The Open Finance Report is out – what’s in it & what’s next?
By Anne-Sophie Morvan, Head of Business & Legal Affairs.
Despite some delays on the initially announced timeline, the European Commission (DG FISMA) is actively working on Open Finance. To better understand the needs and expectneations of different stakeholders with regards to Open Finance, DG FISMA has decided to set up an Expert Group on European financial data space, which released its Report on Open Finance on 24 October. Today’s let look at some of the key elements laid down in the Report, without nevertheless any claim to the exhaustivity!
What is the “Expert Group”?
The Expert Group set up by the DG FISMA gathers a variety of professionals, including representatives of credit and payment institutions – including Payment initiation service providers (PISPs) and account information service providers (AISPs) –, insurance companies, pension funds, asset management industry as well as consumer and financial inclusion associations.
As a member of the Expert Group, I am proudly representing the Open Insurance Think Tank, which works across a wide range of technical and commercial domains in order to enhance interoperability in the insurance sector with a commitment to open innovation.
Given the large diversity of members composing the Expert Group, the Report tackles several topics and highlights divergent views, which will be addressed hereinafter.
Looking at its main missions
In the context of the Report on Open Finance, the Expert Group’s mandate was “to establish the modalities for data sharing and reuse based on a specific number of illustrative use cases and to describe the key components of an open finance ecosystem in the EU”. These use cases are described in detail at the end of the Report.
They address opportunities in relation to (i) mortgage, (ii) SME financing / creditworthiness, (iii) open investment data and financial advisory, (iv) energy, sustainability and climate data as well as (v) sharing of in-vehicle data. Out of these use cases came some key principles which will most likely be taken into account by the European Commission when setting up an Open Finance framework.
The Report first defines Open Finance as “the sharing, access and reuse of personal and non-personal data for the purposes of providing a wide range of financial services”, i.e. “innovative financial products and services to the direct benefit of consumers and firms”. A core focus of Open Finance should among others help improving the customer experience and financial inclusion, ensure customer control as well as facilitate and promote innovation.
In order to address the main challenges of an Open Finance framework, the Report envisages how data accessibility and availability, data and consumer protection, data standardization as well as liability could be framed. The Report also raises the question of the level playing field and the cost of data access and identifies Open Finance’s key actors and success criteria. Given the diversity of views on each of these topics, the present article aims at summarizing some (i.e. not exhaustive) of the key principles on which the Expert Group has reached a consensus and those who remain subject to divergent opinions.
What we agreed on…
- First of all, the Expert Group agreed about the importance of a HORIZONTAL APPROACH, which is in line with the European Commission data strategy.[1] This means that it is expected from other sectors, such as the public sector and stakeholders of the private sector, to open their data. This shall enable the development of innovative services by combining data from within and outside financial institutions. As an example, the opening of pension related data from the three pillars would enable financial institutions to provide better financial advice, as it is done in Denmark for instance.
- On the question of DATA PROTECTION, which has been subject to numerous questions in the context of PSD2, the Expert Group highlights that all GDPR lawful grounds might apply to Open Finance related processing (including the performance of a contract). In order to ensure transparency, the Report mentions the potential adoption of “consent” management tools, which would “grant a holistic consumer view considering a cross-sectoral perspective to ensure consumer consent understanding and control”.
- With respect to LIABILITY, the Report recommends the establishment of a set of principles clearly allocating responsibilities and which should apply as a minimum requirement for both contractual (with some flexibility) and non-contractual data exchanges. To judge upon such a LIABILITY CASE, the Report promotes the development of dispute resolution procedures.
Open Finance & Open questions
Next to the topics of consensus we just went through, the Report highlights divergent views on some important topics, which will be key to determine the shape of Open Finance.
First, on the Open Finance model, the Report does not commend whether the Open Finance framework should be mandatory or voluntary. This choice of the legislator to impose – or not – an obligation to open data will be key in the success of Open Finance. Whereas in the United States some consider that the lack of obligation (until now) to open up has enabled the development of Open Banking[2], one may wonder whether this is also the case in the European Union. After having analyzed the developer portals of a large number of banks and insurance companies, it seems that only a few (often large and) avant-garde institutions have taken the step to go beyond PSD2 APIs (e.g. Deutsche Bank, BPCE or BBVA). The implementation of an Open Finance framework will create legal certainty but this might not be sufficient to convince financial institutions to provide access to their data without legal obligation to do so.
Another key element to determine how successful Open Finance will be, is the cost of data access. As pointed out by the European Banking Authority, the fact among others that, in the context of PSD2, obliged entities had to provide APIs free of charge to third party providers (TPPs) has not created the right incentives for these obliged entities to invest into developing high quality APIs.[3] In order to avoid this, the members agreed that there should be a fair allocation of costs among different players of the data value chain to safeguard fair competition. This allocation of costs could enable data holders to recover the cost of collecting, generating, preparing and sharing the data and, eventually to add a reasonable margin of profit. As pointed by some members, this should nevertheless be without prejudice to the fact that data holders should provide “at least one free-of-charge, real-time (user) interface for data subjects to retrieve their data”. Some arbitrage will thus be needed on this key topic and one may already see the challenge of finding the right balance between the different interests at stake.
Also, the Report recalls the principle “same activity, same risks, same rules”. In the context of PSD2, account information can be accessed by companies being licensed as “account information service providers” by their national competent authorities. A proposal would thus be to create a new type of license and a public list of users, which would be allowed to access Open Finance APIs. Or, one may imagine to have a lighter regime whereby entities willing to take part in Open Finance would be listed in a “central registry” with certain adherence criteria.
Many questions (including but not limited to the above ones) are thus opened for discussion and soon for decision by the European Commission.
Some delays… but still on track
The Commission had planned in its Retail Payments strategy (dated September 2020) to come by mid-2022 with a legislative proposal for a new ‘Open Finance’ framework[4]. This deadline has been slightly postponed and instead of an Open Finance framework proposal, the Commission actually published an Open Finance consultation mid-2022 together with the PSD2 review consultation. PSD2 review and Open Finance Framework are thus dealt in parallel, which seems logical since experiences learnt from Open Banking are extremely relevant to set a new Open Finance framework.
The timeline has thus slightly changed and the Commission announced in its Work Program 2023 that the publication of both the Open Finance Framework and the PSD2 revision proposals is scheduled for Q2 2023[5].