regulated open banking platform, which was developed by the DashDevs team. The product was intended to reimagine online banking in the MENA region through the ecosystem of connections, including more than 20 financial institutions. Initially, Tarabut was built as a personal financial manager. Later, it evolved into a paid framework with an SDK for Tarabut Gateway that allows for B2B integrations. 

The Tarabut open banking platform allows users to log in through the Central Bank of Bahrain, which then connects them to various banks using tokens. Each bank also required two-factor authentication, creating a quirky user experience where confirmation messages often appeared in the same app the user had just logged into. 

Tarabut’s platform supports payments from accounts across different banks, leveraging an integrated payment gateway through Token.io. At the time of its creation, the adoption of Bahrain OBF, a unified standard for open banking, was in its early stages. That means that each bank had its own system, which not necessarily have been integrated. Some banks used a shared interface, like Token.io, while others required entirely custom integrations. Despite these challenges, we successfully connected Tarabut with all the banks. The apps were developed natively using iOS and Android technologies. 

Explore the Tarabut case study

The DashDevs team regards Tarabut as an example of complex, open banking case study. It includes both the latest dev technologies and compliance with specific regional standards manifested within Bahrain’s unique business environment. End-to-end development execution and experience with regional specificities are what allows us to bring high outcomes in our many success stories. 

You may explore DashDevs’ service offerings on our respective service pages and find out whether we can cover your business needs with our expertise. Don’t hesitate to reach out to us to discuss your project. 

How to Develop A Digital Open Banking Platform like Tarabut

In a scenario where you need to create a banking platform from scratch, following a strategy is a must. There’s a defined software development approach with standard steps. By delving into the nuances of open banking solution development, it’s possible to detail the standard procedure so that it’s more representative and useful as a guide. A complete, tailored open banking platform development procedure is exactly what I provide in this section. 

#1 Discovery Phase

By and large, any project starts with some form of a discovery phase. It can take many forms and include from several to nearly all possible discovery phase activities aimed at laying the groundwork for the project. From DashDevs’ experience, executing the following actions is advisable:

1. Conducting management and stakeholder interviews with a development team
2. Analysing business goals
3. Testing regulatory compliance 
4. Testing requirements and assessing technical feasibility
5. Researching competitors
6. Researching open banking products in the market
7. Researching third-party vendors of integrations
8. Analyzing target audience
9. Drafting an MVP scope

As you can observe, an outlined MVP scope is where this phase comes to an end. As an outcome of the discovery phase, you obtain research results and necessary business and technical documentation, Altogether, it lays the groundwork for the project. 

Note: I tried to list actions using their potentially optimal execution order. However, it’s totally possible to run several actions in parallel or swap some of them places. 

Looking for product discovery services from an experienced tech partner? Reach out to DashDevs and let’s discuss your business needs. 

After the discovery phase, you either go the route of UI/UX design and MVP development and testing and obtain regulatory approval or proceed with regulatory approval first, as outlined in the infographics at the end of the section. We recommend sorting things out with regulatory nuances first in case any MVP scope change would happen to be necessary.

#2 Regulatory Application

Apart from being a part of an already strictly regulated fintech niche, open banking presents some unique challenges related to exchanging customers’ data. Although the regulatory issues here are not that pressing compared to, for example, neobank development projects, there are nuances with registration and obtaining approval from the central bank of the region you intended to operate in. Here’s the regulatory procedure:

1. Prepare documentation demonstrating compliance with the central bank’s open banking policy provisions.
2. Obtain approval from a central bank and register an open banking service provider.
3. Register as a partner with all banks in the intended open banking network.

It’s worth mentioning that some specific steps, including how to send documentation and obtain approval or how to register, vary significantly from region to region. Since regulatory application may be quite a challenge, it’s another reason why it’s advisable to partner with a trusted technical agency that has experience with developing fintech solutions in your region. 

The DashDevs experts wrote a range of specialized blog posts covering regulatory aspects in different regions:

• Fintech compliance in the MENA region
• Navigating UK fintech regulations
• US fintech regulation guide

In these posts, we shared a considerable part of our experience with different regulatory landscapes. However, for more tailored advisory, we recommend reaching out to a trusted fintech partner with experience in your target region. 

Note: I’d additionally like to highlight the security aspect related to open banking solution development, as it’s often discussed in the regulatory compliance topic. For open banking solutions, we typically don’t have to establish Know-Your-Customer (KYC) and Anti-Money Laundering (AML) practices on our side as they are implemented on the side of the regulatory institution responsible for authorization, i.e., the central bank in the example of Tarabut and the Bahrain region in particular. Neither do we have to obtain a security certification for exactly the same reason. However, in some jurisdictions, there could be scenarios where we would need to implement KYC/AML ourselves.

#3 UI/UX Design

In the UI/UX Design phase of developing a digital open banking platform, the focus is on creating an intuitive and visually appealing user interface that ensures seamless user experiences. This phase involves translating user needs and technical requirements into a functional and user-friendly design.

UI/UX design phase deliverables: 

• User journey maps detailing how users will interact with key features like account aggregation, payment initiation, and data consent management.
• A style guide to ensure consistency in design across all components of the platform.
• High-fidelity mockups showcasing the platform’s final look and feel.

