Interpreting the data

Find out how the data we require from providers of personal and business current accounts is measured.

Our Policy Statement 17/26: Information about current account services sets out our rules and explains our aim to help customers, comparison websites and commentators compare the services different current account providers offer. Our rules enable people to find out easily: 

  • how and when customers can contact the firm to ask about common services and problems, and if it offers 24 hour helplines
  • how and when they can use their account  
  • information about operational and security incidents
  • a link to data on complaints made against the firm
  • how they can open an account and what information and documents are needed
  • how quickly the firm opens current accounts
  • once an account is open, how quickly the firm gives a debit card
  • once an account is open, how quickly customers have internet banking
  • once an account is open, how quickly an overdraft is available
  • how quickly the firm replaces debit cards which have been lost, stolen or stopped

Below we explain some key terms to help interpret the metrics on speed of services and on major incidents.

Overdraft charges

Firms are now required (rules in PS19/25) to publish the following information for each product held by at least 5000 customers for each firm/brand alongside the quarterly current account services information: 

  • the representative APR used in all forms of advertising during the preceding 3 months, or the lowest and highest rates if there has been more than one 
  • the lowest and highest interest rates paid by customers on the last working day of the month preceding the publication
  • the lowest and highest unarranged overdraft interest rates paid by customers on the last working day of the month preceding the publication 
  • the refused payment fee on the last working day of the month preceding the Publication 

Firms should publish rates it charges to all customers, not just the rates for new accounts. 

Firms should include in the published information products that are no longer open for new business. 

Firms can exclude from the information they publish, any rate paid by fewer than 1% of customers holding that product. 

Why are  firms publishing overdraft pricing information? 

We want to improve transparency of overdraft pricing and fee structures for consumers. We now require firms to publish a range of overdraft pricing details along with their quarterly information on current account services. 

This information will highlight to consumers and third parties, including price comparison services and the media, the interest rates and the refused payment fees consumers are being charged on a product. This will help consumers choose a current account that gives them what they value, and will help third parties to compare products across different current account brands. 

Why representative APR and interest rate paid? What is the difference? 

Our consumer research has shown that consumers find representative APR helpful in comparing products.  

If firms charge different interest rates to different customers (risk based pricing), the representative APR is the APR at, or below that, a firm reasonably expects that credit would be provided to at least 51% of those applying for credit as a result of the financial promotion. 

This means that when risk based pricing is used, some consumers, especially those who are vulnerable, may be paying a rate higher than the rep APR. For this reason we have required firms to publish details of the lowest and highest rates paid by customers holding each product, in addition to publishing the rep APR. 

Major operational or security incidents

These are unplanned events which may reduce the integrity, availability, confidentiality, authenticity or continuity of services related to payments. 

The revised Payment Services Directive (EU 2015/2366) requires firms to report incidents to their regulator if they meet thresholds set out in guidelines by the European Banking Authority. We have reproduced the thresholds below. 

To be reportable to the regulator, an incident must meet:

  • one or more criteria at the ‘Higher impact level’, or
  • three or more criteria at the ‘Lower impact level’

Threshold for an incident to be classified as a ‘major operational or security incident’


Lower impact level

Higher impact level

Transactions affected

> 10% of the payment service provider’s regular level of transactions (in terms of number of transactions)
> EUR 100 000

> 25% of the payment service provider’s regular level of transactions (in terms of number of transactions)
> EUR 5 million

Payment service users affected

> 5 000
> 10% of the payment service provider’s payment service users

> 50 000
> 25% of the payment service provider’s payment service users

Service downtime

> 2 hours

Not applicable

Economic impact

Not applicable

> Max. (0.1% Tier 1 capital,* EUR 200 000)
> EUR 5 million

High level of internal escalation


Yes, and a crisis mode (or equivalent) is likely to be called upon

Other payment service providers or relevant infrastructures potentially affected


Not applicable

Reputational impact


Not applicable

*Tier 1 capital as defined in Article 25 of Regulation (EU) No 575/2013 of the European Parliament and of the Council, of 26 June 2013, on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012.

Interpreting a major operational or security incident for banks with multiple brands

Major incidents are reported at firm level. This means that for firms which have more than one current account brand, each brand must report the total number of incidents for the firm. 

An incident affecting a common payment system (such as a card scheme or affecting point of sale) may cause incidents across a wide number of payment providers, and each current account brand affected is required to include the incident within the number of its major incidents and customer channels affected.   

An incident that impacts more than one payment channel (telephone, mobile, internet banking) counts as only one incident within the total of reported incidents.

Combining the data

For the reasons above, reported incidents should not be added up across the different payment channels, or across different brands and firms, as this would overstate the numbers.  The metrics show how many major incidents in total have affected each firm, and how many have affected each of its customer payment channels, in order to help customers and potential customers choose a brand which meets their needs. 

Account opening speeds

The metrics measure the number of days it takes for a customer who is new to the firm to be able to (1) deposit funds, (2) use a debit card, (3) use internet banking, and (4) draw on an overdraft. This is so that they can choose a brand which meets their needs quickly. In using the metrics, the time taken to be able to deposit funds should be added to the time taken to have any of the other functions available.    

Our rules specify when the firm should ‘stop and start the clock’ for measuring the speed of opening an account. The clock starts when the potential customer has provided all the information and documents which are listed on the firm’s website as being required, or as soon as the application is received if the firm does not provide a list. 

The clock stops when the firm can reasonably expect the customer to have received all the necessary equipment and security features needed to use the service concerned (taking account of the delivery method the firm used to send them).    

The clock remains running while the firm carries out anti-money-laundering and fraud checks. 

When starting and stopping the clock for individual customers, anything done the same day counts as zero days, and any partial days after that count as a whole day. When the firm has calculated the average and percentage metrics for their customers taken together, they round the result to the nearest whole number.

The average number of days is the mean for all new customers in the quarterly reporting period. 

Debit card replacement

The metrics show the number of days it takes for a customer to receive a replacement debit card which has been lost, stolen or damaged.

The clock starts from when the card is reported as lost or stolen or the firm has stopped the card permanently for any other reason (such as a customer reporting it has been damaged and cannot be used).

The metrics do not include routine replacement of cards which have expired. 

The metrics may include cases where a firm has temporarily blocked a card and the customer does not respond to enquiries to resolve this, resulting in a long time to replace it.       

Days are measured in the same way as for the account opening metrics.