top of page

The Financial Data Access (FIDA) Regulation: A New Era in Financial Transparency

  • Antonis Hadjicostas
  • Jun 15, 2024
  • 5 min read

ree

Introduction


In today's rapidly evolving digital landscape, the handling of financial data has become a focal point for regulators, businesses, and consumers alike. With the advent of new technologies and increasing digital transactions, the need for robust data governance has never been more critical.


On 28 June 2023, the European Commission unveiled its legislative [1] for a new Financial Data Access (FIDA) framework. Once finalised, FIDA will expand the Open Banking data-sharing obligations, which currently apply only to payments accounts data, to nearly all financial services (FS) data. It will be the legislative backbone of open finance in the EU. FIDA also establishes rules concerning the authorisation and operation of financial information service providers.


In addition to FIDA, the European Commission also published on 28 June 2023 the payment service package consisting of the Payment Services Directive 3 (PSD3), which modernises PSD2, and the payment service regulation. The payment service package bears testament to the European Commission’s priority to improve the existing regulatory regime and consumer protection in the field of data sharing. It is stressed though that FIDA covers only financial data beyond payments, as payments data is already covered by PSD framework.


Understanding FIDA


The Financial Data Access Regulation is a comprehensive policy initiative aimed at standardizing and securing the management and sharing of financial data across institutions. Rooted in principles of transparency, user consent, and data security, FIDA seeks to empower consumers while fostering innovation within the financial sector.


Overall, under FIDA, entities holding customer data (data holders) will have to share customer data (customer) with third parties (data users).  In particular, data holders must make customer data available to data users (i.e. the so-called “Financial Information Service Providers (FISPs)”) only upon customer request:


  • Customer/Consumer data must be made available without undue delay, in real-time.


  • The access and information being made available are limited by the terms of the permission granted by the customer.


  • Customers/Consumers could withdraw any such permission at any given point in time.


Furthermore, data holders must provide customers with a permission dashboard, which should be user friendly and easily accessible, in order to allow customers to monitor and manage the permissions granted.


Lastly, FIDA also mandates the creation of Financial Data Sharing Schemes (FDSS) to govern data access, set compensation standards as well as introduce compensation models for data sharing and establish dispute resolution mechanisms.



ree

Categories Customer Data in Scope


FIDA applies to the following categories of customer data on:


  • mortgage credit agreements, loans and accounts, except payment accounts, including data on balance, conditions and transactions;


  • savings, investments in financial instruments, insurance-based investment products, crypto-assets, real estate and other related financial assets as well as the economic benefits derived from such assets;


  • pension rights in occupational pension schemes;


  • pension rights on the provision of pan-European personal pension products;


  • non-life insurance products, with the exception of sickness and health insurance products;


  • data which forms part of a creditworthiness assessment of a firm which is collected as part of a loan application process or a request for a credit rating.


Entities Customer Data in Scope


FIDA applies to the following entities when acting as data holders or data users:


  • credit institutions;

  • payment institutions;

  • electronic money institutions;

  • investment firms;

  • crypto-asset service providers;

  • issuers of asset-referenced tokens;

  • managers of alternative investment funds;

  • management companies of undertakings for collective investment in transferable securities;

  • insurance and reinsurance undertakings;

  • insurance intermediaries and ancillary insurance intermediaries;

  • institutions for occupational retirement provision;

  • credit rating agencies;

  • crowdfunding service providers;

  • PEPP providers;

  • financial information service providers.


 What data is covered under FIDA


  According to FIDA, customers will be able to share additional data, such as:


  • Mortgage, other loans, savings accounts, including balance, conditions and transaction details


  • Creditworthiness assessment performed during a loan application process or a request for a credit rating


  • Investments in financial instruments, insurance-based investment products, crypto assets, real estate and other financial assets


  • Non-life insurance products, including data on insured assets (excluding life, health and sickness products)


  • Suitability and appropriateness assessment under MiFID II


  • Sustainability-related data


  • Pension rights in occupational pension schemes and personal pension products.


FIDA and 3rd Country Entities


Data users that do not have an establishment in the Union but that require access to financial data in the Union shall designate, in writing, a legal or natural person as their legal representative in one of the Member States from where the data user (FISP) intends to access financial data.


The designated legal representative may be held liable for non-compliance with obligations under FIDA.


