Francesco Simoneschi, TrueLayer CEO: A Deep-Dive into Open Banking, Regulation, and the Roadmap for Embedded Finance

Company summary: history, products, and future vision

TrueLayer is a leading provider of open banking and fintech infrastructure, enabling developers, marketplaces, and financial services platforms to access bank data, initiate payments, and embed financial services into their products. Founded by Francesco Simoneschi, Jordi Ribas, and Nuno César in 2016, the company quickly positioned itself as a cornerstone of the PSD2 era in Europe, delivering secure, scalable APIs that connect fintechs to banks and payment rails.

Historically focused on account information services (AIS) and payment initiation services (PIS) under the PSD2 framework, TrueLayer has expanded its platform to cover a broad set of capabilities that fintechs need to build embedded finance solutions. The core value proposition is API-first access to bank data, compliant payment initiation, and developer-friendly tooling—shaped by a strong emphasis on security, fraud prevention, and regulatory alignment.

In terms of licensing and regulatory setup, TrueLayer operates through a regulated, partner-based model. It does not grant itself a full banking license; instead, it operates as a regulated payment institution in key jurisdictions, leveraging licensed banks and payment providers to deliver services such as account data access, payments initiation, and regulated onboarding. The company’s approach to MiCA readiness and crypto-enabled use cases centers on enabling clients to build compliant VASPs and crypto-related services with robust risk and identity controls, while remaining compliant through its partnerships and governance framework.

Core products are designed to cover the entire lifecycle of embedded finance: open banking data access, payments initiation, onboarding and KYB/KYC workflows, fraud and AML risk tooling, and a platform that supports onboarding, identity verification, and risk scoring. While TrueLayer shines in data access and payment initiation, the ecosystem is designed to integrate with licensed providers for specialized capabilities, including IBAN issuance, card issuing, wallets, FX, acquiring, and processing. The company is actively expanding its coverages for SEPA Instant, cross-border routing, and Open Banking capabilities, with a focus on marketplaces, SaaS platforms, API-first fintechs, and crypto/VASP use cases that require robust regulatory alignment.

Looking ahead 12–24 months, the roadmap emphasizes deeper SEPA Instant routing optimization, broader bank and payment rail support, enhanced developer tooling (sandbox, dashboards, and observability), expanded KYB/KYC capabilities, and stronger fraud/AML analytics. The long-term vision is to be the infrastructure layer that enables truly embedded finance for Europe and the UK, backed by a responsible compliance program and a scalable partner ecosystem for card issuing, acquiring, FX, and wallet capabilities through trusted licensed partners.

Interview with Francesco Simoneschi, CEO of TrueLayer

Q1: What is your current role and path to TrueLayer’s leadership?

A: As CEO, I lead corporate strategy, regulatory alignment, and the product and engineering roadmap. My background spans fintech product leadership and growth at early-stage startups, with a focus on building scalable fintech platforms that comply with evolving financial regulations. I emphasize a risk-based, compliance-minded approach to product design, ensuring that infrastructure supports rapid innovation while maintaining customer protection and data security.

Q2: How is TrueLayer regulated in the UK and Europe, and what licenses underpin your services?

A: TrueLayer operates as a regulated payment services provider in major markets. We work with licensed partner banks and payment institutions to deliver AIS/PIS capabilities, data access, onboarding, and related services. We do not hold a full banking license; instead, we operate via a regulated framework that leverages partnerships to provide the necessary rails for payments and data access. This model allows us to deliver PSD2-compliant services with strong governance, risk controls, and regulatory reporting aligned to UK and EU requirements.

Q3: Can you describe the core products and how they fit into the market?

