Proposal Launched for an Open Financial Architecture by European Commission
The European Commission has proposed a regulation, titled the draft Open Finance Act, which aims to establish a legal framework for data sharing within the financial industry. This proposed framework, also known as the Financial Data Access Regulation (FiDA), seeks to provide broad rights for consumers and Small and Medium Enterprises (SMEs) to authorize third parties to access and use their financial data across various types of customer data held by financial institutions.
Under the draft Open Finance Act, financial data holders, including credit, payment, e-money institutions, investment firms, crypto-asset services providers, insurance and reinsurance undertakings, and others, would be required to make customer data available to their customers at first request and share this data with other regulated entities (data users) upon customers' requests.
The draft Act broadens the scope of financial data to be shared beyond what was covered under the open banking rules. It includes data such as balance, conditions, and transactions of mortgage, credit, and savings accounts, data used in companies' applications for a creditworthiness assessment, and data on the provision of non-life insurance products under Solvency II.
To ensure transparency, security, and efficient data access, the draft Act requires data holders to develop standardized interfaces allowing this access. Financial data sharing schemes would be tasked with adopting rules regarding contractual liability in case data shared is inaccurate, of inadequate quality, data security is compromised, or the data is misused.
The draft Act also introduces a regulatory status for Financial Information Service Providers (FISPs), allowing them to access customers under the draft regulation for the provision of financial information services. FISPs would be subject to a licensing regime similar to that of Account Information Service Providers (AISPs) under PSD2 and subject to the same types of prudential requirements.
When data holders make customer data available to any other data users, they are entitled to compensation that should be reasonable and based on an objective calculation methodology to be established by financial data sharing schemes. The draft Act requires data holders to provide their customers with a financial data access permission dashboard, allowing customers to monitor their data permissions, grant new permissions, and withdraw permissions when they wish.
The draft Open Finance Act is intended to rectify the issues faced by traditional banks and fintechs with the implementation of open banking rules, such as the lack of incentives for developing high-quality APIs and the resulting technical issues for Third-Party Providers (TPPs) trying to access payment account data.
Moreover, the draft Act places additional obligations on data protection, transparency in sharing, and security measures tailored to modern digital ecosystems, reflecting broader ambitions to foster data-driven innovation and a competitive digital environment. The European Banking Authority and the European Insurance and Occupational Pensions Authority are tasked with establishing guidelines to regulate how personal data regarding consumers can be used for assessing their creditworthiness, as well as their pricing and risks for life and health insurances.
In summary, while the PSD2 established foundational rules for open banking centered on payment accounts, the European Open Finance Act/FiDA proposes a more expansive, secure, and standardized framework for comprehensive financial data access to enable broader financial innovation and integration across the EU financial services sector.
In the context of the draft Open Finance Act, it is expected that financial institutions will implement dispute resolution mechanisms to address any issues that may arise during the sharing of financial data with third parties, contributing to the integrity of the industry. This regulation also aims to promote competition and innovation within the business sector, particularly for Fintechs, by providing a more expansive and standardized framework for comprehensive financial data access across various types of financial data.
