This article was first published in the 23rd edition of the Fact Book on 24 June 2025.
It has now been three years since the European Commission launched a consultation on the Open Finance framework, with the idea of creating a similar solution to PSD2 for a broader range of financial data. This initiative took the shape of the Financial Data Access Regulation (FiDA)1, with the proposal being published in June 2023.
The idea behind FiDA is simple. Financial entities (data holders) gather data on their customers while providing them with financial services. This is required in order to be able to offer them products suitable to their needs and to keep track of their financial transactions, as well as to fulfil the multiple regulatory obligations. At the same time, other non-financial entities (data users) would be interested in accessing the data to provide customers with other, potentially innovative services. Lying between those two are the customers, the owners of their data and those who need to consent to sharing their information between the data holders and the data users.
This is where the simplicity ends and questions begin. First, which customers should benefit from the framework? As the entire concept is based on the need to embolden customers to share their data in order to acquire new services, it is clearly designed with retail customers in mind. Unlike them, however, professional customers would not use solutions that allow systemic access to their data; instead, they would search for custom-made products. Second, which data exactly should be shared, as not all of the data relating to the customer belongs to them? Additional information is created during the course of a financial entity’s operations, including significant knowhow of the financial institution and, as such, should be protected from access by third parties. Different financial products require different data from customers, not necessarily about themselves alone nor always in a standardised form. So how their transfer could happen in an organised, instant and - most importantly - secure manner, commensurate with the sensitivity of this data. This is for the data holders and data users to decide when agreeing on financial data sharing schemes. It is, however, unclear how many of such schemes, on the EU or national level, bilateral or between multiple parties, and how exactly they should be established. Moreover, there is the question of which entities should have this broad access to EU citizens' financial data; once given, such access might not easily be retracted. What impact would it have on the EU's competitiveness and the security of customers' data if it were shared outside of the bloc? Would those entities with vast technological capabilities further strengthen their dominant position and add another layer of data to all the information that they already possess? These are the questions that both the European Parliament and the Council are now trying to respond to - with the help of the Commission - during the trilogue discussions on FiDA.
Among them is another question – arguably the most pivotal one - of whether EU customers will actually be interested in this new possibility? As there is insufficient evidence of actual customer demand for FiDA, these efforts to make sure that data are suitably standardised for sharing, to set up data-sharing schemes, permission dashboards and - most importantly secure and well-tested APIs - could become ineffective. Without an assessment of the customer demand enshrined in the FiDA framework, it could end up imposing an additional regulatory and administrative burden and disproportionate costs on the financial industry, without any real gain. This would go against the current aim of strengthening EU competitiveness and regulatory simplification. If there is no clear idea of how this important element could be embedded in the FiDA, and consequently whether FiDA will be able to deliver on its promises, maybe now is not the time for this framework?
Notes to Editors
Access the original article here.