A: Our core offering centers on Open Banking and embedded finance infrastructure. Key components include:

• AIS/PIS APIs: Secure access to bank data and payment initiation across participating banks and rails.
• Onboarding and KYB/KYC tooling: Identity verification and risk assessment integrated into client workflows.
• Fraud and AML tooling: Real-time monitoring, sanctions screening, and transaction risk scoring.
• Open Banking data services: Data enrichment, categorization, and account verification to power next-gen fintech apps.
• Embedded finance enablement: A platform that supports clients in building financial features, with access to partner solutions for IBAN issuance, card issuing, wallets, FX, and acquiring through licensed providers.
• Developer experience: APIs, webhooks, sandbox environments, dashboards, and observability tools that streamline integration and governance.

Important note: while TrueLayer powers many of these capabilities, card issuance, IBAN issuance, and acquiring are typically delivered through curated licensed partners in our ecosystem. We act as the platform that connects fintechs to those rails with security, compliance, and developer-first tooling.

Q4: Which client types and use cases are most suited to TrueLayer?

A: We serve marketplaces, SaaS platforms, fintechs, and platforms that require regulated access to bank data and payments. Use cases include onboarding and KYC for new users, bank data verification for account linking, expense management and payroll workflows, merchant onboarding for marketplaces, and regulated crypto or VASP use cases that require robust identity, compliance, and risk controls. In highly regulated or risk-sensitive sectors — including crypto/VASPs and adult/affiliate contexts — we provide enhanced controls and governance that align with licensing and risk requirements.

Q5: What is the approach to licensing in relation to MiCA and crypto-enabled services?

A: MiCA compliance is handled through a combination of client-facing policies and partner-led capabilities. We design our platform to enable clients to build crypto-related services with appropriate licensing, risk controls, and governance. This means companies using TrueLayer can develop crypto-using or crypto-enabled financial services while relying on our compliant data and payments rails, as well as our risk and identity tooling. We remain agnostic to the specific crypto licensing path; what matters is that the client’s business model aligns with regulatory requirements and uses TrueLayer as a compliant backbone for onboarding, identity verification, and payments initiation.

Q6: What are the core products you currently offer in terms of payments and data?

A: The platform provides:

• Open Banking data access (AIS) and payments initiation (PIS) across supported banks and rails.
• Onboarding, KYB/KYC, and identity verification integrated into client workflows.
• Fraud detection, AML screening, and ongoing risk monitoring.
• SDKs, APIs, and dashboards designed for developers and product teams to manage integrations and compliance.

Notes on other rails (IBANs, card issuing, FX, acquiring, processing, wallets): these capabilities are typically accessed through partner providers within our ecosystem, enabling clients to compose a full-stack embedded finance solution without building every capability in-house.

Q7: How does SEPA Instant fit into TrueLayer’s routing and product strategy?

A: SEPA Instant is a core capability for real-time, cross-border euro payments within Europe. Our routing logic prioritizes low-latency, cost-efficient paths to participating banks, balancing reliability and speed. We continue to expand coverage to more banks and regions, improving fallback behavior and reconciliation for merchants and platforms that require near-instant settlement for B2B and B2C use cases.

Q8: What does the Open Banking capability look like for developers integrating with TrueLayer?

A: We provide:

• Well-documented RESTful APIs with OpenAPI specifications
• Sandbox environments that mirror production behavior for safe testing
• Webhooks for event-driven workflows (payments, data updates, identity events)
• Dashboards for monitoring, usage analytics, and governance controls
• SDKs and client libraries to accelerate integration across languages and platforms

Q9: Do you offer acquiring licenses or card processing capabilities directly?

A: TrueLayer does not operate as a direct card acquirer or issuer in the sense of owning a banking license for card processing. Instead, we work with licensed, regulated partner banks and PSPs to provide these capabilities within the ecosystem. Clients benefit from a unified integration layer, consistent governance, and streamlined onboarding, while the actual card issuing, acquiring, and processing rails run through trusted partners.

Q10: What does onboarding a new client typically look like, including documentation?

A: Onboarding involves multiple stages:

• Business and regulatory due diligence: company incorporation details, beneficial ownership, and a clear business model, especially for risk-sensitive use cases.
• Security and risk documentation: information on data protection, encryption, access controls, incident response, and fraud controls.
• Commercial terms: scope of services, pricing, volume expectations, and service-level commitments.
• Technical integration: access to the sandbox, API keys, and a customer success onboarding plan with milestones and timelines.
• Compliance and policy alignment: KYC/KYB workflows, sanctions screening, and data protection compliance (GDPR-equivalent in applicable regions).