Key Objectives of FIDA


  1. Enhancing Consumer Control: FIDA places consumers at the heart of financial data management. It mandates that financial institutions provide users with easy access to their data, along with clear mechanisms to manage consent for data sharing with third parties.


  2. Ensuring Data Security: With rising concerns about data breaches and cyber threats, FIDA enforces stringent security protocols. Financial institutions must adopt advanced encryption technologies and robust cybersecurity measures to protect sensitive financial information.


  3. Promoting Innovation: By standardizing data formats and access protocols, FIDA aims to create a level playing field for fintech startups and traditional banks. This open-data approach encourages innovation and competition, ultimately benefiting consumers with better services and products.


  4. Fostering Transparency: Transparency is a cornerstone of FIDA. Financial institutions are required to disclose how they collect, store, and use financial data. This transparency builds trust and allows consumers to make informed decisions about their financial interactions.


Implications for Financial Institutions


For financial institutions, FIDA presents both challenges and opportunities. Compliance with the regulation will require significant investments in technology and infrastructure. However, these investments can lead to long-term benefits, including enhanced customer trust and the potential for new business models.


  1. Compliance and Adaptation: Financial institutions must conduct thorough audits of their data management practices and implement necessary changes to comply with FIDA standards. This may involve upgrading IT systems, retraining staff, and establishing new data governance frameworks.


  2. Customer Engagement: FIDA's emphasis on consumer control and transparency can be leveraged to enhance customer relationships. By providing clear and accessible data management tools, institutions can build stronger, trust-based connections with their clients.


  3. Innovation and Collaboration: The standardized data access protocols under FIDA encourage collaboration between traditional financial institutions and fintech companies. This synergy can lead to the development of innovative financial products and services that meet evolving consumer needs.


  4. Operational Impact: The regulation will necessitate operational changes within institutions. These may include the restructuring of data management systems, changes to internal processes to ensure compliance, and potential increases in operational costs related to implementing and maintaining new security measures.


Benefits for Consumers


Consumers stand to gain significantly from the implementation of FIDA. The regulation empowers individuals with greater control over their financial data, enhancing their ability to manage personal finances effectively.


  1. Informed Decision-Making: With transparent access to their financial data, consumers can make better-informed decisions about financial products and services. This transparency also enables easier comparison between different offerings, promoting more competitive markets.


  2. Enhanced Security: FIDA 's stringent security requirements ensure that consumers' financial information is safeguarded against unauthorized access and cyber threats. This increased security is crucial in maintaining consumer confidence in digital financial services.


  3. Personalized Financial Services: By allowing consumers to share their data securely with authorized third parties, FIDA facilitates the development of personalized financial services. Consumers can benefit from tailored advice, customized financial products, and improved financial health management.


    ree

    Timeline for Implementation


    FIDA Regulation is expected to come into force on 1 January 2025., which gives in scope entities a critical window to prepare for compliance. Key milestones in the implementation timeline include:


    • Q3 2024: Finalization of FIDA guidelines and technical standards.


    • Q4 2024: Publication of compliance checklists and support documents.


    • 1 January 2025: Expected official enforcement of FIDA.


    FIDA will be implemented in phases, 18 – 24 months following its official enforcement.


    Conclusion


    The Financial Data Access (FIDA) Regulation represents a pivotal shift in the financial industry, emphasizing the importance of data transparency, security, and consumer empowerment. As financial institutions adapt to this new regulatory environment, the ultimate beneficiaries will be the consumers, who will enjoy greater control, enhanced security, and improved financial services. FIDA not only sets a new standard for financial data management but also paves the way for a more innovative, transparent, and consumer-centric financial ecosystem.


    [1] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:52023PC0360


The material reflected in our website, including Blog material, is for informational purposes only and does not constitute legal advice, consulting, or any other professional advice. Please seek independent professional guidance for your specific needs.

All rights reserved. No part of this work may be reproduced, stored in a retrieval system of any nature, or transmitted, in any form or by any means including photocopying and recording, without the prior written permission of the ENAH Services Ltd. The reproduction or transmission of all or part of the work, whether by photocopying or storing in any medium by electronic means or otherwise without the written permission of the owner is strictly prohibited and the commission of any unauthorised act in relation to the work will result in civil and/or criminal actions. 

bottom of page