Open Banking Financial Institutions and Consent Validation
Last Updated: February 7, 2025
Note: This page is constantly evolving and is updated as needed.
Provider Token Expiration Times - How often account holders will need to re-validate consent
As a reminder, each financial institution has their own policy for consent validation. This means that tokens they issue (which govern access) may have an expiration which requires the account holder to re-authenticate periodically to refresh their consent choices. This approach aligns with best practices for secure data access and consumer protection, providing users with control over their financial data while ensuring compliance with financial data-sharing standards.
Max Transaction History (Some accounts types may not go back as far)
This is the maximum time frame ByAllAccounts aggregation is set to look back for historical transactions. This limit is based on maximum availability by the financial insitutitions, however, some account types may have less history available.
| Financial Institution (FI) | FI ID | Supported Access/Login Type | Provider Token Expiration Times - How often account holders will need to re-validate consent | Max Transaction History (Some accounts types may not go back as far) |
|---|---|---|---|---|
| Allianz Life | 112966 | Advisor: Yes Delegate: Yes* Investor: Yes | none (consent is rolling with successful aggregation) | Beginning of last calendar year. |
| Bank of America | 113012 | Advisor: No Delegate: No Investor: Yes | none (consent is rolling with successful aggregation) | 300 days |
| Charles Schwab | 112126 | Advisor: Yes ** Delegate: Yes Investor: Yes | None (consent is rolling with successful aggregation) | Beginning of last calendar year |
| Chase | 112151 | Advisor: Yes Delegate: Yes *** Investor: Yes | None (consent is rolling with successful aggregation) | Beginning of last calendar year. |
| Citi | 116252 | Advisor: No Delegate: No Investor: Yes | 365 days | 360 days |
| Empower Retirement - Your Retirement Plan - Participant | 113078 | Advisor: No Delegate: No Investor: Yes | none | Beginning |
| Fidelity Investments | 113552 | Advisor: Yes**** Delegate: Yes Investor: Yes | Fidelity tokens expire after 360 days. Currently Fidelity has a known issue where consent does not restart if done in advance so accounts will fail again needing reconsent after the original 360 day date. Fidelity is working on the issue but has cautioned that users let their tokens fully expire and relink the account by going through the consent process anew after the accounts fail to aggregate due to the expired token. | 360 days |
| KeyBank - Online Banking | 116648 | Advisor: No Delegate: Yes Investor: Yes | 2 years | 360 days |
| PNC Bank | 113721 | Advisor: Yes Delegate: Yes Investor: n/a | 365 days | 90 days |
| TIAA-CREF | 115824 | Advisor: No Delegate: No Investor: Yes | 90 days | Beginning of last calendar year. |
| Transamerica | 113658 | Advisor: No Delegate: No Investor: Yes | None | 360 days |
| U.S. Bank | 112341 | Advisor: Yes Delegate: Yes Investor: Yes | none (consent is rolling with successful aggregation) | 90 days |
| Voya Financial - Participant Retirement | 113761 | Advisor: No Delegate: No Investor: Yes | none (consent is rolling with successful aggregation) | Beginning of last calendar year. |
| Vanguard | 118925 | Advisor: No Delegate: No Investor: Yes | none (consent is rolling with successful aggregation) | 90 days |
*Allianz only supports aggregation for Advisors, Investors or Delegates of a Financial Professional. Delegates of clients are not supported.
**Advisors with institutional access should use "Charles Schwab Institutional - SFTP".
***Authorized Owners must select “Third Party Access” on the Chase Access Manager page in order for the Authorized User to be able to aggregate data from the API.
****Advisors with institutional access should use "Fidelity IWS - FTP Access".
Updated 13 days ago