Typical production onboarding timelines depend on geography, regulatory checks, and the client’s readiness, but a well-prepared fintech can move from sandbox to production in several weeks to a few months.

Q11: What is TrueLayer’s technical stack and developer experience?

A: We emphasize an API-first architecture with:

• RESTful APIs and webhooks for real-time integration
• OpenAPI specifications and developer docs for clear guidance
• Sandbox environments mirroring production behavior
• Secure authentication and authorization (OAuth-based flows)
• Rich dashboards for governance, monitoring, and debugging

In practice, this design helps fintechs iterate quickly while maintaining strong security and regulatory compliance.

Q12: How is pricing structured at a high level?

A: Pricing is typically a mix of:

• Platform access fees (monthly or volume-based)
• Per-transaction charges for PIS and AIS (variable with volume and region)
• Usage-based costs for data services, onboarding checks, and fraud/AML tooling

Actual rates depend on geography, volume, risk profile, and service mix. We tailor a commercial model to align with a client’s expected usage and compliance needs, while ensuring transparent and predictable cost structures.

Q13: Who are TrueLayer’s target clients, and what are notable verticals?

A: Our clients range from large marketplaces and platform businesses to fast-growing fintechs and SaaS providers. Notable verticals include:

• Marketplaces needing secure payment initiation and data verification
• SaaS platforms requiring embedded finance capabilities for their customers
• Crypto/VASP-related services needing compliant onboarding and payments rails
• Platform ecosystems that rely on Open Banking data for analytics and risk scoring
• Industries with heightened compliance needs (e.g., regulated financial services, adult/affiliate contexts with strict screening) where a risk-based approach is essential

Q14: How does TrueLayer differentiate itself from Stripe, Adyen, Banking Circle, Swan, and Lemonway?

A: TrueLayer’s differentiators are anchored in openness, regulatory alignment, and developer-centric design. While Stripe and Adyen excel in payments rails and merchant features, and Banking Circle, Swan, and Lemonway offer complementary capabilities (cross-border payments, liquidity, and issuing), TrueLayer focuses on open banking data access and PSD2-aligned PIS with a robust emphasis on risk, onboarding, and governance. The platform is designed to be the connective tissue for embedded finance, enabling clients to assemble best-in-class components—whether through TrueLayer or via carefully chosen partners—while maintaining a unified API experience and centralized risk controls.

Q15: What is the risk appetite and compliance approach at TrueLayer?

A: We adopt a risk-based, regulatory-first approach. This means designing products with strong identity verification, ongoing monitoring, and adaptive controls that respond to changing regulatory landscapes. Our compliance framework emphasizes data protection (privacy, consent management), AML/KYC screening, sanctions screening, and continuous monitoring. We collaborate with clients to ensure that business models, verticals, and regional operations remain within regulatory boundaries while enabling innovation.

Q16: How extensive is SEPA Instant coverage, and how do you determine routing?

A: SEPA Instant coverage continues to expand across participating banks and corridors. Routing decisions weigh factors such as settlement speed, fees, and reliability. We optimize routes to minimize latency and maximize successful settlement while providing clear reconciliation paths for merchants and customers. Our routing logic remains dynamic to incorporate new rails and participant banks as they come online.

Q17: What Open Banking capabilities should a potential client care about most?

A: Key capabilities include reliable AIS data access, secure PIS for payments, robust consent management, and a strong onboarding/KYC workflow. In addition, a scalable developer experience with sandbox, dashboards, and observability is critical to reducing integration risk and accelerating time-to-market. Lateral capabilities—like data enrichment, fraud/AML analytics, and risk scoring—add depth to embedded finance use cases.

Q18: Do you have acquiring or card issuance capabilities, and how do you handle those through partners?

