You can read the PDF version of our position here

Introduction

The last decade has been extraordinary for FinTechs across the globe, and more specifically in Europe. Digitalisation, innovation, new technologies and changing consumer behaviour have allowed for the creation of many European FinTechs that are driving innovation to make  the vision of a united, European digital financial sector a reality. The European Fintech Association’s (EFA) vision is for European FinTechs to be the most innovative and competitive in the world, providing European consumers with solutions to meet their individual needs. If done right, an open finance framework can be a catalyst for further competition in the financial services market to the benefit of the European consumer.

From open banking to open finance

The Payment Services Directive 2 (PSD2) has aimed to improve the security of payment transactions, enhance consumer protection and, importantly, improve competition to allow for the provision of new innovative services through Open Banking and thus foster innovation across Europe. EFA believes that the PSD2 has laid the right foundations for a European minimum standard. However, it is time to be more ambitious. The EFA welcomes the improvements that have already been made to the PSD2 framework, as well as the current ongoing revision.

With the PSD2, there are clear regulations on the use of payment initiation services for initiating e.g. online credit transfers and on account information services for querying and evaluating account details. This means, for instance, that no additional log-in to one’s online banking account with the credit institution is needed when making a purchase online, but the payment can instead be authorised via a payment initiation service provided on the retailer’s website. Using an account information service enables the user to have a complete overview of the balances and transactions on all of the accounts at different banks.

The EFA sees value in extending the principles of the regulation – going from open banking into open finance. As we move into an open finance framework, the standards of the PSD2 must be reconsidered and the feedback from market participants (especially with regards to the use cases and instances where it has been difficult to comply with the current PSD2 framework) and ultimately end-customers must be incorporated into any further development of an open finance framework.

In this context, it is very important to communicate the opportunities for the customer, rather than referring to “data sharing”, which many consumers think goes hand in hand with losing control over it. In fact, the opposite is the case, Open Banking and Open Finance are all about unlocking user data in a secure way for its use with other value-added service providers, who are under regulatory control supervising their security standards.

In support of that, it could be useful to extend some of the PSD2 principles into Open Finance, such as the concepts of Strong Customer Authentication (SCA) and eIDAS-based identification of Third Party Providers when acting on behalf of the customer. That said, PSD2 is a very heavy regulation due to the extreme fraud risks of handling payment accounts. Other financial data is also sensitive, but the same applies to health or messaging data, and the rules for Open Finance must not become more (or less) stringent than for Open Data in general to avoid unlevel playing fields amongst industries.

How to make Open finance work? 

Future-proof regulation needs to have a strong focus on customer intimacy. Innovative companies have long recognized the benefit of focusing on customers’ needs, wants, and opinions. It is time for European regulators to take into consideration European consumers’ interests in the same way when designing regulation. European consumers want to access financial services that reflect the way they live their lives – seamlessly across borders and platforms. To this end, regulators need to take into consideration market use cases to understand the possibilities industry is already offering today, such as instant verification of account ownership using user data from their bank accounts to set up other payment services. In order to make this possible, close cooperation and intensive exchange between regulators, banks, and third-party providers is necessary – both to set the framework as well as to enable the technical implementation.

Opportunities brought by Open Finance 

In some cases “Open Finance” already exists, such as where Account Information Services (AIS) are provided not only for payment accounts, but also for aggregation of securities accounts, savings accounts, credit accounts. Open finance is an opportunity for industry players to aggregate data on various services and create comparison tools that benefit consumers. It has the potential to drastically increase consumers’ access to information about their products and spending habits. In practice, people could unlock their financial profile, which includes their pensions, current accounts and such – and industry participants could compete for their accounts, similar to utility switching. Alternatively, other customers may prefer to keep their account where it is, but unlock the data therein for using it with other value-added service providers.

