🔓 Unlock actionable insights summaries with a premium subscription.

Start a FREE 7-day trial

When Lean Technologies co-founder Mehdi Tazi talks about open banking, he frames it like Maslow’s hierarchy of needs. First comes connectivity, then enrichment, then the network effects that create lasting stickiness. Connectivity alone, he says, will be commoditised. The moat lies in building a full product suite that merchants can’t live without.

Lean’s $67.5m Series B in late 2024 gives the company more room to push that vision. The Riyadh-based startup has now raised over $100m, processed $2bn across more than a million accounts, and, in July 2025, secured in-principle approval under the UAE’s Open Finance framework to handle recurring bank-to-bank payments. Few companies are better placed to show how regulation, rails, and business models intersect in the GCC.

Around the world, open banking has followed very different paths. In the United States, data sharing emerged through grey-area screen-scraping popularised by Plaid, with regulators only retrofitting standards years later. Europe, true to form, legislated early through PSD2 and SEPA Instant, but richer use-cases like variable recurring payments have been slow to mature.

The GCC, by contrast, enjoys the benefits of a later-mover advantage. Regulators have been able to watch the US splinter and Europe over-engineer, and are now aiming for a balance: prescriptive where necessary, flexible where useful, and, crucially, transparent on costs.

Saudi Arabia rolled out its Open Banking Framework in 2022, covering account access and later payments, while guiding banks and fintechs through a certification sandbox. The UAE has gone further, building a full Open Finance framework complete with a Trust Framework, an API hub, rules for recurring payments, and a commercial model that directly incentivises banks to participate.

Another difference lies in the plumbing. In the US, payments still move over ACH – a decades-old system that batches transactions and closes outside business hours. In the GCC, instant rails like Saudi’s sarie and the UAE’s Aani operate 24/7, built for mobile and request-to-pay. It’s exactly the kind of foundation that gives account-to-account payments a chance to compete with cards.

This is where Lean comes in. Its strategy is to turn that regulatory clarity and modern infrastructure into usable products for merchants. For banks, Lean offers compliance and incentive alignment. For merchants, it promises a real alternative to cards: faster settlement, lower costs, and, increasingly, the ability to build “data-rich” services that combine account connectivity with payments.

Execution remains the hurdle. Banks need to comply on time, consumers must trust consent flows, and merchants want proof that conversion rates justify the switch. Lean is working through each layer: A/B-testing consent screens, co-branding to reassure users, and benchmarking ROI not just in cost savings but in higher acceptance.

Tazi offers a fascinating, never-before-disclosed look at how regional consumer behaviour is shaping adoption, and is frank about where the business stands. In Saudi, revenue is still driven mainly by data. In the UAE, payments already make up 80% of the business. Long-term, the opportunity is in fusing the two: payments enriched with real-time financial data, giving merchants and consumers more value with every transaction.

That vision demands more than connectivity. As Tazi puts it, the real defensibility will come from deeper integrations and a comprehensive suite of services layered on top. Lean’s bet is that by meeting merchants’ “hierarchy of needs,” it can turn open banking from compliance exercise into indispensable infrastructure.

For anyone trying to grasp open banking in the GCC, this interview is a must-read.

I’d like to begin by comparing the evolution of open finance globally. In the U.S., the approach was fragmented, without prescriptive APIs under Dodd-Frank 1033, players had to scrape data from every possible source. Europe, by contrast, arguably over-regulated with PSD2. But here in MENA, the story feels quite different. Has the sequence been policy first, then bank APIs, then commercial adoption, or the reverse? Where did the demand originate, and how does that trajectory compare, in your view, to the U.S. and EU?

If I were to compare the U.S. and EU to MENA in terms of regulatory frameworks, the first thing I’d point out is how top-down it is here. In the U.S., it was very fragmented and reactive, lots of piecemeal developments. Here, it’s been driven proactively from the top, with regulators like SAMA and the CBUAE taking the lead.

The frameworks here were designed from scratch, which meant regulators could learn from PSD2 and avoid some of its initial limitations. That gave them a chance to build richer, more comprehensive standards. For example, in Saudi, open banking data covers far more data points than in the UK or EU. And that’s not even touching on open finance, which extends beyond banking into insurance, pensions, and more. On the payments side, it’s also more ambitious. While the UK and EU stopped at single instant payments, here we’re looking at fixed and variable recurring payments. It’s bold, but I have no doubt we will be able to deliver on it. Enforcement and implementation will be the big challenges, but the ambition is huge…

This is premium content. Subscribe to read the full story for less than $0.27 per day.