Open Finance framework/FIDA: Exclusive interview with Nilixa Devlukia

Wednesday 9 August 2023 08:39 CET | Editor: Oana Ifrim | Interview

Nilixa Devlukia, Chair of the Open Finance Association, delivers a thorough overview of the European Commission's proposal on Open Finance, ensuring a clear understanding of its implications.

Could you please provide some context for the proposal? What is the rationale behind and objective of the EC’s framework for financial data access? Why was it deemed necessary, and what are its intended outcomes? 

The European Commission (EC) has developed a comprehensive data strategy that encompasses various aspects, one of which enables consumers to provide access to their financial services data beyond the scope of Open Banking (ie, beyond payment accounts defined in PSD2). The primary objective of this regulation is to tackle the absence of a well-established market in the EU where data sharing has evolved through bilateral or industry-led initiatives. The aim is to create a framework that fosters secure and efficient data sharing, promoting innovation and competition in the financial sector and empowering consumers and businesses to make better financial decisions and access financial products beyond what's already available in Open Banking.

Drawing from the evolution of Open Banking, FIDA, the legislative proposal for a framework for financial data access, requires access through APIs and participation in a scheme, with compensation.

Before we delve into other topics, let's clarify and address a point for our readers. We acknowledge that there has been confusion and discussions surrounding this particular topic. The question is: What exactly qualifies as a payment account under PSD2?

Under PSD2, the definition of a payment account has led to confusion due to varying implementations by different member states. This has resulted in some accounts, like credit card accounts, being considered in scope in some jurisdictions and out of scope in others. 

PSR (Payment Services Regulation) introduces a clearer definition of a payment account: any account used to make or receive payments to or from third parties. So, a credit card account under this definition definitely qualifies as a payment account because it is used for payments to third parties.

Who is subject to FIDA ? 

This proposal covers a broad spectrum of financial services firms, including all payment service providers, MiFID investment firms, MiCA crypto asset service providers and issuers of asset reference tokens, alternative investment fund managers, asset management companies insurance and reinsurance undertakings, insurance intermediaries, institutions for occupational retirement provisions, credit rating agencies, crowdfunding. It is an extensive list, and only life insurance products are exempt from the data-sharing requirement.


To reiterate and ensure clarity, which specific types of financial data are encompassed within the scope of the proposal?

This includes mortgages, investments, pensions, insurance, and essentially covers all aspects within the financial services domain, except for payment account data.

The proposal requires that the data for the specified financial products and providers must be accessed through APIs under the umbrella of a scheme, which must consist of specified participants. However, the proposal lacks details on the prioritization and coordination of such data-sharing schemes. This will pose challenges as different industries and providers need to independently set up schemes within a relatively aggressive 18-month timeline across Europe. Prioritisation for different sectors to help the roll out of data sharing schemes would be beneficial to industry.

Who exactly can access the data? Is it only fintech third parties?

The data can be accessed by any entity that obtains authorisation as a FISP (Financial Information Service Provider). FISPs can access data once authorised, following requirements similar to PSD2 and PSD3.  Physical presence in the EU is not mandatory for authorisation, companies outside the EU can become authorised by designating an EU-based representative and in line with other EU legislation FISPs can `passport` their activities, allowing them to provide services across EU member states after obtaining authorisation in one country. With this, they can access data and offer services seamlessly across Europe.


Can bigtech companies access the data too? 

Yes, if they attain the FISP authorisation.

Will there be a need for API standards for premium APIs?

The primary intention behind FIDA is to facilitate data access through APIs. The impact assessment provided by the Commission reveals that the preferred option for data sharing  is via APIs and with compensation, which is meant to be reasonable and non-discriminatory. Consequently, there is not the same distinction between premium and non-premium APIs as there currently is under PSD2. 

Nevertheless, FIDA contains an article specifying that if the market fails to create a scheme, the Commission reserves the right to mandate a scheme and, under this provision, the Commission could mandate free access This provision serves as an incentive to encourage the industry to develop its own data schemes. While the rationale behind this provision is understandable, it is challenging for the Commission to establish data standards and access schemes for the  financial service sector. 

