TL;DR: Brazil’s credit portability pilot is showing how consent-based APIs, accredited participants, and regulated settlement can move loan transfers from weeks to as little as five days, with Open Finance Brasil already processing more than 102 billion API calls and nearly 62 million active consents in 2024 according to Raidiam. The governance lesson is that portability at scale depends on identity assurance, not just cleaner workflows.
NHIMG editorial — based on content published by Raidiam: 04 Dec 2025 Credit Portability in Brazil: Unlocking Market Competitiveness With Open Finance Thought Leadership
By the numbers:
- Open Finance Brasil saw record-setting adoption in 2024, processing more than 102 billion API calls.
- The Credit Portability API entered its production pilot phase in November 2025.
Questions worth separating out
Q: How should organisations govern credit portability in open finance ecosystems?
A: Organisations should govern credit portability as a shared identity and consent problem, not only a transaction workflow.
Q: Why do open finance portability models increase IAM requirements?
A: Open finance portability increases IAM requirements because trust must extend across institutions that do not share a single internal security boundary.
Q: What breaks when participant offboarding is not part of portability governance?
A: When offboarding is missing, former participants can retain access paths through APIs, certificates, or delayed revocation processes.
Practitioner guidance
- Map the participant trust chain end to end Document which identities can request credit portability, which can approve consent, and which can settle the transaction.
- Tie consent scopes to access lifecycles Make consent expiry, entitlement review, and revocation validation part of the same operational workflow.
- Separate onboarding assurance from steady-state assurance Use onboarding checks to verify eligibility, then add continuous controls for API activity, certificate validity, and participant drift.
What's in the full article
Raidiam's full article covers the operational detail this post intentionally leaves for the source:
- Pilot-phase milestones and rollout sequencing for credit portability in Brazil.
- Details on the Credit Portability API workflow from request through settlement.
- Context on participating institutions and the broader Open Finance Brasil ecosystem.
- Raidiam's perspective on the infrastructure and certification model supporting the pilot.
👉 Read Raidiam's analysis of Brazil’s credit portability pilot and Open Finance rollout →
Credit portability in open finance: what IAM teams need to watch?
Explore further
Credit portability succeeds only when participant identity is treated as infrastructure. Open finance pilots often get described as workflow innovation, but the real control plane is identity and trust. If an institution cannot prove that only accredited participants can request, compare, and settle credit data, portability becomes a federation problem rather than a customer benefit. Practitioners should read this as an identity architecture issue first and a product feature second.
A few things that frame the scale:
- 23.5% of security professionals are unsure about the biggest threat to their non-human identities, indicating a significant awareness gap, according to The 2024 Non-Human Identity Security Report.
- 59.8% of organisations see value in a solution that simplifies non-human access management and introduces dynamic ephemeral credentials.
A question worth separating out:
Q: Who is accountable when credit portability consent is misused?
A: Accountability should sit with both the ecosystem operator and the participating institution that granted or used the access. The control question is whether the consent was valid, narrow, and current when the transfer occurred. Teams need clear records so responsibility can be traced across onboarding, approval, transfer, and settlement.
👉 Read our full editorial: Brazil’s credit portability pilot raises the bar for identity governance