EFA Position on the Proposal for a Regulation on a framework for Financial Data Access

The European Fintech Association (EFA) warmly welcomes the opportunity to share its position on the Proposal for a Regulation on a Framework for Financial Data Access (FIDA). The EFA represents a diverse group of 35+ FinTech providers ranging from payments, to lending, banking, robo-advice, investment as well as software-as-a-service for the finance sector, with a clear focus on enabling a single market for digital financial services. EFA believes that, if done right, FIDA has the potential to be a catalyst for further competition in the financial services market to the benefit of the European consumer.

The EFA notes that a fundamental problem around data sharing in finance has been the lack of trust. It is therefore crucial to move away from the concept of data sharing – which many consumers think goes hand in hand with losing control over it – and rather start communicating about the opportunities for customers in unlocking their data and reusing it with other financial service providers for obtaining a broader range of services.


High-Level EFA messages:

  • EFA argues for further clarification in Article 4 regarding customer data access
  • EFA brings attention to the potential impact on innovation due to the possible confusion around the
    qualification of a data sharing scheme
  • EFA highlights the need to ensure that FIDA does not undermine critical services meant to shield
    vulnerable customers from financial distress
  • EFA calls for the proposal to address the use of digital platforms due to their role as a central point of interaction between customers and data holders and the possible related technical challenges

The need for clarification in Article 4
In the European Commission’s proposal Article 4 is succinct and simply says:
The data holder shall, upon request from a customer submitted by electronic means, make the data listed in Article 2(1) available to the customer without undue delay, free of charge, continuously and in real-time.

Although the term ‘free of charge’ is somewhat misleading – since the availability of a real-time interface is typically part of an overall service charge – we believe that Article 4 is a crucial aspect of the FIDA proposal, as it empowers customers to take control of their financial information whether the financial service provider currently offers a user interface or not.
By imposing all financial data holders to provide real-time access it fosters transparency and enables more informed financial decision-making. We want to see empowered customers who understand their data and have a streamlined financial journey.

However, Article 4 requires further clarity. One critical aspect that requires clarification is that the customer should have the right to:

  • Access this data themselves
  • Automate such data access with software
  • Authorise a FISP to access the data on their behalf

Also, FIDA should not just cover access to “data assets”, but also to “transactional assets”, i.e. enable customers to initiate transactions either themselves or authorise a FISP to initiate actions on their behalf, for example to fund/defund savings and investment accounts, to change monthly mortgage payments, or update account details and information.

We agree with the European Commission that financial data should only be accessible to regulated entities to maintain high levels of security. To maintain this access of sufficient quality and so that the framework does not repeat the flaws from PSD2 APIs, the European Commission should maintain incentives for data holders to invest in high-quality data collection and processing, such as strong enforcement.
This clarification ensures customers remain in control of their data while enjoying the convenience of utilising FISPs for data access, whether the financial data holder is a member of a data sharing scheme or not.

Potential impact on innovation

Another point of contention lies in the requirement for data holders and FISPs to participate in data sharing schemes within 18 months after enforcement of the FIDA framework. This obligation could lead to much confusion concerning the qualification of a data sharing scheme and, as a result, high fragmentation of the technical, operational, and commercial conditions of data access between local and international schemes. This increases complexities for data holders, data users, and data owners.
EFA believes that participation in such schemes should be optional. With the minor improvement to the Article 4, it will be in the financial data holders’ own interests to find a collaborative model giving them the opportunity to request compensation for the development and provision of machine-to-machine interfaces – such as APIs – used by FISPs to access or retrieve financial data. The EPC SPAA scheme is evidence that such schemes can be developed on a voluntary and commercial basis, without opening the Pandora’s box and huge overhead of any price regulation.
Furthermore, we also believe that the proposal should seek to address the distribution of financial services on a cross-border level within the EU. Many players in the industry avail themselves of the freedom to provide services without necessarily establishing a physical presence in the Member State of residence of the target consumers. Different data-sharing schemes in different Member States may also prove to be complicated. In such scenarios, more clarity would be welcome.

Safeguarding the vulnerable customers

The proposal’s allowance for data holders to charge for access to financial data raises concerns about the affordability and accessibility of open finance use cases – particularly for financially vulnerable customers.
Financial data holds immense value in shaping services such as personal financial management and credit risk analysis. Vulnerable individuals rely on these services for protection and support. Any financial incentives introduced for data holders as part of FIDA must be carefully balanced to avoid undermining critical services meant to shield the vulnerable from financial distress.
Another important element to protect the vulnerable is ensuring that the consumers have a clear understanding of what data is made accessible by whom and how to revoke it. We therefore support the introduction of data dashboards for consumers. In addition to the dashboard, we ask the European Commission to consider the availability of more digital tools to manage consent – such as the alignment with the work being undertaken in the eIDAS Directive.

Use of digital platforms

The proposal does not address the situation where the data holders (e.g., financial institutions) make use of digital platforms as a means to market and, in some cases, conclude with customers contracts for their products and services.

When data holders make use of digital platforms it is common that said platforms are the central point of interaction between customers and data holders. Therefore, when using digital platforms, such institutions may not have an interface or a technical infrastructure through which the customers interact directly with the provider of banking services. Instead, the platform would play this role.
We make reference to the EBA Report on Digital Platforms from 2021, where the EBA recognizes the relevance of the use of digital platforms and its expected growth1.
In such cases, customers typically have one point of interaction with the platform (website or mobile application) through which they can acquire products / use the services of several credit institutions that market and distribute their products through the platform itself. Such credit institutions do not need to offer the customers access to online banking (or any sort of interface) since the customers use the platform for managing their relationship with the credit institution.
In light of this, requiring credit institutions that offer their products via this type of platform to provide permission dashboards to their customers (users of the platform) might prove to be a tremendous technical challenge. This is also the case in which credit institutions have a type of relationship with a particular customer directly (e.g., a credit card) and another type of relationship with the same customer that was established via a digital platform (e.g., savings).

About us:
The European FinTech Association (EFA) is a not-for-profit organization representing leading FinTech companies of all sizes from across the EU. It brings together a diverse group of 35+ FinTech providers ranging from payments, to lending, banking, robo-advice, investment as well as software-as-a-service
for the finance sector, with a clear focus on enabling a single market for digital financial services.

For more information, visit www.eufintechs.com or follow @EFAssociation on Twitter.

More Positions