.svg)
Although the EU’s Financial Data Access (FiDA) framework did not get axed as had been anticipated, many of the critiques of the EU’s potential open finance rules remain.
A source in Brussels recently quipped to Vixio that “the EU is going to have to decide what it wants its banks to do next, finance FiDA or finance the European defence complex”.
It was this question of deregulation, or at least a reduction in legislative strain, that appeared to drive the European Commission to consider axing the framework earlier this year.
However, FiDA lived to see another day and, like its payments counterparts, should be enacted at some point in the near future.
The European Commission proposed the FiDA regulation in June 2023 to enhance consumer control over financial data, extending open banking principles from the revised Payment Services Directive (PSD2). It mandates banks and insurers to share data with authorised third parties.
The Council of the EU agreed on the proposal in December 2024, after the European Parliament’s Economic and Monetary Affairs Committee backed it in April 2024.
Unlike PSD2, it includes a commercial element, allowing banks and incumbents to charge reasonable fees for data access.
Speaking to Vixio, Thomas Gmelch, Tink’s director of payments sales in the DACH region, said that "the monetisation aspect is key; expanding products and services benefits both sub-verticals and end consumers”.
“We’re happy to see FiDA back on track, but it’s not over the finish line yet,” he added.
“There is still a political element at play, and we’re keeping our fingers crossed that the current momentum doesn’t fade or face unexpected hurdles. A few more steps still need to be taken."
An incomplete plan
The proposal has faced strong opposition from financial services and some member states over costs and benefits. Even fintechs such as Klarna have criticised it, claiming the EU has prioritised banks over consumers.
"The idea behind FiDA is great, as being able to share financial data in this way has real potential,” said Arie van den Bergen, owner at fintech law firm Finnick.
However, the Netherlands-based lawyer said that his concern with the regulatory framework was “whether it has been sufficiently well thought through”.
Julien Sad, an associate at Bird & Bird, agreed with this take, stating that “people are really concerned”.
“They see FiDA as an opportunity to improve, innovate and make better use of data. However, there is uncertainty about how this will work in practice,” he said.
Sad said that one of the main issues is the unclear scope of the regulation, “which is probably the most pressing point”.
“At this stage, it’s also uncertain which entities will be required to participate, as it is still possible that some entities are removed from the list, and what kind of data will need to be shared with others.”
Van den Bergen pointed to its payments counterpart, explaining that “simply having regulation like the PSD2 doesn’t guarantee seamless interfaces”.
“With PSD2, we expected cross-border payments to take off, but SEPA was needed first. The same applies here, and you need standardised frameworks for these services to emerge and function effectively.”
FiDA’s key challenges
According to van den Bergen, the regulation “raises many questions, particularly around fragmented data across countries”.
For example, data processing in the Netherlands differs from other jurisdictions. “Without a common framework, progress may remain at an initial level. Like SEPA, a detailed framework is needed for it to take shape.”
He noted that FiDA’s proposed schemes, whether industry-led or commission-imposed, do not guarantee adoption.
“A key issue is the mandate to participate in at least one financial data-sharing scheme. But with so much data, like mortgages and consumer loans, there won’t be a single ‘super app’ combining everything,” he said.
“If a bank joins a mortgage data-sharing scheme, is that enough, or must it join separate schemes for each data class?"
The EU’s intention with FiDA was to facilitate and even mandate data sharing, but there remains confusion.
This is especially evident around what exactly constitutes “customer data” and whether firms need to share all customer data, not only “transmitted data” received from customers, or “transaction data”, but also data received as data users from data holders, which Sad said should not be the case.
He added that this lack of clarity has become a major concern, although appears to be being clarified in the draft legislative positions set out by the co-legislators.
“Companies are currently conducting due diligence to ensure they are in a strong position, implementing dashboards and other tools to manage compliance,” he said.
“This is particularly challenging for financial institutions, banks and particularly other players unfamiliar with extensive data sharing requirements."
"FiDA is supposed to be about creating great, personalised products, but it takes a very broad view of customer data,” he pointed out.
This leaves the key questions: what exactly counts as “customer data”? What needs to be shared? And what is particularly relevant to the payments sector?
“Under the open banking regime, firms already need to share payment account data, but now, FiDA extends this to include card account data and technical account data as well,” he said.
“For example, acquirers that don’t maintain payment accounts are not required to grant access under open banking regime, but they will be required under the proposed FiDA framework.”
A long path ahead
Sources in Brussels have suggested that the legislation could take up to two years to be agreed by the co-legislators, and is not anticipated to pass as swiftly as the Payment Services Regulation (PSR).
Many payment firms will be keeping an eye on FiDA’s progress, given that it could create significant opportunities for them.
Account information service providers (AISPs) and payment initiation service providers (PISPs) could both benefit from an open finance framework such as FiDA.
For example, it would extend open banking principles to a wider range of financial data beyond payments, including savings, investments, pensions and insurance. This would allow AISPs to offer more comprehensive financial insights and aggregation services.
Moreover, PISPs could leverage open finance to initiate payments across different financial products, such as direct transfers from investment accounts, improving payment efficiency and reducing reliance on card networks.
For now, however, the future of the regulation and how simple it is to enact rests with the co-legislators.
There is a risk of falling into complacency as regulators grapple with their response to an increasingly turbulent geopolitical spectrum.
Ultimately, opening up financial products may seem less pressing for an EU that needs to ensure that its financial institutions can fund its defence spending.
