Europe’s naivety on open finance | will the PSD2-successor be safe for citizens?

For years the EU is working on the marketing of open banking and open finance and promising the public golden rewards if they share their transaction data with opaque fintech companies. EU through ‘PSD2’ introduced account information services, which in the Netherlands were treated with suspicion by the public and were completely ignored.

Euro-commissioner McGuinness held a speech on 21 March with the theme “From Open Banking to Open Finance: what does the future hold?”. He announced that the Commission will adopt its proposal on open finance before the summer. I completely disagree with the Commissioner’s portrayal of the opportunities that data sharing would bring to citizens. Financial transaction data provide a complete picture of a person. If personal data gets into the wrong hands it is very risky for the data subject. Cybersecurity is underdeveloped in the western world, so the risks for people are very real. Only big companies will profit from open finance.

My opinion on open finance and PSD2 is still that Europe and the member states are not ready for data sharing and third party access in the financial sector.

It is important that civil rights organisations keep a close eye on developments, now that Europe’s digital ecosystem has many imperfections. In theory, Europeans do have data protection rights, but in practice they get little use out of them now that enforcement is insufficient.

The complete speech:

This is a really important topic.

And I think Frances, you’ve hit the nail on the head – this is about the possibility but also the concerns, the issue around trust and confidence in the system.

Just to let you know that the Commission will adopt our proposal on Open Finance before the summer.

And essentially, this is all about data, information.

Because we know that data can give us great insights into so many things – including how we all behave and how companies are developing.

It means that there is a lot of potential for using this type of information in finance.

And we also know that advances in technology make it easier to both access data and share information.

And then to the point that Frances raised. People are concerned, rightly, about who has access to their personal data, and what that information is being used for.

I think we’re starting to grasp the possibilities of data in financial services with Open Banking.

And now we’re looking towards this future of Open Finance – really designed to take full advantage of data.

So three points I want to address today:

What Open Banking is, and indeed why it hasn’t yet reached its full potential,
How Open Finance will benefit consumers and businesses, and how we want to realise it,
And how our ambitions for Open Finance will work with some of our other policy priorities.

So we have Open Banking today.

That’s when our payment account data is shared with another provider, with our consent.

The purpose of sharing our financial information is to give us access to new and different services based on the information that we share.

So an example would be, you can get an overview of all your different bank accounts, across different providers, in one single app.

And that can make it easier to manage money and keep track of spending.

Although there’s a lady called Kate who tells me every so often what I’m spending on, and sometimes I wish she would stop! But it’s useful to see it just the same.

So there are practical examples that we all known, for our own situations.

Another example is a service to help you manage subscriptions – so letting you see everything you are subscribed to, and then to change or cancel them more easily. And I think that is quite an interesting area, because often you forget, so we’re often paying for something we’re not continuing to use.

So essentially Open Banking can be very useful – to consumers, but also to companies that want to offer different kinds of financial services.

Open Banking started growing over ten years ago.

The EU saw the potential and we put rules in place for Open Banking with the second Payment Services Directive.

That entered into force in 2018, and that’s helped Open Banking grow but we have to say not at all to the extent we might have anticipated.

And this figure did a little bit surprise me, but it is accurate to say that by 2021 less than 5 percent of consumers in the European Union were using Open Banking.

So to say that hasn’t reached its potential is rather an understatement.

And one of the reasons why that’s the case is to do with how Open Banking providers connect with banks.

Data is shared using a type of software called an application programming interface, or API.

This acts as a secure channel between two IT systems – so between a bank and a fintech company as an example.

And then through these channels, providers can share information in order to develop and offer products and services to consumers.

But today these APIs vary hugely in quality and functionality, and they often cause Open Banking operations to fail.

Through our public consultations we gained a lot of insights into why we aren’t seeing that much data sharing in finance just yet.

So some of those reasons, firstly, potential customers – people, you and I – have concerns around trust.

Privacy is a big concern, and I think it will grow the more we have access to information – consumers are wary of what a company might learn about them.

Security is another concern – so concerns about access putting you at greater risk of cyberattacks. And we all know that the financial system itself is under a lot of attack in this area.

There is also a concern about whether companies will manage your data with your best interests in mind.

Second observation: even where customers are willing to share their data, companies face very practical problems.

So the rights and obligations of companies are unclear.

The technical infrastructure for sharing data just isn’t in place.

And the data to be shared isn’t standardised.

Under the General Data Protection Regulation, customers have the right to transfer their data from one service to another. This is the “portability” right. But in practice this may not always be technically feasible.

We’re aiming to tackle problems with Open Banking as part of the revision of the Payment Services Directive.

We will propose measures aiming to fix these problems, without causing significant cost or disruption for those already engaged in Open Banking.

And this revision will be accompanied by a proposal on Open Finance.

So Open Banking is about payment account data.

Open Finance, then, is about sharing a much broader range of data, with the consent and understanding of the customer.