A: We do not issue cards or operate as a direct card acquirer ourselves. Instead, we partner with regulated card issuers and acquirers to deliver those rails within the TrueLayer ecosystem. This approach gives clients a unified integration experience while leveraging the risk management and governance built into TrueLayer’s platform and the compliance posture of our partners.

Q19: What is the onboarding timeline and the typical documentation required for a new partner?

A: Timelines vary by geography and risk profile, but a typical partner onboarding includes:

• Corporate documentation: incorporation, registered address, ownership structure
• Regulatory alignment: licenses, registrations, and regulatory expectations for the business model
• Security posture: data protection policies, encryption standards, access controls, incident response plans
• Financial and tax information: evidence of financial standing and tax compliance
• Commercial terms: SLAs, pricing, and service definitions

The process is designed to be thorough to ensure that the client’s use of TrueLayer’s rails remains compliant and secure as they scale.

Q20: What is the roadmap for the next 12–24 months and the long-term vision?

A: In the near term, we plan to:

• Expand SEPA Instant coverage and improve routing efficiency
• Broaden bank and rail coverage across the UK and Europe
• Enhance data capabilities (enrichment, categorization, and analytics) to support embedded finance decisions
• Strengthen onboarding/KYC workflows and risk scoring with advanced identity verification
• deepen developer experiences (improved sandbox, dashboards, tooling)

Long-term, TrueLayer aims to be the infrastructure backbone for embedded finance across Europe and the UK, enabling a wide ecosystem of licensed partners for IBAN issuance, card issuing, wallets, FX, and acquiring. The vision centers on a secure, compliant platform that unlocks rapid product innovation for fintechs and platforms while maintaining rigorous governance and risk controls.

Related searches

• TrueLayer SEPA API
• Francesco Simoneschi TrueLayer
• crypto-friendly EMI Europe
• Open Banking API providers comparison
• TrueLayer onboarding timeline
• TrueLayer acquiring partners
• MiCA compliance for fintechs
• SEPA Instant coverage TrueLayer
• Open Banking vs card issuing platforms
• TrueLayer KYC KYB workflow

FAQ

• What licenses underwrite TrueLayer’s services? TrueLayer operates as a regulated payment institution approach in key markets, leveraging licensed banks and PSPs to deliver AIS/PIS and onboarding capabilities, not a full banking license.
• Can TrueLayer issue IBANs or cards directly? Not directly; IBAN issuance and card issuing are typically delivered through licensed partners within the ecosystem.
• How quickly can a fintech start using TrueLayer? Onboarding timelines depend on geography and risk profile, but sandbox access is typically available promptly, with production readiness within weeks to a few months after due diligence.
• What is required for onboarding a crypto/VASP-focused client? A risk-based approach with enhanced KYC/KYB, ongoing AML monitoring, and alignment with MiCA and local crypto regulations are essential.
• Does TrueLayer support acquiring or processing? We rely on partner licensed providers for acquiring and processing rails, while offering a single integration layer for developers.
• What Open Banking capabilities should I prioritize? AIS data access, PIS for payments, consent management, and robust fraud/AML controls, plus a strong developer experience for faster time-to-market.
• What is TrueLayer’s stance on compliance and risk? A risk-based, regulatory-first approach with continuous monitoring, sanctions screening, and privacy-by-design practices.
• What’s the roadmap for SEPA Instant and international payments? Expanding coverage to more banks, improving routing logic, and supporting additional regional rails where compliant.
• Which markets does TrueLayer serve today? The platform targets the UK and Europe, with ongoing expansion to additional jurisdictions through licensed partners.

Sources and references

• TrueLayer official site and solutions overview: https://truelayer.com
• MiCA regulatory framework overview: https://ec.europa.eu/info/business-economy-euro/banking-and-finance/financial-services/securities-issuers/crypto-assets_en
• Regulatory perspectives on fintech and payments infrastructure (general guidance): https://www.fca.org.uk/
• Open Banking and PSD2 context (high-level): https://www.openbanking.org.uk/