By and large, when it comes to an open banking platforms development, the UI/UX design is not much different from this component in any of our fintech projects. 

Additionally, I may recommend exploring our blog post on how to make a website mobile-friendly, which delves into some core UI/UX design principles. 

#4 MVP Development

Minimum Viable Product (MVP) development is the process of building a streamlined version of a product that focuses solely on its core functionality. In MVP, businesses emphasize developing the essential features necessary to address the primary problem or need of the target users. The goal is to build a product that can be tested and validated in real-world scenarios while maintaining a solid foundation for further improvements.

In this blog post, I won’t delve into the details of regular MVP development. Instead, I greatly advise all companies without a specializing in-house fintech dev team to consult with an expert development partner to obtain a high-level tech overview of what it will take to create your tailored open banking solution. 

Aside from the regular fintech development procedure, there are unique aspects related to the creation of open banking solutions specifically:

1. Connection with AISPs and PISPs. Establishing connections with Account Information Service Providers and Payment Initiation Service Providers, respectively, is the groundwork for enabling your app to operate with multiple banking partners. AISPs are ones that actually will provide you with account holders’ data they allow you to read to provide open banking services. PISPs, in turn, have “read-write” access to customer financial data and, therefore, can allow you to offer simple payment services like setting recurring payments within your apps. Note that PISPs can’t enable the entire site of banking services like banking API providers do. 
2. Developing software modules for AISPs and PISPs integration. To integrate with AISPs and PISPs, you need software modules with payment gateways, one for each bank you intend to integrate. Therefore, in Tarabut, we do have more than 20 software modules. Each software module should comply with tailored requirements based on each bank’s provisions and payment method. 

Note: Open banking is a secure concept with information normally transferred via secure methods. From our experience, significant risks arise only when there’s a need to integrate with banks that are not integrated with the central banking authority. 

Let’s explore the authorization aspect separately. In Tarabut open banking, we managed to streamline authorization by ensuring that 2FA is now handled via the Central Bank of Bahrain. It means that aside from inputting the regular login and password credentials required, a user needs to confirm the Tarabut app entry from the Central Bank of Bahrain application. It transfers most of the burden of maintaining security from us to this central institution. Alternatively, it’s possible to make your own authentication through a token-based security system. 

Discover how 2-Factor Authentication works in detail from the corresponding blog post by DashDevs. 

At this point, you may be curious about whether the development phase or regulatory application comes first. Well, they come in any order as well as be run in parallel. The framework for regulatory approval, which includes the development phase, is shown in the infographics below:

Important note: This framework doesn’t depict the entire product development process but only reveals the regulatory procedure to be fulfilled as a part of the project. Usually, it’s allowed for businesses to open a sandbox, obtain agreements with banks, obtain approval from a central bank, and only then carry out actual solution development. Alternatively, a company may come up with an MVP prior to obtaining agreements and central bank approval. The choice depends mostly on stakeholders’ preferences and strategy. 

#5 Testing

Testing of a relatively complex fintech product like a platform drive with API open banking requires the application of the complete suite of testing methods. They include:

• Unit testing
• Integration testing
• Functional testing
• Regression testing
• Security testing
• Compatibility testing
• API testing

From my experience, many business owners are simultaneously concerned about the effectiveness of manual testing and the high expenses of testing automation. Well, testing automation is needed when the scope of manual testing goes beyond a reasonable threshold. Typically, for MVPs of open banking apps, no automated testing is needed, as the functionality is not that broad. At the same time, manual testing is considered reliable and efficient enough to cover open banking MVP needs. Still, in the event of app scaling later on, testing automation will be a must. 

Important note: Once a solution is thoroughly tested with both manual and automated testing methods, a small user group is gathered to give the newly finished app a try. Typically, stakeholders, management, and others involved in the project test functions to ensure that everything runs smoothly on actual, physical devices under different conditions. In the event of success and upon final approval from decision-makers, the app will be considered ready for launch. 

Explore unit testing in software development in great detail in another blog post by DashDevs.

#6 Launch

When it comes to the launch stage, an open banking API driven solution is no different from most other financial products. 

In the case of a mobile open banking application, you need to send your app for the Apple App Store or Google Play Market marketplace review in advance. Once the application is approved for being listed on the marketplace, it’s ready to be open to publicity whenever you are ready. 

As for a web-open banking platform, you just need to push it to production to make it available to users. 

Regardless of the launch method, you still need to monitor closely the first interactions of users with your software product. Oftentimes, developers have to create and launch hotfixes shortly after the release swiftly. So, for a seamless product experience, post-launch actions toward optimization should necessarily take place. 

Final Take

Open banking in the MENA region is transforming financial services by fostering innovation, improving accessibility, and enabling seamless integrations between banks and third-party providers. Platforms like Tarabut showcase how these systems can address regional challenges while unlocking new opportunities for financial inclusion and digital transformation. By understanding the development process and adapting to regulatory requirements, businesses can create impactful solutions that meet the region’s growing demand for modern, open financial ecosystems.

When it comes to open banking projects, having the right tech partner is half the battle. With our substantial experience and expertise with open banking, in the MENA region, in particular, DashDevs can offer a high-end contribution on all levels, from consulting to end-to-end development for your business.

Contact us