Skip to main content

Per-Country Guide

Per-Country Regulatory Guide

Country-by-country breakdown of Tok's AISP registration approach.

πŸ‡³πŸ‡΄ Norway β€” Base Registration

Regulator: Finanstilsynet (Norwegian FSA) Licence type: AISP (opplysningsfullmektig) Entity: ALAI Holding AS (org.nr 932 516 136) Capital required: €0 (PII insurance only) Contact: [email protected]

Process

  1. Submit AISP application to Finanstilsynet
    • Programme of operations
    • Business plan
    • Fit & proper declarations
    • PII insurance certificate (Nordic Guarantee or Howden Norway)
    • IT security documentation
    • AML/KYC procedures
  2. Application fee: NOK 5,000–30,000
  3. Timeline: 2–3 months

Status

Email sent 24.02.2026. Pre-application guidance meeting to be scheduled.

πŸ‡­πŸ‡· Croatia β€” EEA Passporting from Norway

Regulator: HNB (Hrvatska Narodna Banka) Mechanism: EEA passporting β€” Norway (EEA) β†’ Croatia Capital required: €0 Contact: [email protected], +385 1 4702 181

Process

  1. ALAI Holding AS obtains Norwegian AISP registration (Finanstilsynet)
  2. Finanstilsynet notifies HNB (PSD2 Article 28 β€” home regulator has 1 month)
  3. Service can begin 30–60 days after notification
  4. QWAC/QSEAL certificate obtained (DigiCert or GlobalSign)
  5. Register on Croatian bank developer portals

Passporting scope: Norway β†’ ALL EEA countries (not just Croatia). One Norwegian licence = access to entire EEA.

API Standard

Berlin Group NextGenPSD2 β€” all Croatian HUB-registered banks implement minimum v1.3.8.

Croatian Bank Portals

Bank Sandbox Portal Status
Addiko Bank oapideveloper.addiko.hr Available
Erste & SteiermΓ€rkische developers.erstegroup.com Available
HPB openbanking.hpb.hr Available
OTP Banka apiportal.sandbox.otpbanka.hr Available
PBZ (Intesa) apiportal.pbz.hr Available
Raiffeisenbank sandbox.rba.hr Available
Zagrebačka banka (UniCredit) developer.unicredit.eu Available

Sandbox access available before AISP approval β€” testing can begin immediately.

Verification

After approval, verify registration in EBA EUCLID register: euclid.eba.europa.eu/register/pir/search

πŸ‡·πŸ‡Έ Serbia β€” Direct NBS Registration

Regulator: NBS (Narodna Banka Srbije) Licence type: AISP registracija Entity: ALAI Tech d.o.o. (Serbian subsidiary, 100% ALAI Holding AS) Capital required: €0 for AISP; €50,000 for PISP Contact: [email protected], +381 11 3338-051

  • Zakon o platnim uslugama: Sl. glasnik RS 64/2024 (adopted 31.07.2024, applicable from 06.05.2025)
  • Odluka o tehničkim standardima: Sl. glasnik RS 102/2024 (published 23.12.2024)
  • Bank API deadline: 01.01.2026

Process

  1. Register ALAI Tech d.o.o. with APR (Serbian Business Registry)
    • ALAI Holding AS = 100% owner
    • Minimum capital: 100 RSD (symbolic per Serbian law)
    • Activity: account information service provision
  2. Submit AISP registration to NBS
    • Programme of operations
    • Business plan
    • AML/KYC procedures
    • IT security documentation
    • Organisational structure
    • PII insurance from NBS-licensed insurer (Dunav or DDOR)
  3. Timeline: 3 months statutory, 6 months realistic
  4. NBS sandbox available for pre-registration testing

Important: No Central API Standard

Serbia does NOT have a centralised API standard like Croatia's HUB. Each bank must be connected bilaterally.

Bank type API standard Adapter
EU bank groups (UniCredit, Raiffeisen, NLB) Berlin Group (likely) BerlinGroupAdapter
Domestic banks (AIK, OTP Serbia, Banca Intesa Serbia) Bank-specific BilateralAdapter

Serbian Bank Portals

Bank Portal API Standard
NLB Komercijalna developer.nlbkb.rs Berlin Group (NLB group)
UniCredit Srbija developer.unicredit.eu Berlin Group (UniCredit group)
Raiffeisen Srbija api.rbinternational.com Berlin Group (RBI group)
AIK Banka TBD β€” bilateral Unknown
OTP Srbija TBD β€” bilateral Unknown
Banca Intesa Srbija TBD β€” bilateral Likely Berlin Group

PII for Serbia

Must be from an NBS-licensed insurer β€” foreign/EEA policy is not accepted.

  • Dunav Osiguranje: dunav.com
  • DDOR Osiguranje: ddor.rs
  • Policy will be bespoke (no off-the-shelf fintech PII product in Serbia)

πŸ‡§πŸ‡¦ BiH β€” Bilateral Agreements

Regulators: CBBH (central bank), FBA (FBiH banking agency), ABRS (RS entity banking agency) Mechanism: No PSD2 mandate β€” direct bilateral contracts with banks Capital required: €0

Process

  1. Contact EU bank groups with existing API infrastructure:
    • UniCredit BiH (UniCredit group β€” developer portal exists)
    • Raiffeisen BiH (RBI group β€” API marketplace exists)
    • NLB BiH (NLB group β€” developer portal exists)
  2. Negotiate bilateral data access agreements
  3. Implement per-bank BilateralAdapter
  4. Note: May require notification/approval from FBA or ABRS β€” investigate during Phase 3

Local contact: Asmir Merdžanović (SnowIT partner) — local contacts and market knowledge.

Status

Phase 3 β€” begin after Croatia and Serbia are operational (Q1 2027).

Comparison Table

Aspect Croatia Serbia BiH
PSD2 Full (since 2019) Equivalent law (2024) None
API standard Berlin Group v1.3.8+ No central standard None
Registration path EEA passporting from NO Direct NBS registration Bilateral only
Entity ALAI Holding AS ALAI Tech d.o.o. β€”
Capital for AISP €0 €0 €0
PII EEA policy (NO) Serbian NBS-licensed insurer N/A
Timeline Q3 2026 Q4 2026 Q1 2027
QWAC required Yes If Berlin Group adopted No
Sandbox available Yes (all major banks) Yes (NBS sandbox) No

No comments to display

Back to top