Therefore, the greatest opportunities when it comes to implementing an Open Finance framework are:

• Standardisation of data access and thus increasing data security;
• Aggregation of other financial products in a uniform form with more data;
• New technical functions on the interfaces;
• Faster and lower cost of development of new products;
• New digital functions (such as data modification: create, read, update, delete)

For example, in the retail investment space, consumers who are investing would significantly benefit from opportunities brought by open finance. Today, the friction and timelines that come with, for example, transferring workplace pensions or securities held with a custodian to another custodian makes people less likely to switch to more competitive providers. The process to transfer securities between custodians currently is non-standardized within several Member States. This means that there are inter alia no standardised communication methods between custodians and no minimum service levels. This holds even more true for securities transfers between custodians of different Member States. Although indirectly, this ultimately supports higher fees in the industry by restricting competition. With open finance, data-sharing amongst industry providers should dramatically reduce the cost and time of switching providers.

As investments become increasingly available for larger consumer groups, advice becomes especially important. Advice should be easy to understand and accessible at any time. Harnessing the data that open finance could provide means more individually tailored advice can be given to help consumers manage their financial responsibilities. With greater access to a wider range of data, the potential for open finance to help facilitate personalised pricing to almost an individual basis could result in winners and losers: some may see more competitive outcomes while for others, their personal data leads to greater discrimination. Sticking with the consumer protection lens, we also must continue to think about vulnerability in a dynamic context. Affinity with technology, while important now, may become one of the key characteristics of vulnerability as we transition into open finance.

Some possible use cases and benefits stemming from Open Finance include:

• Digital product comparison for end customers;
• Financial products “calculated” to suit the end-customer (better pricing)
• More comprehensive and better risk analyses through more data;
• Consolidation of data from several investment portfolios;
• Switching between financial service providers in an easy and simple way;
• Comparison tools that facilitate provider switching;
• Online brokerages that provide financial products with the best value;
• Personalised advice and tailored financial products;
• Personal finance management tools (e.g. overdraft alerts and recommendations for choosing lower interest rates products, lower overdraft charges);
• Personal wealth management tools to monitor and manage assets and liabilities (e.g. financial goal management, analytics of investments and their returns, monitoring of wealth factors such as savings, spending and budgets);
• Alternative credit scoring methods for financial inclusion (e.g. gig economy workers);
• SME Finance
• Quicker customer onboarding with financial service providers;
• Pension tracking tools that provide a comprehensive overview of entitlements;
• Digital tools to assess the ESG profile of financial products (e.g. the environmental impact of investment portfolios or carbon footprint estimation of specific products);

Risks of Open Finance

The main risks coming from an open finance framework relate to data security and data protection.

The EFA believes that all financial firms holding customer data should permit access to customer data if requested by the customer. Ideally,  this access should be provided in real-time and free-of-charge. However, we acknowledge that innovation will likely benefit from having the provision of any kind of premium/value added services be compensated for, as otherwise there are few incentives for the industry to provide services using the data.

Control over the use of personal data is a key pillar in protecting the digital self-determination of a user and building a trusted framework. Ensuring that customers have meaningful control over the use of their personal data is essential to guarantee the lawfulness of data processing. The Open Finance framework should aim to establish trust by ensuring that customers are informed about the processing of their personal data, and that the information provided is accurate.

In this regard, the EFA advocates for the “same activity, same risk, same rules” approach. Regulation should be clear and strong in its enforcement powers and on the red lines for market participants. But it should also leave room for innovation and the development of new tools that would benefit all stakeholders. As these data-related services are crucial and assume trust, we advocate a reservation of permission for these services (supervision in accordance with PDS2).

Above all, the EFA believes that for the proper functioning and development of Open Finance, a strong and clear regulation on data exchange has to be established. This is also due to the fact that there is currently actually no adequate framework for data access rights in place in the financial sector beyond payment accounts. Consumers must be able to see where their data is, understand who has access to it, and retain the power to easily revoke their consent at any time. It needs to ensure that consent management tools are properly applied across sectors to guarantee that consumers’ expectations on how their data is used and handled are met. Consumers should not have to track through multiple dashboards to understand current access rights, while we simultaneously promise them simplified access to their financial data.

With this in mind, we believe the move to open finance and open data should be based on a clear ongoing right of data access and data portability under the EU’s landmark General Data Protection Regulation (GDPR). Extending PSD2-type enhanced data protection would make it difficult for consumers to make use of their data locked into incumbents and Big Tech. For industries like finance, security standards on communication and data parity to user interfaces may need more regulatory clarification.

‍