And there is a lot of potential here including getting much more personalised offerings that better meet our needs.

And therefore the financial sector could better serve their customers.

So an SME could share a wider range of financial data with a bank when applying for a loan.

And the bank could give the SME a quicker and more tailored response.

Or indeed a customer might choose to share a wider set of data with their insurance company for a bespoke insurance product.

Switching providers could become much more seamless and eliminate a lot of form-filling and paperwork.

Consumers could get a better overview and make more informed decisions around their personal finances.

Financial institutions could better assess risks, based on better knowledge of their customers.

So the potential uses are many – depending on how far you want to go in opening up access to data.

We are currently looking at what types of data would be most relevant and deliver the most value to customers.

These include banking, investment, insurance and pension services.

But we also need to look at the more fundamental issues that relate to the problems we found around data sharing in finance today – which is trust, access to data, and the technical arrangements.

So if I take the issue of trust first.

With Open Finance, we want to put customers in control of their data. We want people to feel that they have control over their own information.

And that we should know what data they are sharing, who it is being shared with, and why.

And this would help us all to make an informed decision about sharing data – or indeed deciding not to.

We are looking closely at how best to do that.

So one option is permission dashboards – an interface to give customers a simple overview of their own data that they might want to share.

And these dashboards could make it easier for customers to grant and revoke permissions to share information.

Companies accessing data should be regulated and supervised, alongside the companies that hold onto the data.

We want everyone to operate on a level playing field.

On access to data, our starting point is Open Banking.

So banks that hold the payment data for their customers must give access to it to other providers under certain conditions.

So far, our consultations on Open Finance showed different views on how to address these issues.

Some prefer to continue with a voluntary path for data other than payment account data.

Others believe data holders should be obliged to share this broader financial data.

And those views of course might depend on whether you’re a current holder of the data or whether you want to access it.

It’s hard to see how Open Finance could work if we don’t give access rights to new data, beyond payment accounts.

We are still assessing how far that should go, based on what data would bring most value to customers.

And just as important, we should exclude data whose use could give rise to risks of financial exclusion.

So finally, the technical side of things.

So to what extent should we standardise technical interfaces and how data is presented?

We’ve taken the report of our data expert group into account.

They’ve warned against being too prescriptive in the legislation.

So instead, we want to develop common standards for customer data and interfaces.

And we want companies to work together, and work with us, as we develop them.

So again we’re reflecting on the best ways to do this.

So for instance, one way forward could be to set out the goals in the legislation.

And then we could combine that with industry cooperation on contractual schemes to standardise data formats and technical interfaces.

Open Finance links to other work we’re doing in finance and around data more generally in the Commission.

It would be a natural complement to the Retail Investment Strategy.

This strategy is about improving the prospects for consumers and retail investors in the European Union.

So for instance, we’re looking at improving our disclosure rules.

They should be clearer, more understandable and more meaningful when you read them.

They should also work better in the digital environment.

In addition, we’re looking at the role of financial advice and financial literacy.

Our work on Open Finance will very much complement that.

So to give you a practical example, Open Finance could make suitability assessments quicker and easier.

A retail investor could choose to give their financial advisor quick and easy access to their financial data.

And the advisor could then make a better assessment about products and services that would work best for that investor.

Open Finance also links into the EU’s broader Data Strategy by ensuring a level playing field, no matter what sector.

It would find a natural complement in the Digital Markets Act.

And this Act tackles imbalances caused by the market power of powerful ‘gatekeeper’ firms.

It makes it easier for financial companies to access data from these platforms.

With Open Finance, this data could then be used to offer better products and services to consumers, tailored to their needs and with their consent.

So it unlocks the value of this data.

So in closing I hope I’ve given you a flavour of our thinking as we prepare our legislative package.

It should reach you before the summer.

It will be made up of a revision, as I’ve said, of the Payment Services Directive – which will include addressing some of the problems with Open Banking – and then a new proposal on Open Finance.

It’s essentially about embracing the possibilities that data can offer in financial services.

Which is why again I want to thank colleagues from the European Parliament, Frances and Ondřej, for really a very timely event.

Because I think the concept is out there, but the understanding is perhaps not.

So I think your event will certainly help that.

And I’m sure you’ll have a very good discussion about trust, about access, about technical issues. And I’m very happy to have the opportunity to contribute.

Over Ellen Timmer

Weblog: ||| Microblog: ||| Motto: goede bedoelingen rechtvaardigen geen slechte regels
Dit bericht werd geplaatst in English - posts in English on this blog, Europa, Financieel recht, onder meer Wft, Wtt, Grondrechten, ICT, privacy, e-commerce en getagged met , , , , , , , . Maak dit favoriet permalink.

Geef een reactie

Vul je gegevens in of klik op een icoon om in te loggen. logo

Je reageert onder je account. Log uit /  Bijwerken )

Facebook foto

Je reageert onder je Facebook account. Log uit /  Bijwerken )

Verbinden met %s