Notably, there is a significant distinction between the Payment Services Directive (PSD) and the proposed financial data sharing scheme. PSD encompasses both access to accounts and payment initiation. FIDA., focuses only on data sharing without any provision for action initiation. This lack of functionality will be a limitation to the evolution of new and innovative services which incorporate actions such as switching providers, applying for new products, updating details on accounts etc.


How will data holders receive compensation from data users (TPPs) for providing access to customer data?

This will be addressed within the schemes established under FIDA. FIDA establishes some general principles for compensation: it should be reasonable and only directly related to the data requested and available; it should be based on objective, transparent, and non-discriminatory methodologies; it should be based on existing market data, reviewed periodically, and at the lowest levels prevalent on the market.


We were thinking about the relationship between the SPAA and FIDA. How will these two initiatives coexist?

Many valuable lessons from Open Banking and SPAA can be applied by the industry when considering FIDA. However, the challenge lies in how these lessons will be embraced and implemented by the non-banking sector, given they have not undergone the same journey and evolution. While they might come up with innovative solutions, the process of aligning various data holders from different industries and ensuring timely implementation according to the specified timelines is bound to be challenging.

The core principle behind FIDA is commendable, but its actual implementation will be difficult and complex, mainly because it solely relies on the market and different industry sectors to drive the process according to their own preferences. As I reflect on it, the magnitude of this task appears quite significant.


Can you provide more clarity on what the permission dashboard entails and who will be responsible for creating these dashboards?

The mandate for the dashboard exists in both the PSR and FIDA. While one might assume that it will be standardised across all service providers, we must acknowledge that this is merely an assumption, not a certainty. Ideally, it would be beneficial if the permissions dashboard remained consistent for all providers, but there is no strict requirement for it.

The primary objective of the dashboard is to facilitate consumer transparency  by providing an easy way to identify the entities they have granted consent to. Furthermore, users should have the option to modify their consent parameters or revoke consent promptly and effortlessly. 

The crucial aspect of the dashboard lies in its utility. A dashboard that enhances consumer transparency and user-friendliness, will only be truly effective if it is conveniently located within the customer's online banking interface. In online banking, users typically know where to find specific information, such as direct debits or standing orders, by clicking on a designated section. Permissions dashboards should be positioned alongside such a list for easy access. 

What are the initial reactions from third parties regarding their willingness to pay for the data?

At the OFA, our stance has always been clear: for a well-functioning Open Banking and Open Finance ecosystem, there must be a commercial incentive for all parties involved. So, the issue of compensation itself is not a problem. The real challenge lies in determining the appropriate level of compensation. 

About Nilixa Devlukia

Nilixa is the Chair of the Open Finance Association and founder of Payments Solved, a regulatory consultancy advising on the regulatory framework for CBDC, crypto assets, Open Banking, and payment services both in the UK, EU and globally. Nilixa is a member of the ECB Digital Euro Market Advisory Group, the European Payment Systems Market Expert Group and the European Data Expert Group. Nilixa works with regulators, legislators, and industry to drive changes in the financial services ecosystem for outcomes that support secure, transparent, and inclusive financial services. Nilixa is also a well-known public speaker and a contributing member of the Digital Euro Association and the Digital Pound Foundation.

 About Open Finance Association 

The Open Finance Association (OFA) represents companies focused on empowering consumers and businesses through opening up financial data and payments. OFA believes secure, open APIs are key to competition and innovation in this space and the means to extending the principles of open banking to other financial sectors - such as savings, investments, mortgages and pensions.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: PSR, Open Finance, PSD2, FIDA, regulation, financial data, payments , bigtech, banks, TPP, data sharing, Open Banking, API, premium API, financial services
Categories: Banking & Fintech
Companies: Open Finance Association
Countries: Europe
This article is part of category

Banking & Fintech

Open Finance Association

Discover all the Company news on Open Finance Association and other articles related to Open Finance Association in The Paypers News, Reports, and insights on the payments and fintech industry: