Policy brief – Citizens are not the product

19 September 2023

Policy brief

In this policy brief, Finance Watch outlines the improvements that need to be made to the EU Commission proposal on the open finance framework currently being discussed by the EU co-legislators to ensure increased data access and sharing benefits consumers rather than harming them.

The open finance framework, formally known as the Financial Data Access (FIDA) Regulation, has the potential to benefit retail consumers. It can bring about efficiency gains, allow for the introduction of more personalised products and services, and facilitate the development of tools to help citizens manage their personal finances and access relevant information about different financial services.

However, it can only work if the third-party access to data and data sharing, promoted by the initiative, are properly regulated. If not, the risk of retail consumers being financially excluded and/or mis-sold financial products will rise, the risk-based and risk-sharing business model for insurance will be eroded, instances of discriminatory pricing will rise, and consumers will no longer have control over their own data.

On 28 June 2023, the European Commission published a legislative proposal establishing an open finance framework. In order to ensure citizens reap the benefits of open finance and that the proper safeguards are in place to mitigate potential risks, Finance Watch has published its recommendations for enhancing the current proposal on the table.

Three of the key recommendations outlined in the policy brief are:

  • Protection from Financial Exclusion: Introduce a rule explicitly stipulating that a consumer cannot be denied access to a financial product if they do not consent to their data being shared/accessed via the open finance framework.
  • More Data Use Cases: Data used for risk assessment and pricing of a consumer for motor and home insurance products, for carrying out suitability and appropriateness assessments for all retail investment products (including personal pensions) sold to retail investors/customers under MiFID II and IDD, and for carrying out suitability assessments related to investments in crypto-assets should be added to the Article 7 data use perimeter rules.
  • Legally Binding Standards: To ensure that the data use perimeter rules are adhered to, the European Supervisory Authorities (ESAs) should be mandated to draw up legally-binding Regulatory Technical Standards (RTS).